diff options
author | ryoon <ryoon@pkgsrc.org> | 2017-01-20 15:03:36 +0000 |
---|---|---|
committer | ryoon <ryoon@pkgsrc.org> | 2017-01-20 15:03:36 +0000 |
commit | c67596106b0735643e7950389a83d3137de6f5c9 (patch) | |
tree | 0a0ee47dc55ceea6b13d0b5511e650230683e300 /www/firefox | |
parent | 6cd776b648f78117277e3c27a47428cf55ca8a96 (diff) | |
download | pkgsrc-c67596106b0735643e7950389a83d3137de6f5c9.tar.gz |
Fix an insecure connection error in HTTP2 case with devel/nss-3.28 or later
Bump PKGREVISION
Diffstat (limited to 'www/firefox')
-rw-r--r-- | www/firefox/Makefile | 4 | ||||
-rw-r--r-- | www/firefox/distinfo | 3 | ||||
-rw-r--r-- | www/firefox/patches/patch-netwerk_protocol_http_Http2Session.cpp | 18 |
3 files changed, 22 insertions, 3 deletions
diff --git a/www/firefox/Makefile b/www/firefox/Makefile index 468be58cbca..bc1493f896a 100644 --- a/www/firefox/Makefile +++ b/www/firefox/Makefile @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.276 2017/01/16 23:45:16 wiz Exp $ +# $NetBSD: Makefile,v 1.277 2017/01/20 15:03:36 ryoon Exp $ FIREFOX_VER= ${MOZ_BRANCH}${MOZ_BRANCH_MINOR} MOZ_BRANCH= 50.1 @@ -6,7 +6,7 @@ MOZ_BRANCH_MINOR= .0 DISTNAME= firefox-${FIREFOX_VER}.source PKGNAME= firefox-${MOZ_BRANCH}${MOZ_BRANCH_MINOR:S/b/beta/:S/esr//} -PKGREVISION= 1 +PKGREVISION= 2 CATEGORIES= www MASTER_SITES+= ${MASTER_SITE_MOZILLA:=firefox/releases/${FIREFOX_VER}/source/} MASTER_SITES+= ${MASTER_SITE_MOZILLA_ALL:=firefox/releases/${FIREFOX_VER}/source/} diff --git a/www/firefox/distinfo b/www/firefox/distinfo index c065e2611b2..4916be7250a 100644 --- a/www/firefox/distinfo +++ b/www/firefox/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.265 2016/12/18 01:31:00 ryoon Exp $ +$NetBSD: distinfo,v 1.266 2017/01/20 15:03:36 ryoon Exp $ SHA1 (firefox-50.1.0.source.tar.xz) = 6024dc49a566ed6296ad6cd707a199d41f090176 RMD160 (firefox-50.1.0.source.tar.xz) = 8931f3ad4e8a2543b8cfc1c191289b5897e081de @@ -111,6 +111,7 @@ SHA1 (patch-moz.configure) = cd4d3851e9dc2c1adb6a92b6f3cd1966adcd5beb SHA1 (patch-mozglue_build_arm.cpp) = f41ace63b3f1d2a8ccaffc98c3c64d1e22af5249 SHA1 (patch-mozglue_build_arm.h) = 5e272f4e19b9681d43a63c45d78b0e44a392c7dc SHA1 (patch-netwerk_dns_moz.build) = d4ad35ee7152ca206156403954cbd247d1252ab0 +SHA1 (patch-netwerk_protocol_http_Http2Session.cpp) = 9a2170e60aff96abda22c0784f5ee7dd00d79586 SHA1 (patch-python_mozbuild_mozbuild_configure_options.py) = f862ee425ae016df6fe12b55050a8dc075ecce89 SHA1 (patch-rc) = 9628b038f036f3fc0e37bdf84fa0abf99dbc8d2a SHA1 (patch-toolkit_components_osfile_modules_osfile__unix__back.jsm) = 27e90fdfd5587f670958d832cd56107740b226ee diff --git a/www/firefox/patches/patch-netwerk_protocol_http_Http2Session.cpp b/www/firefox/patches/patch-netwerk_protocol_http_Http2Session.cpp new file mode 100644 index 00000000000..7fc49a6cd27 --- /dev/null +++ b/www/firefox/patches/patch-netwerk_protocol_http_Http2Session.cpp @@ -0,0 +1,18 @@ +$NetBSD: patch-netwerk_protocol_http_Http2Session.cpp,v 1.7 2017/01/20 15:03:37 ryoon Exp $ + +Fix an insecure connection error with NSS 3.28 or later in HTTP2 case +https://hg.mozilla.org/mozilla-central/rev/361ac226da2a + +--- netwerk/protocol/http/Http2Session.cpp.orig 2016-10-31 20:15:27.000000000 +0000 ++++ netwerk/protocol/http/Http2Session.cpp +@@ -3542,8 +3542,8 @@ Http2Session::ConfirmTLSProfile() + LOG3(("Http2Session::ConfirmTLSProfile %p FAILED due to DH %d < 2048\n", + this, keybits)); + RETURN_SESSION_ERROR(this, INADEQUATE_SECURITY); +- } else if (kea == ssl_kea_ecdh && keybits < 256) { // 256 bits is "security level" of 128 +- LOG3(("Http2Session::ConfirmTLSProfile %p FAILED due to ECDH %d < 256\n", ++ } else if (kea == ssl_kea_ecdh && keybits < 224) { // see rfc7540 9.2.1. ++ LOG3(("Http2Session::ConfirmTLSProfile %p FAILED due to ECDH %d < 224\n", + this, keybits)); + RETURN_SESSION_ERROR(this, INADEQUATE_SECURITY); + } |