summary refs log tree commit diff
path: root/gnu/packages/nss.scm
diff options
context:
space:
mode:
authorMarius Bakke <mbakke@fastmail.com>2019-04-08 00:54:01 +0200
committerMarius Bakke <mbakke@fastmail.com>2019-04-08 00:54:01 +0200
commitba00235a9652bb129ff6867ffc3c7cfafe1cca09 (patch)
tree1ce56f512707e89362e1fed3d5b26d690462fbda /gnu/packages/nss.scm
parentf19ccdc62ca721b68745c35b046826b356f46c62 (diff)
parent0e2b0b05accdea7c3f016f8483d0ec04021114d3 (diff)
downloadguix-ba00235a9652bb129ff6867ffc3c7cfafe1cca09.tar.gz
Merge branch 'master' into staging
Diffstat (limited to 'gnu/packages/nss.scm')
-rw-r--r--gnu/packages/nss.scm184
1 files changed, 184 insertions, 0 deletions
diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm
new file mode 100644
index 0000000000..480f64a046
--- /dev/null
+++ b/gnu/packages/nss.scm
@@ -0,0 +1,184 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019 Mark H Weaver <mhw@netris.org>
+;;; Copyright © 2016, 2017, 2018 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu packages nss)
+  #:use-module (guix packages)
+  #:use-module (guix download)
+  #:use-module (guix build-system gnu)
+  #:use-module ((guix licenses) #:prefix license:)
+  #:use-module (gnu packages)
+  #:use-module (gnu packages check)
+  #:use-module (gnu packages compression)
+  #:use-module (gnu packages perl)
+  #:use-module (gnu packages sqlite)
+  #:use-module (ice-9 match))
+
+(define-public nspr
+  (package
+    (name "nspr")
+    (version "4.21")
+    (source (origin
+             (method url-fetch)
+             (uri (string-append
+                   "https://ftp.mozilla.org/pub/mozilla.org/nspr/releases/v"
+                   version "/src/nspr-" version ".tar.gz"))
+             (sha256
+              (base32
+               "0nkbgk0x31nfm4xl8la0a3vrnpa8gzkh7g4k65p7n880n73k5shm"))))
+    (build-system gnu-build-system)
+    (native-inputs
+     `(("perl" ,perl)))
+    (arguments
+     `(#:tests? #f ; no check target
+       #:configure-flags (list "--enable-64bit"
+                               (string-append "LDFLAGS=-Wl,-rpath="
+                                              (assoc-ref %outputs "out")
+                                              "/lib"))
+       ;; Use fixed timestamps for reproducibility.
+       #:make-flags '("SH_DATE='1970-01-01 00:00:01'"
+                      ;; This is epoch 1 in microseconds.
+                      "SH_NOW=100000")
+       #:phases (modify-phases %standard-phases
+                  (add-before 'configure 'chdir
+                    (lambda _ (chdir "nspr") #t)))))
+    (home-page
+     "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSPR")
+    (synopsis "Netscape API for system level and libc-like functions")
+    (description "Netscape Portable Runtime (@dfn{NSPR}) provides a
+platform-neutral API for system level and libc-like functions.  It is used
+in the Mozilla clients.")
+    (license license:mpl2.0)))
+
+(define-public nss
+  (package
+    (name "nss")
+    (version "3.43")
+    (source (origin
+              (method url-fetch)
+              (uri (let ((version-with-underscores
+                          (string-join (string-split version #\.) "_")))
+                     (string-append
+                      "https://ftp.mozilla.org/pub/mozilla.org/security/nss/"
+                      "releases/NSS_" version-with-underscores "_RTM/src/"
+                      "nss-" version ".tar.gz")))
+              (sha256
+               (base32
+                "1jp27w4w9nj5pkzrbc1zqj6pa09h2yy7vhzyx5fvg1q86fvw22zk"))
+              ;; Create nss.pc and nss-config.
+              (patches (search-patches "nss-pkgconfig.patch"
+                                       "nss-increase-test-timeout.patch"))))
+    (build-system gnu-build-system)
+    (outputs '("out" "bin"))
+    (arguments
+     `(#:parallel-build? #f ; not supported
+       #:make-flags
+       (let* ((out (assoc-ref %outputs "out"))
+              (nspr (string-append (assoc-ref %build-inputs "nspr")))
+              (rpath (string-append "-Wl,-rpath=" out "/lib/nss")))
+         (list "-C" "nss" (string-append "PREFIX=" out)
+               "NSDISTMODE=copy"
+               "NSS_USE_SYSTEM_SQLITE=1"
+               (string-append "NSPR_INCLUDE_DIR=" nspr "/include/nspr")
+               ;; Add $out/lib/nss to RPATH.
+               (string-append "RPATH=" rpath)
+               (string-append "LDFLAGS=" rpath)))
+       #:modules ((guix build gnu-build-system)
+                  (guix build utils)
+                  (ice-9 ftw)
+                  (ice-9 match)
+                  (srfi srfi-26))
+       #:phases
+       (modify-phases %standard-phases
+         (replace 'configure
+           (lambda _
+             (setenv "CC" "gcc")
+             ;; Tells NSS to build for the 64-bit ABI if we are 64-bit system.
+             ,@(match (%current-system)
+                 ((or "x86_64-linux" "aarch64-linux")
+                  `((setenv "USE_64" "1")))
+                 (_
+                  '()))
+             #t))
+         (replace 'check
+           (lambda _
+             ;; Use 127.0.0.1 instead of $HOST.$DOMSUF as HOSTADDR for testing.
+             ;; The later requires a working DNS or /etc/hosts.
+             (setenv "DOMSUF" "localdomain")
+             (setenv "USE_IP" "TRUE")
+             (setenv "IP_ADDRESS" "127.0.0.1")
+
+             ;; The "PayPalEE.cert" certificate expires every six months,
+             ;; leading to test failures:
+             ;; <https://bugzilla.mozilla.org/show_bug.cgi?id=609734>.  To
+             ;; work around that, set the time to roughly the release date.
+             (invoke "faketime" "2019-02-01" "./nss/tests/all.sh")))
+           (replace 'install
+             (lambda* (#:key outputs #:allow-other-keys)
+               (let* ((out (assoc-ref outputs "out"))
+                      (bin (string-append (assoc-ref outputs "bin") "/bin"))
+                      (inc (string-append out "/include/nss"))
+                      (lib (string-append out "/lib/nss"))
+                      (obj (match (scandir "dist" (cut string-suffix? "OBJ" <>))
+                             ((obj) (string-append "dist/" obj)))))
+                 ;; Install nss-config to $out/bin.
+                 (install-file (string-append obj "/bin/nss-config")
+                               (string-append out "/bin"))
+                 (delete-file (string-append obj "/bin/nss-config"))
+                 ;; Install nss.pc to $out/lib/pkgconfig.
+                 (install-file (string-append obj "/lib/pkgconfig/nss.pc")
+                               (string-append out "/lib/pkgconfig"))
+                 (delete-file (string-append obj "/lib/pkgconfig/nss.pc"))
+                 (rmdir (string-append obj "/lib/pkgconfig"))
+                 ;; Install other files.
+                 (copy-recursively "dist/public/nss" inc)
+                 (copy-recursively (string-append obj "/bin") bin)
+                 (copy-recursively (string-append obj "/lib") lib)
+
+                 ;; FIXME: libgtest1.so is installed in the above step, and it's
+                 ;; (unnecessarily) linked with several NSS libraries, but
+                 ;; without the needed rpaths, causing the 'validate-runpath'
+                 ;; phase to fail.  Here we simply delete libgtest1.so, since it
+                 ;; seems to be used only during the tests.
+                 (delete-file (string-append lib "/libgtest1.so"))
+                 (delete-file (string-append lib "/libgtestutil.so"))
+
+                 #t))))))
+    (inputs
+     `(("sqlite" ,sqlite)
+       ("zlib" ,zlib)))
+    (propagated-inputs `(("nspr" ,nspr))) ; required by nss.pc.
+    (native-inputs `(("perl" ,perl)
+                     ("libfaketime" ,libfaketime))) ;for tests
+
+    ;; The NSS test suite takes around 48 hours on Loongson 3A (MIPS) when
+    ;; another build is happening concurrently on the same machine.
+    (properties '((timeout . 216000)))  ; 60 hours
+
+    (home-page
+     "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS")
+    (synopsis "Network Security Services")
+    (description
+     "Network Security Services (@dfn{NSS}) is a set of libraries designed to
+support cross-platform development of security-enabled client and server
+applications.  Applications built with NSS can support SSL v2 and v3, TLS,
+PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other
+security standards.")
+    (license license:mpl2.0)))