summaryrefslogtreecommitdiffstats
path: root/security/nss/automation/taskcluster/docker-hacl
diff options
context:
space:
mode:
authorwolfbeast <mcwerewolf@gmail.com>2018-08-14 07:52:35 +0200
committerwolfbeast <mcwerewolf@gmail.com>2018-08-14 16:42:52 +0200
commitab1060037931158d3a8bf4c8f9f6cb4dbfe916e9 (patch)
tree5e4677e52b9a349602f04135a44b3000c8baa97b /security/nss/automation/taskcluster/docker-hacl
parentf44e99950fc25d16a3cdaffe26dadf7b58a9d38c (diff)
downloadUXP-ab1060037931158d3a8bf4c8f9f6cb4dbfe916e9.tar
UXP-ab1060037931158d3a8bf4c8f9f6cb4dbfe916e9.tar.gz
UXP-ab1060037931158d3a8bf4c8f9f6cb4dbfe916e9.tar.lz
UXP-ab1060037931158d3a8bf4c8f9f6cb4dbfe916e9.tar.xz
UXP-ab1060037931158d3a8bf4c8f9f6cb4dbfe916e9.zip
Update NSS to 3.38
- Added HACL*Poly1305 32-bit (INRIA/Microsoft) - Updated to final TLS 1.3 draft version (28) - Removed TLS 1.3 prerelease draft limit check - Removed NPN code - Enabled dev/urandom-only RNG on Linux with NSS_SEED_ONLY_DEV_URANDOM for non-standard environments - Fixed several bugs with TLS 1.3 negotiation - Updated internal certificate store - Added support for the TLS Record Size Limit Extension. - Fixed CVE-2018-0495 - Various security fixes in the ASN.1 code.
Diffstat (limited to 'security/nss/automation/taskcluster/docker-hacl')
-rw-r--r--security/nss/automation/taskcluster/docker-hacl/Dockerfile6
-rw-r--r--security/nss/automation/taskcluster/docker-hacl/setup-user.sh1
2 files changed, 3 insertions, 4 deletions
diff --git a/security/nss/automation/taskcluster/docker-hacl/Dockerfile b/security/nss/automation/taskcluster/docker-hacl/Dockerfile
index 63f9a24e2..50f2be239 100644
--- a/security/nss/automation/taskcluster/docker-hacl/Dockerfile
+++ b/security/nss/automation/taskcluster/docker-hacl/Dockerfile
@@ -5,11 +5,11 @@ MAINTAINER Franziskus Kiefer <franziskuskiefer@gmail.com>
# the original F* formula with Daniel Fabian
# Pinned versions of HACL* (F* and KreMLin are pinned as submodules)
-ENV haclrepo https://github.com/franziskuskiefer/hacl-star.git
+ENV haclrepo https://github.com/mitls/hacl-star.git
# Define versions of dependencies
-ENV opamv 4.04.2
-ENV haclversion 668d6cf274c33bbe2e951e3a84b73f2b6442a51f
+ENV opamv 4.05.0
+ENV haclversion 1da331f9ef30e13269e45ae73bbe4a4bca679ae6
# Install required packages and set versions
ADD setup.sh /tmp/setup.sh
diff --git a/security/nss/automation/taskcluster/docker-hacl/setup-user.sh b/security/nss/automation/taskcluster/docker-hacl/setup-user.sh
index b8accaf58..e2c0b857b 100644
--- a/security/nss/automation/taskcluster/docker-hacl/setup-user.sh
+++ b/security/nss/automation/taskcluster/docker-hacl/setup-user.sh
@@ -16,7 +16,6 @@ git -C hacl-star checkout ${haclversion}
# This caches the extracted c code (pins the HACL* version). All we need to do
# on CI now is comparing the code in this docker image with the one in NSS.
opam config exec -- make -C hacl-star prepare -j$(nproc)
-make -C hacl-star verify-nss -j$(nproc)
make -C hacl-star -f Makefile.build snapshots/nss -j$(nproc)
KOPTS="-funroll-loops 5" make -C hacl-star/code/curve25519 test -j$(nproc)
make -C hacl-star/code/salsa-family test -j$(nproc)