| OLD | NEW |
| 1 Name: Network Security Services (NSS) | 1 Name: Network Security Services (NSS) |
| 2 URL: http://www.mozilla.org/projects/security/pki/nss/ | 2 URL: http://www.mozilla.org/projects/security/pki/nss/ |
| 3 Version: 3.13.3 | 3 Version: 3.13.4 pre-release snapshot 20120319 |
| 4 Security Critical: Yes | 4 Security Critical: Yes |
| 5 | 5 |
| 6 This directory includes a copy of NSS's libssl from the CVS repo at: | 6 This directory includes a copy of NSS's libssl from the CVS repo at: |
| 7 :pserver:anonymous@cvs-mirror.mozilla.org:/cvsroot | 7 :pserver:anonymous@cvs-mirror.mozilla.org:/cvsroot |
| 8 | 8 |
| 9 The snapshot was updated to the CVS tag: NSS_3_13_3_RTM | 9 The snapshot was updated to the CVS tag: NSS_SSL_3_13_4_20120319_TAG |
| 10 | 10 |
| 11 Patches: | 11 Patches: |
| 12 | 12 |
| 13 * Commenting out a couple of functions because they need NSS symbols | 13 * Commenting out a couple of functions because they need NSS symbols |
| 14 which may not exist in the system NSS library. | 14 which may not exist in the system NSS library. |
| 15 patches/versionskew.patch | 15 patches/versionskew.patch |
| 16 | 16 |
| 17 * Send empty renegotiation info extension instead of SCSV unless TLS is | 17 * Send empty renegotiation info extension instead of SCSV unless TLS is |
| 18 disabled. | 18 disabled. |
| 19 patches/renegoscsv.patch | 19 patches/renegoscsv.patch |
| (...skipping 15 matching lines...) Expand all Loading... |
| 35 patches/clientauth.patch | 35 patches/clientauth.patch |
| 36 ssl/sslplatf.c | 36 ssl/sslplatf.c |
| 37 | 37 |
| 38 * Add a function to export whether the last handshake on a socket resumed a | 38 * Add a function to export whether the last handshake on a socket resumed a |
| 39 previous session. | 39 previous session. |
| 40 patches/didhandshakeresume.patch | 40 patches/didhandshakeresume.patch |
| 41 https://bugzilla.mozilla.org/show_bug.cgi?id=731798 | 41 https://bugzilla.mozilla.org/show_bug.cgi?id=731798 |
| 42 | 42 |
| 43 * Support origin bound certificates. | 43 * Support origin bound certificates. |
| 44 http://balfanz.github.com/tls-obc-spec/draft-balfanz-tls-obc-00.txt | 44 http://balfanz.github.com/tls-obc-spec/draft-balfanz-tls-obc-00.txt |
| 45 https://bugzilla.mozilla.org/show_bug.cgi?id=680292 |
| 45 patches/origin_bound_certs.patch | 46 patches/origin_bound_certs.patch |
| 46 | 47 |
| 47 * Add a function to implement RFC 5705: Keying Material Exporters for TLS | |
| 48 This is a reworked version of the patch from | |
| 49 https://bugzilla.mozilla.org/show_bug.cgi?id=507359 | |
| 50 patches/secret_exporter.patch | |
| 51 patches/secret_exporter2.patch | |
| 52 | |
| 53 * Add a function to restart a handshake after a client certificate request. | 48 * Add a function to restart a handshake after a client certificate request. |
| 54 patches/restartclientauth.patch | 49 patches/restartclientauth.patch |
| 55 | 50 |
| 56 * Allow SSL_HandshakeNegotiatedExtension to be called before the handshake | 51 * Allow SSL_HandshakeNegotiatedExtension to be called before the handshake |
| 57 is finished. | 52 is finished. |
| 58 https://bugzilla.mozilla.org/show_bug.cgi?id=681839 | 53 https://bugzilla.mozilla.org/show_bug.cgi?id=681839 |
| 59 patches/negotiatedextension.patch | 54 patches/negotiatedextension.patch |
| 60 | 55 |
| 61 * Support the encrypted client certificates extension. | 56 * Support the encrypted client certificates extension. |
| 62 https://bugzilla.mozilla.org/show_bug.cgi?id=691991 | 57 https://bugzilla.mozilla.org/show_bug.cgi?id=691991 |
| 63 patches/encryptedclientcerts.patch | 58 patches/encryptedclientcerts.patch |
| 64 | 59 |
| 65 * Add function to retrieve TLS client cert types requested by server. | 60 * Add function to retrieve TLS client cert types requested by server. |
| 66 https://bugzilla.mozilla.org/show_bug.cgi?id=51413 | 61 https://bugzilla.mozilla.org/show_bug.cgi?id=51413 |
| 67 patches/getrequestedclientcerttypes.patch | 62 patches/getrequestedclientcerttypes.patch |
| 68 | 63 |
| 69 * Fixed a clang warning in sslcon.c. | |
| 70 https://bugzilla.mozilla.org/show_bug.cgi?id=728919 | |
| 71 patches/clang-sslcon.patch | |
| 72 | |
| 73 * Fix a buffer length bug and miscellaneous nits in the next protocol | |
| 74 negotiation (NPN) functions. | |
| 75 https://bugzilla.mozilla.org/show_bug.cgi?id=734534 | |
| 76 patches/nextprotocleanup.patch | |
| 77 | |
| 78 Apply the patches to NSS by running the patches/applypatches.sh script. Read | 64 Apply the patches to NSS by running the patches/applypatches.sh script. Read |
| 79 the comments at the top of patches/applypatches.sh for instructions. | 65 the comments at the top of patches/applypatches.sh for instructions. |
| 80 | 66 |
| 81 The ssl/bodge directory contains files taken from the NSS repo that we required | 67 The ssl/bodge directory contains files taken from the NSS repo that we required |
| 82 for building libssl outside of its usual build environment. | 68 for building libssl outside of its usual build environment. |
| OLD | NEW |