summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--gnu/local.mk1
-rw-r--r--gnu/packages/nss.scm92
-rw-r--r--gnu/packages/patches/nss-3.56-pkgconfig.patch228
3 files changed, 321 insertions, 0 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index f3b5b17e84..da56f8a6ab 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1361,6 +1361,7 @@ dist_patch_DATA =						\
   %D%/packages/patches/nsis-env-passthru.patch			\
   %D%/packages/patches/nss-increase-test-timeout.patch		\
   %D%/packages/patches/nss-pkgconfig.patch			\
+  %D%/packages/patches/nss-3.56-pkgconfig.patch			\
   %D%/packages/patches/ntfs-3g-CVE-2019-9755.patch		\
   %D%/packages/patches/nvi-assume-preserve-path.patch		\
   %D%/packages/patches/nvi-dbpagesize-binpower.patch		\
diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm
index b19ad7e1e9..e4df93c8c4 100644
--- a/gnu/packages/nss.scm
+++ b/gnu/packages/nss.scm
@@ -4,6 +4,7 @@
 ;;; Copyright © 2016, 2017, 2018, 2019 Efraim Flashner <efraim@flashner.co.il>
 ;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr>
 ;;; Copyright © 2020 Marius Bakke <mbakke@fastmail.com>
+;;; Copyright © 2020 Jonathan Brielmaier <jonathan.brielmaier@web.de>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -191,3 +192,94 @@ applications.  Applications built with NSS can support SSL v2 and v3, TLS,
 PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other
 security standards.")
     (license license:mpl2.0)))
+
+(define-public nss-3.56
+  (package
+    (inherit nss)
+    (version "3.56")
+    (source (origin
+              (method url-fetch)
+              (uri (let ((version-with-underscores
+                          (string-join (string-split version #\.) "_")))
+                     (string-append
+                      "https://ftp.mozilla.org/pub/mozilla.org/security/nss/"
+                      "releases/NSS_" version-with-underscores "_RTM/src/"
+                      "nss-" version ".tar.gz")))
+              (sha256
+               (base32
+                "174f0ki2f8szkgv02jlsg2ci332sl9dabr2vcwnyjp1vxplf0xgq"))
+              ;; Create nss.pc and nss-config.
+              (patches (search-patches "nss-3.56-pkgconfig.patch"
+                                       "nss-increase-test-timeout.patch"))
+              (modules '((guix build utils)))
+              (snippet
+               '(begin
+                  ;; Delete the bundled copy of these libraries.
+                  (delete-file-recursively "nss/lib/zlib")
+                  (delete-file-recursively "nss/lib/sqlite")
+                  #t))))
+    (arguments
+     `(#:parallel-build? #f ; not supported
+       #:make-flags
+       (let* ((out (assoc-ref %outputs "out"))
+              (nspr (string-append (assoc-ref %build-inputs "nspr")))
+              (rpath (string-append "-Wl,-rpath=" out "/lib/nss")))
+         (list "-C" "nss" (string-append "PREFIX=" out)
+               "NSDISTMODE=copy"
+               "NSS_USE_SYSTEM_SQLITE=1"
+               (string-append "NSPR_INCLUDE_DIR=" nspr "/include/nspr")
+               ;; Add $out/lib/nss to RPATH.
+               (string-append "RPATH=" rpath)
+               (string-append "LDFLAGS=" rpath)))
+       #:modules ((guix build gnu-build-system)
+                  (guix build utils)
+                  (ice-9 ftw)
+                  (ice-9 match)
+                  (srfi srfi-26))
+       #:phases
+       (modify-phases %standard-phases
+         (replace 'configure
+           (lambda _
+             (setenv "CC" "gcc")
+             ;; Tells NSS to build for the 64-bit ABI if we are 64-bit system.
+             ,@(match (%current-system)
+                 ((or "x86_64-linux" "aarch64-linux")
+                  `((setenv "USE_64" "1")))
+                 (_
+                  '()))
+             #t))
+         (replace 'check
+           (lambda _
+             ;; Use 127.0.0.1 instead of $HOST.$DOMSUF as HOSTADDR for testing.
+             ;; The later requires a working DNS or /etc/hosts.
+             (setenv "DOMSUF" "localdomain")
+             (setenv "USE_IP" "TRUE")
+             (setenv "IP_ADDRESS" "127.0.0.1")
+
+             ;; The "PayPalEE.cert" certificate expires every six months,
+             ;; leading to test failures:
+             ;; <https://bugzilla.mozilla.org/show_bug.cgi?id=609734>.  To
+             ;; work around that, set the time to roughly the release date.
+             (invoke "faketime" "2020-02-01" "./nss/tests/all.sh")))
+         (replace 'install
+           (lambda* (#:key outputs #:allow-other-keys)
+             (let* ((out (assoc-ref outputs "out"))
+                    (bin (string-append (assoc-ref outputs "bin") "/bin"))
+                    (inc (string-append out "/include/nss"))
+                    (lib (string-append out "/lib/nss"))
+                    (obj (match (scandir "dist" (cut string-suffix? "OBJ" <>))
+                           ((obj) (string-append "dist/" obj)))))
+               ;; Install nss-config to $out/bin.
+               (install-file (string-append obj "/bin/nss-config")
+                             (string-append out "/bin"))
+               (delete-file (string-append obj "/bin/nss-config"))
+               ;; Install nss.pc to $out/lib/pkgconfig.
+               (install-file (string-append obj "/lib/pkgconfig/nss.pc")
+                             (string-append out "/lib/pkgconfig"))
+               (delete-file (string-append obj "/lib/pkgconfig/nss.pc"))
+               (rmdir (string-append obj "/lib/pkgconfig"))
+               ;; Install other files.
+               (copy-recursively "dist/public/nss" inc)
+               (copy-recursively (string-append obj "/bin") bin)
+               (copy-recursively (string-append obj "/lib") lib)
+               #t))))))))
diff --git a/gnu/packages/patches/nss-3.56-pkgconfig.patch b/gnu/packages/patches/nss-3.56-pkgconfig.patch
new file mode 100644
index 0000000000..91b6aef604
--- /dev/null
+++ b/gnu/packages/patches/nss-3.56-pkgconfig.patch
@@ -0,0 +1,228 @@
+Description: Create nss.pc and nss-config
+Author: Lars Wendler <polynomial-c@gentoo.org>
+Source: http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/dev-libs/nss/files/nss-3.17.1-gentoo-fixups.patch
+
+Modifications:
+  Change libdir from ${prefix}/lib64 to ${prefix}/lib/nss.
+  Remove optional patching in nss/Makefile.
+  Include -L$libdir in output from "nss-config --libs".
+
+Later adapted to apply cleanly to nss-3.53.
+
+--- nss-3.21/nss/config/Makefile
++++ nss-3.21/nss/config/Makefile
+@@ -0,0 +1,40 @@
++CORE_DEPTH = ..
++DEPTH      = ..
++
++include $(CORE_DEPTH)/coreconf/config.mk
++
++NSS_MAJOR_VERSION = `grep "NSS_VMAJOR" ../lib/nss/nss.h | awk '{print $$3}'`
++NSS_MINOR_VERSION = `grep "NSS_VMINOR" ../lib/nss/nss.h | awk '{print $$3}'`
++NSS_PATCH_VERSION = `grep "NSS_VPATCH" ../lib/nss/nss.h | awk '{print $$3}'`
++PREFIX = /usr
++
++all: export libs
++
++export:
++	# Create the nss.pc file
++	mkdir -p $(DIST)/lib/pkgconfig
++	sed -e "s,@prefix@,$(PREFIX)," \
++	    -e "s,@exec_prefix@,\$${prefix}," \
++	    -e "s,@libdir@,\$${prefix}/lib/nss," \
++	    -e "s,@includedir@,\$${prefix}/include/nss," \
++	    -e "s,@NSS_MAJOR_VERSION@,$(NSS_MAJOR_VERSION),g" \
++	    -e "s,@NSS_MINOR_VERSION@,$(NSS_MINOR_VERSION)," \
++	    -e "s,@NSS_PATCH_VERSION@,$(NSS_PATCH_VERSION)," \
++	    nss.pc.in > nss.pc
++	chmod 0644 nss.pc
++	cp nss.pc $(DIST)/lib/pkgconfig
++
++	# Create the nss-config script
++	mkdir -p $(DIST)/bin
++	sed -e "s,@prefix@,$(PREFIX)," \
++	    -e "s,@NSS_MAJOR_VERSION@,$(NSS_MAJOR_VERSION)," \
++	    -e "s,@NSS_MINOR_VERSION@,$(NSS_MINOR_VERSION)," \
++	    -e "s,@NSS_PATCH_VERSION@,$(NSS_PATCH_VERSION)," \
++	    nss-config.in > nss-config
++	chmod 0755 nss-config
++	cp nss-config $(DIST)/bin
++
++libs:
++
++dummy: all export libs
++
+--- nss-3.21/nss/config/nss-config.in
++++ nss-3.21/nss/config/nss-config.in
+@@ -0,0 +1,145 @@
++#!/bin/sh
++
++prefix=@prefix@
++
++major_version=@NSS_MAJOR_VERSION@
++minor_version=@NSS_MINOR_VERSION@
++patch_version=@NSS_PATCH_VERSION@
++
++usage()
++{
++	cat <<EOF
++Usage: nss-config [OPTIONS] [LIBRARIES]
++Options:
++	[--prefix[=DIR]]
++	[--exec-prefix[=DIR]]
++	[--includedir[=DIR]]
++	[--libdir[=DIR]]
++	[--version]
++	[--libs]
++	[--cflags]
++Dynamic Libraries:
++	nss
++	ssl
++	smime
++	nssutil
++EOF
++	exit $1
++}
++
++if test $# -eq 0; then
++	usage 1 1>&2
++fi
++
++lib_ssl=yes
++lib_smime=yes
++lib_nss=yes
++lib_nssutil=yes
++
++while test $# -gt 0; do
++  case "$1" in
++  -*=*) optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'` ;;
++  *) optarg= ;;
++  esac
++
++  case $1 in
++    --prefix=*)
++      prefix=$optarg
++      ;;
++    --prefix)
++      echo_prefix=yes
++      ;;
++    --exec-prefix=*)
++      exec_prefix=$optarg
++      ;;
++    --exec-prefix)
++      echo_exec_prefix=yes
++      ;;
++    --includedir=*)
++      includedir=$optarg
++      ;;
++    --includedir)
++      echo_includedir=yes
++      ;;
++    --libdir=*)
++      libdir=$optarg
++      ;;
++    --libdir)
++      echo_libdir=yes
++      ;;
++    --version)
++      echo ${major_version}.${minor_version}.${patch_version}
++      ;;
++    --cflags)
++      echo_cflags=yes
++      ;;
++    --libs)
++      echo_libs=yes
++      ;;
++    ssl)
++      lib_ssl=yes
++      ;;
++    smime)
++      lib_smime=yes
++      ;;
++    nss)
++      lib_nss=yes
++      ;;
++    nssutil)
++      lib_nssutil=yes
++      ;;
++    *)
++      usage 1 1>&2
++      ;;
++  esac
++  shift
++done
++
++# Set variables that may be dependent upon other variables
++if test -z "$exec_prefix"; then
++    exec_prefix=`pkg-config --variable=exec_prefix nss`
++fi
++if test -z "$includedir"; then
++    includedir=`pkg-config --variable=includedir nss`
++fi
++if test -z "$libdir"; then
++    libdir=`pkg-config --variable=libdir nss`
++fi
++
++if test "$echo_prefix" = "yes"; then
++    echo $prefix
++fi
++
++if test "$echo_exec_prefix" = "yes"; then
++    echo $exec_prefix
++fi
++
++if test "$echo_includedir" = "yes"; then
++    echo $includedir
++fi
++
++if test "$echo_libdir" = "yes"; then
++    echo $libdir
++fi
++
++if test "$echo_cflags" = "yes"; then
++    echo -I$includedir
++fi
++
++if test "$echo_libs" = "yes"; then
++      libdirs=-L$libdir
++      if test -n "$lib_ssl"; then
++	libdirs="$libdirs -lssl${major_version}"
++      fi
++      if test -n "$lib_smime"; then
++	libdirs="$libdirs -lsmime${major_version}"
++      fi
++      if test -n "$lib_nss"; then
++	libdirs="$libdirs -lnss${major_version}"
++      fi
++      if test -n "$lib_nssutil"; then
++       libdirs="$libdirs -lnssutil${major_version}"
++      fi
++      echo $libdirs
++fi
++
+--- nss-3.21/nss/config/nss.pc.in
++++ nss-3.21/nss/config/nss.pc.in
+@@ -0,0 +1,12 @@
++prefix=@prefix@
++exec_prefix=@exec_prefix@
++libdir=@libdir@
++includedir=@includedir@
++
++Name: NSS
++Description: Network Security Services
++Version: @NSS_MAJOR_VERSION@.@NSS_MINOR_VERSION@.@NSS_PATCH_VERSION@
++Requires: nspr >= 4.8
++Libs: -L${libdir} -lssl3 -lsmime3 -lnss3 -lnssutil3
++Cflags: -I${includedir}
++
+--- nss-3.21/nss/manifest.mn
++++ nss-3.21/nss/manifest.mn
+@@ -10,7 +10,7 @@
+
+ RELEASE = nss
+
+-DIRS = coreconf lib cmd cpputil gtests
++DIRS = coreconf lib cmd cpputil gtests config
+
+ lib: coreconf
+ cmd: lib