aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--gnu/local.mk1
-rw-r--r--gnu/packages/certs.scm4
-rw-r--r--gnu/packages/gnuzilla.scm2
-rw-r--r--gnu/packages/nss.scm142
-rw-r--r--gnu/packages/patches/nss-pkgconfig.patch228
5 files changed, 28 insertions, 349 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index c6671ca25c..72144bbf33 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1364,7 +1364,6 @@ dist_patch_DATA = \
%D%/packages/patches/network-manager-plugin-path.patch \
%D%/packages/patches/nsis-env-passthru.patch \
%D%/packages/patches/nss-increase-test-timeout.patch \
- %D%/packages/patches/nss-pkgconfig.patch \
%D%/packages/patches/nss-3.56-pkgconfig.patch \
%D%/packages/patches/ntfs-3g-CVE-2019-9755.patch \
%D%/packages/patches/nvi-assume-preserve-path.patch \
diff --git a/gnu/packages/certs.scm b/gnu/packages/certs.scm
index b892c2a958..0cb20467ab 100644
--- a/gnu/packages/certs.scm
+++ b/gnu/packages/certs.scm
@@ -76,7 +76,7 @@
(define-public nss-certs
(package
(name "nss-certs")
- (version "3.55")
+ (version "3.57")
(source (origin
(method url-fetch)
(uri (let ((version-with-underscores
@@ -87,7 +87,7 @@
"nss-" version ".tar.gz")))
(sha256
(base32
- "0100hm7n1xrp144xy665z46s0wf1jpkqkncc6bk2w22snhyjwsgw"))))
+ "10n3pncg6k81ikjz12la147rppwqn57bkrdl9gb820w6pq0nra2m"))))
(build-system gnu-build-system)
(outputs '("out"))
(native-inputs
diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm
index 365626a62a..60ea610908 100644
--- a/gnu/packages/gnuzilla.scm
+++ b/gnu/packages/gnuzilla.scm
@@ -1426,7 +1426,7 @@ standards of the IceCat project.")
("mesa" ,mesa)
("mit-krb5" ,mit-krb5)
("nspr" ,nspr)
- ("nss" ,nss-3.57)
+ ("nss" ,nss)
("pango" ,pango)
("pixman" ,pixman)
("pulseaudio" ,pulseaudio)
diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm
index 3675c5bb0e..6e2ca883e0 100644
--- a/gnu/packages/nss.scm
+++ b/gnu/packages/nss.scm
@@ -73,121 +73,6 @@ in the Mozilla clients.")
(define-public nss
(package
(name "nss")
- (version "3.55")
- (source (origin
- (method url-fetch)
- (uri (let ((version-with-underscores
- (string-join (string-split version #\.) "_")))
- (string-append
- "https://ftp.mozilla.org/pub/mozilla.org/security/nss/"
- "releases/NSS_" version-with-underscores "_RTM/src/"
- "nss-" version ".tar.gz")))
- (sha256
- (base32
- "0100hm7n1xrp144xy665z46s0wf1jpkqkncc6bk2w22snhyjwsgw"))
- ;; Create nss.pc and nss-config.
- (patches (search-patches "nss-pkgconfig.patch"
- "nss-increase-test-timeout.patch"))
- (modules '((guix build utils)))
- (snippet
- '(begin
- ;; Delete the bundled copy of these libraries.
- (delete-file-recursively "nss/lib/zlib")
- (delete-file-recursively "nss/lib/sqlite")
- #t))))
- (build-system gnu-build-system)
- (outputs '("out" "bin"))
- (arguments
- `(#:parallel-build? #f ; not supported
- #:make-flags
- (let* ((out (assoc-ref %outputs "out"))
- (nspr (string-append (assoc-ref %build-inputs "nspr")))
- (rpath (string-append "-Wl,-rpath=" out "/lib/nss")))
- (list "-C" "nss" (string-append "PREFIX=" out)
- "NSDISTMODE=copy"
- "NSS_USE_SYSTEM_SQLITE=1"
- (string-append "NSPR_INCLUDE_DIR=" nspr "/include/nspr")
- ;; Add $out/lib/nss to RPATH.
- (string-append "RPATH=" rpath)
- (string-append "LDFLAGS=" rpath)
- "all"))
- #:modules ((guix build gnu-build-system)
- (guix build utils)
- (ice-9 ftw)
- (ice-9 match)
- (srfi srfi-26))
- #:phases
- (modify-phases %standard-phases
- (replace 'configure
- (lambda _
- (setenv "CC" "gcc")
- ;; Tells NSS to build for the 64-bit ABI if we are 64-bit system.
- ,@(match (%current-system)
- ((or "x86_64-linux" "aarch64-linux")
- `((setenv "USE_64" "1")))
- (_
- '()))
- #t))
- (replace 'check
- (lambda _
- ;; Use 127.0.0.1 instead of $HOST.$DOMSUF as HOSTADDR for testing.
- ;; The later requires a working DNS or /etc/hosts.
- (setenv "DOMSUF" "localdomain")
- (setenv "USE_IP" "TRUE")
- (setenv "IP_ADDRESS" "127.0.0.1")
-
- ;; The "PayPalEE.cert" certificate expires every six months,
- ;; leading to test failures:
- ;; <https://bugzilla.mozilla.org/show_bug.cgi?id=609734>. To
- ;; work around that, set the time to roughly the release date.
- (invoke "faketime" "2020-07-01" "./nss/tests/all.sh")))
- (replace 'install
- (lambda* (#:key outputs #:allow-other-keys)
- (let* ((out (assoc-ref outputs "out"))
- (bin (string-append (assoc-ref outputs "bin") "/bin"))
- (inc (string-append out "/include/nss"))
- (lib (string-append out "/lib/nss"))
- (obj (match (scandir "dist" (cut string-suffix? "OBJ" <>))
- ((obj) (string-append "dist/" obj)))))
- ;; Install nss-config to $out/bin.
- (install-file (string-append obj "/bin/nss-config")
- (string-append out "/bin"))
- (delete-file (string-append obj "/bin/nss-config"))
- ;; Install nss.pc to $out/lib/pkgconfig.
- (install-file (string-append obj "/lib/pkgconfig/nss.pc")
- (string-append out "/lib/pkgconfig"))
- (delete-file (string-append obj "/lib/pkgconfig/nss.pc"))
- (rmdir (string-append obj "/lib/pkgconfig"))
- ;; Install other files.
- (copy-recursively "dist/public/nss" inc)
- (copy-recursively (string-append obj "/bin") bin)
- (copy-recursively (string-append obj "/lib") lib)
- #t))))))
- (inputs
- `(("sqlite" ,sqlite)
- ("zlib" ,zlib)))
- (propagated-inputs `(("nspr" ,nspr))) ; required by nss.pc.
- (native-inputs `(("perl" ,perl)
- ("libfaketime" ,libfaketime))) ;for tests
-
- ;; The NSS test suite takes around 48 hours on Loongson 3A (MIPS) when
- ;; another build is happening concurrently on the same machine.
- (properties '((timeout . 216000))) ; 60 hours
-
- (home-page
- "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS")
- (synopsis "Network Security Services")
- (description
- "Network Security Services (@dfn{NSS}) is a set of libraries designed to
-support cross-platform development of security-enabled client and server
-applications. Applications built with NSS can support SSL v2 and v3, TLS,
-PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other
-security standards.")
- (license license:mpl2.0)))
-
-(define-public nss-3.57
- (package
- (inherit nss)
(version "3.57")
(source (origin
(method url-fetch)
@@ -210,6 +95,8 @@ security standards.")
(delete-file-recursively "nss/lib/zlib")
(delete-file-recursively "nss/lib/sqlite")
#t))))
+ (build-system gnu-build-system)
+ (outputs '("out" "bin"))
(arguments
`(#:parallel-build? #f ; not supported
#:make-flags
@@ -252,7 +139,7 @@ security standards.")
;; leading to test failures:
;; <https://bugzilla.mozilla.org/show_bug.cgi?id=609734>. To
;; work around that, set the time to roughly the release date.
- (invoke "faketime" "2020-02-01" "./nss/tests/all.sh")))
+ (invoke "faketime" "2020-10-01" "./nss/tests/all.sh")))
(replace 'install
(lambda* (#:key outputs #:allow-other-keys)
(let* ((out (assoc-ref outputs "out"))
@@ -274,4 +161,25 @@ security standards.")
(copy-recursively "dist/public/nss" inc)
(copy-recursively (string-append obj "/bin") bin)
(copy-recursively (string-append obj "/lib") lib)
- #t))))))))
+ #t))))))
+ (inputs
+ `(("sqlite" ,sqlite)
+ ("zlib" ,zlib)))
+ (propagated-inputs `(("nspr" ,nspr))) ; required by nss.pc.
+ (native-inputs `(("perl" ,perl)
+ ("libfaketime" ,libfaketime))) ;for tests
+
+ ;; The NSS test suite takes around 48 hours on Loongson 3A (MIPS) when
+ ;; another build is happening concurrently on the same machine.
+ (properties '((timeout . 216000))) ; 60 hours
+
+ (home-page
+ "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS")
+ (synopsis "Network Security Services")
+ (description
+ "Network Security Services (@dfn{NSS}) is a set of libraries designed to
+support cross-platform development of security-enabled client and server
+applications. Applications built with NSS can support SSL v2 and v3, TLS,
+PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other
+security standards.")
+ (license license:mpl2.0)))
diff --git a/gnu/packages/patches/nss-pkgconfig.patch b/gnu/packages/patches/nss-pkgconfig.patch
deleted file mode 100644
index 4b9e0506f2..0000000000
--- a/gnu/packages/patches/nss-pkgconfig.patch
+++ /dev/null
@@ -1,228 +0,0 @@
-Description: Create nss.pc and nss-config
-Author: Lars Wendler <polynomial-c@gentoo.org>
-Source: http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/dev-libs/nss/files/nss-3.17.1-gentoo-fixups.patch
-
-Modifications:
- Change libdir from ${prefix}/lib64 to ${prefix}/lib/nss.
- Remove optional patching in nss/Makefile.
- Include -L$libdir in output from "nss-config --libs".
-
-Later adapted to apply cleanly to nss-3.21.
-
---- nss-3.21/nss/config/Makefile
-+++ nss-3.21/nss/config/Makefile
-@@ -0,0 +1,40 @@
-+CORE_DEPTH = ..
-+DEPTH = ..
-+
-+include $(CORE_DEPTH)/coreconf/config.mk
-+
-+NSS_MAJOR_VERSION = `grep "NSS_VMAJOR" ../lib/nss/nss.h | awk '{print $$3}'`
-+NSS_MINOR_VERSION = `grep "NSS_VMINOR" ../lib/nss/nss.h | awk '{print $$3}'`
-+NSS_PATCH_VERSION = `grep "NSS_VPATCH" ../lib/nss/nss.h | awk '{print $$3}'`
-+PREFIX = /usr
-+
-+all: export libs
-+
-+export:
-+ # Create the nss.pc file
-+ mkdir -p $(DIST)/lib/pkgconfig
-+ sed -e "s,@prefix@,$(PREFIX)," \
-+ -e "s,@exec_prefix@,\$${prefix}," \
-+ -e "s,@libdir@,\$${prefix}/lib/nss," \
-+ -e "s,@includedir@,\$${prefix}/include/nss," \
-+ -e "s,@NSS_MAJOR_VERSION@,$(NSS_MAJOR_VERSION),g" \
-+ -e "s,@NSS_MINOR_VERSION@,$(NSS_MINOR_VERSION)," \
-+ -e "s,@NSS_PATCH_VERSION@,$(NSS_PATCH_VERSION)," \
-+ nss.pc.in > nss.pc
-+ chmod 0644 nss.pc
-+ cp nss.pc $(DIST)/lib/pkgconfig
-+
-+ # Create the nss-config script
-+ mkdir -p $(DIST)/bin
-+ sed -e "s,@prefix@,$(PREFIX)," \
-+ -e "s,@NSS_MAJOR_VERSION@,$(NSS_MAJOR_VERSION)," \
-+ -e "s,@NSS_MINOR_VERSION@,$(NSS_MINOR_VERSION)," \
-+ -e "s,@NSS_PATCH_VERSION@,$(NSS_PATCH_VERSION)," \
-+ nss-config.in > nss-config
-+ chmod 0755 nss-config
-+ cp nss-config $(DIST)/bin
-+
-+libs:
-+
-+dummy: all export libs
-+
---- nss-3.21/nss/config/nss-config.in
-+++ nss-3.21/nss/config/nss-config.in
-@@ -0,0 +1,145 @@
-+#!/bin/sh
-+
-+prefix=@prefix@
-+
-+major_version=@NSS_MAJOR_VERSION@
-+minor_version=@NSS_MINOR_VERSION@
-+patch_version=@NSS_PATCH_VERSION@
-+
-+usage()
-+{
-+ cat <<EOF
-+Usage: nss-config [OPTIONS] [LIBRARIES]
-+Options:
-+ [--prefix[=DIR]]
-+ [--exec-prefix[=DIR]]
-+ [--includedir[=DIR]]
-+ [--libdir[=DIR]]
-+ [--version]
-+ [--libs]
-+ [--cflags]
-+Dynamic Libraries:
-+ nss
-+ ssl
-+ smime
-+ nssutil
-+EOF
-+ exit $1
-+}
-+
-+if test $# -eq 0; then
-+ usage 1 1>&2
-+fi
-+
-+lib_ssl=yes
-+lib_smime=yes
-+lib_nss=yes
-+lib_nssutil=yes
-+
-+while test $# -gt 0; do
-+ case "$1" in
-+ -*=*) optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'` ;;
-+ *) optarg= ;;
-+ esac
-+
-+ case $1 in
-+ --prefix=*)
-+ prefix=$optarg
-+ ;;
-+ --prefix)
-+ echo_prefix=yes
-+ ;;
-+ --exec-prefix=*)
-+ exec_prefix=$optarg
-+ ;;
-+ --exec-prefix)
-+ echo_exec_prefix=yes
-+ ;;
-+ --includedir=*)
-+ includedir=$optarg
-+ ;;
-+ --includedir)
-+ echo_includedir=yes
-+ ;;
-+ --libdir=*)
-+ libdir=$optarg
-+ ;;
-+ --libdir)
-+ echo_libdir=yes
-+ ;;
-+ --version)
-+ echo ${major_version}.${minor_version}.${patch_version}
-+ ;;
-+ --cflags)
-+ echo_cflags=yes
-+ ;;
-+ --libs)
-+ echo_libs=yes
-+ ;;
-+ ssl)
-+ lib_ssl=yes
-+ ;;
-+ smime)
-+ lib_smime=yes
-+ ;;
-+ nss)
-+ lib_nss=yes
-+ ;;
-+ nssutil)
-+ lib_nssutil=yes
-+ ;;
-+ *)
-+ usage 1 1>&2
-+ ;;
-+ esac
-+ shift
-+done
-+
-+# Set variables that may be dependent upon other variables
-+if test -z "$exec_prefix"; then
-+ exec_prefix=`pkg-config --variable=exec_prefix nss`
-+fi
-+if test -z "$includedir"; then
-+ includedir=`pkg-config --variable=includedir nss`
-+fi
-+if test -z "$libdir"; then
-+ libdir=`pkg-config --variable=libdir nss`
-+fi
-+
-+if test "$echo_prefix" = "yes"; then
-+ echo $prefix
-+fi
-+
-+if test "$echo_exec_prefix" = "yes"; then
-+ echo $exec_prefix
-+fi
-+
-+if test "$echo_includedir" = "yes"; then
-+ echo $includedir
-+fi
-+
-+if test "$echo_libdir" = "yes"; then
-+ echo $libdir
-+fi
-+
-+if test "$echo_cflags" = "yes"; then
-+ echo -I$includedir
-+fi
-+
-+if test "$echo_libs" = "yes"; then
-+ libdirs=-L$libdir
-+ if test -n "$lib_ssl"; then
-+ libdirs="$libdirs -lssl${major_version}"
-+ fi
-+ if test -n "$lib_smime"; then
-+ libdirs="$libdirs -lsmime${major_version}"
-+ fi
-+ if test -n "$lib_nss"; then
-+ libdirs="$libdirs -lnss${major_version}"
-+ fi
-+ if test -n "$lib_nssutil"; then
-+ libdirs="$libdirs -lnssutil${major_version}"
-+ fi
-+ echo $libdirs
-+fi
-+
---- nss-3.21/nss/config/nss.pc.in
-+++ nss-3.21/nss/config/nss.pc.in
-@@ -0,0 +1,12 @@
-+prefix=@prefix@
-+exec_prefix=@exec_prefix@
-+libdir=@libdir@
-+includedir=@includedir@
-+
-+Name: NSS
-+Description: Network Security Services
-+Version: @NSS_MAJOR_VERSION@.@NSS_MINOR_VERSION@.@NSS_PATCH_VERSION@
-+Requires: nspr >= 4.8
-+Libs: -L${libdir} -lssl3 -lsmime3 -lnss3 -lnssutil3
-+Cflags: -I${includedir}
-+
---- nss-3.21/nss/manifest.mn
-+++ nss-3.21/nss/manifest.mn
-@@ -10,7 +10,7 @@
-
- RELEASE = nss
-
--DIRS = coreconf lib cmd cpputil gtests
-+DIRS = coreconf lib cmd cpputil gtests config
-
- lib: coreconf
- cmd: lib