Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Jory Pratt (anarchy)" <anarchy@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] gentoo-x86 commit in dev-libs/nss: ChangeLog nss-3.13.5.ebuild
Date: Wed, 06 Jun 2012 12:55:18
Message-Id: 20120606125507.76E532004B@flycatcher.gentoo.org
1 anarchy 12/06/06 12:55:07
2
3 Modified: ChangeLog
4 Added: nss-3.13.5.ebuild
5 Log:
6 Version bump, NSS parsing errors with zero length item
7
8 (Portage version: 2.1.10.65/cvs/Linux x86_64)
9
10 Revision Changes Path
11 1.250 dev-libs/nss/ChangeLog
12
13 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/nss/ChangeLog?rev=1.250&view=markup
14 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/nss/ChangeLog?rev=1.250&content-type=text/plain
15 diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/nss/ChangeLog?r1=1.249&r2=1.250
16
17 Index: ChangeLog
18 ===================================================================
19 RCS file: /var/cvsroot/gentoo-x86/dev-libs/nss/ChangeLog,v
20 retrieving revision 1.249
21 retrieving revision 1.250
22 diff -u -r1.249 -r1.250
23 --- ChangeLog 28 May 2012 14:49:25 -0000 1.249
24 +++ ChangeLog 6 Jun 2012 12:55:07 -0000 1.250
25 @@ -1,6 +1,11 @@
26 # ChangeLog for dev-libs/nss
27 # Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2
28 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/nss/ChangeLog,v 1.249 2012/05/28 14:49:25 armin76 Exp $
29 +# $Header: /var/cvsroot/gentoo-x86/dev-libs/nss/ChangeLog,v 1.250 2012/06/06 12:55:07 anarchy Exp $
30 +
31 +*nss-3.13.5 (06 Jun 2012)
32 +
33 + 06 Jun 2012; Jory A. Pratt <anarchy@g.o> +nss-3.13.5.ebuild:
34 + Version bump, NSS parsing errors with zero length item
35
36 28 May 2012; Raúl Porcel <armin76@g.o> nss-3.13.4.ebuild:
37 sparc stable
38
39
40
41 1.1 dev-libs/nss/nss-3.13.5.ebuild
42
43 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/nss/nss-3.13.5.ebuild?rev=1.1&view=markup
44 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/nss/nss-3.13.5.ebuild?rev=1.1&content-type=text/plain
45
46 Index: nss-3.13.5.ebuild
47 ===================================================================
48 # Copyright 1999-2012 Gentoo Foundation
49 # Distributed under the terms of the GNU General Public License v2
50 # $Header: /var/cvsroot/gentoo-x86/dev-libs/nss/nss-3.13.5.ebuild,v 1.1 2012/06/06 12:55:07 anarchy Exp $
51
52 EAPI=3
53 inherit eutils flag-o-matic multilib toolchain-funcs
54
55 NSPR_VER="4.9.1"
56 RTM_NAME="NSS_${PV//./_}_RTM"
57
58 DESCRIPTION="Mozilla's Network Security Services library that implements PKI support"
59 HOMEPAGE="http://www.mozilla.org/projects/security/pki/nss/"
60 SRC_URI="ftp://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/${RTM_NAME}/src/${P}.tar.gz
61 http://dev.gentoo.org/~anarchy/patches/${PN}-3.13.3-add_spi+cacerts_ca_certs.patch
62 http://dev.gentoo.org/~anarchy/patches/${PN}-3.13.3_pem.support"
63
64 LICENSE="|| ( MPL-1.1 GPL-2 LGPL-2.1 )"
65 SLOT="0"
66 KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~x86-macos ~sparc-solaris ~x64-solaris ~x86-solaris"
67 IUSE="utils"
68
69 DEPEND="virtual/pkgconfig"
70 RDEPEND=">=dev-libs/nspr-${NSPR_VER}
71 >=dev-db/sqlite-3.5
72 sys-libs/zlib"
73
74 src_setup() {
75 export LC_ALL="C"
76 }
77
78 src_prepare() {
79 # Custom changes for gentoo
80 epatch "${FILESDIR}/${PN}-3.13-gentoo-fixup.patch"
81 epatch "${FILESDIR}/${PN}-3.12.6-gentoo-fixup-warnings.patch"
82 epatch "${DISTDIR}/${PN}-3.13.3-add_spi+cacerts_ca_certs.patch"
83 epatch "${DISTDIR}/${PN}-3.13.3_pem.support"
84
85 cd "${S}"/mozilla/security/coreconf || die
86 # hack nspr paths
87 echo 'INCLUDES += -I'"${EPREFIX}"'/usr/include/nspr -I$(DIST)/include/dbm' \
88 >> headers.mk || die "failed to append include"
89
90 # modify install path
91 sed -e 's:SOURCE_PREFIX = $(CORE_DEPTH)/\.\./dist:SOURCE_PREFIX = $(CORE_DEPTH)/dist:' \
92 -i source.mk || die
93
94 # Respect LDFLAGS
95 sed -i -e 's/\$(MKSHLIB) -o/\$(MKSHLIB) \$(LDFLAGS) -o/g' rules.mk || die
96
97 # Ensure we stay multilib aware
98 sed -i -e "s:gentoo\/nss:$(get_libdir):" "${S}"/mozilla/security/nss/config/Makefile || die "Failed to fix for multilib"
99
100 # Fix pkgconfig file for Prefix
101 sed -i -e "/^PREFIX =/s:= /usr:= ${EPREFIX}/usr:" \
102 "${S}"/mozilla/security/nss/config/Makefile || die
103
104 epatch "${FILESDIR}/nss-3.13.1-solaris-gcc.patch"
105
106 # dirty hack
107 cd "${S}"/mozilla/security/nss || die
108 sed -i -e "/CRYPTOLIB/s:\$(SOFTOKEN_LIB_DIR):../freebl/\$(OBJDIR):" \
109 lib/ssl/config.mk || die
110 sed -i -e "/CRYPTOLIB/s:\$(SOFTOKEN_LIB_DIR):../../lib/freebl/\$(OBJDIR):" \
111 cmd/platlibs.mk || die
112 }
113
114 src_compile() {
115 strip-flags
116
117 echo > "${T}"/test.c || die
118 $(tc-getCC) ${CFLAGS} -c "${T}"/test.c -o "${T}"/test.o || die
119 case $(file "${T}"/test.o) in
120 *64-bit*|*ppc64*|*x86_64*) export USE_64=1;;
121 *32-bit*|*ppc*|*i386*) ;;
122 *) die "Failed to detect whether your arch is 64bits or 32bits, disable distcc if you're using it, please";;
123 esac
124
125 export NSPR_INCLUDE_DIR=`nspr-config --includedir`
126 export NSPR_LIB_DIR=`nspr-config --libdir`
127 export BUILD_OPT=1
128 export NSS_USE_SYSTEM_SQLITE=1
129 export NSDISTMODE=copy
130 export NSS_ENABLE_ECC=1
131 export XCFLAGS="${CFLAGS}"
132 export FREEBL_NO_DEPEND=1
133 export ASFLAGS=""
134
135 cd "${S}"/mozilla/security/coreconf || die
136 emake -j1 CC="$(tc-getCC)" || die "coreconf make failed"
137 cd "${S}"/mozilla/security/dbm || die
138 emake -j1 CC="$(tc-getCC)" || die "dbm make failed"
139 cd "${S}"/mozilla/security/nss || die
140 emake -j1 CC="$(tc-getCC)" || die "nss make failed"
141 }
142
143 # Altering these 3 libraries breaks the CHK verification.
144 # All of the following cause it to break:
145 # - stripping
146 # - prelink
147 # - ELF signing
148 # http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn6.html
149 # Either we have to NOT strip them, or we have to forcibly resign after
150 # stripping.
151 #local_libdir="$(get_libdir)"
152 #export STRIP_MASK="
153 # */${local_libdir}/libfreebl3.so*
154 # */${local_libdir}/libnssdbm3.so*
155 # */${local_libdir}/libsoftokn3.so*"
156
157 export NSS_CHK_SIGN_LIBS="freebl3 nssdbm3 softokn3"
158
159 generate_chk() {
160 local shlibsign="$1"
161 local libdir="$2"
162 einfo "Resigning core NSS libraries for FIPS validation"
163 shift 2
164 for i in ${NSS_CHK_SIGN_LIBS} ; do
165 local libname=lib${i}.so
166 local chkname=lib${i}.chk
167 "${shlibsign}" \
168 -i "${libdir}"/${libname} \
169 -o "${libdir}"/${chkname}.tmp \
170 && mv -f \
171 "${libdir}"/${chkname}.tmp \
172 "${libdir}"/${chkname} \
173 || die "Failed to sign ${libname}"
174 done
175 }
176
177 cleanup_chk() {
178 local libdir="$1"
179 shift 1
180 for i in ${NSS_CHK_SIGN_LIBS} ; do
181 local libfname="${libdir}/lib${i}.so"
182 # If the major version has changed, then we have old chk files.
183 [ ! -f "${libfname}" -a -f "${libfname}.chk" ] \
184 && rm -f "${libfname}.chk"
185 done
186 }
187
188 src_install () {
189 MINOR_VERSION=12
190 cd "${S}"/mozilla/security/dist || die
191
192 dodir /usr/$(get_libdir) || die
193 cp -L */lib/*$(get_libname) "${ED}"/usr/$(get_libdir) || die "copying shared libs failed"
194 # We generate these after stripping the libraries, else they don't match.
195 #cp -L */lib/*.chk "${ED}"/usr/$(get_libdir) || die "copying chk files failed"
196 cp -L */lib/libcrmf.a "${ED}"/usr/$(get_libdir) || die "copying libs failed"
197
198 # Install nss-config and pkgconfig file
199 dodir /usr/bin || die
200 cp -L */bin/nss-config "${ED}"/usr/bin || die
201 dodir /usr/$(get_libdir)/pkgconfig || die
202 cp -L */lib/pkgconfig/nss.pc "${ED}"/usr/$(get_libdir)/pkgconfig || die
203
204 # all the include files
205 insinto /usr/include/nss
206 doins public/nss/*.h || die
207 cd "${ED}"/usr/$(get_libdir) || die
208 local n=
209 for file in *$(get_libname); do
210 n=${file%$(get_libname)}$(get_libname ${MINOR_VERSION})
211 mv ${file} ${n} || die
212 ln -s ${n} ${file} || die
213 if [[ ${CHOST} == *-darwin* ]]; then
214 install_name_tool -id "${EPREFIX}/usr/$(get_libdir)/${n}" ${n} || die
215 fi
216 done
217
218 local nssutils
219 # Always enabled because we need it for chk generation.
220 nssutils="shlibsign"
221 if use utils; then
222 # The tests we do not need to install.
223 #nssutils_test="bltest crmftest dbtest dertimetest
224 #fipstest remtest sdrtest"
225 nssutils="addbuiltin atob baddbdir btoa certcgi certutil checkcert
226 cmsutil conflict crlutil derdump digest makepqg mangle modutil multinit
227 nonspr10 ocspclnt oidcalc p7content p7env p7sign p7verify pk11mode
228 pk12util pp rsaperf selfserv shlibsign signtool signver ssltap strsclnt
229 symkeyutil tstclnt vfychain vfyserv"
230 fi
231 cd "${S}"/mozilla/security/dist/*/bin/ || die
232 for f in $nssutils; do
233 dobin ${f} || die
234 done
235
236 # Prelink breaks the CHK files. We don't have any reliable way to run
237 # shlibsign after prelink.
238 declare -a libs
239 for l in ${NSS_CHK_SIGN_LIBS} ; do
240 libs+=("${EPREFIX}/usr/$(get_libdir)/lib${l}.so")
241 done
242 OLD_IFS="${IFS}" IFS=":" ; liblist="${libs[*]}" ; IFS="${OLD_IFS}"
243 echo -e "PRELINK_PATH_MASK=${liblist}" >"${T}/90nss" || die
244 unset libs liblist
245 doenvd "${T}/90nss" || die
246 }
247
248 pkg_postinst() {
249 # We must re-sign the libraries AFTER they are stripped.
250 generate_chk "${EROOT}"/usr/bin/shlibsign "${EROOT}"/usr/$(get_libdir)
251 }
252
253 pkg_postrm() {
254 cleanup_chk "${EROOT}"/usr/$(get_libdir)
255 }
Report Message
Find on MARC Find on Google Groups