[Bug 1547133] Re: After automatically upgrading Xubuntu library libnss3 to version 2:3.21-0ubuntu0.15.10.1 some apps stop working

Marc Deslauriers marc.deslauriers at canonical.com
Thu Mar 24 19:22:44 UTC 2016


This is a bug in QtWebEngine.

The file
src/3rdparty/chromium/net/third_party/nss/patches/chacha20poly1305.patch
contains the following:

+/* This is a bodge to allow this code to be compiled against older NSS
+ * headers. */
+#ifndef CKM_NSS_CHACHA20_POLY1305
+#define CKM_NSS_CHACHA20_POLY1305               (CKM_NSS + 26)

Unfortunately, CKM_NSS + 26 got used for something else in nss 3.21:
#define CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE_DH (CKM_NSS + 26)

In nss 3.23, we now have:
#define CKM_NSS_CHACHA20_POLY1305               (CKM_NSS + 28)

This means QtWebEngine isn't using the right value.

To fix this, QtWebEngine needs to be patched to use the proper value of CKM_NSS + 28 in the following files:
src/3rdparty/chromium/net/socket/ssl_client_socket_nss.cc
src/3rdparty/chromium/net/third_party/nss/patches/chacha20poly1305.patch
src/3rdparty/chromium/net/third_party/nss/ssl/ssl3con.c
src/3rdparty/chromium/third_party/nss/patches/nss-chacha20-poly1305.patch
src/3rdparty/chromium/third_party/nss/nss/lib/util/pkcs11n.h


Once that is done and QtWebEngine is rebuilt, I believe it will be compatible with nss 3.21 and 3.23.

I am closing this bug since the product using QtWebEngine is not in
Ubuntu and there is no further action to be done.

** Changed in: nss (Ubuntu)
       Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nss in Ubuntu.
https://bugs.launchpad.net/bugs/1547133

Title:
  After automatically upgrading Xubuntu library libnss3 to version
  2:3.21-0ubuntu0.15.10.1 some apps stop working

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nss/+bug/1547133/+subscriptions



More information about the Ubuntu-server-bugs mailing list