summaryrefslogtreecommitdiffstats
path: root/abs/extra/nss/PKGBUILD
diff options
context:
space:
mode:
Diffstat (limited to 'abs/extra/nss/PKGBUILD')
-rw-r--r--abs/extra/nss/PKGBUILD30
1 files changed, 15 insertions, 15 deletions
diff --git a/abs/extra/nss/PKGBUILD b/abs/extra/nss/PKGBUILD
index 7a06cec..4bf9a60 100644
--- a/abs/extra/nss/PKGBUILD
+++ b/abs/extra/nss/PKGBUILD
@@ -3,36 +3,34 @@
pkgbase=nss
pkgname=(nss ca-certificates-mozilla)
-pkgver=3.17
-pkgrel=4
+pkgver=3.20
+pkgrel=1
pkgdesc="Mozilla Network Security Services"
arch=(i686 x86_64)
url="http://www.mozilla.org/projects/security/pki/nss/"
license=('MPL' 'GPL')
-_nsprver=4.10.7
+_nsprver=4.10.8
depends=("nspr>=${_nsprver}" 'sqlite' 'zlib' 'sh' 'p11-kit')
makedepends=('perl' 'python2')
options=('!strip' '!makeflags' 'staticlibs')
-source=("ftp://ftp.mozilla.org/pub/security/nss/releases/NSS_${pkgver//./_}_RTM/src/${pkgbase}-${pkgver}.tar.gz"
- certdata2pem.py
- bundle.sh
- nss.pc.in
- nss-config.in
- ssl-renegotiate-transitional.patch)
-sha256sums=('3b1abcd8f89211dda2cc739bfa76552d080f7ea80482ef2727b006548a7f0c81'
- 'af13c30801a8a27623948206458432a4cf98061b75ff6e5b5e03912f93c034ee'
+source=("https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_${pkgver//./_}_RTM/src/${pkgbase}-${pkgver}.tar.gz"
+ certdata2pem.py bundle.sh nss.pc.in nss-config.in legacy-certs.patch)
+sha256sums=('5e38d4b9837ca338af966b97fc91c07f67ad647fb38dc4af3cfd0d84e477d15c'
+ '2a2ff9131c21fa3b23ad7c7a2f069eabc783e56c6eb05419ac5f365f48dea0fc'
'045f520403f715a4cc7f3607b4e2c9bcc88fee5bce58d462fddaa2fdb0e4c180'
'b9f1428ca2305bf30b109507ff335fa00bce5a7ce0434b50acd26ad7c47dd5bd'
'e44ac5095b4d88f24ec7b2e6a9f1581560bd3ad41a3d198596d67ef22f67adb9'
- '12df04bccbf674db1eef7a519a28987927b5e9c107b1dc386686f05e64f49a97')
+ '22330fcde2dac5fa4733f7d77bffbbd31d91cbaa338738afdc2a8ebfccb61184')
prepare() {
mkdir certs
cd nss-$pkgver
- # Adds transitional SSL renegotiate support - patch from Debian
- patch -Np3 -i ../ssl-renegotiate-transitional.patch
+ # FS#45479: Reenable two weak Verisign certificates used by login.live.com
+ # Otherwise, accessing this site via Epiphany (GnuTLS) or Skype (OpenSSL) fails
+ # Also see https://gist.github.com/grawity/15eabf67191e17080241
+ patch nss/lib/ckfw/builtins/certdata.txt ../legacy-certs.patch
# Respect LDFLAGS
sed -e 's/\$(MKSHLIB) -o/\$(MKSHLIB) \$(LDFLAGS) -o/' \
@@ -66,6 +64,8 @@ build() {
}
package_nss() {
+ install=nss.install
+
cd nss-$pkgver
install -d "$pkgdir"/usr/{bin,include/nss,lib/pkgconfig}
@@ -105,7 +105,7 @@ package_nss() {
install -t "$pkgdir/usr/include/nss" -m644 *.h
rm "$pkgdir/usr/lib/libnssckbi.so"
- ln -s pkcs11/p11-kit-trust.so "$pkgdir/usr/lib/libnssckbi.so"
+ ln -s libnssckbi-p11-kit.so "$pkgdir/usr/lib/libnssckbi.so"
}
package_ca-certificates-mozilla() {