From patchwork Sun Sep 27 10:44:18 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Jonathan Brielmaier X-Patchwork-Id: 24340 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id 710AA27BBE9; Sun, 27 Sep 2020 11:48:07 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL, T_DKIM_INVALID,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.2 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id 9CCA227BBE8 for ; Sun, 27 Sep 2020 11:48:06 +0100 (BST) Received: from localhost ([::1]:57886 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kMUDs-0000l0-Lo for patchwork@mira.cbaines.net; Sun, 27 Sep 2020 06:48:04 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:38824) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kMUBv-0000Wq-Lu for guix-patches@gnu.org; Sun, 27 Sep 2020 06:46:05 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:36888) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kMUBu-0005G4-Us for guix-patches@gnu.org; Sun, 27 Sep 2020 06:46:03 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1kMUBu-0007vH-Th for guix-patches@gnu.org; Sun, 27 Sep 2020 06:46:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#43647] [PATCH 1/3] gnu: Add nss@3.56. Resent-From: Jonathan Brielmaier Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Sun, 27 Sep 2020 10:46:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 43647 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 43647@debbugs.gnu.org Cc: Jonathan Brielmaier Received: via spool by 43647-submit@debbugs.gnu.org id=B43647.160120352730393 (code B ref 43647); Sun, 27 Sep 2020 10:46:02 +0000 Received: (at 43647) by debbugs.gnu.org; 27 Sep 2020 10:45:27 +0000 Received: from localhost ([127.0.0.1]:48431 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kMUBE-0007tv-FS for submit@debbugs.gnu.org; Sun, 27 Sep 2020 06:45:27 -0400 Received: from mout.web.de ([212.227.15.3]:37663) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kMUB5-0007tJ-BG for 43647@debbugs.gnu.org; Sun, 27 Sep 2020 06:45:14 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=web.de; s=dbaedf251592; t=1601203505; bh=Fyv4si2+GG8wgnlf9TNT9YLtgcqunu81mGt2TBn/O0Q=; h=X-UI-Sender-Class:From:To:Cc:Subject:Date:In-Reply-To:References; b=iFQL2TvuMGfeybjL1HF8NDWOdHq6gcqI3n3nsAkuWcz7t0FrcgdKW3xeL2FflnIWI Fm35Hem06H0fWck8IGhxxS3XCZTTaK+LcrQtM69j7s5dalh/HK2f+mDZ2mCBeuhMS/ XxZvkXJgA6I0ff1Z/2nHA9oajnOpWjTkVW6+eiew= X-UI-Sender-Class: c548c8c5-30a9-4db5-a2e7-cb6cb037b8f9 Received: from x250.fritz.box ([217.64.127.195]) by smtp.web.de (mrweb002 [213.165.67.108]) with ESMTPSA (Nemesis) id 0Letgd-1kmiZb3PlH-00qkau; Sun, 27 Sep 2020 12:45:05 +0200 From: Jonathan Brielmaier Date: Sun, 27 Sep 2020 12:44:18 +0200 Message-Id: <20200927104420.4091-1-jonathan.brielmaier@web.de> X-Mailer: git-send-email 2.28.0 In-Reply-To: <20200927104111.2522-1-jonathan.brielmaier@web.de> References: <20200927104111.2522-1-jonathan.brielmaier@web.de> MIME-Version: 1.0 X-Provags-ID: V03:K1:RpZ1O7DMUsQf5Mk2ZJ8KWjjhHQl2JFjy0IM7tWyzZhWyn6q/JSe MWq2O0OCDYJyOotfWugem6TQIojbbjHmfeJQOhVn2IRaT3xj5VGCH9+PMo0nvEOsUKqg/+k qVvGY851tZXhRXmnvrXEQXqUyGHP5cen4EnwcmZ61SoqRSLtgFThOfxrt/w1oEwROhEdjpK JpL50oE2MTYWOcoya5Trw== X-UI-Out-Filterresults: notjunk:1;V03:K0:N4okY+/fQ4o=:FWpzuSMskKSLIPulCYxCb/ cYfwYS0gjT75kH3C5YbC24gCDuKq4ImniXm9XfX0q+edgPSrZcULDeOQsqPHF7Rtnx/AZOqb7 2VTd+svV95ZDSD6H6/srKL7gim1RTCv7MZC2SMHqblS/Ut+NW2vZ5V7A6FOZaEysz241z6lRm 0ZRf6gVJoljI03u3ez7adn6F+w7yL8glNu2GKHHPEVpYLT2E1InF18RWIgDrHT1AfBKt2guaA MlHJY9Q2d31/cEkmxjut0GXyUHv+3hLUliUoYOWtEuOPOM3ckLNmFVWAoVuXTuZp/ni4b63mf 3uSLlqd2kJe+J7OssjCl44ueMFQSSN9mI4OzMK99Qi6jRusL10VJDarKk8e01dQkAeW50ujEw N6bWxKAlmnyhJeM6PvdsZdRaexgc59E432baZx7MugoMnZCl1BT7mxXJWn/gmCvEpT/Z1eO0g TDZjQOANybpLhwvZVdRuTXr3jqqCJf7gVXr+Pfg8b6WQC1OyiA6eg6nENPZ3x3aiiGwb/aBYw KyKFfHPDNsD3DvQ4iz6+wORxsaaFYUEC639gpHUDiKacEZ3HPsqBHXOcIV0OhZq7ZEaIMHZ05 ibfyXDUrmxMaMSAKJ+Q2JNDIHgfYmD+wDeiQ0m4PdatscjqFosUhC8m0Wtd5rkO7743xW+BSL 1U3DeajDN8JY1gOjelPz88faw5T3r4vWArPry1HaB45qGAkhGtpBeGwXxLwZFRM96dvEeyWxv jSnY1WZhJmpry5VzDLOf8CkmZ/CrHMABaw0MafC4KAWu/3Gra4A+R6GQdVPNRZ0tvpXbVJIh6 2Yv1OvtkgaL+2mKCSc13AgvJ7e1G1Ztu1gOpc7usf2ca26IDlm6SgC6lMnGoHGoy5NMrSizm9 mwMQ4n3ToblX4x3T9Q1GOi1lwpHZKz15CJVR2rVngULOVDp8u2+hkJjmRlJNgARKQAqqz3bpc Tzq6RWjjVcomT8GKSpBiu5/KPcLNdr8omhTkeblQK27YSV74HDobM671t29b3xiF96gcpYvlN 8CpRdTgVVMdyv1rfZEKYz+0SXAD3Ea8AYOurmV2wdAar6nS/G94PetM/EaxwDF+ynxXFPHlaX UKdx/xofOoJqCAR1OsUq0ERNDxrqLjERcsw5+QtLENI+wPK0Zq2mQjbSTL8ebiaivaGQs9rIE HapawXUfNpBrS7fBV5v8udwLUBlClahFpaKD09azL+yhXeLJGerwcIvW8I5IBTLsmQw3AvhYv utnfAy22JbJmj3EA5oIj0rKhXeTTw5uhrEyTSoA== X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: "Guix-patches" X-getmail-retrieved-from-mailbox: Patches Icedove 78 requires nss > 3.53. This version is the only one building out-of-the-box. * gnu/packages/nss.scm (nss-3.56): New variable. * gnu/packages/patches/nss-3.56-pkgconfig.patch: New file. * gnu/local.mk (dist_patch_DATA): Register it. --- gnu/local.mk | 1 + gnu/packages/nss.scm | 92 +++++++ gnu/packages/patches/nss-3.56-pkgconfig.patch | 228 ++++++++++++++++++ 3 files changed, 321 insertions(+) create mode 100644 gnu/packages/patches/nss-3.56-pkgconfig.patch -- 2.28.0 diff --git a/gnu/local.mk b/gnu/local.mk index f3b5b17e84..da56f8a6ab 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1361,6 +1361,7 @@ dist_patch_DATA = \ %D%/packages/patches/nsis-env-passthru.patch \ %D%/packages/patches/nss-increase-test-timeout.patch \ %D%/packages/patches/nss-pkgconfig.patch \ + %D%/packages/patches/nss-3.56-pkgconfig.patch \ %D%/packages/patches/ntfs-3g-CVE-2019-9755.patch \ %D%/packages/patches/nvi-assume-preserve-path.patch \ %D%/packages/patches/nvi-dbpagesize-binpower.patch \ diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm index b19ad7e1e9..32267b0a83 100644 --- a/gnu/packages/nss.scm +++ b/gnu/packages/nss.scm @@ -4,6 +4,7 @@ ;;; Copyright © 2016, 2017, 2018, 2019 Efraim Flashner ;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice ;;; Copyright © 2020 Marius Bakke +;;; Copyright © 2020 Jonathan Brielmaier ;;; ;;; This file is part of GNU Guix. ;;; @@ -191,3 +192,94 @@ applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards.") (license license:mpl2.0))) + +(define-public nss-3.56 + (package + (inherit nss) + (version "3.56") + (source (origin + (method url-fetch) + (uri (let ((version-with-underscores + (string-join (string-split version #\.) "_"))) + (string-append + "https://ftp.mozilla.org/pub/mozilla.org/security/nss/" + "releases/NSS_" version-with-underscores "_RTM/src/" + "nss-" version ".tar.gz"))) + (sha256 + (base32 + "174f0ki2f8szkgv02jlsg2ci332sl9dabr2vcwnyjp1vxplf0xgq")) + ;; Create nss.pc and nss-config. + (patches (search-patches "nss-3.56-pkgconfig.patch" + "nss-increase-test-timeout.patch")) + (modules '((guix build utils))) + (snippet + '(begin + ;; Delete the bundled copy of these libraries. + (delete-file-recursively "nss/lib/zlib") + (delete-file-recursively "nss/lib/sqlite") + #t)))) + (arguments + `(#:parallel-build? #f ; not supported + #:make-flags + (let* ((out (assoc-ref %outputs "out")) + (nspr (string-append (assoc-ref %build-inputs "nspr"))) + (rpath (string-append "-Wl,-rpath=" out "/lib/nss"))) + (list "-C" "nss" (string-append "PREFIX=" out) + "NSDISTMODE=copy" + "NSS_USE_SYSTEM_SQLITE=1" + (string-append "NSPR_INCLUDE_DIR=" nspr "/include/nspr") + ;; Add $out/lib/nss to RPATH. + (string-append "RPATH=" rpath) + (string-append "LDFLAGS=" rpath))) + #:modules ((guix build gnu-build-system) + (guix build utils) + (ice-9 ftw) + (ice-9 match) + (srfi srfi-26)) + #:phases + (modify-phases %standard-phases + (replace 'configure + (lambda _ + (setenv "CC" "gcc") + ;; Tells NSS to build for the 64-bit ABI if we are 64-bit system. + ,@(match (%current-system) + ((or "x86_64-linux" "aarch64-linux") + `((setenv "USE_64" "1"))) + (_ + '())) + #t)) + (replace 'check + (lambda _ + ;; Use 127.0.0.1 instead of $HOST.$DOMSUF as HOSTADDR for testing. + ;; The later requires a working DNS or /etc/hosts. + (setenv "DOMSUF" "localdomain") + (setenv "USE_IP" "TRUE") + (setenv "IP_ADDRESS" "127.0.0.1") + + ;; The "PayPalEE.cert" certificate expires every six months, + ;; leading to test failures: + ;; . To + ;; work around that, set the time to roughly the release date. + (invoke "faketime" "2020-02-01" "./nss/tests/all.sh"))) + (replace 'install + (lambda* (#:key outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (bin (string-append (assoc-ref outputs "bin") "/bin")) + (inc (string-append out "/include/nss")) + (lib (string-append out "/lib/nss")) + (obj (match (scandir "dist" (cut string-suffix? "OBJ" <>)) + ((obj) (string-append "dist/" obj))))) + ;; Install nss-config to $out/bin. + (install-file (string-append obj "/bin/nss-config") + (string-append out "/bin")) + (delete-file (string-append obj "/bin/nss-config")) + ;; Install nss.pc to $out/lib/pkgconfig. + (install-file (string-append obj "/lib/pkgconfig/nss.pc") + (string-append out "/lib/pkgconfig")) + (delete-file (string-append obj "/lib/pkgconfig/nss.pc")) + (rmdir (string-append obj "/lib/pkgconfig")) + ;; Install other files. + (copy-recursively "dist/public/nss" inc) + (copy-recursively (string-append obj "/bin") bin) + (copy-recursively (string-append obj "/lib") lib) + #t)))))))) diff --git a/gnu/packages/patches/nss-3.56-pkgconfig.patch b/gnu/packages/patches/nss-3.56-pkgconfig.patch new file mode 100644 index 0000000000..42fff822bc --- /dev/null +++ b/gnu/packages/patches/nss-3.56-pkgconfig.patch @@ -0,0 +1,228 @@ +Description: Create nss.pc and nss-config +Author: Lars Wendler +Source: http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/dev-libs/nss/files/nss-3.17.1-gentoo-fixups.patch + +Modifications: + Change libdir from ${prefix}/lib64 to ${prefix}/lib/nss. + Remove optional patching in nss/Makefile. + Include -L$libdir in output from "nss-config --libs". + +Later adapted to apply cleanly to nss-3.53. + +--- nss-3.21/nss/config/Makefile ++++ nss-3.21/nss/config/Makefile +@@ -0,0 +1,40 @@ ++CORE_DEPTH = .. ++DEPTH = .. ++ ++include $(CORE_DEPTH)/coreconf/config.mk ++ ++NSS_MAJOR_VERSION = `grep "NSS_VMAJOR" ../lib/nss/nss.h | awk '{print $$3}'` ++NSS_MINOR_VERSION = `grep "NSS_VMINOR" ../lib/nss/nss.h | awk '{print $$3}'` ++NSS_PATCH_VERSION = `grep "NSS_VPATCH" ../lib/nss/nss.h | awk '{print $$3}'` ++PREFIX = /usr ++ ++all: export libs ++ ++export: ++ # Create the nss.pc file ++ mkdir -p $(DIST)/lib/pkgconfig ++ sed -e "s,@prefix@,$(PREFIX)," \ ++ -e "s,@exec_prefix@,\$${prefix}," \ ++ -e "s,@libdir@,\$${prefix}/lib/nss," \ ++ -e "s,@includedir@,\$${prefix}/include/nss," \ ++ -e "s,@NSS_MAJOR_VERSION@,$(NSS_MAJOR_VERSION),g" \ ++ -e "s,@NSS_MINOR_VERSION@,$(NSS_MINOR_VERSION)," \ ++ -e "s,@NSS_PATCH_VERSION@,$(NSS_PATCH_VERSION)," \ ++ nss.pc.in > nss.pc ++ chmod 0644 nss.pc ++ cp nss.pc $(DIST)/lib/pkgconfig ++ ++ # Create the nss-config script ++ mkdir -p $(DIST)/bin ++ sed -e "s,@prefix@,$(PREFIX)," \ ++ -e "s,@NSS_MAJOR_VERSION@,$(NSS_MAJOR_VERSION)," \ ++ -e "s,@NSS_MINOR_VERSION@,$(NSS_MINOR_VERSION)," \ ++ -e "s,@NSS_PATCH_VERSION@,$(NSS_PATCH_VERSION)," \ ++ nss-config.in > nss-config ++ chmod 0755 nss-config ++ cp nss-config $(DIST)/bin ++ ++libs: ++ ++dummy: all export libs ++ +--- nss-3.21/nss/config/nss-config.in ++++ nss-3.21/nss/config/nss-config.in +@@ -0,0 +1,145 @@ ++#!/bin/sh ++ ++prefix=@prefix@ ++ ++major_version=@NSS_MAJOR_VERSION@ ++minor_version=@NSS_MINOR_VERSION@ ++patch_version=@NSS_PATCH_VERSION@ ++ ++usage() ++{ ++ cat <&2 ++fi ++ ++lib_ssl=yes ++lib_smime=yes ++lib_nss=yes ++lib_nssutil=yes ++ ++while test $# -gt 0; do ++ case "$1" in ++ -*=*) optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'` ;; ++ *) optarg= ;; ++ esac ++ ++ case $1 in ++ --prefix=*) ++ prefix=$optarg ++ ;; ++ --prefix) ++ echo_prefix=yes ++ ;; ++ --exec-prefix=*) ++ exec_prefix=$optarg ++ ;; ++ --exec-prefix) ++ echo_exec_prefix=yes ++ ;; ++ --includedir=*) ++ includedir=$optarg ++ ;; ++ --includedir) ++ echo_includedir=yes ++ ;; ++ --libdir=*) ++ libdir=$optarg ++ ;; ++ --libdir) ++ echo_libdir=yes ++ ;; ++ --version) ++ echo ${major_version}.${minor_version}.${patch_version} ++ ;; ++ --cflags) ++ echo_cflags=yes ++ ;; ++ --libs) ++ echo_libs=yes ++ ;; ++ ssl) ++ lib_ssl=yes ++ ;; ++ smime) ++ lib_smime=yes ++ ;; ++ nss) ++ lib_nss=yes ++ ;; ++ nssutil) ++ lib_nssutil=yes ++ ;; ++ *) ++ usage 1 1>&2 ++ ;; ++ esac ++ shift ++done ++ ++# Set variables that may be dependent upon other variables ++if test -z "$exec_prefix"; then ++ exec_prefix=`pkg-config --variable=exec_prefix nss` ++fi ++if test -z "$includedir"; then ++ includedir=`pkg-config --variable=includedir nss` ++fi ++if test -z "$libdir"; then ++ libdir=`pkg-config --variable=libdir nss` ++fi ++ ++if test "$echo_prefix" = "yes"; then ++ echo $prefix ++fi ++ ++if test "$echo_exec_prefix" = "yes"; then ++ echo $exec_prefix ++fi ++ ++if test "$echo_includedir" = "yes"; then ++ echo $includedir ++fi ++ ++if test "$echo_libdir" = "yes"; then ++ echo $libdir ++fi ++ ++if test "$echo_cflags" = "yes"; then ++ echo -I$includedir ++fi ++ ++if test "$echo_libs" = "yes"; then ++ libdirs=-L$libdir ++ if test -n "$lib_ssl"; then ++ libdirs="$libdirs -lssl${major_version}" ++ fi ++ if test -n "$lib_smime"; then ++ libdirs="$libdirs -lsmime${major_version}" ++ fi ++ if test -n "$lib_nss"; then ++ libdirs="$libdirs -lnss${major_version}" ++ fi ++ if test -n "$lib_nssutil"; then ++ libdirs="$libdirs -lnssutil${major_version}" ++ fi ++ echo $libdirs ++fi ++ +--- nss-3.21/nss/config/nss.pc.in ++++ nss-3.21/nss/config/nss.pc.in +@@ -0,0 +1,12 @@ ++prefix=@prefix@ ++exec_prefix=@exec_prefix@ ++libdir=@libdir@ ++includedir=@includedir@ ++ ++Name: NSS ++Description: Network Security Services ++Version: @NSS_MAJOR_VERSION@.@NSS_MINOR_VERSION@.@NSS_PATCH_VERSION@ ++Requires: nspr >= 4.8 ++Libs: -L${libdir} -lssl3 -lsmime3 -lnss3 -lnssutil3 ++Cflags: -I${includedir} ++ +--- nss-3.21/nss/manifest.mn ++++ nss-3.21/nss/manifest.mn +@@ -10,7 +10,7 @@ + + RELEASE = nss + +-DIRS = coreconf lib cmd cpputil gtests ++DIRS = coreconf lib cmd cpputil gtests config + + lib: coreconf + cmd: lib