nss: update to 3.101.

Changes:
  - Bug 1900413 - add diagnostic assertions for SFTKObject refcount.
  - Bug 1899759 - freeing the slot in DeleteCertAndKey if authentication
    failed
  - Bug 1899883 - fix formatting issues.
  - Bug 1889671 - Add Firmaprofesional CA Root-A Web to NSS.
  - Bug 1899593 - remove invalid acvp fuzz test vectors.
  - Bug 1898830 - pad short P-384 and P-521 signatures gtests.
  - Bug 1898627 - remove unused FreeBL ECC code.
  - Bug 1898830 - pad short P-384 and P-521 signatures.
  - Bug 1898825 - be less strict about ECDSA private key length.
  - Bug 1854439 - Integrate HACL* P-521.
  - Bug 1854438 - Integrate HACL* P-384.
  - Bug 1898074 - memory leak in create_objects_from_handles.
  - Bug 1898858 - ensure all input is consumed in a few places in
    mozilla::pkix
  - Bug 1884444 - SMIME/CMS and PKCS #12 do not integrate with modern NSS
    policy
  - Bug 1748105 - clean up escape handling
  - Bug 1896353 - Use lib::pkix as default validator instead of the old-one
  - Bug 1827444 - Need to add high level support for PQ signing.
  - Bug 1548723 - Certificate Compression: changing the allocation/freeing
    of buffer + Improving the documentation
  - Bug 1884444 - SMIME/CMS and PKCS #12 do not integrate with modern NSS
    policy
  - Bug 1893404 - Allow for non-full length ecdsa signature when using
    softoken
  - Bug 1830415 - Modification of .taskcluster.yml due to mozlint indent
    defects
  - Bug 1793811 - Implement support for PBMAC1 in PKCS#12
  - Bug 1897487 - disable VLA warnings for fuzz builds.
  - Bug 1895032 - remove redundant AllocItem implementation.
  - Bug 1893334 - add PK11_ReadDistrustAfterAttribute.
  - Bug 215997  - Clang-formatting of SEC_GetMgfTypeByOidTag update
  - Bug 1895012 - Set SEC_ERROR_LIBRARY_FAILURE on self-test failure
  - Bug 1894572 - sftk_getParameters(): Fix fallback to default variable
    after error with configfile.
  - Bug 1830415 - Switch to the mozillareleases/image_builder image

devel/nss/Makefile

@@ -1,11 +1,10 @@
-# $NetBSD: Makefile,v 1.260 2024/06/05 03:04:35 ryoon Exp $
+# $NetBSD: Makefile,v 1.261 2024/06/10 14:52:33 wiz Exp $
 #
 # release notes
 # https://firefox-source-docs.mozilla.org/security/nss/releases/index.html
 
 DISTNAME=		nss-${NSS_RELEASE:S/.0$//}
-NSS_RELEASE=		3.100.0
-PKGREVISION=		1
+NSS_RELEASE=		3.101.0
 CATEGORIES=		devel security
 MASTER_SITES=		${MASTER_SITE_MOZILLA_ALL:=security/nss/releases/NSS_${NSS_DIST_DIR_VERSION:S/_0$//}_RTM/src/}
 

devel/nss/PLIST

@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.28 2024/01/23 00:42:19 wiz Exp $
+@comment $NetBSD: PLIST,v 1.29 2024/06/10 14:52:33 wiz Exp $
 bin/certutil
 bin/cmsutil
 bin/crlutil
@@ -66,6 +66,7 @@ include/nss/nssckfwt.h
 include/nss/nssckg.h
 include/nss/nssckmdt.h
 include/nss/nssckt.h
+include/nss/nsshash.h
 include/nss/nssilckt.h
 include/nss/nssilock.h
 include/nss/nsslocks.h

devel/nss/distinfo

@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.179 2024/05/07 20:55:32 wiz Exp $
+$NetBSD: distinfo,v 1.180 2024/06/10 14:52:33 wiz Exp $
 
-BLAKE2s (nss-3.100.tar.gz) = d379de653f39a6c9017fa6b01510049bfae4130c68c0e6e58ddfcb6366094d2e
-SHA512 (nss-3.100.tar.gz) = 725c10ffc02fc17347a213b42fabad789aec2c6352fe803b4ad166695ab59495849e9a69684578eb274faf818ec2277f2d433167cdd27997dcf8d8e94dd4df34
-Size (nss-3.100.tar.gz) = 76746058 bytes
+BLAKE2s (nss-3.101.tar.gz) = 55c70c9a695337f3807c90c3c7c3ae661c50462432aeea8ebe8d45e5ce9d5b14
+SHA512 (nss-3.101.tar.gz) = b1596e7d74c654825eabbcc1f71b1410cf44d816c3044429576782bc800186073d43da9ad76de2fbd7de73c4460ebeb91aa244457da9d0d0cdc08a50a11a165f
+Size (nss-3.101.tar.gz) = 76317799 bytes
 SHA1 (patch-md) = 8547c9414332c02221b96719dea1e09cb741f4d1
 SHA1 (patch-me) = ffb5f119764c158c0bd789bd18fc77c61f2e9d2b
 SHA1 (patch-mf) = 40e58385fb6f944f463bf00b9aad72bc4ea229d0