From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <manowar@altlinux.org>
Date: Tue, 10 Dec 2019 14:40:14 +0300
From: Paul Wolneykien <manowar@altlinux.org>
To: devel@lists.altlinux.org
Message-ID: <20191210144014.36cde9e2@rigel.localdomain>
In-Reply-To: <tqcjv3.q21zpc.31m6fa-qmf@imap.altlinux.org>
References: <20191205094407.enexdwzus2lhqjll@comp-core-i7-2640m-0182e6>
 <20191205125048.6fed1b74@rigel.localdomain>
 <CAGvFrt1jbDvQ9gLJ9K=7N7evTQJDjgjtScOJvh8qOjb9z77epg@mail.gmail.com>
 <20191205182910.4aa137ad@rigel.localdomain>
 <CAGvFrt1onmd=_z0YMY+qbBeF+ErQ0SnVtrSLojMe+Db=zweysA@mail.gmail.com>
 <9e75a7c6-3fbc-a4aa-7631-c4b3a84463e9@basealt.ru>
 <CAGvFrt30FXaLmTrmdc_J5uifaFuG05w3bo4pRVBeNEgw-2nCTA@mail.gmail.com>
 <d3ab5ae7-e491-95be-6d77-fd54345c4c3e@basealt.ru>
 <CAGvFrt2mS5U3=s+VpAqNHFqcHBtjUGj5NUDFxBa_pQEgqm+Bcw@mail.gmail.com>
 <e0xh4p.q21u17.31m6fa-qmf@imap.altlinux.org>
 <20191205183604.GB13107@altlinux.org>
 <tqcjv3.q21zpc.31m6fa-qmf@imap.altlinux.org>
Organization: BaseALT
X-Mailer: Claws Mail 3.17.4 (GTK+ 2.24.32; x86_64-alt-linux-gnu)
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="MP_/oy2=FlBq6affBlZqjh3sfua"
Subject: Re: [devel] =?utf-8?b?bnNzLWdvc3Qg0LggZmlyZWZveC1nb3N0INCyINCh0Lg=?=
 =?utf-8?b?0LfQuNGE0LU=?=
X-BeenThere: devel@lists.altlinux.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: ALT Linux Team development discussions <devel@lists.altlinux.org>
List-Id: ALT Linux Team development discussions <devel.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/options/devel>,
 <mailto:devel-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/devel>
List-Post: <mailto:devel@lists.altlinux.org>
List-Help: <mailto:devel-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/devel>,
 <mailto:devel-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Dec 2019 11:40:17 -0000
Archived-At: <http://lore.altlinux.org/devel/20191210144014.36cde9e2@rigel.localdomain/>
List-Archive: <http://lore.altlinux.org/devel/>
List-Post: <mailto:devel@altlinux.org>

--MP_/oy2=FlBq6affBlZqjh3sfua
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

=D0=92 Thu, 5 Dec 2019 19:05:35 +0000
manowar@altlinux.org =D0=BF=D0=B8=D1=88=D0=B5=D1=82:

> =D0=A7=D0=B5=D1=82=D0=B2=D0=B5=D1=80=D0=B3, 5 =D0=B4=D0=B5=D0=BA=D0=B0=D0=
=B1=D1=80=D1=8F 2019 =D0=B3 =D0=BF=D0=BE=D0=BB=D1=83=D1=87=D0=B5=D0=BD=D0=
=BE =D0=BE=D1=82 Dmitry V. Levin:
> >=20
> > =D0=9F=D0=BE=D0=BC=D0=B5=D1=81=D1=82=D0=B8=D1=82=D1=8C =D0=B2 gostcrypt=
o =D0=B8=D0=BB=D0=B8 =D1=81=D0=BC=D0=B5=D0=BD=D0=B8=D1=82=D1=8C soname - =
=D0=B4=D0=B2=D0=B0 =D1=80=D0=B0=D0=B7=D0=BD=D1=8B=D1=85 =D0=BF=D0=BE=D0=B4=
=D1=85=D0=BE=D0=B4=D0=B0,
> > =D0=B2=D1=8B=D0=B1=D0=BE=D1=80 =D0=B7=D0=B0=D0=B2=D0=B8=D1=81=D0=B8=D1=
=82 =D0=BE=D1=82 =D1=80=D0=B5=D1=88=D0=B0=D0=B5=D0=BC=D0=BE=D0=B9 =D0=B7=D0=
=B0=D0=B4=D0=B0=D1=87=D0=B8.  =D0=95=D1=81=D0=BB=D0=B8 =D0=BD=D1=83=D0=B6=
=D0=BD=D0=B0 =D0=B1=D0=B8=D0=B1=D0=BB=D0=B8=D0=BE=D1=82=D0=B5=D0=BA=D0=B0, =
=D0=BA=D0=BE=D1=82=D0=BE=D1=80=D1=83=D1=8E
> > =D0=BC=D0=BE=D0=B6=D0=BD=D0=BE =D0=B8=D1=81=D0=BF=D0=BE=D0=BB=D1=8C=D0=
=B7=D0=BE=D0=B2=D0=B0=D1=82=D1=8C =D0=BE=D0=B4=D0=BD=D0=BE=D0=B2=D1=80=D0=
=B5=D0=BC=D0=B5=D0=BD=D0=BD=D0=BE =D1=81 =D0=BE=D0=B1=D1=8B=D1=87=D0=BD=D0=
=BE=D0=B9, =D1=82=D0=BE =D1=81=D0=BC=D0=B5=D0=BD=D0=B0 soname =D0=B8 =D0=BF=
=D0=BE=D0=BB=D0=BD=D1=8B=D0=B9
> > =D1=80=D0=B0=D0=B7=D0=B2=D0=BE=D0=B4 provides.  =D0=95=D1=81=D0=BB=D0=
=B8 =D0=BD=D1=83=D0=B6=D0=BD=D0=B0 =D0=B1=D0=B8=D0=B1=D0=BB=D0=B8=D0=BE=D1=
=82=D0=B5=D0=BA=D0=B0, =D0=BA=D0=BE=D1=82=D0=BE=D1=80=D1=83=D1=8E =D0=BC=D0=
=BE=D0=B6=D0=BD=D0=BE =D0=B8=D1=81=D0=BF=D0=BE=D0=BB=D1=8C=D0=B7=D0=BE=D0=
=B2=D0=B0=D1=82=D1=8C
> > =D0=B2=D0=BC=D0=B5=D1=81=D1=82=D0=BE =D0=BE=D0=B1=D1=8B=D1=87=D0=BD=D0=
=BE=D0=B9, =D1=82=D0=BE =D1=81=D0=BE=D1=85=D1=80=D0=B0=D0=BD=D0=B5=D0=BD=D0=
=B8=D0=B5 soname =D0=B8 =D0=BF=D0=BE=D0=BC=D0=B5=D1=89=D0=B5=D0=BD=D0=B8=D0=
=B5 =D0=B2 gostcrypto. =20
>=20
>   =D0=92=D0=B0=D1=80=D0=B8=D0=B0=D0=BD=D1=82 "=D0=B2=D0=BC=D0=B5=D1=81=D1=
=82=D0=BE" (gostcrypto) =D0=B1=D1=83=D0=B4=D0=B5=D1=82 =D0=BE=D1=81=D0=BE=
=D0=B1=D0=B5=D0=BD=D0=BD=D0=BE =D0=B8=D0=BD=D1=82=D0=B5=D1=80=D0=B5=D1=81=
=D0=B5=D0=BD, =D0=B5=D1=81=D0=BB=D0=B8 =D0=BC=D1=8B
> =D0=B4=D0=BE=D0=B3=D0=BE=D0=B2=D0=BE=D1=80=D0=B8=D0=BC=D1=81=D1=8F =D0=B2=
=D0=BA=D0=BB=D1=8E=D1=87=D0=B8=D1=82=D1=8C =D0=BD=D0=BE=D0=BC=D0=B5=D1=80=
=D0=B0 =D0=93=D0=9E=D0=A1=D0=A2=D0=BE=D0=B2=D1=8B=D1=85 =D1=88=D0=B8=D1=84=
=D1=80=D0=BE=D0=BD=D0=B0=D0=B1=D0=BE=D1=80=D0=BE=D0=B2 =D0=B2 =D0=B1=D0=B0=
=D0=B7=D0=BE=D0=B2=D1=83=D1=8E =D0=B2=D0=B5=D1=80=D1=81=D0=B8=D1=8E
> Firefox.

  =D0=9F=D1=80=D0=B8=D0=BB=D0=B0=D0=B3=D0=B0=D1=8E =D0=BF=D0=B0=D1=82=D1=87=
, =D0=BA=D0=BE=D1=82=D0=BE=D1=80=D1=8B=D0=B9 =D1=80=D0=B0=D0=B7=D1=80=D0=B5=
=D1=88=D0=B0=D0=B5=D1=82 =D0=B8=D1=81=D0=BF=D0=BE=D0=BB=D1=8C=D0=B7=D0=BE=
=D0=B2=D0=B0=D0=BD=D0=B8=D0=B5 =D1=88=D0=B8=D1=84=D1=80=D0=BE=D0=BD=D0=B0=
=D0=B1=D0=BE=D1=80=D0=BE=D0=B2 =D1=81
=D0=BD=D0=BE=D0=BC=D0=B5=D1=80=D0=B0=D0=BC=D0=B8 C100--C102 =D0=B8 81 =D0=
=B4=D0=BB=D1=8F HTTPS. =D0=A1=D0=BC=D1=8B=D1=81=D0=BB =D0=B5=D0=B3=D0=BE =
=D0=B2 =D1=82=D0=BE=D0=BC, =D1=87=D1=82=D0=BE =D0=BE=D0=BD =D1=80=D0=B0=D0=
=B7=D1=80=D0=B5=D1=88=D0=B0=D0=B5=D1=82
=D0=BF=D1=80=D0=B8=D0=BD=D1=8F=D1=82=D1=8C =D0=B4=D0=B0=D0=BD=D0=BD=D1=8B=
=D0=B5 =D1=88=D0=B8=D1=84=D1=80=D0=BE=D0=BD=D0=B0=D0=B1=D0=BE=D1=80=D1=8B =
=D0=BA =D1=80=D0=B0=D1=81=D1=81=D0=BC=D0=BE=D1=82=D1=80=D0=B5=D0=BD=D0=B8=
=D1=8E =D0=B2 =D1=80=D0=B0=D0=BC=D0=BA=D0=B0=D1=85 =D0=BF=D1=80=D0=BE=D1=86=
=D0=B5=D0=B4=D1=83=D1=80=D1=8B =D1=83=D1=81=D1=82=D0=B0=D0=BD=D0=BE=D0=B2=
=D0=BA=D0=B8
=D1=81=D0=BE=D0=B5=D0=B4=D0=B8=D0=BD=D0=B5=D0=BD=D0=B8=D1=8F. =D0=9F=D1=80=
=D0=B8 =D1=8D=D1=82=D0=BE=D0=BC =D1=84=D0=B0=D0=BA=D1=82=D0=B8=D1=87=D0=B5=
=D1=81=D0=BA=D0=BE=D0=B5 =D0=B8=D1=81=D0=BF=D0=BE=D0=BB=D1=8C=D0=B7=D0=BE=
=D0=B2=D0=B0=D0=BD=D0=B8=D0=B5 =D1=88=D0=B8=D1=84=D1=80=D0=BE=D0=BD=D0=B0=
=D0=B1=D0=BE=D1=80=D0=B0 =D0=B7=D0=B0=D0=B2=D0=B8=D1=81=D0=B8=D1=82 =D0=BE=
=D1=82
=D1=81=D0=BE=D0=B1=D0=BB=D1=8E=D0=B4=D0=B5=D0=BD=D0=B8=D1=8F =D0=B4=D0=B2=
=D1=83=D1=85 =D1=83=D1=81=D0=BB=D0=BE=D0=B2=D0=B8=D0=B9: 1) =D1=88=D0=B8=D1=
=84=D1=80=D0=BE=D0=BD=D0=B0=D0=B1=D0=BE=D1=80 =D0=BF=D0=BE=D0=B4=D0=B4=D0=
=B5=D1=80=D0=B6=D0=B8=D0=B2=D0=B0=D0=B5=D1=82=D1=81=D1=8F =D0=BA=D0=B0=D0=
=BA=D0=B8=D0=BC-=D0=BB=D0=B8=D0=B1=D0=BE
=D0=BC=D0=BE=D0=B4=D1=83=D0=BB=D0=B5=D0=BC NSS; 2) =D1=88=D0=B8=D1=84=D1=80=
=D0=BE=D0=BD=D0=B0=D0=B1=D0=BE=D1=80 =D0=BF=D0=BE=D0=B4=D0=B4=D0=B5=D1=80=
=D0=B6=D0=B8=D0=B2=D0=B0=D0=B5=D1=82=D1=81=D1=8F =D1=81=D0=B0=D0=B9=D1=82=
=D0=BE=D0=BC. =D0=A2=D0=B0=D0=BA=D0=B8=D0=BC =D0=BE=D0=B1=D1=80=D0=B0=D0=B7=
=D0=BE=D0=BC, =D1=81
=D0=BE=D0=B1=D1=8B=D0=BA=D0=BD=D0=BE=D0=B2=D0=B5=D0=BD=D0=BD=D0=BE=D0=B9 =
=D1=81=D0=B1=D0=BE=D1=80=D0=BA=D0=BE=D0=B9 NSS =D0=BF=D0=BE=D0=B2=D0=B5=D0=
=B4=D0=B5=D0=BD=D0=B8=D0=B5 =D0=B1=D1=80=D0=B0=D1=83=D0=B7=D0=B5=D1=80=D0=
=B0 =D0=BD=D0=B8=D0=BA=D0=B0=D0=BA =D0=BD=D0=B5 =D0=B8=D0=B7=D0=BC=D0=B5=D0=
=BD=D0=B8=D1=82=D1=81=D1=8F,
=D0=BF=D0=BE=D1=81=D0=BA=D0=BE=D0=BB=D1=8C=D0=BA=D1=83 =D0=BD=D0=B5 =D0=B1=
=D1=83=D0=B4=D0=B5=D1=82 =D1=81=D0=BE=D0=B1=D0=BB=D1=8E=D0=B4=D0=B5=D0=BD=
=D0=BE =D1=83=D1=81=D0=BB=D0=BE=D0=B2=D0=B8=D0=B5 (1). =D0=9D=D0=BE =D0=BF=
=D1=80=D0=B8 =D0=B7=D0=B0=D0=BC=D0=B5=D0=BD=D0=B5 libnss =D0=BD=D0=B0
libnss-gostcrypto =D0=BE=D0=BD=D0=BE, =D0=BD=D0=B0=D0=BF=D1=80=D0=BE=D1=82=
=D0=B8=D0=B2, =D0=B1=D1=83=D0=B4=D0=B5=D1=82 =D1=81=D0=BE=D0=B1=D0=BB=D1=8E=
=D0=B4=D0=B5=D0=BD=D0=BE =D0=B8 =D1=82=D0=B5=D0=BC =D1=81=D0=B0=D0=BC=D1=8B=
=D0=BC =D0=BE=D1=82=D0=BA=D1=80=D0=BE=D0=B5=D1=82=D1=81=D1=8F
=D0=B4=D0=BE=D1=81=D1=82=D1=83=D0=BF =D0=BA =D1=81=D0=B0=D0=B9=D1=82=D0=B0=
=D0=BC (2).

  2legion@: =D0=9D=D0=B0=D1=81=D0=BA=D0=BE=D0=BB=D1=8C=D0=BA=D0=BE =D0=B2=
=D0=B5=D1=80=D0=BE=D1=8F=D1=82=D0=BD=D0=BE, =D0=BF=D0=BE =D0=B2=D0=B0=D1=88=
=D0=B5=D0=BC=D1=83, =D0=BE=D0=B4=D0=BE=D0=B1=D1=80=D0=B5=D0=BD=D0=B8=D0=B5 =
=D0=B4=D0=B0=D0=BD=D0=BD=D0=BE=D0=B3=D0=BE =D0=BF=D0=B0=D1=82=D1=87=D0=B0
Mozilla =D0=B4=D0=BB=D1=8F =D0=B8=D1=81=D0=BF=D0=BE=D0=BB=D1=8C=D0=B7=D0=BE=
=D0=B2=D0=B0=D0=BD=D0=B8=D1=8F =D0=B2 =D0=BD=D0=B0=D1=88=D0=B5=D0=B9 =D1=81=
=D0=B1=D0=BE=D1=80=D0=BA=D0=B5 Firefox (=D1=82.=D0=B5. =D0=B2 =D0=A1=D0=B8=
=D0=B7=D0=B8=D1=84=D0=B5)?

>   =D0=9F=D0=BE=D1=8F=D1=81=D0=BD=D1=8E. =D0=A1=D0=B5=D0=B9=D1=87=D0=B0=D1=
=81 =D1=83 =D0=BC=D0=B5=D0=BD=D1=8F =D1=8D=D1=82=D0=B8 =D0=BD=D0=BE=D0=BC=
=D0=B5=D1=80=D0=B0 =D0=B1=D0=B5=D1=80=D1=83=D1=82=D1=81=D1=8F =D0=B8=D0=B7 =
=D0=BA=D0=BE=D0=BD=D1=81=D1=82=D0=B0=D0=BD=D1=82,
> =D0=B4=D0=BE=D0=B1=D0=B0=D0=B2=D0=BB=D0=B5=D0=BD=D0=BD=D1=8B=D1=85 =D0=B2=
 NSS. =D0=9D=D0=BE =D0=BD=D0=B8=D1=87=D1=82=D0=BE =D0=BD=D0=B5 =D0=BC=D0=B5=
=D1=88=D0=B0=D0=B5=D1=82 =D0=BE=D0=BF=D1=80=D0=B5=D0=B4=D0=B5=D0=BB=D0=B8=
=D1=82=D1=8C =D1=8D=D1=82=D0=B8 =D0=BD=D0=BE=D0=BC=D0=B5=D1=80=D0=B0
> =D0=BD=D0=B5=D0=BF=D0=BE=D1=81=D1=80=D0=B5=D0=B4=D1=81=D1=82=D0=B2=D0=B5=
=D0=BD=D0=BD=D0=BE =D0=B2 =D0=BA=D0=BE=D0=B4=D0=B5 firefox, =D0=BF=D0=BE=D1=
=82=D0=BE=D0=BC=D1=83 =D1=87=D1=82=D0=BE =D0=BE=D0=BD=D0=B8 =D0=BD=D0=B5 =
=D1=81 =D0=BD=D0=B5=D0=B1=D0=B0 =D1=81=D0=B2=D0=B0=D0=BB=D0=B8=D0=BB=D0=B8=
=D1=81=D1=8C, =D0=B0
> =D0=BE=D0=BF=D1=80=D0=B5=D0=B4=D0=B5=D0=BB=D0=B5=D0=BD=D1=8B =D0=B2 =D1=
=81=D1=82=D0=B0=D0=BD=D0=B4=D0=B0=D1=80=D1=82=D0=B5.
>   =D0=98 =D1=82=D0=BE=D0=B3=D0=B4=D0=B0, =D0=B4=D0=B5=D0=B9=D1=81=D1=82=
=D0=B2=D0=B8=D1=82=D0=B5=D0=BB=D1=8C=D0=BD=D0=BE, =D0=BC=D1=8B =D0=BF=D0=BE=
=D0=BB=D1=83=D1=87=D0=B8=D0=BC =D1=81=D0=B8=D1=81=D1=82=D0=B5=D0=BC=D1=83, =
=D0=B2
> =D0=BA=D0=BE=D1=82=D0=BE=D1=80=D0=BE=D0=B9 =D0=93=D0=9E=D0=A1=D0=A2 =D0=
=B2=D0=BA=D0=BB=D1=8E=D1=87=D0=B0=D0=B5=D1=82=D1=81=D1=8F =D0=BF=D1=80=D0=
=BE=D1=81=D1=82=D0=BE=D0=B9 =D0=B7=D0=B0=D0=BC=D0=B5=D0=BD=D0=BE=D0=B9 =D0=
=BE=D0=B4=D0=BD=D0=BE=D0=B9 =D0=B1=D0=B8=D0=B1=D0=BB=D0=B8=D0=BE=D1=82=D0=
=B5=D0=BA=D0=B8 =D0=BD=D0=B0 =D0=B4=D1=80=D1=83=D0=B3=D1=83=D1=8E,
> =D0=B1=D0=B5=D0=B7 =D0=BF=D0=B5=D1=80=D0=B5=D1=83=D1=81=D1=82=D0=B0=D0=BD=
=D0=BE=D0=B2=D0=BA=D0=B8 =D0=BF=D0=B0=D0=BA=D0=B5=D1=82=D0=BE=D0=B2.


--MP_/oy2=FlBq6affBlZqjh3sfua
Content-Type: text/x-patch
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
 filename=firefox-70.0.1-gost-ciphersuites.patch

diff --git a/mozilla/security/manager/ssl/nsNSSComponent.cpp b/mozilla/security/manager/ssl/nsNSSComponent.cpp
index c091ce7a763..5fd5a9bb549 100644
--- a/mozilla/security/manager/ssl/nsNSSComponent.cpp
+++ b/mozilla/security/manager/ssl/nsNSSComponent.cpp
@@ -903,6 +903,16 @@ nsresult LoadLoadableRootsTask::LoadLoadableRoots() {
   return NS_ERROR_FAILURE;
 }
 
+// These cipher suites are already assigned to GOST by IANA --- see
+// https://www.iana.org/assignments/tls-parameters/tls-parameters-4.csv .
+#define TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC 0xC100
+#define TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC      0xC101
+#define TLS_GOSTR341112_256_WITH_28147_CNT_IMIT      0xC102
+
+// This cipher suite is known to be used by https://eruz.zakupki.gov.ru/
+// for GOST-R-3411.94 with GOST-28147 IMIT mode cipher:
+#define TLS_GOSTR341194_WITH_28147_CNT_IMIT          0x0081
+
 // Table of pref names and SSL cipher ID
 typedef struct {
   const char* pref;
@@ -956,6 +966,18 @@ static const CipherPref sCipherPrefs[] = {
     {"security.ssl3.rsa_des_ede3_sha", TLS_RSA_WITH_3DES_EDE_CBC_SHA,
      true},  // deprecated (RSA key exchange, 3DES)
 
+    {"security.ssl3.ecdhe_gostr_3411_12_256_kuznyechik_ctr_omac",
+     TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC, true},
+
+    {"security.ssl3.ecdhe_gostr_3411_12_256_magma_ctr_omac",
+     TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC, true},
+
+    {"security.ssl3.ecdhe_gostr_3411_12_256_28147_cnt_imit",
+     TLS_GOSTR341112_256_WITH_28147_CNT_IMIT, true},
+
+    {"security.ssl3.ecdhe_gostr_3411_94_256_28147_cnt_imit",
+     TLS_GOSTR341194_WITH_28147_CNT_IMIT, true},
+
     // All the rest are disabled
 
     {nullptr, 0}  // end marker

--MP_/oy2=FlBq6affBlZqjh3sfua--