Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(82)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 111853013: Update net/third_party/nss to NSS 3.15.4. (Closed)

Created:
6 years, 11 months ago by wtc
Modified:
6 years, 11 months ago
Reviewers:
agl, Ryan Sleevi
CC:
chromium-reviews, chromium-apps-reviews_chromium.org, cbentzel+watch_chromium.org, extensions-reviews_chromium.org
Visibility:
Public.

Description

Update net/third_party/nss to NSS 3.15.4. Notable changes: 1. Reorder the cipher suites offered in ClientHello. https://bugzilla.mozilla.org/show_bug.cgi?id=936828 https://bugzilla.mozilla.org/show_bug.cgi?id=946147 2. Store a random value in the gmt_unix_time field of ClientHello and ServerHello. https://bugzilla.mozilla.org/show_bug.cgi?id=937976 3. Handle >= 2048-bit DSA certificates. https://bugzilla.mozilla.org/show_bug.cgi?id=925591 4. Session ticket renewal bug fixes. https://bugzilla.mozilla.org/show_bug.cgi?id=930857 https://bugzilla.mozilla.org/show_bug.cgi?id=930874 The following patches are removed. 1. Patches that are no longer necessary because we require NSS 3.14.3: versionskew.patch ecpointform.patch cbc.patch 2. Patches that have been committed in NSS upstream: renegoscsv.patch peercertchain.patch peercertchain2.patch negotiatedextension.patch sslsock_903565.patch aesgcm.patch tls12backuphash.patch tls12backuphash2.patch ciphersuiteversion.patch resumeclienthelloversion.patch canfalsestart.patch nullcipher_934016.patch 3. Miscellaneous: channelid2.patch: merged with channelid.patch. disableticketrenewal.patch: bug fixed in the NSS upstream. R=agl@chromium.org,rsleevi@chromium.org BUG=331625 TEST=none Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=243395

Patch Set 1 #

Patch Set 2 : Adjust some patches #

Patch Set 3 : Adjust more patches #

Patch Set 4 : Fix applypatches.sh #

Patch Set 5 : Add CT TLS extension bug number #

Total comments: 5

Patch Set 6 : Update the comment in sslenum.c for the two CHACHA20 cipher suites #

Unified diffs Side-by-side diffs Delta from patch set Stats (+1178 lines, -4504 lines) Patch
M net/third_party/nss/README.chromium View 1 2 3 4 7 chunks +7 lines, -74 lines 0 comments Download
D net/third_party/nss/patches/aesgcm.patch View 1 chunk +0 lines, -1363 lines 0 comments Download
M net/third_party/nss/patches/aesgcmchromium.patch View 1 2 5 chunks +8 lines, -7 lines 0 comments Download
M net/third_party/nss/patches/alpn.patch View 1 2 10 chunks +19 lines, -19 lines 0 comments Download
M net/third_party/nss/patches/applypatches.sh View 1 2 3 3 chunks +2 lines, -35 lines 0 comments Download
M net/third_party/nss/patches/cachecerts.patch View 1 2 8 chunks +16 lines, -13 lines 0 comments Download
M net/third_party/nss/patches/cachelocks.patch View 1 10 chunks +68 lines, -81 lines 0 comments Download
D net/third_party/nss/patches/canfalsestart.patch View 1 chunk +0 lines, -837 lines 0 comments Download
D net/third_party/nss/patches/cbc.patch View 1 chunk +0 lines, -81 lines 0 comments Download
M net/third_party/nss/patches/chacha20poly1305.patch View 1 2 3 4 5 15 chunks +68 lines, -70 lines 0 comments Download
M net/third_party/nss/patches/channelid.patch View 1 2 24 chunks +148 lines, -54 lines 0 comments Download
D net/third_party/nss/patches/channelid2.patch View 1 chunk +0 lines, -155 lines 0 comments Download
M net/third_party/nss/patches/cipherorder.patch View 1 2 3 chunks +29 lines, -33 lines 0 comments Download
D net/third_party/nss/patches/ciphersuiteversion.patch View 1 chunk +0 lines, -169 lines 0 comments Download
M net/third_party/nss/patches/clientauth.patch View 1 2 21 chunks +56 lines, -42 lines 0 comments Download
M net/third_party/nss/patches/didhandshakeresume.patch View 1 2 2 chunks +6 lines, -6 lines 0 comments Download
D net/third_party/nss/patches/disableticketrenewal.patch View 1 chunk +0 lines, -17 lines 0 comments Download
D net/third_party/nss/patches/ecpointform.patch View 1 chunk +0 lines, -19 lines 0 comments Download
M net/third_party/nss/patches/fallbackscsv.patch View 1 2 14 chunks +72 lines, -64 lines 0 comments Download
M net/third_party/nss/patches/getrequestedclientcerttypes.patch View 1 2 6 chunks +14 lines, -14 lines 0 comments Download
D net/third_party/nss/patches/negotiatedextension.patch View 1 chunk +0 lines, -27 lines 0 comments Download
D net/third_party/nss/patches/nullcipher_934016.patch View 1 chunk +0 lines, -16 lines 0 comments Download
M net/third_party/nss/patches/paddingextension.patch View 1 5 chunks +20 lines, -24 lines 0 comments Download
M net/third_party/nss/patches/paddingextensionall.patch View 1 2 chunks +5 lines, -6 lines 0 comments Download
D net/third_party/nss/patches/peercertchain.patch View 1 chunk +0 lines, -67 lines 0 comments Download
D net/third_party/nss/patches/peercertchain2.patch View 1 chunk +0 lines, -107 lines 0 comments Download
D net/third_party/nss/patches/renegoscsv.patch View 1 chunk +0 lines, -15 lines 0 comments Download
M net/third_party/nss/patches/restartclientauth.patch View 1 2 4 chunks +15 lines, -15 lines 0 comments Download
D net/third_party/nss/patches/resumeclienthelloversion.patch View 1 chunk +0 lines, -31 lines 0 comments Download
M net/third_party/nss/patches/secitemarray.patch View 1 2 chunks +5 lines, -5 lines 0 comments Download
M net/third_party/nss/patches/secretexporterlocks.patch View 1 2 3 chunks +5 lines, -5 lines 0 comments Download
M net/third_party/nss/patches/sessioncache.patch View 1 2 2 chunks +20 lines, -33 lines 0 comments Download
M net/third_party/nss/patches/signedcertificatetimestamps.patch View 1 15 chunks +82 lines, -124 lines 0 comments Download
M net/third_party/nss/patches/sslnoncestatics.patch View 1 1 chunk +3 lines, -4 lines 0 comments Download
D net/third_party/nss/patches/sslsock_903565.patch View 1 chunk +0 lines, -20 lines 0 comments Download
M net/third_party/nss/patches/suitebonly.patch View 1 2 2 chunks +4 lines, -4 lines 0 comments Download
M net/third_party/nss/patches/tls12backuphash.patch View 1 1 chunk +0 lines, -220 lines 0 comments Download
D net/third_party/nss/patches/tls12backuphash2.patch View 1 chunk +0 lines, -127 lines 0 comments Download
M net/third_party/nss/patches/tls12chromium.patch View 1 5 chunks +10 lines, -10 lines 0 comments Download
M net/third_party/nss/patches/tlsunique.patch View 1 2 4 chunks +12 lines, -12 lines 0 comments Download
D net/third_party/nss/patches/versionskew.patch View 1 chunk +0 lines, -45 lines 0 comments Download
M net/third_party/nss/ssl/ssl.h View 2 chunks +4 lines, -8 lines 0 comments Download
M net/third_party/nss/ssl/ssl3con.c View 1 2 48 chunks +260 lines, -175 lines 0 comments Download
M net/third_party/nss/ssl/ssl3ecc.c View 1 chunk +0 lines, -9 lines 0 comments Download
M net/third_party/nss/ssl/ssl3ext.c View 4 chunks +12 lines, -3 lines 0 comments Download
M net/third_party/nss/ssl/ssl3gthr.c View 2 chunks +15 lines, -10 lines 0 comments Download
M net/third_party/nss/ssl/sslauth.c View 1 chunk +8 lines, -3 lines 0 comments Download
M net/third_party/nss/ssl/sslcon.c View 3 chunks +4 lines, -4 lines 0 comments Download
M net/third_party/nss/ssl/sslenum.c View 1 2 3 4 5 2 chunks +67 lines, -58 lines 0 comments Download
M net/third_party/nss/ssl/sslimpl.h View 1 10 chunks +47 lines, -12 lines 0 comments Download
M net/third_party/nss/ssl/sslinit.c View 1 chunk +5 lines, -0 lines 0 comments Download
M net/third_party/nss/ssl/sslnonce.c View 7 chunks +56 lines, -48 lines 0 comments Download
M net/third_party/nss/ssl/sslsecur.c View 5 chunks +2 lines, -7 lines 0 comments Download
M net/third_party/nss/ssl/sslsock.c View 1 5 chunks +4 lines, -97 lines 0 comments Download

Messages

Total messages: 8 (0 generated)
wtc
Adam, Ryan: I checked the changes from NSS 3.15.4 very carefully, so you can skim ...
6 years, 11 months ago (2014-01-04 17:15:45 UTC) #1
wtc
https://codereview.chromium.org/111853013/diff/680001/net/third_party/nss/ssl/sslenum.c File net/third_party/nss/ssl/sslenum.c (right): https://codereview.chromium.org/111853013/diff/680001/net/third_party/nss/ssl/sslenum.c#newcode47 net/third_party/nss/ssl/sslenum.c:47: * the third one. This paragraph was written without ...
6 years, 11 months ago (2014-01-04 22:54:20 UTC) #2
agl
LGTM https://codereview.chromium.org/111853013/diff/680001/net/third_party/nss/ssl/ssl3con.c File net/third_party/nss/ssl/ssl3con.c (left): https://codereview.chromium.org/111853013/diff/680001/net/third_party/nss/ssl/ssl3con.c#oldcode2509 net/third_party/nss/ssl/ssl3con.c:2509: /* This is a bodge to allow this ...
6 years, 11 months ago (2014-01-06 18:19:27 UTC) #3
wtc
I updated the comment in sslenum.c for the two CHACHA20 cipher suites in patch set ...
6 years, 11 months ago (2014-01-06 23:22:58 UTC) #4
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/wtc@chromium.org/111853013/790001
6 years, 11 months ago (2014-01-07 15:47:33 UTC) #5
commit-bot: I haz the power
Retried try job too often on win_rel for step(s) browser_tests http://build.chromium.org/p/tryserver.chromium/buildstatus?builder=win_rel&number=242457
6 years, 11 months ago (2014-01-07 18:14:43 UTC) #6
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/wtc@chromium.org/111853013/790001
6 years, 11 months ago (2014-01-07 18:22:40 UTC) #7
commit-bot: I haz the power
6 years, 11 months ago (2014-01-07 21:52:30 UTC) #8
Message was sent while issue was closed. 
Change committed as 243395

Powered by Google App Engine
This is Rietveld 408576698