[pkgsrc/trunk]: pkgsrc/www/seamonkey Fix an insecure connection error with ns...

[ryoon <ryoon%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/d199d7b0a04b
branches:  trunk
changeset: 357616:d199d7b0a04b
user:      ryoon <ryoon%pkgsrc.org@localhost>
date:      Tue Jan 24 13:31:37 2017 +0000

description:
Fix an insecure connection error with nss 3.28 or later. Bump PKGREVISION

diffstat:

 www/seamonkey/Makefile                                                     |   4 +-
 www/seamonkey/distinfo                                                     |   3 +-
 www/seamonkey/patches/patch-mozilla_netwerk_protocol_http_Http2Session.cpp |  18 ++++++++++
 3 files changed, 22 insertions(+), 3 deletions(-)

diffs (53 lines):

diff -r 1fda39625e9f -r d199d7b0a04b www/seamonkey/Makefile
--- a/www/seamonkey/Makefile    Tue Jan 24 13:29:41 2017 +0000
+++ b/www/seamonkey/Makefile    Tue Jan 24 13:31:37 2017 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.153 2017/01/21 20:06:53 ryoon Exp $
+# $NetBSD: Makefile,v 1.154 2017/01/24 13:31:37 ryoon Exp $
 
 DISTNAME=      seamonkey-${SM_VER}.source
 PKGNAME=       seamonkey-${SM_VER:S/b/beta/}
-PKGREVISION=   2
+PKGREVISION=   3
 SM_VER=                2.46
 CATEGORIES=    www
 MASTER_SITES=  ${MASTER_SITE_MOZILLA:=seamonkey/releases/${SM_VER}/source/}
diff -r 1fda39625e9f -r d199d7b0a04b www/seamonkey/distinfo
--- a/www/seamonkey/distinfo    Tue Jan 24 13:29:41 2017 +0000
+++ b/www/seamonkey/distinfo    Tue Jan 24 13:31:37 2017 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.142 2017/01/01 16:14:07 ryoon Exp $
+$NetBSD: distinfo,v 1.143 2017/01/24 13:31:37 ryoon Exp $
 
 SHA1 (seamonkey-2.46.source.tar.xz) = 5322723a0c7757f29db5636fc60f4c9f3f6734c5
 RMD160 (seamonkey-2.46.source.tar.xz) = ba09b9606457371c46524fdda3b73f3b37571f30
@@ -82,6 +82,7 @@
 SHA1 (patch-mozilla_modules_libpref_init_all.js) = f366d7acf841117bf8c896d355f04e9549ebf17f
 SHA1 (patch-mozilla_mozglue_build_arm.cpp) = 592ae5ce1a404227cc2ab6a06418cc813c5743c9
 SHA1 (patch-mozilla_mozglue_build_arm.h) = 94e2b1a1a9ebf20bfa8a542066aa0dad475db320
+SHA1 (patch-mozilla_netwerk_protocol_http_Http2Session.cpp) = 7d7556575028ef4ee5fccbcb712d5c9f2827f7e6
 SHA1 (patch-mozilla_old-configure.in) = 865300929353ffbd31ae01793dd496352e2ccb70
 SHA1 (patch-mozilla_python_mozbuild_mozbuild_configure_options.py) = c95e9ffa8bae63b6e68c8363903dadef93ce7d75
 SHA1 (patch-mozilla_toolkit_components_protobuf_src_google_protobuf_stubs_atomicops.h) = 0b5cad33bc9a90f4ae2d6346065707b642aba3a9
diff -r 1fda39625e9f -r d199d7b0a04b www/seamonkey/patches/patch-mozilla_netwerk_protocol_http_Http2Session.cpp
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/www/seamonkey/patches/patch-mozilla_netwerk_protocol_http_Http2Session.cpp        Tue Jan 24 13:31:37 2017 +0000
@@ -0,0 +1,18 @@
+$NetBSD: patch-mozilla_netwerk_protocol_http_Http2Session.cpp,v 1.4 2017/01/24 13:31:37 ryoon Exp $
+
+Fix an insecure connection error with NSS 3.28 or later in HTTP2 case
+https://hg.mozilla.org/mozilla-central/rev/361ac226da2a
+
+--- mozilla/netwerk/protocol/http/Http2Session.cpp.orig        2016-12-14 02:10:00.000000000 +0000
++++ mozilla/netwerk/protocol/http/Http2Session.cpp
+@@ -3542,8 +3542,8 @@ Http2Session::ConfirmTLSProfile()
+     LOG3(("Http2Session::ConfirmTLSProfile %p FAILED due to DH %d < 2048\n",
+           this, keybits));
+     RETURN_SESSION_ERROR(this, INADEQUATE_SECURITY);
+-  } else if (kea == ssl_kea_ecdh && keybits < 256) { // 256 bits is "security level" of 128
+-    LOG3(("Http2Session::ConfirmTLSProfile %p FAILED due to ECDH %d < 256\n",
++  } else if (kea == ssl_kea_ecdh && keybits < 224) { // see rfc7540 9.2.1.
++    LOG3(("Http2Session::ConfirmTLSProfile %p FAILED due to ECDH %d < 224\n",
+           this, keybits));
+     RETURN_SESSION_ERROR(this, INADEQUATE_SECURITY);
+   }