icecat: fix issues with nss-3.28.1/ECDSA and ICU
This commit is contained in:
parent
974af147fe
commit
4a7fc8fe1f
3 changed files with 38 additions and 1 deletions
15
srcpkgs/icecat/patches/fix-ecdh_keybits_min_224.patch
Normal file
15
srcpkgs/icecat/patches/fix-ecdh_keybits_min_224.patch
Normal file
|
@ -0,0 +1,15 @@
|
|||
Fix for nss-3.28.1: ECDH keybits minimum is 224
|
||||
|
||||
--- netwerk/protocol/http/Http2Session.cpp 2016-12-01 23:44:09.000000000 +0100
|
||||
+++ netwerk/protocol/http/Http2Session.cpp 2017-01-30 20:00:34.461035226 +0100
|
||||
@@ -3521,8 +3521,8 @@
|
||||
LOG3(("Http2Session::ConfirmTLSProfile %p FAILED due to DH %d < 2048\n",
|
||||
this, keybits));
|
||||
RETURN_SESSION_ERROR(this, INADEQUATE_SECURITY);
|
||||
- } else if (kea == ssl_kea_ecdh && keybits < 256) { // 256 bits is "security level" of 128
|
||||
- LOG3(("Http2Session::ConfirmTLSProfile %p FAILED due to ECDH %d < 256\n",
|
||||
+ } else if (kea == ssl_kea_ecdh && keybits < 224) { // see rfc7540 9.2.1.
|
||||
+ LOG3(("Http2Session::ConfirmTLSProfile %p FAILED due to ECDH %d < 224\n",
|
||||
this, keybits));
|
||||
RETURN_SESSION_ERROR(this, INADEQUATE_SECURITY);
|
||||
}
|
22
srcpkgs/icecat/patches/fix-icu_uvernum_h.patch
Normal file
22
srcpkgs/icecat/patches/fix-icu_uvernum_h.patch
Normal file
|
@ -0,0 +1,22 @@
|
|||
--- configure 2017-01-30 20:32:27.180891101 +0100
|
||||
+++ configure 2017-01-30 20:33:26.306913219 +0100
|
||||
@@ -30305,7 +30305,7 @@
|
||||
fi
|
||||
fi
|
||||
|
||||
- version=`sed -n 's/^[:space:]*#[[:space:]]*define[[:space:]][[:space:]]*U_ICU_VERSION_MAJOR_NUM[[:space:]][[:space:]]*\([0-9][0-9]*\)[[:space:]]*$/\1/p' "$icudir/common/unicode/uvernum.h"`
|
||||
+ version=`sed -n 's/^[[:space:]]*#[[:space:]]*define[[:space:]][[:space:]]*U_ICU_VERSION_MAJOR_NUM[[:space:]][[:space:]]*\([0-9][0-9]*\)[[:space:]]*$/\1/p' "$icudir/common/unicode/uvernum.h"`
|
||||
if test x"$version" = x; then
|
||||
{ echo "configure: error: cannot determine icu version number from uvernum.h header file $lineno" 1>&2; echo "configure: error: cannot determine icu version number from uvernum.h header file $lineno" 1>&5; exit 1; }
|
||||
fi
|
||||
--- js/src/configure 2017-01-30 20:32:26.304890774 +0100
|
||||
+++ js/src/configure 2017-01-30 20:34:52.391945615 +0100
|
||||
@@ -15906,7 +15906,7 @@
|
||||
fi
|
||||
fi
|
||||
|
||||
- version=`sed -n 's/^[:space:]*#[[:space:]]*define[[:space:]][[:space:]]*U_ICU_VERSION_MAJOR_NUM[[:space:]][[:space:]]*\([0-9][0-9]*\)[[:space:]]*$/\1/p' "$icudir/common/unicode/uvernum.h"`
|
||||
+ version=`sed -n 's/^[[:space:]]*#[[:space:]]*define[[:space:]][[:space:]]*U_ICU_VERSION_MAJOR_NUM[[:space:]][[:space:]]*\([0-9][0-9]*\)[[:space:]]*$/\1/p' "$icudir/common/unicode/uvernum.h"`
|
||||
if test x"$version" = x; then
|
||||
{ echo "configure: error: cannot determine icu version number from uvernum.h header file $lineno" 1>&2; echo "configure: error: cannot determine icu version number from uvernum.h header file $lineno" 1>&5; exit 1; }
|
||||
fi
|
|
@ -1,7 +1,7 @@
|
|||
# Template build file for 'icecat'.
|
||||
pkgname=icecat
|
||||
version=45.5.1
|
||||
revision=2
|
||||
revision=3
|
||||
short_desc="GNU version of the Firefox browser"
|
||||
maintainer="Jürgen Buchmüller <pullmoll@t-online.de>"
|
||||
homepage="https://www.gnu.org/software/${pkgname}/"
|
||||
|
|
Loading…
Reference in a new issue