Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Jory Pratt (anarchy)" <anarchy@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] gentoo-x86 commit in dev-libs/nss: ChangeLog nss-3.12.8.ebuild nss-3.12.6-r1.ebuild nss-3.12.5-r1.ebuild nss-3.12.5.ebuild nss-3.12.6-r2.ebuild
Date: Thu, 30 Sep 2010 11:58:51
Message-Id: 20100930115839.B2DEE20051@flycatcher.gentoo.org
1 anarchy 10/09/30 11:58:39
2
3 Modified: ChangeLog
4 Added: nss-3.12.8.ebuild
5 Removed: nss-3.12.6-r1.ebuild nss-3.12.5-r1.ebuild
6 nss-3.12.5.ebuild nss-3.12.6-r2.ebuild
7 Log:
8 Version bump, addresses bug #335731
9
10 (Portage version: 2.1.9.12/cvs/Linux x86_64)
11
12 Revision Changes Path
13 1.192 dev-libs/nss/ChangeLog
14
15 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/nss/ChangeLog?rev=1.192&view=markup
16 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/nss/ChangeLog?rev=1.192&content-type=text/plain
17 diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/nss/ChangeLog?r1=1.191&r2=1.192
18
19 Index: ChangeLog
20 ===================================================================
21 RCS file: /var/cvsroot/gentoo-x86/dev-libs/nss/ChangeLog,v
22 retrieving revision 1.191
23 retrieving revision 1.192
24 diff -u -r1.191 -r1.192
25 --- ChangeLog 14 Sep 2010 21:19:28 -0000 1.191
26 +++ ChangeLog 30 Sep 2010 11:58:39 -0000 1.192
27 @@ -1,6 +1,13 @@
28 # ChangeLog for dev-libs/nss
29 # Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2
30 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/nss/ChangeLog,v 1.191 2010/09/14 21:19:28 jer Exp $
31 +# $Header: /var/cvsroot/gentoo-x86/dev-libs/nss/ChangeLog,v 1.192 2010/09/30 11:58:39 anarchy Exp $
32 +
33 +*nss-3.12.8 (30 Sep 2010)
34 +
35 + 30 Sep 2010; Jory A. Pratt <anarchy@g.o> -nss-3.12.5.ebuild,
36 + -nss-3.12.5-r1.ebuild, -nss-3.12.6-r1.ebuild, -nss-3.12.6-r2.ebuild,
37 + +nss-3.12.8.ebuild:
38 + Version bump, addresses bug #335731
39
40 14 Sep 2010; Jeroen Roovers <jer@g.o> nss-3.12.7.ebuild:
41 Stable for HPPA (bug #336396).
42
43
44
45 1.1 dev-libs/nss/nss-3.12.8.ebuild
46
47 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/nss/nss-3.12.8.ebuild?rev=1.1&view=markup
48 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/nss/nss-3.12.8.ebuild?rev=1.1&content-type=text/plain
49
50 Index: nss-3.12.8.ebuild
51 ===================================================================
52 # Copyright 1999-2010 Gentoo Foundation
53 # Distributed under the terms of the GNU General Public License v2
54 # $Header: /var/cvsroot/gentoo-x86/dev-libs/nss/nss-3.12.8.ebuild,v 1.1 2010/09/30 11:58:39 anarchy Exp $
55
56 EAPI=3
57 inherit eutils flag-o-matic multilib toolchain-funcs
58
59 NSPR_VER="4.8.6"
60 RTM_NAME="NSS_${PV//./_}_RTM"
61 DESCRIPTION="Mozilla's Network Security Services library that implements PKI support"
62 HOMEPAGE="http://www.mozilla.org/projects/security/pki/nss/"
63 SRC_URI="ftp://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/${RTM_NAME}/src/${P}.tar.gz"
64
65 LICENSE="|| ( MPL-1.1 GPL-2 LGPL-2.1 )"
66 SLOT="0"
67 KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux ~x86-macos ~sparc-solaris ~x64-solaris ~x86-solaris"
68 IUSE="utils"
69
70 DEPEND="dev-util/pkgconfig"
71 RDEPEND=">=dev-libs/nspr-${NSPR_VER}
72 >=dev-db/sqlite-3.5"
73
74 src_prepare() {
75 # Custom changes for gentoo
76 epatch "${FILESDIR}/${PN}-3.12.5-gentoo-fixups.diff"
77 epatch "${FILESDIR}/${PN}-3.12.6-gentoo-fixup-warnings.patch"
78
79 cd "${S}"/mozilla/security/coreconf
80 # hack nspr paths
81 echo 'INCLUDES += -I'"${EPREFIX}"'/usr/include/nspr -I$(DIST)/include/dbm' \
82 >> headers.mk || die "failed to append include"
83
84 # modify install path
85 sed -e 's:SOURCE_PREFIX = $(CORE_DEPTH)/\.\./dist:SOURCE_PREFIX = $(CORE_DEPTH)/dist:' \
86 -i source.mk
87
88 # Respect LDFLAGS
89 sed -i -e 's/\$(MKSHLIB) -o/\$(MKSHLIB) \$(LDFLAGS) -o/g' rules.mk
90
91 # Ensure we stay multilib aware
92 sed -i -e "s:gentoo\/nss:$(get_libdir):" "${S}"/mozilla/security/nss/config/Makefile || die "Failed to fix for multilib"
93
94 # Fix pkgconfig file for Prefix
95 sed -i -e "/^PREFIX =/s:= /usr:= ${EPREFIX}/usr:" \
96 "${S}"/mozilla/security/nss/config/Makefile
97
98 epatch "${FILESDIR}"/${PN}-3.12.4-solaris-gcc.patch # breaks non-gnu tools
99 # dirty hack
100 cd "${S}"/mozilla/security/nss
101 sed -i -e "/CRYPTOLIB/s:\$(SOFTOKEN_LIB_DIR):../freebl/\$(OBJDIR):" \
102 lib/ssl/config.mk || die
103 sed -i -e "/CRYPTOLIB/s:\$(SOFTOKEN_LIB_DIR):../../lib/freebl/\$(OBJDIR):" \
104 cmd/platlibs.mk || die
105 }
106
107 src_compile() {
108 strip-flags
109
110 echo > "${T}"/test.c
111 $(tc-getCC) ${CFLAGS} -c "${T}"/test.c -o "${T}"/test.o
112 case $(file "${T}"/test.o) in
113 *64-bit*|*ppc64*|*x86_64*) export USE_64=1;;
114 *32-bit*|*ppc*|*i386*) ;;
115 *) die "Failed to detect whether your arch is 64bits or 32bits, disable distcc if you're using it, please";;
116 esac
117
118 export NSPR_INCLUDE_DIR=`nspr-config --includedir`
119 export NSPR_LIB_DIR=`nspr-config --libdir`
120 export BUILD_OPT=1
121 export NSS_USE_SYSTEM_SQLITE=1
122 export NSDISTMODE=copy
123 export NSS_ENABLE_ECC=1
124 export XCFLAGS="${CFLAGS}"
125 export FREEBL_NO_DEPEND=1
126
127 cd "${S}"/mozilla/security/coreconf
128 emake -j1 CC="$(tc-getCC)" || die "coreconf make failed"
129 cd "${S}"/mozilla/security/dbm
130 emake -j1 CC="$(tc-getCC)" || die "dbm make failed"
131 cd "${S}"/mozilla/security/nss
132 emake -j1 CC="$(tc-getCC)" || die "nss make failed"
133 }
134
135 # Altering these 3 libraries breaks the CHK verification.
136 # All of the following cause it to break:
137 # - stripping
138 # - prelink
139 # - ELF signing
140 # http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn6.html
141 # Either we have to NOT strip them, or we have to forcibly resign after
142 # stripping.
143 #local_libdir="$(get_libdir)"
144 #export STRIP_MASK="
145 # */${local_libdir}/libfreebl3.so*
146 # */${local_libdir}/libnssdbm3.so*
147 # */${local_libdir}/libsoftokn3.so*"
148
149 export NSS_CHK_SIGN_LIBS="freebl3 nssdbm3 softokn3"
150
151 generate_chk() {
152 local shlibsign="$1"
153 local libdir="$2"
154 einfo "Resigning core NSS libraries for FIPS validation"
155 shift 2
156 for i in ${NSS_CHK_SIGN_LIBS} ; do
157 local libname=lib${i}.so
158 local chkname=lib${i}.chk
159 "${shlibsign}" \
160 -i "${libdir}"/${libname} \
161 -o "${libdir}"/${chkname}.tmp \
162 && mv -f \
163 "${libdir}"/${chkname}.tmp \
164 "${libdir}"/${chkname} \
165 || die "Failed to sign ${libname}"
166 done
167 }
168
169 cleanup_chk() {
170 local libdir="$1"
171 shift 1
172 for i in ${NSS_CHK_SIGN_LIBS} ; do
173 local libfname="${libdir}/lib${i}.so"
174 # If the major version has changed, then we have old chk files.
175 [ ! -f "${libfname}" -a -f "${libfname}.chk" ] \
176 && rm -f "${libfname}.chk"
177 done
178 }
179
180 src_install () {
181 MINOR_VERSION=12
182 cd "${S}"/mozilla/security/dist
183
184 dodir /usr/$(get_libdir)
185 cp -L */lib/*$(get_libname) "${ED}"/usr/$(get_libdir) || die "copying shared libs failed"
186 # We generate these after stripping the libraries, else they don't match.
187 #cp -L */lib/*.chk "${ED}"/usr/$(get_libdir) || die "copying chk files failed"
188 cp -L */lib/libcrmf.a "${ED}"/usr/$(get_libdir) || die "copying libs failed"
189
190 # Install nss-config and pkgconfig file
191 dodir /usr/bin
192 cp -L */bin/nss-config "${ED}"/usr/bin
193 dodir /usr/$(get_libdir)/pkgconfig
194 cp -L */lib/pkgconfig/nss.pc "${ED}"/usr/$(get_libdir)/pkgconfig
195
196 # all the include files
197 insinto /usr/include/nss
198 doins public/nss/*.h
199 cd "${ED}"/usr/$(get_libdir)
200 local n=
201 for file in *$(get_libname); do
202 n=${file%$(get_libname)}$(get_libname ${MINOR_VERSION})
203 mv ${file} ${n}
204 ln -s ${n} ${file}
205 if [[ ${CHOST} == *-darwin* ]]; then
206 install_name_tool -id "${EPREFIX}/usr/$(get_libdir)/${n}" ${n} || die
207 fi
208 done
209
210 local nssutils
211 # Always enabled because we need it for chk generation.
212 nssutils="shlibsign"
213 if use utils; then
214 # The tests we do not need to install.
215 #nssutils_test="bltest crmftest dbtest dertimetest
216 #fipstest remtest sdrtest"
217 nssutils="addbuiltin atob baddbdir btoa certcgi certutil checkcert
218 cmsutil conflict crlutil derdump digest makepqg mangle modutil multinit
219 nonspr10 ocspclnt oidcalc p7content p7env p7sign p7verify pk11mode
220 pk12util pp rsaperf selfserv shlibsign signtool signver ssltap strsclnt
221 symkeyutil tstclnt vfychain vfyserv"
222 fi
223 cd "${S}"/mozilla/security/dist/*/bin/
224 for f in $nssutils; do
225 dobin ${f}
226 done
227
228 # Prelink breaks the CHK files. We don't have any reliable way to run
229 # shlibsign after prelink.
230 declare -a libs
231 for l in ${NSS_CHK_SIGN_LIBS} ; do
232 libs+=("${EPREFIX}/usr/$(get_libdir)/lib${l}.so")
233 done
234 OLD_IFS="${IFS}" IFS=":" ; liblist="${libs[*]}" ; IFS="${OLD_IFS}"
235 echo -e "PRELINK_PATH_MASK=${liblist}" >"${T}/90nss"
236 unset libs liblist
237 doenvd "${T}/90nss"
238 }
239
240 pkg_postinst() {
241 elog "We have reverted back to using upstreams soname."
242 elog "Please run revdep-rebuild --library libnss3.so.12 , this"
243 elog "will correct most issues. If you find a binary that does"
244 elog "not run please re-emerge package to ensure it properly"
245 elog " links after upgrade."
246 elog
247 # We must re-sign the libraries AFTER they are stripped.
248 generate_chk "${EROOT}"/usr/bin/shlibsign "${EROOT}"/usr/$(get_libdir)
249 }
250
251 pkg_postrm() {
252 cleanup_chk "${EROOT}"/usr/$(get_libdir)
253 }
Report Message
Find on MARC Find on Google Groups