| Message ID | 20210906212745.120679-1-giulio.benetti@benettiengineering.com |
|---|---|
| State | Accepted |
| Headers | show |
| Series | package/libnss: bump to version 3.70 | expand |
On 06/09/2021 23:27, Giulio Benetti wrote: > Drop local patch that has been upstream(even if with another authorship). Applied to master, thanks. > > Release Notes (not yet available, but should eventually land): > https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.70_release_notes No release notes are available since 3.66, and neither is any of those releases mentioned on the release page [1]. The release page still says that 3.66 is the latest stable release (which is what we'd normally use). But that's bollocks, clearly, because 3.68 is even used in a firefox ESR release so it should definitely be stable... Could you check about this with upstream? If they no longer create release notes or update their releases page, I guess that's OK with us - but we should stop mentioning those non-existent release notes in the commit messages then :-) Regards, Arnout [1] https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_Releases > > Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com> > --- > ...2.c-fix-SHA256-redefinition-on-ARM-b.patch | 47 ------------------- > package/libnss/libnss.hash | 4 +- > package/libnss/libnss.mk | 2 +- > 3 files changed, 3 insertions(+), 50 deletions(-) > delete mode 100644 package/libnss/0001-lib-freebl-sha512.c-fix-SHA256-redefinition-on-ARM-b.patch > > diff --git a/package/libnss/0001-lib-freebl-sha512.c-fix-SHA256-redefinition-on-ARM-b.patch b/package/libnss/0001-lib-freebl-sha512.c-fix-SHA256-redefinition-on-ARM-b.patch > deleted file mode 100644 > index f925f20051..0000000000 > --- a/package/libnss/0001-lib-freebl-sha512.c-fix-SHA256-redefinition-on-ARM-b.patch > +++ /dev/null > @@ -1,47 +0,0 @@ > -From 434d79c52db5b680accc531572319bd7094fa470 Mon Sep 17 00:00:00 2001 > -From: Fabrice Fontaine <fontaine.fabrice@gmail.com> > -Date: Sat, 7 Aug 2021 23:19:01 +0200 > -Subject: [PATCH] lib/freebl/sha512.c: fix SHA256 redefinition on ARM big > - endian > - > -For an unknown reason, SHA256_{Compress,Update}_Native are defined in > -lib/freebl/sha512.c if IS_LITTLE_ENDIAN is undefined since version 3.68 > -and > -https://github.com/nss-dev/nss/commit/e1e00f21f2d73e0d5d27651ad5606efa5714abe4 > - > -This raises the following build failure on ARM big endian: > - > -Linux2.6_aarch64_aarch64_be-linux-gnu-gcc_glibc_PTH_64_DBG.OBJ/Linux_SINGLE_SHLIB/sha256-armv8.o: In function `SHA256_Compress_Native': > -sha256-armv8.c:(.text.SHA256_Compress_Native+0x0): multiple definition of `SHA256_Compress_Native' > -Linux2.6_aarch64_aarch64_be-linux-gnu-gcc_glibc_PTH_64_DBG.OBJ/Linux_SINGLE_SHLIB/sha512.o:sha512.c:(.text.SHA256_Compress_Native+0x0): first defined here > -Linux2.6_aarch64_aarch64_be-linux-gnu-gcc_glibc_PTH_64_DBG.OBJ/Linux_SINGLE_SHLIB/sha256-armv8.o: In function `SHA256_Update_Native': > -sha256-armv8.c:(.text.SHA256_Update_Native+0x0): multiple definition of `SHA256_Update_Native' > -Linux2.6_aarch64_aarch64_be-linux-gnu-gcc_glibc_PTH_64_DBG.OBJ/Linux_SINGLE_SHLIB/sha512.o:sha512.c:(.text.SHA256_Update_Native+0x0): first defined here > - > -Revert this change as it seems completely unrelated to the commit title > -"Bug 1655493 - Support SHA2 HW acceleration using Intel SHA Extension" > - > -Fixes: > - - http://autobuild.buildroot.org/results/237aba0c16a34fec1b0fe50fe08cace438eda1bf > - > -Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> > ---- > - nss/lib/freebl/sha512.c | 2 +- > - 1 file changed, 1 insertion(+), 1 deletion(-) > - > -diff --git a/nss/lib/freebl/sha512.c b/nss/lib/freebl/sha512.c > -index 946ab9f7f..3ec414b52 100644 > ---- a/nss/lib/freebl/sha512.c > -+++ b/nss/lib/freebl/sha512.c > -@@ -164,7 +164,7 @@ static void SHA256_Compress_Generic(SHA256Context *ctx); > - static void SHA256_Update_Generic(SHA256Context *ctx, const unsigned char *input, > - unsigned int inputLen); > - > --#if !defined(USE_HW_SHA2) || !defined(IS_LITTLE_ENDIAN) > -+#if !defined(USE_HW_SHA2) > - void > - SHA256_Compress_Native(SHA256Context *ctx) > - { > --- > -2.30.2 > - > diff --git a/package/libnss/libnss.hash b/package/libnss/libnss.hash > index 8073913e7c..afb6d5602e 100644 > --- a/package/libnss/libnss.hash > +++ b/package/libnss/libnss.hash > @@ -1,4 +1,4 @@ > -# From https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_69_1_RTM/src/SHA256SUMS > -sha256 bbdbd248c25e2faf498edbdd2ffd5896b54cfa35bd2e450813b491f805c754e0 nss-3.69.1.tar.gz > +# From https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_70_RTM/src/SHA256SUMS > +sha256 2b89abb8601ee405be8ac5b5703d71f1fb38a51c3a64a3d834387f78b325511b nss-3.70.tar.gz > # Locally calculated > sha256 a20c1a32d1f8102432360b42e932869f7c11c7cdbacf9cac554c422132af47f4 nss/COPYING > diff --git a/package/libnss/libnss.mk b/package/libnss/libnss.mk > index 83954cc124..3f8f0e1789 100644 > --- a/package/libnss/libnss.mk > +++ b/package/libnss/libnss.mk > @@ -4,7 +4,7 @@ > # > ################################################################################ > > -LIBNSS_VERSION = 3.69.1 > +LIBNSS_VERSION = 3.70 > LIBNSS_SOURCE = nss-$(LIBNSS_VERSION).tar.gz > LIBNSS_SITE = https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_$(subst .,_,$(LIBNSS_VERSION))_RTM/src > LIBNSS_DISTDIR = dist >
Hi Arnout, On 9/19/21 2:14 PM, Arnout Vandecappelle wrote: > > > On 06/09/2021 23:27, Giulio Benetti wrote: >> Drop local patch that has been upstream(even if with another authorship). > > Applied to master, thanks. > >> >> Release Notes (not yet available, but should eventually land): >> https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.70_release_notes > > No release notes are available since 3.66, and neither is any of those > releases mentioned on the release page [1]. The release page still says that > 3.66 is the latest stable release (which is what we'd normally use). But that's > bollocks, clearly, because 3.68 is even used in a firefox ESR release so it > should definitely be stable... > > Could you check about this with upstream? > > If they no longer create release notes or update their releases page, I guess > that's OK with us - but we should stop mentioning those non-existent release > notes in the commit messages then :-) I've opened 2 times a bug in their Mozilla Bugzilla but only once they updated the Release Notes and it seems they won't do it again. So yes I will omit that link on next patches. Best regards
diff --git a/package/libnss/0001-lib-freebl-sha512.c-fix-SHA256-redefinition-on-ARM-b.patch b/package/libnss/0001-lib-freebl-sha512.c-fix-SHA256-redefinition-on-ARM-b.patch deleted file mode 100644 index f925f20051..0000000000 --- a/package/libnss/0001-lib-freebl-sha512.c-fix-SHA256-redefinition-on-ARM-b.patch +++ /dev/null @@ -1,47 +0,0 @@ -From 434d79c52db5b680accc531572319bd7094fa470 Mon Sep 17 00:00:00 2001 -From: Fabrice Fontaine <fontaine.fabrice@gmail.com> -Date: Sat, 7 Aug 2021 23:19:01 +0200 -Subject: [PATCH] lib/freebl/sha512.c: fix SHA256 redefinition on ARM big - endian - -For an unknown reason, SHA256_{Compress,Update}_Native are defined in -lib/freebl/sha512.c if IS_LITTLE_ENDIAN is undefined since version 3.68 -and -https://github.com/nss-dev/nss/commit/e1e00f21f2d73e0d5d27651ad5606efa5714abe4 - -This raises the following build failure on ARM big endian: - -Linux2.6_aarch64_aarch64_be-linux-gnu-gcc_glibc_PTH_64_DBG.OBJ/Linux_SINGLE_SHLIB/sha256-armv8.o: In function `SHA256_Compress_Native': -sha256-armv8.c:(.text.SHA256_Compress_Native+0x0): multiple definition of `SHA256_Compress_Native' -Linux2.6_aarch64_aarch64_be-linux-gnu-gcc_glibc_PTH_64_DBG.OBJ/Linux_SINGLE_SHLIB/sha512.o:sha512.c:(.text.SHA256_Compress_Native+0x0): first defined here -Linux2.6_aarch64_aarch64_be-linux-gnu-gcc_glibc_PTH_64_DBG.OBJ/Linux_SINGLE_SHLIB/sha256-armv8.o: In function `SHA256_Update_Native': -sha256-armv8.c:(.text.SHA256_Update_Native+0x0): multiple definition of `SHA256_Update_Native' -Linux2.6_aarch64_aarch64_be-linux-gnu-gcc_glibc_PTH_64_DBG.OBJ/Linux_SINGLE_SHLIB/sha512.o:sha512.c:(.text.SHA256_Update_Native+0x0): first defined here - -Revert this change as it seems completely unrelated to the commit title -"Bug 1655493 - Support SHA2 HW acceleration using Intel SHA Extension" - -Fixes: - - http://autobuild.buildroot.org/results/237aba0c16a34fec1b0fe50fe08cace438eda1bf - -Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> ---- - nss/lib/freebl/sha512.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/nss/lib/freebl/sha512.c b/nss/lib/freebl/sha512.c -index 946ab9f7f..3ec414b52 100644 ---- a/nss/lib/freebl/sha512.c -+++ b/nss/lib/freebl/sha512.c -@@ -164,7 +164,7 @@ static void SHA256_Compress_Generic(SHA256Context *ctx); - static void SHA256_Update_Generic(SHA256Context *ctx, const unsigned char *input, - unsigned int inputLen); - --#if !defined(USE_HW_SHA2) || !defined(IS_LITTLE_ENDIAN) -+#if !defined(USE_HW_SHA2) - void - SHA256_Compress_Native(SHA256Context *ctx) - { --- -2.30.2 - diff --git a/package/libnss/libnss.hash b/package/libnss/libnss.hash index 8073913e7c..afb6d5602e 100644 --- a/package/libnss/libnss.hash +++ b/package/libnss/libnss.hash @@ -1,4 +1,4 @@ -# From https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_69_1_RTM/src/SHA256SUMS -sha256 bbdbd248c25e2faf498edbdd2ffd5896b54cfa35bd2e450813b491f805c754e0 nss-3.69.1.tar.gz +# From https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_70_RTM/src/SHA256SUMS +sha256 2b89abb8601ee405be8ac5b5703d71f1fb38a51c3a64a3d834387f78b325511b nss-3.70.tar.gz # Locally calculated sha256 a20c1a32d1f8102432360b42e932869f7c11c7cdbacf9cac554c422132af47f4 nss/COPYING diff --git a/package/libnss/libnss.mk b/package/libnss/libnss.mk index 83954cc124..3f8f0e1789 100644 --- a/package/libnss/libnss.mk +++ b/package/libnss/libnss.mk @@ -4,7 +4,7 @@ # ################################################################################ -LIBNSS_VERSION = 3.69.1 +LIBNSS_VERSION = 3.70 LIBNSS_SOURCE = nss-$(LIBNSS_VERSION).tar.gz LIBNSS_SITE = https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_$(subst .,_,$(LIBNSS_VERSION))_RTM/src LIBNSS_DISTDIR = dist
Drop local patch that has been upstream(even if with another authorship). Release Notes (not yet available, but should eventually land): https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.70_release_notes Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com> --- ...2.c-fix-SHA256-redefinition-on-ARM-b.patch | 47 ------------------- package/libnss/libnss.hash | 4 +- package/libnss/libnss.mk | 2 +- 3 files changed, 3 insertions(+), 50 deletions(-) delete mode 100644 package/libnss/0001-lib-freebl-sha512.c-fix-SHA256-redefinition-on-ARM-b.patch