diff options
author | Marius Bakke <mbakke@fastmail.com> | 2019-04-08 00:54:01 +0200 |
---|---|---|
committer | Marius Bakke <mbakke@fastmail.com> | 2019-04-08 00:54:01 +0200 |
commit | ba00235a9652bb129ff6867ffc3c7cfafe1cca09 (patch) | |
tree | 1ce56f512707e89362e1fed3d5b26d690462fbda /gnu/packages/nss.scm | |
parent | f19ccdc62ca721b68745c35b046826b356f46c62 (diff) | |
parent | 0e2b0b05accdea7c3f016f8483d0ec04021114d3 (diff) | |
download | guix-ba00235a9652bb129ff6867ffc3c7cfafe1cca09.tar.gz |
Merge branch 'master' into staging
Diffstat (limited to 'gnu/packages/nss.scm')
-rw-r--r-- | gnu/packages/nss.scm | 184 |
1 files changed, 184 insertions, 0 deletions
diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm new file mode 100644 index 0000000000..480f64a046 --- /dev/null +++ b/gnu/packages/nss.scm @@ -0,0 +1,184 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019 Mark H Weaver <mhw@netris.org> +;;; Copyright © 2016, 2017, 2018 Efraim Flashner <efraim@flashner.co.il> +;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr> +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. + +(define-module (gnu packages nss) + #:use-module (guix packages) + #:use-module (guix download) + #:use-module (guix build-system gnu) + #:use-module ((guix licenses) #:prefix license:) + #:use-module (gnu packages) + #:use-module (gnu packages check) + #:use-module (gnu packages compression) + #:use-module (gnu packages perl) + #:use-module (gnu packages sqlite) + #:use-module (ice-9 match)) + +(define-public nspr + (package + (name "nspr") + (version "4.21") + (source (origin + (method url-fetch) + (uri (string-append + "https://ftp.mozilla.org/pub/mozilla.org/nspr/releases/v" + version "/src/nspr-" version ".tar.gz")) + (sha256 + (base32 + "0nkbgk0x31nfm4xl8la0a3vrnpa8gzkh7g4k65p7n880n73k5shm")))) + (build-system gnu-build-system) + (native-inputs + `(("perl" ,perl))) + (arguments + `(#:tests? #f ; no check target + #:configure-flags (list "--enable-64bit" + (string-append "LDFLAGS=-Wl,-rpath=" + (assoc-ref %outputs "out") + "/lib")) + ;; Use fixed timestamps for reproducibility. + #:make-flags '("SH_DATE='1970-01-01 00:00:01'" + ;; This is epoch 1 in microseconds. + "SH_NOW=100000") + #:phases (modify-phases %standard-phases + (add-before 'configure 'chdir + (lambda _ (chdir "nspr") #t))))) + (home-page + "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSPR") + (synopsis "Netscape API for system level and libc-like functions") + (description "Netscape Portable Runtime (@dfn{NSPR}) provides a +platform-neutral API for system level and libc-like functions. It is used +in the Mozilla clients.") + (license license:mpl2.0))) + +(define-public nss + (package + (name "nss") + (version "3.43") + (source (origin + (method url-fetch) + (uri (let ((version-with-underscores + (string-join (string-split version #\.) "_"))) + (string-append + "https://ftp.mozilla.org/pub/mozilla.org/security/nss/" + "releases/NSS_" version-with-underscores "_RTM/src/" + "nss-" version ".tar.gz"))) + (sha256 + (base32 + "1jp27w4w9nj5pkzrbc1zqj6pa09h2yy7vhzyx5fvg1q86fvw22zk")) + ;; Create nss.pc and nss-config. + (patches (search-patches "nss-pkgconfig.patch" + "nss-increase-test-timeout.patch")))) + (build-system gnu-build-system) + (outputs '("out" "bin")) + (arguments + `(#:parallel-build? #f ; not supported + #:make-flags + (let* ((out (assoc-ref %outputs "out")) + (nspr (string-append (assoc-ref %build-inputs "nspr"))) + (rpath (string-append "-Wl,-rpath=" out "/lib/nss"))) + (list "-C" "nss" (string-append "PREFIX=" out) + "NSDISTMODE=copy" + "NSS_USE_SYSTEM_SQLITE=1" + (string-append "NSPR_INCLUDE_DIR=" nspr "/include/nspr") + ;; Add $out/lib/nss to RPATH. + (string-append "RPATH=" rpath) + (string-append "LDFLAGS=" rpath))) + #:modules ((guix build gnu-build-system) + (guix build utils) + (ice-9 ftw) + (ice-9 match) + (srfi srfi-26)) + #:phases + (modify-phases %standard-phases + (replace 'configure + (lambda _ + (setenv "CC" "gcc") + ;; Tells NSS to build for the 64-bit ABI if we are 64-bit system. + ,@(match (%current-system) + ((or "x86_64-linux" "aarch64-linux") + `((setenv "USE_64" "1"))) + (_ + '())) + #t)) + (replace 'check + (lambda _ + ;; Use 127.0.0.1 instead of $HOST.$DOMSUF as HOSTADDR for testing. + ;; The later requires a working DNS or /etc/hosts. + (setenv "DOMSUF" "localdomain") + (setenv "USE_IP" "TRUE") + (setenv "IP_ADDRESS" "127.0.0.1") + + ;; The "PayPalEE.cert" certificate expires every six months, + ;; leading to test failures: + ;; <https://bugzilla.mozilla.org/show_bug.cgi?id=609734>. To + ;; work around that, set the time to roughly the release date. + (invoke "faketime" "2019-02-01" "./nss/tests/all.sh"))) + (replace 'install + (lambda* (#:key outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (bin (string-append (assoc-ref outputs "bin") "/bin")) + (inc (string-append out "/include/nss")) + (lib (string-append out "/lib/nss")) + (obj (match (scandir "dist" (cut string-suffix? "OBJ" <>)) + ((obj) (string-append "dist/" obj))))) + ;; Install nss-config to $out/bin. + (install-file (string-append obj "/bin/nss-config") + (string-append out "/bin")) + (delete-file (string-append obj "/bin/nss-config")) + ;; Install nss.pc to $out/lib/pkgconfig. + (install-file (string-append obj "/lib/pkgconfig/nss.pc") + (string-append out "/lib/pkgconfig")) + (delete-file (string-append obj "/lib/pkgconfig/nss.pc")) + (rmdir (string-append obj "/lib/pkgconfig")) + ;; Install other files. + (copy-recursively "dist/public/nss" inc) + (copy-recursively (string-append obj "/bin") bin) + (copy-recursively (string-append obj "/lib") lib) + + ;; FIXME: libgtest1.so is installed in the above step, and it's + ;; (unnecessarily) linked with several NSS libraries, but + ;; without the needed rpaths, causing the 'validate-runpath' + ;; phase to fail. Here we simply delete libgtest1.so, since it + ;; seems to be used only during the tests. + (delete-file (string-append lib "/libgtest1.so")) + (delete-file (string-append lib "/libgtestutil.so")) + + #t)))))) + (inputs + `(("sqlite" ,sqlite) + ("zlib" ,zlib))) + (propagated-inputs `(("nspr" ,nspr))) ; required by nss.pc. + (native-inputs `(("perl" ,perl) + ("libfaketime" ,libfaketime))) ;for tests + + ;; The NSS test suite takes around 48 hours on Loongson 3A (MIPS) when + ;; another build is happening concurrently on the same machine. + (properties '((timeout . 216000))) ; 60 hours + + (home-page + "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS") + (synopsis "Network Security Services") + (description + "Network Security Services (@dfn{NSS}) is a set of libraries designed to +support cross-platform development of security-enabled client and server +applications. Applications built with NSS can support SSL v2 and v3, TLS, +PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other +security standards.") + (license license:mpl2.0))) |