Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Ian Stakenvicius (axs)" <axs@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] gentoo-x86 commit in dev-libs/nss: nss-3.19.2.ebuild ChangeLog
Date: Fri, 03 Jul 2015 16:21:09
Message-Id: 20150703162059.AB92A74B@oystercatcher.gentoo.org
1 axs 15/07/03 16:20:59
2
3 Modified: ChangeLog
4 Added: nss-3.19.2.ebuild
5 Log:
6 version bump
7
8 (Portage version: 2.2.18/cvs/Linux x86_64, signed Manifest commit with key 2B6559ED)
9
10 Revision Changes Path
11 1.413 dev-libs/nss/ChangeLog
12
13 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/nss/ChangeLog?rev=1.413&view=markup
14 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/nss/ChangeLog?rev=1.413&content-type=text/plain
15 diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/nss/ChangeLog?r1=1.412&r2=1.413
16
17 Index: ChangeLog
18 ===================================================================
19 RCS file: /var/cvsroot/gentoo-x86/dev-libs/nss/ChangeLog,v
20 retrieving revision 1.412
21 retrieving revision 1.413
22 diff -u -r1.412 -r1.413
23 --- ChangeLog 1 Jun 2015 21:11:59 -0000 1.412
24 +++ ChangeLog 3 Jul 2015 16:20:59 -0000 1.413
25 @@ -1,6 +1,11 @@
26 # ChangeLog for dev-libs/nss
27 # Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2
28 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/nss/ChangeLog,v 1.412 2015/06/01 21:11:59 axs Exp $
29 +# $Header: /var/cvsroot/gentoo-x86/dev-libs/nss/ChangeLog,v 1.413 2015/07/03 16:20:59 axs Exp $
30 +
31 +*nss-3.19.2 (03 Jul 2015)
32 +
33 + 03 Jul 2015; Ian Stakenvicius (_AxS_) <axs@g.o> +nss-3.19.2.ebuild:
34 + version bump
35
36 *nss-3.19.1 (01 Jun 2015)
37
38
39
40
41 1.1 dev-libs/nss/nss-3.19.2.ebuild
42
43 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/nss/nss-3.19.2.ebuild?rev=1.1&view=markup
44 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/nss/nss-3.19.2.ebuild?rev=1.1&content-type=text/plain
45
46 Index: nss-3.19.2.ebuild
47 ===================================================================
48 # Copyright 1999-2015 Gentoo Foundation
49 # Distributed under the terms of the GNU General Public License v2
50 # $Header: /var/cvsroot/gentoo-x86/dev-libs/nss/nss-3.19.2.ebuild,v 1.1 2015/07/03 16:20:59 axs Exp $
51
52 EAPI=5
53 inherit eutils flag-o-matic multilib toolchain-funcs multilib-minimal
54
55 NSPR_VER="4.10.8"
56 RTM_NAME="NSS_${PV//./_}_RTM"
57 # Rev of https://git.fedorahosted.org/cgit/nss-pem.git
58 PEM_GIT_REV="015ae754dd9f6fbcd7e52030ec9732eb27fc06a8"
59 PEM_P="${PN}-pem-${PEM_GIT_REV}"
60
61 DESCRIPTION="Mozilla's Network Security Services library that implements PKI support"
62 HOMEPAGE="http://www.mozilla.org/projects/security/pki/nss/"
63 SRC_URI="ftp://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/${RTM_NAME}/src/${P}.tar.gz
64 cacert? ( http://dev.gentoo.org/~anarchy/patches/${PN}-3.14.1-add_spi+cacerts_ca_certs.patch )
65 nss-pem? ( https://git.fedorahosted.org/cgit/nss-pem.git/snapshot/${PEM_P}.tar.bz2 )"
66
67 LICENSE="|| ( MPL-2.0 GPL-2 LGPL-2.1 )"
68 SLOT="0"
69 KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~x86-macos ~sparc-solaris ~x64-solaris ~x86-solaris"
70 IUSE="+cacert +nss-pem utils"
71 CDEPEND=">=dev-db/sqlite-3.8.2[${MULTILIB_USEDEP}]
72 >=sys-libs/zlib-1.2.8-r1[${MULTILIB_USEDEP}]"
73 DEPEND=">=virtual/pkgconfig-0-r1[${MULTILIB_USEDEP}]
74 >=dev-libs/nspr-${NSPR_VER}[${MULTILIB_USEDEP}]
75 ${CDEPEND}"
76 RDEPEND=">=dev-libs/nspr-${NSPR_VER}[${MULTILIB_USEDEP}]
77 ${CDEPEND}
78 abi_x86_32? (
79 !<=app-emulation/emul-linux-x86-baselibs-20140508-r12
80 !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
81 )"
82
83 RESTRICT="test"
84
85 S="${WORKDIR}/${P}/${PN}"
86
87 MULTILIB_CHOST_TOOLS=(
88 /usr/bin/nss-config
89 )
90
91 src_unpack() {
92 unpack ${A}
93 if use nss-pem ; then
94 mv "${PEM_P}"/nss/lib/ckfw/pem/ "${S}"/lib/ckfw/ || die
95 fi
96 }
97
98 src_prepare() {
99 # Custom changes for gentoo
100 epatch "${FILESDIR}/${PN}-3.17.1-gentoo-fixups.patch"
101 epatch "${FILESDIR}/${PN}-3.15-gentoo-fixup-warnings.patch"
102 use cacert && epatch "${DISTDIR}/${PN}-3.14.1-add_spi+cacerts_ca_certs.patch"
103 use nss-pem && epatch "${FILESDIR}/${PN}-3.15.4-enable-pem.patch"
104 epatch "${FILESDIR}/nss-3.14.2-solaris-gcc.patch"
105 epatch "${FILESDIR}/${PN}-cacert-class3.patch" # 521462
106
107 pushd coreconf >/dev/null || die
108 # hack nspr paths
109 echo 'INCLUDES += -I$(DIST)/include/dbm' \
110 >> headers.mk || die "failed to append include"
111
112 # modify install path
113 sed -e '/CORE_DEPTH/s:SOURCE_PREFIX.*$:SOURCE_PREFIX = $(CORE_DEPTH)/dist:' \
114 -i source.mk || die
115
116 # Respect LDFLAGS
117 sed -i -e 's/\$(MKSHLIB) -o/\$(MKSHLIB) \$(LDFLAGS) -o/g' rules.mk
118 popd >/dev/null || die
119
120 # Fix pkgconfig file for Prefix
121 sed -i -e "/^PREFIX =/s:= /usr:= ${EPREFIX}/usr:" \
122 config/Makefile || die
123
124 # use host shlibsign if need be #436216
125 if tc-is-cross-compiler ; then
126 sed -i \
127 -e 's:"${2}"/shlibsign:shlibsign:' \
128 cmd/shlibsign/sign.sh || die
129 fi
130
131 # dirty hack
132 sed -i -e "/CRYPTOLIB/s:\$(SOFTOKEN_LIB_DIR):../freebl/\$(OBJDIR):" \
133 lib/ssl/config.mk || die
134 sed -i -e "/CRYPTOLIB/s:\$(SOFTOKEN_LIB_DIR):../../lib/freebl/\$(OBJDIR):" \
135 cmd/platlibs.mk || die
136
137 multilib_copy_sources
138
139 strip-flags
140 }
141
142 multilib_src_configure() {
143 # Ensure we stay multilib aware
144 sed -i -e "/@libdir@/ s:lib64:$(get_libdir):" config/Makefile || die
145 }
146
147 nssarch() {
148 # Most of the arches are the same as $ARCH
149 local t=${1:-${CHOST}}
150 case ${t} in
151 aarch64*)echo "aarch64";;
152 hppa*) echo "parisc";;
153 i?86*) echo "i686";;
154 x86_64*) echo "x86_64";;
155 *) tc-arch ${t};;
156 esac
157 }
158
159 nssbits() {
160 local cc cppflags="${1}CPPFLAGS" cflags="${1}CFLAGS"
161 if [[ ${1} == BUILD_ ]]; then
162 cc=$(tc-getBUILD_CC)
163 else
164 cc=$(tc-getCC)
165 fi
166 echo > "${T}"/test.c || die
167 ${cc} ${!cppflags} ${!cflags} -c "${T}"/test.c -o "${T}/${1}test.o" || die
168 case $(file "${T}/${1}test.o") in
169 *32-bit*x86-64*) echo USE_X32=1;;
170 *64-bit*|*ppc64*|*x86_64*) echo USE_64=1;;
171 *32-bit*|*ppc*|*i386*) ;;
172 *) die "Failed to detect whether ${cc} builds 64bits or 32bits, disable distcc if you're using it, please";;
173 esac
174 }
175
176 multilib_src_compile() {
177 # use ABI to determine bit'ness, or fallback if unset
178 local buildbits mybits
179 case "${ABI}" in
180 n32) mybits="USE_N32=1";;
181 x32) mybits="USE_X32=1";;
182 s390x|*64) mybits="USE_64=1";;
183 ${DEFAULT_ABI})
184 einfo "Running compilation test to determine bit'ness"
185 mybits=$(nssbits)
186 ;;
187 esac
188 # bitness of host may differ from target
189 if tc-is-cross-compiler; then
190 buildbits=$(nssbits BUILD_)
191 fi
192
193 local makeargs=(
194 CC="$(tc-getCC)"
195 AR="$(tc-getAR) rc \$@"
196 RANLIB="$(tc-getRANLIB)"
197 OPTIMIZER=
198 ${mybits}
199 )
200
201 # Take care of nspr settings #436216
202 local myCPPFLAGS="${CPPFLAGS} $($(tc-getPKG_CONFIG) nspr --cflags)"
203 unset NSPR_INCLUDE_DIR
204
205 # Do not let `uname` be used.
206 if use kernel_linux ; then
207 makeargs+=(
208 OS_TARGET=Linux
209 OS_RELEASE=2.6
210 OS_TEST="$(nssarch)"
211 )
212 fi
213
214 export BUILD_OPT=1
215 export NSS_USE_SYSTEM_SQLITE=1
216 export NSDISTMODE=copy
217 export NSS_ENABLE_ECC=1
218 export FREEBL_NO_DEPEND=1
219 export ASFLAGS=""
220
221 local d
222
223 # Build the host tools first.
224 LDFLAGS="${BUILD_LDFLAGS}" \
225 XCFLAGS="${BUILD_CFLAGS}" \
226 NSPR_LIB_DIR="${T}/fakedir" \
227 emake -j1 -C coreconf \
228 CC="$(tc-getBUILD_CC)" \
229 ${buildbits:-${mybits}}
230 makeargs+=( NSINSTALL="${PWD}/$(find -type f -name nsinstall)" )
231
232 # Then build the target tools.
233 for d in . lib/dbm ; do
234 CPPFLAGS="${myCPPFLAGS}" \
235 XCFLAGS="${CFLAGS} ${CPPFLAGS}" \
236 NSPR_LIB_DIR="${T}/fakedir" \
237 emake -j1 "${makeargs[@]}" -C ${d}
238 done
239 }
240
241 # Altering these 3 libraries breaks the CHK verification.
242 # All of the following cause it to break:
243 # - stripping
244 # - prelink
245 # - ELF signing
246 # http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn6.html
247 # Either we have to NOT strip them, or we have to forcibly resign after
248 # stripping.
249 #local_libdir="$(get_libdir)"
250 #export STRIP_MASK="
251 # */${local_libdir}/libfreebl3.so*
252 # */${local_libdir}/libnssdbm3.so*
253 # */${local_libdir}/libsoftokn3.so*"
254
255 export NSS_CHK_SIGN_LIBS="freebl3 nssdbm3 softokn3"
256
257 generate_chk() {
258 local shlibsign="$1"
259 local libdir="$2"
260 einfo "Resigning core NSS libraries for FIPS validation"
261 shift 2
262 local i
263 for i in ${NSS_CHK_SIGN_LIBS} ; do
264 local libname=lib${i}.so
265 local chkname=lib${i}.chk
266 "${shlibsign}" \
267 -i "${libdir}"/${libname} \
268 -o "${libdir}"/${chkname}.tmp \
269 && mv -f \
270 "${libdir}"/${chkname}.tmp \
271 "${libdir}"/${chkname} \
272 || die "Failed to sign ${libname}"
273 done
274 }
275
276 cleanup_chk() {
277 local libdir="$1"
278 shift 1
279 local i
280 for i in ${NSS_CHK_SIGN_LIBS} ; do
281 local libfname="${libdir}/lib${i}.so"
282 # If the major version has changed, then we have old chk files.
283 [ ! -f "${libfname}" -a -f "${libfname}.chk" ] \
284 && rm -f "${libfname}.chk"
285 done
286 }
287
288 multilib_src_install() {
289 pushd dist >/dev/null || die
290
291 dodir /usr/$(get_libdir)
292 cp -L */lib/*$(get_libname) "${ED}"/usr/$(get_libdir) || die "copying shared libs failed"
293 cp -L -t "${ED}"/usr/$(get_libdir) */lib/{libcrmf,libfreebl}.a || die "copying libs failed"
294
295 # Install nss-config and pkgconfig file
296 dodir /usr/bin
297 cp -L */bin/nss-config "${ED}"/usr/bin || die
298 dodir /usr/$(get_libdir)/pkgconfig
299 cp -L */lib/pkgconfig/nss.pc "${ED}"/usr/$(get_libdir)/pkgconfig || die
300
301 # create an nss-softokn.pc from nss.pc for libfreebl and some private headers
302 # bug 517266
303 sed -e 's#Libs:#Libs: -lfreebl#' \
304 -e 's#Cflags:#Cflags: -I${includedir}/private#' \
305 */lib/pkgconfig/nss.pc >"${ED}"/usr/$(get_libdir)/pkgconfig/nss-softokn.pc \
306 || die "could not create nss-softokn.pc"
307
308 # all the include files
309 insinto /usr/include/nss
310 doins public/nss/*.h
311 insinto /usr/include/nss/private
312 doins private/nss/{blapi,alghmac}.h
313
314 popd >/dev/null || die
315
316 local f nssutils
317 # Always enabled because we need it for chk generation.
318 nssutils="shlibsign"
319
320 if multilib_is_native_abi ; then
321 if use utils; then
322 # The tests we do not need to install.
323 #nssutils_test="bltest crmftest dbtest dertimetest
324 #fipstest remtest sdrtest"
325 nssutils="addbuiltin atob baddbdir btoa certcgi certutil checkcert
326 cmsutil conflict crlutil derdump digest makepqg mangle modutil multinit
327 nonspr10 ocspclnt oidcalc p7content p7env p7sign p7verify pk11mode
328 pk12util pp rsaperf selfserv shlibsign signtool signver ssltap strsclnt
329 symkeyutil tstclnt vfychain vfyserv"
330 # install man-pages for utils (bug #516810)
331 doman doc/nroff/*.1
332 fi
333 pushd dist/*/bin >/dev/null || die
334 for f in ${nssutils}; do
335 dobin ${f}
336 done
337 popd >/dev/null || die
338 fi
339
340 # Prelink breaks the CHK files. We don't have any reliable way to run
341 # shlibsign after prelink.
342 local l libs=() liblist
343 for l in ${NSS_CHK_SIGN_LIBS} ; do
344 libs+=("${EPREFIX}/usr/$(get_libdir)/lib${l}.so")
345 done
346 liblist=$(printf '%s:' "${libs[@]}")
347 echo -e "PRELINK_PATH_MASK=${liblist%:}" > "${T}/90nss-${ABI}"
348 doenvd "${T}/90nss-${ABI}"
349 }
350
351 pkg_postinst() {
352 multilib_pkg_postinst() {
353 # We must re-sign the libraries AFTER they are stripped.
354 local shlibsign="${EROOT}/usr/bin/shlibsign"
355 # See if we can execute it (cross-compiling & such). #436216
356 "${shlibsign}" -h >&/dev/null
357 if [[ $? -gt 1 ]] ; then
358 shlibsign="shlibsign"
359 fi
360 generate_chk "${shlibsign}" "${EROOT}"/usr/$(get_libdir)
361 }
362
363 multilib_foreach_abi multilib_pkg_postinst
364 }
365
366 pkg_postrm() {
367 multilib_pkg_postrm() {
368 cleanup_chk "${EROOT}"/usr/$(get_libdir)
369 }
370
371 multilib_foreach_abi multilib_pkg_postrm
372 }
Report Message
Find on MARC Find on Google Groups