diff options
-rw-r--r-- | gnu/local.mk | 1 | ||||
-rw-r--r-- | gnu/packages/certs.scm | 4 | ||||
-rw-r--r-- | gnu/packages/gnuzilla.scm | 2 | ||||
-rw-r--r-- | gnu/packages/nss.scm | 142 | ||||
-rw-r--r-- | gnu/packages/patches/nss-pkgconfig.patch | 228 |
5 files changed, 28 insertions, 349 deletions
diff --git a/gnu/local.mk b/gnu/local.mk index c6671ca25c..72144bbf33 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1364,7 +1364,6 @@ dist_patch_DATA = \ %D%/packages/patches/network-manager-plugin-path.patch \ %D%/packages/patches/nsis-env-passthru.patch \ %D%/packages/patches/nss-increase-test-timeout.patch \ - %D%/packages/patches/nss-pkgconfig.patch \ %D%/packages/patches/nss-3.56-pkgconfig.patch \ %D%/packages/patches/ntfs-3g-CVE-2019-9755.patch \ %D%/packages/patches/nvi-assume-preserve-path.patch \ diff --git a/gnu/packages/certs.scm b/gnu/packages/certs.scm index b892c2a958..0cb20467ab 100644 --- a/gnu/packages/certs.scm +++ b/gnu/packages/certs.scm @@ -76,7 +76,7 @@ (define-public nss-certs (package (name "nss-certs") - (version "3.55") + (version "3.57") (source (origin (method url-fetch) (uri (let ((version-with-underscores @@ -87,7 +87,7 @@ "nss-" version ".tar.gz"))) (sha256 (base32 - "0100hm7n1xrp144xy665z46s0wf1jpkqkncc6bk2w22snhyjwsgw")))) + "10n3pncg6k81ikjz12la147rppwqn57bkrdl9gb820w6pq0nra2m")))) (build-system gnu-build-system) (outputs '("out")) (native-inputs diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm index 365626a62a..60ea610908 100644 --- a/gnu/packages/gnuzilla.scm +++ b/gnu/packages/gnuzilla.scm @@ -1426,7 +1426,7 @@ standards of the IceCat project.") ("mesa" ,mesa) ("mit-krb5" ,mit-krb5) ("nspr" ,nspr) - ("nss" ,nss-3.57) + ("nss" ,nss) ("pango" ,pango) ("pixman" ,pixman) ("pulseaudio" ,pulseaudio) diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm index 3675c5bb0e..6e2ca883e0 100644 --- a/gnu/packages/nss.scm +++ b/gnu/packages/nss.scm @@ -73,121 +73,6 @@ in the Mozilla clients.") (define-public nss (package (name "nss") - (version "3.55") - (source (origin - (method url-fetch) - (uri (let ((version-with-underscores - (string-join (string-split version #\.) "_"))) - (string-append - "https://ftp.mozilla.org/pub/mozilla.org/security/nss/" - "releases/NSS_" version-with-underscores "_RTM/src/" - "nss-" version ".tar.gz"))) - (sha256 - (base32 - "0100hm7n1xrp144xy665z46s0wf1jpkqkncc6bk2w22snhyjwsgw")) - ;; Create nss.pc and nss-config. - (patches (search-patches "nss-pkgconfig.patch" - "nss-increase-test-timeout.patch")) - (modules '((guix build utils))) - (snippet - '(begin - ;; Delete the bundled copy of these libraries. - (delete-file-recursively "nss/lib/zlib") - (delete-file-recursively "nss/lib/sqlite") - #t)))) - (build-system gnu-build-system) - (outputs '("out" "bin")) - (arguments - `(#:parallel-build? #f ; not supported - #:make-flags - (let* ((out (assoc-ref %outputs "out")) - (nspr (string-append (assoc-ref %build-inputs "nspr"))) - (rpath (string-append "-Wl,-rpath=" out "/lib/nss"))) - (list "-C" "nss" (string-append "PREFIX=" out) - "NSDISTMODE=copy" - "NSS_USE_SYSTEM_SQLITE=1" - (string-append "NSPR_INCLUDE_DIR=" nspr "/include/nspr") - ;; Add $out/lib/nss to RPATH. - (string-append "RPATH=" rpath) - (string-append "LDFLAGS=" rpath) - "all")) - #:modules ((guix build gnu-build-system) - (guix build utils) - (ice-9 ftw) - (ice-9 match) - (srfi srfi-26)) - #:phases - (modify-phases %standard-phases - (replace 'configure - (lambda _ - (setenv "CC" "gcc") - ;; Tells NSS to build for the 64-bit ABI if we are 64-bit system. - ,@(match (%current-system) - ((or "x86_64-linux" "aarch64-linux") - `((setenv "USE_64" "1"))) - (_ - '())) - #t)) - (replace 'check - (lambda _ - ;; Use 127.0.0.1 instead of $HOST.$DOMSUF as HOSTADDR for testing. - ;; The later requires a working DNS or /etc/hosts. - (setenv "DOMSUF" "localdomain") - (setenv "USE_IP" "TRUE") - (setenv "IP_ADDRESS" "127.0.0.1") - - ;; The "PayPalEE.cert" certificate expires every six months, - ;; leading to test failures: - ;; <https://bugzilla.mozilla.org/show_bug.cgi?id=609734>. To - ;; work around that, set the time to roughly the release date. - (invoke "faketime" "2020-07-01" "./nss/tests/all.sh"))) - (replace 'install - (lambda* (#:key outputs #:allow-other-keys) - (let* ((out (assoc-ref outputs "out")) - (bin (string-append (assoc-ref outputs "bin") "/bin")) - (inc (string-append out "/include/nss")) - (lib (string-append out "/lib/nss")) - (obj (match (scandir "dist" (cut string-suffix? "OBJ" <>)) - ((obj) (string-append "dist/" obj))))) - ;; Install nss-config to $out/bin. - (install-file (string-append obj "/bin/nss-config") - (string-append out "/bin")) - (delete-file (string-append obj "/bin/nss-config")) - ;; Install nss.pc to $out/lib/pkgconfig. - (install-file (string-append obj "/lib/pkgconfig/nss.pc") - (string-append out "/lib/pkgconfig")) - (delete-file (string-append obj "/lib/pkgconfig/nss.pc")) - (rmdir (string-append obj "/lib/pkgconfig")) - ;; Install other files. - (copy-recursively "dist/public/nss" inc) - (copy-recursively (string-append obj "/bin") bin) - (copy-recursively (string-append obj "/lib") lib) - #t)))))) - (inputs - `(("sqlite" ,sqlite) - ("zlib" ,zlib))) - (propagated-inputs `(("nspr" ,nspr))) ; required by nss.pc. - (native-inputs `(("perl" ,perl) - ("libfaketime" ,libfaketime))) ;for tests - - ;; The NSS test suite takes around 48 hours on Loongson 3A (MIPS) when - ;; another build is happening concurrently on the same machine. - (properties '((timeout . 216000))) ; 60 hours - - (home-page - "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS") - (synopsis "Network Security Services") - (description - "Network Security Services (@dfn{NSS}) is a set of libraries designed to -support cross-platform development of security-enabled client and server -applications. Applications built with NSS can support SSL v2 and v3, TLS, -PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other -security standards.") - (license license:mpl2.0))) - -(define-public nss-3.57 - (package - (inherit nss) (version "3.57") (source (origin (method url-fetch) @@ -210,6 +95,8 @@ security standards.") (delete-file-recursively "nss/lib/zlib") (delete-file-recursively "nss/lib/sqlite") #t)))) + (build-system gnu-build-system) + (outputs '("out" "bin")) (arguments `(#:parallel-build? #f ; not supported #:make-flags @@ -252,7 +139,7 @@ security standards.") ;; leading to test failures: ;; <https://bugzilla.mozilla.org/show_bug.cgi?id=609734>. To ;; work around that, set the time to roughly the release date. - (invoke "faketime" "2020-02-01" "./nss/tests/all.sh"))) + (invoke "faketime" "2020-10-01" "./nss/tests/all.sh"))) (replace 'install (lambda* (#:key outputs #:allow-other-keys) (let* ((out (assoc-ref outputs "out")) @@ -274,4 +161,25 @@ security standards.") (copy-recursively "dist/public/nss" inc) (copy-recursively (string-append obj "/bin") bin) (copy-recursively (string-append obj "/lib") lib) - #t)))))))) + #t)))))) + (inputs + `(("sqlite" ,sqlite) + ("zlib" ,zlib))) + (propagated-inputs `(("nspr" ,nspr))) ; required by nss.pc. + (native-inputs `(("perl" ,perl) + ("libfaketime" ,libfaketime))) ;for tests + + ;; The NSS test suite takes around 48 hours on Loongson 3A (MIPS) when + ;; another build is happening concurrently on the same machine. + (properties '((timeout . 216000))) ; 60 hours + + (home-page + "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS") + (synopsis "Network Security Services") + (description + "Network Security Services (@dfn{NSS}) is a set of libraries designed to +support cross-platform development of security-enabled client and server +applications. Applications built with NSS can support SSL v2 and v3, TLS, +PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other +security standards.") + (license license:mpl2.0))) diff --git a/gnu/packages/patches/nss-pkgconfig.patch b/gnu/packages/patches/nss-pkgconfig.patch deleted file mode 100644 index 4b9e0506f2..0000000000 --- a/gnu/packages/patches/nss-pkgconfig.patch +++ /dev/null @@ -1,228 +0,0 @@ -Description: Create nss.pc and nss-config -Author: Lars Wendler <polynomial-c@gentoo.org> -Source: http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/dev-libs/nss/files/nss-3.17.1-gentoo-fixups.patch - -Modifications: - Change libdir from ${prefix}/lib64 to ${prefix}/lib/nss. - Remove optional patching in nss/Makefile. - Include -L$libdir in output from "nss-config --libs". - -Later adapted to apply cleanly to nss-3.21. - ---- nss-3.21/nss/config/Makefile -+++ nss-3.21/nss/config/Makefile -@@ -0,0 +1,40 @@ -+CORE_DEPTH = .. -+DEPTH = .. -+ -+include $(CORE_DEPTH)/coreconf/config.mk -+ -+NSS_MAJOR_VERSION = `grep "NSS_VMAJOR" ../lib/nss/nss.h | awk '{print $$3}'` -+NSS_MINOR_VERSION = `grep "NSS_VMINOR" ../lib/nss/nss.h | awk '{print $$3}'` -+NSS_PATCH_VERSION = `grep "NSS_VPATCH" ../lib/nss/nss.h | awk '{print $$3}'` -+PREFIX = /usr -+ -+all: export libs -+ -+export: -+ # Create the nss.pc file -+ mkdir -p $(DIST)/lib/pkgconfig -+ sed -e "s,@prefix@,$(PREFIX)," \ -+ -e "s,@exec_prefix@,\$${prefix}," \ -+ -e "s,@libdir@,\$${prefix}/lib/nss," \ -+ -e "s,@includedir@,\$${prefix}/include/nss," \ -+ -e "s,@NSS_MAJOR_VERSION@,$(NSS_MAJOR_VERSION),g" \ -+ -e "s,@NSS_MINOR_VERSION@,$(NSS_MINOR_VERSION)," \ -+ -e "s,@NSS_PATCH_VERSION@,$(NSS_PATCH_VERSION)," \ -+ nss.pc.in > nss.pc -+ chmod 0644 nss.pc -+ cp nss.pc $(DIST)/lib/pkgconfig -+ -+ # Create the nss-config script -+ mkdir -p $(DIST)/bin -+ sed -e "s,@prefix@,$(PREFIX)," \ -+ -e "s,@NSS_MAJOR_VERSION@,$(NSS_MAJOR_VERSION)," \ -+ -e "s,@NSS_MINOR_VERSION@,$(NSS_MINOR_VERSION)," \ -+ -e "s,@NSS_PATCH_VERSION@,$(NSS_PATCH_VERSION)," \ -+ nss-config.in > nss-config -+ chmod 0755 nss-config -+ cp nss-config $(DIST)/bin -+ -+libs: -+ -+dummy: all export libs -+ ---- nss-3.21/nss/config/nss-config.in -+++ nss-3.21/nss/config/nss-config.in -@@ -0,0 +1,145 @@ -+#!/bin/sh -+ -+prefix=@prefix@ -+ -+major_version=@NSS_MAJOR_VERSION@ -+minor_version=@NSS_MINOR_VERSION@ -+patch_version=@NSS_PATCH_VERSION@ -+ -+usage() -+{ -+ cat <<EOF -+Usage: nss-config [OPTIONS] [LIBRARIES] -+Options: -+ [--prefix[=DIR]] -+ [--exec-prefix[=DIR]] -+ [--includedir[=DIR]] -+ [--libdir[=DIR]] -+ [--version] -+ [--libs] -+ [--cflags] -+Dynamic Libraries: -+ nss -+ ssl -+ smime -+ nssutil -+EOF -+ exit $1 -+} -+ -+if test $# -eq 0; then -+ usage 1 1>&2 -+fi -+ -+lib_ssl=yes -+lib_smime=yes -+lib_nss=yes -+lib_nssutil=yes -+ -+while test $# -gt 0; do -+ case "$1" in -+ -*=*) optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'` ;; -+ *) optarg= ;; -+ esac -+ -+ case $1 in -+ --prefix=*) -+ prefix=$optarg -+ ;; -+ --prefix) -+ echo_prefix=yes -+ ;; -+ --exec-prefix=*) -+ exec_prefix=$optarg -+ ;; -+ --exec-prefix) -+ echo_exec_prefix=yes -+ ;; -+ --includedir=*) -+ includedir=$optarg -+ ;; -+ --includedir) -+ echo_includedir=yes -+ ;; -+ --libdir=*) -+ libdir=$optarg -+ ;; -+ --libdir) -+ echo_libdir=yes -+ ;; -+ --version) -+ echo ${major_version}.${minor_version}.${patch_version} -+ ;; -+ --cflags) -+ echo_cflags=yes -+ ;; -+ --libs) -+ echo_libs=yes -+ ;; -+ ssl) -+ lib_ssl=yes -+ ;; -+ smime) -+ lib_smime=yes -+ ;; -+ nss) -+ lib_nss=yes -+ ;; -+ nssutil) -+ lib_nssutil=yes -+ ;; -+ *) -+ usage 1 1>&2 -+ ;; -+ esac -+ shift -+done -+ -+# Set variables that may be dependent upon other variables -+if test -z "$exec_prefix"; then -+ exec_prefix=`pkg-config --variable=exec_prefix nss` -+fi -+if test -z "$includedir"; then -+ includedir=`pkg-config --variable=includedir nss` -+fi -+if test -z "$libdir"; then -+ libdir=`pkg-config --variable=libdir nss` -+fi -+ -+if test "$echo_prefix" = "yes"; then -+ echo $prefix -+fi -+ -+if test "$echo_exec_prefix" = "yes"; then -+ echo $exec_prefix -+fi -+ -+if test "$echo_includedir" = "yes"; then -+ echo $includedir -+fi -+ -+if test "$echo_libdir" = "yes"; then -+ echo $libdir -+fi -+ -+if test "$echo_cflags" = "yes"; then -+ echo -I$includedir -+fi -+ -+if test "$echo_libs" = "yes"; then -+ libdirs=-L$libdir -+ if test -n "$lib_ssl"; then -+ libdirs="$libdirs -lssl${major_version}" -+ fi -+ if test -n "$lib_smime"; then -+ libdirs="$libdirs -lsmime${major_version}" -+ fi -+ if test -n "$lib_nss"; then -+ libdirs="$libdirs -lnss${major_version}" -+ fi -+ if test -n "$lib_nssutil"; then -+ libdirs="$libdirs -lnssutil${major_version}" -+ fi -+ echo $libdirs -+fi -+ ---- nss-3.21/nss/config/nss.pc.in -+++ nss-3.21/nss/config/nss.pc.in -@@ -0,0 +1,12 @@ -+prefix=@prefix@ -+exec_prefix=@exec_prefix@ -+libdir=@libdir@ -+includedir=@includedir@ -+ -+Name: NSS -+Description: Network Security Services -+Version: @NSS_MAJOR_VERSION@.@NSS_MINOR_VERSION@.@NSS_PATCH_VERSION@ -+Requires: nspr >= 4.8 -+Libs: -L${libdir} -lssl3 -lsmime3 -lnss3 -lnssutil3 -+Cflags: -I${includedir} -+ ---- nss-3.21/nss/manifest.mn -+++ nss-3.21/nss/manifest.mn -@@ -10,7 +10,7 @@ - - RELEASE = nss - --DIRS = coreconf lib cmd cpputil gtests -+DIRS = coreconf lib cmd cpputil gtests config - - lib: coreconf - cmd: lib |