From ab1060037931158d3a8bf4c8f9f6cb4dbfe916e9 Mon Sep 17 00:00:00 2001 From: wolfbeast Date: Tue, 14 Aug 2018 07:52:35 +0200 Subject: Update NSS to 3.38 - Added HACL*Poly1305 32-bit (INRIA/Microsoft) - Updated to final TLS 1.3 draft version (28) - Removed TLS 1.3 prerelease draft limit check - Removed NPN code - Enabled dev/urandom-only RNG on Linux with NSS_SEED_ONLY_DEV_URANDOM for non-standard environments - Fixed several bugs with TLS 1.3 negotiation - Updated internal certificate store - Added support for the TLS Record Size Limit Extension. - Fixed CVE-2018-0495 - Various security fixes in the ASN.1 code. --- security/nss/lib/freebl/Makefile | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'security/nss/lib/freebl/Makefile') diff --git a/security/nss/lib/freebl/Makefile b/security/nss/lib/freebl/Makefile index a4b1a86ae..bff11c7c8 100644 --- a/security/nss/lib/freebl/Makefile +++ b/security/nss/lib/freebl/Makefile @@ -517,13 +517,13 @@ ifndef NSS_DISABLE_CHACHAPOLY ifdef HAVE_INT128_SUPPORT EXTRA_SRCS += Hacl_Poly1305_64.c else - EXTRA_SRCS += poly1305.c + EXTRA_SRCS += Hacl_Poly1305_32.c endif else ifeq ($(CPU_ARCH),aarch64) EXTRA_SRCS += Hacl_Poly1305_64.c else - EXTRA_SRCS += poly1305.c + EXTRA_SRCS += Hacl_Poly1305_32.c endif endif # x86_64 @@ -535,12 +535,16 @@ ifeq (,$(filter-out i386 x386 x86 x86_64 aarch64,$(CPU_ARCH))) # All intel architectures get the 64 bit version # With custom uint128 if necessary (faster than generic 32 bit version). ECL_SRCS += curve25519_64.c - VERIFIED_SRCS += Hacl_Curve25519.c FStar.c + VERIFIED_SRCS += Hacl_Curve25519.c else # All non intel architectures get the generic 32 bit implementation (slow!) ECL_SRCS += curve25519_32.c endif +ifndef HAVE_INT128_SUPPORT + VERIFIED_SRCS += FStar.c +endif + ####################################################################### # (5) Execute "global" rules. (OPTIONAL) # ####################################################################### -- cgit v1.2.3