[packages/firefox] - added nss-http2 patch (backport of nss 3.28+ compatibility fix); release 2

Wed Jan 11 05:41:00 CET 2017

commit 8f7abdd258776c3cd4d0fb174264831f1ff6c9fb
Author: Jakub Bogusz <qboosh at pld-linux.org>
Date:   Wed Jan 11 05:42:04 2017 +0100

    - added nss-http2 patch (backport of nss 3.28+ compatibility fix); release 2

 firefox-nss-http2.patch | 14 ++++++++++++++
 firefox.spec            |  4 +++-
 2 files changed, 17 insertions(+), 1 deletion(-)
---

diff --git a/firefox.spec b/firefox.spec
index 82dba9b..fe8fc54 100644
--- a/firefox.spec
+++ b/firefox.spec
@@ -26,7 +26,7 @@ Summary(hu.UTF-8):	Firefox web böngésző
 Summary(pl.UTF-8):	Firefox - przeglądarka WWW
 Name:		firefox
 Version:	50.1.0
-Release:	1
+Release:	2
 License:	MPL v2.0
 Group:		X11/Applications/Networking
 Source0:	http://releases.mozilla.org/pub/mozilla.org/firefox/releases/%{version}/source/firefox-%{version}.source.tar.xz
@@ -46,6 +46,7 @@ Patch7:		%{name}-middle_click_paste.patch
 Patch8:		%{name}-system-virtualenv.patch
 Patch9:		%{name}-Disable-Firefox-Health-Report.patch
 Patch10:	freetype.patch
+Patch11:	%{name}-nss-http2.patch
 URL:		https://www.mozilla.org/firefox/
 BuildRequires:	OpenGL-devel
 BuildRequires:	alsa-lib-devel
@@ -218,6 +219,7 @@ echo 'LOCAL_INCLUDES += $(MOZ_HUNSPELL_CFLAGS)' >> extensions/spellcheck/src/Mak
 %patch8 -p2
 %patch9 -p1
 %patch10 -p2
+%patch11 -p1
 
 %{__sed} -i -e '1s,/usr/bin/env python,%{__python},' xpcom/typelib/xpt/tools/xpt.py xpcom/idl-parser/xpidl/xpidl.py
 
diff --git a/firefox-nss-http2.patch b/firefox-nss-http2.patch
new file mode 100644
index 0000000..066f0cc
--- /dev/null
+++ b/firefox-nss-http2.patch
@@ -0,0 +1,14 @@
+https://bugzilla.mozilla.org/show_bug.cgi?id=1290037
+--- firefox-50.1.0/netwerk/protocol/http/Http2Session.cpp.orig	2016-10-31 21:15:27.000000000 +0100
++++ firefox-50.1.0/netwerk/protocol/http/Http2Session.cpp	2017-01-09 17:45:38.639941993 +0100
+@@ -3542,8 +3542,8 @@
+     LOG3(("Http2Session::ConfirmTLSProfile %p FAILED due to DH %d < 2048\n",
+           this, keybits));
+     RETURN_SESSION_ERROR(this, INADEQUATE_SECURITY);
+-  } else if (kea == ssl_kea_ecdh && keybits < 256) { // 256 bits is "security level" of 128
+-    LOG3(("Http2Session::ConfirmTLSProfile %p FAILED due to ECDH %d < 256\n",
++  } else if (kea == ssl_kea_ecdh && keybits < 224) { // see rfc7540 9.2.1.
++    LOG3(("Http2Session::ConfirmTLSProfile %p FAILED due to ECDH %d < 224\n",
+           this, keybits));
+     RETURN_SESSION_ERROR(this, INADEQUATE_SECURITY);
+   }
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/firefox.git/commitdiff/8f7abdd258776c3cd4d0fb174264831f1ff6c9fb

