Progress tracker: NSS update for 9.2

KawaiiBASIC / classilla

Automatically exported from code.google.com/p/classilla

0 stars 0 forks source link

Progress tracker: NSS update for 9.2 #89

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago

There are some network flakiness problems reported by Sakuya that we
probably can repair at the same time we upgrade our security by simply
updating NSS. libnecko would also be nice but I don't know how
crossplatform that is, even with GUSI.

Original issue reported on code.google.com by classi...@floodgap.com on 21 Jan 2010 at 2:46

GoogleCodeExporter commented 9 years ago

Updated to high - I would like this for 9.2.x. NSS should be straightforward. 
Need to
do more analysis of libnecko.

Original comment by classi...@floodgap.com on 7 Apr 2010 at 1:08

Added labels: Priority-High
Removed labels: Priority-Medium

GoogleCodeExporter commented 9 years ago

Initial survey:

/mozilla/security/nss/% grep -lR XP_MAC * | grep '\.[ch]'
lib/fortcrypt/fortpk11.c
lib/fortcrypt/fpkmem.h
lib/fortcrypt/swfort/swfutl.c
lib/freebl/mac_rand.c
lib/freebl/sysrand.c
lib/nss/nssinit.c
lib/util/secport.c
lib/util/secport.h
/mozilla/security/nss/% grep -lR MWERKS * | grep '\.[ch]'
lib/fortcrypt/fortpk11.c
lib/jar/jzconf.h

I'm a bit bothered by macbuild/macstubs.c. I'm not sure if we need it still.

Original comment by classi...@floodgap.com on 22 Apr 2010 at 4:02

GoogleCodeExporter commented 9 years ago

Making this NSS only. libnecko will be its own bug.

Original comment by classi...@floodgap.com on 22 Apr 2010 at 4:03

Changed title: Progress tracker: NSS update for 9.2
Added labels: Priority-Critical
Removed labels: Priority-High

GoogleCodeExporter commented 9 years ago

http://www.mozilla.org/projects/security/pki/nss/
diff to http://mxr.mozilla.org/security/source/security/nss/

Original comment by classi...@floodgap.com on 22 Apr 2010 at 4:10

GoogleCodeExporter commented 9 years ago

softoken/ seems to have a dependency on sqlite/. We might skip this this time 
around
to avoid having to port SQLite to OS 9 at the same time, and just use our old 
code.

Original comment by classi...@floodgap.com on 22 Apr 2010 at 4:33

GoogleCodeExporter commented 9 years ago

There is no lib/asn1, lib/fortcrypt; lib/pkix is now lib/libpkix; and there is 
now a
lib/sysinit.

There is no point in updating cmd/; we can't use it right now. We may update 
tests/
for a later sanity check at a later time. pkg/ and coverage/ do not apply to us.

Original comment by classi...@floodgap.com on 22 Apr 2010 at 4:39

GoogleCodeExporter commented 9 years ago

Wontfixing. After some struggling, it turned out our NSPR is too old, and I'm 
not
going to port sqlite, berkeley db AND a new NSPR for something that mightn't 
work
anyway. Instead, we will simply backport later fixes during our security audit 
post
9.3. NSS will not be upgraded as an item in Classilla as it currently stands.

Original comment by classi...@floodgap.com on 27 May 2010 at 3:08

Changed state: WontFix