• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1Name: Network Security Services (NSS)
2URL: http://www.mozilla.org/projects/security/pki/nss/
3Version: 3.15.1
4Security Critical: Yes
5License: MPL 2
6License File: NOT_SHIPPED
7
8This directory includes a copy of NSS's libssl from the hg repo at:
9  https://hg.mozilla.org/projects/nss
10
11The same module appears in crypto/third_party/nss (and third_party/nss on some
12platforms), so we don't repeat the license file here.
13
14The snapshot was updated to the hg tag: NSS_3_15_1_RTM
15
16Patches:
17
18  * Commenting out a couple of functions because they need NSS symbols
19    which may not exist in the system NSS library.
20    patches/versionskew.patch
21
22  * Send empty renegotiation info extension instead of SCSV unless TLS is
23    disabled.
24    patches/renegoscsv.patch
25    https://bugzilla.mozilla.org/show_bug.cgi?id=549042
26
27  * Cache the peer's intermediate CA certificates in session ID, so that
28    they're available when we resume a session.
29    patches/cachecerts.patch
30    https://bugzilla.mozilla.org/show_bug.cgi?id=731478
31
32  * Add the SSL_PeerCertificateChain function
33    patches/peercertchain.patch
34    patches/peercertchain2.patch
35    https://bugzilla.mozilla.org/show_bug.cgi?id=731485
36
37  * Add support for client auth with native crypto APIs on Mac and Windows
38    patches/clientauth.patch
39    ssl/sslplatf.c
40
41  * Add a function to export whether the last handshake on a socket resumed a
42    previous session.
43    patches/didhandshakeresume.patch
44    https://bugzilla.mozilla.org/show_bug.cgi?id=731798
45
46  * Allow SSL_HandshakeNegotiatedExtension to be called before the handshake
47    is finished.
48    https://bugzilla.mozilla.org/show_bug.cgi?id=681839
49    patches/negotiatedextension.patch
50
51  * Add function to retrieve TLS client cert types requested by server.
52    https://bugzilla.mozilla.org/show_bug.cgi?id=51413
53    patches/getrequestedclientcerttypes.patch
54
55  * Add a function to restart a handshake after a client certificate request.
56    patches/restartclientauth.patch
57
58  * Add support for TLS Channel IDs
59    patches/channelid.patch
60    patches/channelid2.patch
61
62  * Add support for extracting the tls-unique channel binding value
63    patches/tlsunique.patch
64    https://bugzilla.mozilla.org/show_bug.cgi?id=563276
65
66  * Define the EC_POINT_FORM_UNCOMPRESSED macro. In NSS 3.13.2 the macro
67    definition was moved from the internal header ec.h to blapit.h. When
68    compiling against older system NSS headers, we need to define the macro.
69    patches/ecpointform.patch
70
71  * SSL_ExportKeyingMaterial should get the RecvBufLock and SSL3HandshakeLock.
72    This change was made in https://chromiumcodereview.appspot.com/10454066.
73    patches/secretexporterlocks.patch
74
75  * Allow the constant-time CBC processing code to be compiled against older
76    NSS that doesn't contain the CBC constant-time changes.
77    patches/cbc.patch
78    https://code.google.com/p/chromium/issues/detail?id=172658#c12
79    TODO(wtc): remove this patch now that NSS 3.14.3 is the minimum
80    compile-time and run-time version.
81
82  * Change ssl3_SuiteBOnly to always return PR_TRUE. The softoken in NSS
83    versions older than 3.15 report an EC key size range of 112 bits to 571
84    bits, even when it is compiled to support only the NIST P-256, P-384, and
85    P-521 curves. Remove this patch when all system NSS softoken packages are
86    NSS 3.15 or later.
87    patches/suitebonly.patch
88
89  * Define the SECItemArray type and declare the SECItemArray handling
90    functions, which were added in NSS 3.15. Remove this patch when all system
91    NSS packages are NSS 3.15 or later.
92    patches/secitemarray.patch
93
94  * Update Chromium-specific code for TLS 1.2.
95    patches/tls12chromium.patch
96
97  * Add the Application Layer Protocol Negotiation extension.
98    patches/alpn.patch
99
100  * Fix an issue with allocating an SSL socket when under memory pressure.
101    https://bugzilla.mozilla.org/show_bug.cgi?id=903565
102    patches/sslsock_903565.patch
103
104  * Implement the AES GCM cipher suites.
105    https://bugzilla.mozilla.org/show_bug.cgi?id=880543
106    patches/aesgcm.patch
107
108  * Add Chromium-specific code to detect AES GCM support in the system NSS
109    libraries at run time.
110    patches/aesgcmchromium.patch
111
112  * Support generating SHA-1 signatures for TLS 1.2 client authentication. Use
113    SHA-1 instead of SHA-256 if the server's preferences do not allow for
114    SHA-256 or if the client private key may only support SHA-1 signatures. The
115    latter happens when the key is in a CAPI service provider on Windows or if
116    it is a 1024-bit RSA or DSA key.
117    patches/tls12backuphash.patch
118    patches/tls12backuphash2.patch
119
120  * Support ChaCha20+Poly1305 ciphersuites
121    http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-01
122    patches/chacha20poly1305.patch
123
124  * Fix session cache lock creation race.
125    patches/cachelocks.patch
126    https://bugzilla.mozilla.org/show_bug.cgi?id=764646
127
128  * Don't advertise TLS 1.2-only cipher suites in a TLS 1.1 ClientHello.
129    https://bugzilla.mozilla.org/show_bug.cgi?id=919677
130    patches/ciphersuiteversion.patch
131
132  * Don't use record versions greater than 0x0301 in resumption ClientHello
133    records either.
134    https://bugzilla.mozilla.org/show_bug.cgi?id=923696
135    https://code.google.com/p/chromium/issues/detail?id=303398
136    patches/resumeclienthelloversion.patch
137
138  * Make SSL False Start work with asynchronous certificate validation.
139    https://bugzilla.mozilla.org/show_bug.cgi?id=713933
140    patches/canfalsestart.patch
141
142  * Have the Null Cipher limit output to the maximum allowed
143    https://bugzilla.mozilla.org/show_bug.cgi?id=934016
144    patches/nullcipher_934016.patch
145
146  * In the case that a ClientHello record is between 256 and 511 bytes long,
147    add an extension to make it 512 bytes. This works around a bug in F5
148    terminators.
149    patches/paddingextension.patch
150    patches/paddingextensionall.patch
151
152  * Support the Certificate Transparency (RFC 6962) TLS extension
153    signed_certificate_timestamp (client only).
154    patches/signedcertificatetimestamps.patch
155
156  * Add a function to allow the cipher suites preference order to be set.
157    patches/cipherorder.patch
158
159  * Add TLS_FALLBACK_SCSV cipher suite to version fallback connections.
160    patches/fallbackscsv.patch
161
162  * Disable session ticket renewal.
163    https://bugzilla.mozilla.org/show_bug.cgi?id=930857
164    patches/disableticketrenewal.patch
165
166  * Add explicit functions for managing the SSL/TLS session cache.
167    This is a temporary workaround until Chromium migrates to NSS's
168    asynchronous certificate verification.
169    patches/sessioncache.patch
170
171  * Remove static storage qualifier from variables in sslnonce.c. Due to
172    a clang codegen bug on Mac, this caused an infinite loop.
173    https://code.google.com/p/chromium/issues/detail?id=326011
174    patches/sslnoncestatics.patch
175
176Apply the patches to NSS by running the patches/applypatches.sh script.  Read
177the comments at the top of patches/applypatches.sh for instructions.
178
179The ssl/bodge directory contains files taken from the NSS repo that we required
180for building libssl outside of its usual build environment.
181