From b6fe925e3cf7d238d102aa34f737695d440899c3 Mon Sep 17 00:00:00 2001
From: Andreas Grapentin <andreas@grapentin.org>
Date: Tue, 5 Sep 2017 07:43:12 +0200
Subject: libre/icecat: updated to 52.3.0

---
 libre/icecat/PKGBUILD                                |  8 ++++----
 libre/icecat/disable-crypto-hardening-settings.patch | 16 ++++++++--------
 2 files changed, 12 insertions(+), 12 deletions(-)

(limited to 'libre')

diff --git a/libre/icecat/PKGBUILD b/libre/icecat/PKGBUILD
index 1b01e7d9c..aafad8c03 100644
--- a/libre/icecat/PKGBUILD
+++ b/libre/icecat/PKGBUILD
@@ -14,9 +14,9 @@
 _pgo=false
 
 pkgname=icecat
-_pkgver=52.1.0-gnu1
+_pkgver=52.3.0-gnu1
 pkgver=${_pkgver//-/_}
-pkgrel=2
+pkgrel=1
 
 pkgdesc="GNU IceCat, the standalone web browser based on Mozilla Firefox."
 arch=(i686 x86_64 armv7h)
@@ -45,7 +45,7 @@ source=(http://ftp.gnu.org/gnu/gnuzilla/${_pkgver%-*}/$pkgname-$_pkgver.tar.bz2{
         disable-spoofSource-referer.patch
         no-crmf.patch
         no-neon.patch)
-sha256sums=('0beff2a04fdc1b56d274133cd22ff546fd609c929954132ff6bf1b800a5b24f3'
+sha256sums=('699ab2b41d4428ef5e360f3f33d98bc52723315cedac20bb03619846ca895302'
             'SKIP'
             '04952e0910c7c0d24faaa1ffa486dc3dae9f2c52548ff977858bec08ccb400f3'
             '76a657a90371e637e7c4b371b71a15c85acafcece6277455e9ede84ffe104d3e'
@@ -54,7 +54,7 @@ sha256sums=('0beff2a04fdc1b56d274133cd22ff546fd609c929954132ff6bf1b800a5b24f3'
             '5bdab2de5520fb4d3dbc453d9f73d20e0e077bf652bc780fc17184ba6c718a47'
             '977aa49b940f1da049cefa2878a63ac6669a78e63e9d55bb11db7b8f8fb64c33'
             '68e3a5b47c6d175cc95b98b069a15205f027cab83af9e075818d38610feb6213'
-            '0166aa368420f0bf0aab064b2188e3d852b241efeeb27dee66df2bc15e84b83a'
+            'bb1fc90d117c4a7810e202d23ff44a2dac11b675336533054b5a70dd8606df38'
             'c50043266e69f5844e6dce9ea7193af79587dcaa66806932d7867281a176f03e'
             'cf224d69e89f37f92202061669014b99fbf7b1fec38fd8ba9f957711fa095729'
             '6d0c1c9ca28b20d206ce24ca84f4d4e3f5d062a2e9cb7445fcb6c2cfea959b4a')
diff --git a/libre/icecat/disable-crypto-hardening-settings.patch b/libre/icecat/disable-crypto-hardening-settings.patch
index 3c7dedd77..c6dfb1ac1 100644
--- a/libre/icecat/disable-crypto-hardening-settings.patch
+++ b/libre/icecat/disable-crypto-hardening-settings.patch
@@ -9,19 +9,19 @@ index 3308a22..6b81444 100644
 -pref("security.tls.unrestricted_rc4_fallback", false);
 -pref("security.tls.insecure_fallback_hosts.use_static_list", false);
 -pref("security.tls.version.min", 1);
--pref("security.ssl.require_safe_negotiation", true);
+-pref("security.ssl.require_safe_negotiation", false);
 -pref("security.ssl.treat_unsafe_negotiation_as_broken", true);
 -pref("security.ssl3.rsa_seed_sha", true);
 -pref("security.OCSP.enabled", 1);
--pref("security.OCSP.require", true);
+-pref("security.OCSP.require", false); // set to false otherwise it breaks captive portal usage
 +//pref("security.tls.unrestricted_rc4_fallback", false);
 +//pref("security.tls.insecure_fallback_hosts.use_static_list", false);
 +//pref("security.tls.version.min", 1);
-+//pref("security.ssl.require_safe_negotiation", true);
++//pref("security.ssl.require_safe_negotiation", false);
 +//pref("security.ssl.treat_unsafe_negotiation_as_broken", true);
 +//pref("security.ssl3.rsa_seed_sha", true);
 +//pref("security.OCSP.enabled", 1);
-+//pref("security.OCSP.require", true);
++//pref("security.OCSP.require", false); // set to false otherwise it breaks captive portal usage
  
  // Disable channel updates
  pref("app.update.enabled", false);
@@ -36,19 +36,19 @@ index bfc6cba..cfdeb22 100644
 -pref("security.tls.unrestricted_rc4_fallback", false);
 -pref("security.tls.insecure_fallback_hosts.use_static_list", false);
 -pref("security.tls.version.min", 1);
--pref("security.ssl.require_safe_negotiation", true);
+-pref("security.ssl.require_safe_negotiation", false);
 -pref("security.ssl.treat_unsafe_negotiation_as_broken", true);
 -pref("security.ssl3.rsa_seed_sha", true);
 -pref("security.OCSP.enabled", 1);
--pref("security.OCSP.require", true);
+-pref("security.OCSP.require", false); // set to false otherwise it breaks captive portal usage
 +//pref("security.tls.unrestricted_rc4_fallback", false);
 +//pref("security.tls.insecure_fallback_hosts.use_static_list", false);
 +//pref("security.tls.version.min", 1);
-+//pref("security.ssl.require_safe_negotiation", true);
++//pref("security.ssl.require_safe_negotiation", false);
 +//pref("security.ssl.treat_unsafe_negotiation_as_broken", true);
 +//pref("security.ssl3.rsa_seed_sha", true);
 +//pref("security.OCSP.enabled", 1);
-+//pref("security.OCSP.require", true);
++//pref("security.OCSP.require", false); // set to false otherwise it breaks captive portal usage
  
  // Disable channel updates
  pref("app.update.enabled", false);
-- 
cgit v1.2.3