Re: [ANNOUNCE] NSS 3.44 Release
On 05/17/2019 08:54 AM, JC Jones wrote: On Thursday, May 16, 2019 at 9:28:39 AM UTC-7, Paul Wouters wrote: Wait, what? They need work to make them simpler and better support cross compiling for sure, but getting rid of them would really hamper our use of NSS on different platforms. How would you support that without Makefiles? Paul 'build.sh' uses ninja-build and gyp rather than the Makefiles. I know those tools don't have total platform coverage yet, but it's getting close. What platforms are you using that aren't covered? It's almost certainly easier to improve those tools than it is to revamp the Makefiles. Except Makefiles still work and are how RH builds NSS. I'm sympathetic to how gyp files makes mozilla's life easier, but we get zero benefit from them, so we need a nice long discussion before we 'start to phase out' makefiles. Please don't make these kinds of decisions and announcements without some concurrence from us. bob J.C. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: [ANNOUNCE] NSS 3.44 Release
On Thursday, May 16, 2019 at 9:28:39 AM UTC-7, Paul Wouters wrote: > Wait, what? > > They need work to make them simpler and better support cross compiling > for sure, but getting rid of them would really hamper our use of NSS > on different platforms. How would you support that without Makefiles? > > Paul 'build.sh' uses ninja-build and gyp rather than the Makefiles. I know those tools don't have total platform coverage yet, but it's getting close. What platforms are you using that aren't covered? It's almost certainly easier to improve those tools than it is to revamp the Makefiles. J.C. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: [ANNOUNCE] NSS 3.44 Release
On Thu, 16 May 2019, Martin Thomson wrote: On Thu, May 16, 2019 at 2:03 PM Miklos Vajna wrote: Is it possible to use this static mode when building via the provided Makefile? No. We're gradually phasing out support for Makefiles. They are very hard to maintain. Wait, what? They need work to make them simpler and better support cross compiling for sure, but getting rid of them would really hamper our use of NSS on different platforms. How would you support that without Makefiles? Paul -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: [ANNOUNCE] NSS 3.44 Release
On Thu, May 16, 2019 at 2:03 PM Miklos Vajna wrote: > Is it possible to use this static mode when building via the provided > Makefile? > No. We're gradually phasing out support for Makefiles. They are very hard to maintain. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: [ANNOUNCE] NSS 3.44 Release
Hi, On Wed, May 15, 2019 at 07:52:51AM -0700, JC Jones wrote: >* It is now possible to build NSS as a static library (Bug 1543545) Is it possible to use this static mode when building via the provided Makefile? Thanks, Miklos signature.asc Description: Digital signature -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
[ANNOUNCE] NSS 3.44 Release
The NSS team has released Network Security Services (NSS) 3.44 on 10 May 2019, which is a minor release. The NSS team would like to recognize first-time contributors: Kevin Jacobs, David Carlier, Alexander Scheel, and Edouard Oger. The HG tag is NSS_3_44_RTM. NSS 3.44 requires NSPR 4.21 or newer. NSS 3.44 source distributions are available on ftp.mozilla.org for secure HTTPS download: https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_44_RTM/src/ New Functions: in lib/certdb/cert.h CERT_GetCertificateDer - Access the DER-encoded form of a CERTCertificate. Notable Changes in NSS 3.44: * It is now possible to build NSS as a static library (Bug 1543545) * Initial support for building for iOS. Bugs fixed in NSS 3.44: * 1501542 - Implement CheckARMSupport for Android * 1531244 - Use __builtin_bswap64 in crypto_primitives.h * 1533216 - CERT_DecodeCertPackage() crash with Netscape Certificate Sequences * 1533616 - sdb_GetAttributeValueNoLock should make at most one sql query, rather than one for each attribute * 1531236 - Provide accessor for CERTCertificate.derCert * 1536734 - lib/freebl/crypto_primitives.c assumes a big endian machine * 1532384 - In NSS test certificates, use @example.com (not @bogus.com) * 1538479 - Post-Handshake messages after async server authentication break when using record layer separation * 1521578 - x25519 support in pk11pars.c * 1540205 - freebl build fails with -DNSS_DISABLE_CHACHAPOLY * 1532312 - post-handshake auth doesn't interoperate with OpenSSL * 1542741 - certutil -F crashes with segmentation fault * 1546925 - Allow preceding text in try comment * 1534468 - Expose ChaCha20 primitive * 1418944 - Quote CC/CXX variables passed to nspr * 1543545 - Allow to build NSS as a static library * 1487597 - Early data that arrives before the handshake completes can be read afterwards * 1548398 - freebl_gtest not building on Linux/Mac * 1548722 - Fix some Coverity warnings * 1540652 - softoken/sdb.c: Logically dead code * 1549413 - Android log lib is not included in build * 1537927 - IPsec usage is too restrictive for existing deployments * 1549608 - Signature fails with dbm disabled * 1549848 - Allow building NSS for iOS using gyp * 1549847 - NSS's SQLite compilation warnings make the build fail on iOS * 1550041 - freebl not building on iOS simulator * 1542950 - MacOS cipher test timeouts This Bugzilla query returns all the bugs fixed in NSS 3.44: https://bugzilla.mozilla.org/buglist.cgi?resolution=FIXED&classification=Components&query_format=advanced&product=NSS&target_milestone=3.44 Please refer to the release notes for the complete list of changes: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.44_release_notes -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
