From 86df2060bf729d848badffd569ac18daf705c4ad Mon Sep 17 00:00:00 2001 From: Jonathan Brielmaier Date: Tue, 22 Sep 2020 20:34:42 +0200 Subject: [PATCH 1/2] gnu: Add nss@3.56. Icedove 78 requires nss > 3.53. This version is the only one building out-of-the-box. * gnu/packages/nss.scm (nss-3.56): New variable. * gnu/packages/patches/nss-3.56-pkgconfig.patch: New file. * gnu/local.mk (dist_patch_DATA): Register it. --- gnu/local.mk | 1 + gnu/packages/nss.scm | 92 +++++++ gnu/packages/patches/nss-3.56-pkgconfig.patch | 228 ++++++++++++++++++ 3 files changed, 321 insertions(+) create mode 100644 gnu/packages/patches/nss-3.56-pkgconfig.patch diff --git a/gnu/local.mk b/gnu/local.mk index dd15126b26..579974b517 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1352,6 +1352,7 @@ dist_patch_DATA = \ %D%/packages/patches/nsis-env-passthru.patch \ %D%/packages/patches/nss-increase-test-timeout.patch \ %D%/packages/patches/nss-pkgconfig.patch \ + %D%/packages/patches/nss-3.56-pkgconfig.patch \ %D%/packages/patches/ntfs-3g-CVE-2019-9755.patch \ %D%/packages/patches/nvi-assume-preserve-path.patch \ %D%/packages/patches/nvi-dbpagesize-binpower.patch \ diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm index b19ad7e1e9..32267b0a83 100644 --- a/gnu/packages/nss.scm +++ b/gnu/packages/nss.scm @@ -4,6 +4,7 @@ ;;; Copyright © 2016, 2017, 2018, 2019 Efraim Flashner ;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice ;;; Copyright © 2020 Marius Bakke +;;; Copyright © 2020 Jonathan Brielmaier ;;; ;;; This file is part of GNU Guix. ;;; @@ -191,3 +192,94 @@ applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards.") (license license:mpl2.0))) + +(define-public nss-3.56 + (package + (inherit nss) + (version "3.56") + (source (origin + (method url-fetch) + (uri (let ((version-with-underscores + (string-join (string-split version #\.) "_"))) + (string-append + "https://ftp.mozilla.org/pub/mozilla.org/security/nss/" + "releases/NSS_" version-with-underscores "_RTM/src/" + "nss-" version ".tar.gz"))) + (sha256 + (base32 + "174f0ki2f8szkgv02jlsg2ci332sl9dabr2vcwnyjp1vxplf0xgq")) + ;; Create nss.pc and nss-config. + (patches (search-patches "nss-3.56-pkgconfig.patch" + "nss-increase-test-timeout.patch")) + (modules '((guix build utils))) + (snippet + '(begin + ;; Delete the bundled copy of these libraries. + (delete-file-recursively "nss/lib/zlib") + (delete-file-recursively "nss/lib/sqlite") + #t)))) + (arguments + `(#:parallel-build? #f ; not supported + #:make-flags + (let* ((out (assoc-ref %outputs "out")) + (nspr (string-append (assoc-ref %build-inputs "nspr"))) + (rpath (string-append "-Wl,-rpath=" out "/lib/nss"))) + (list "-C" "nss" (string-append "PREFIX=" out) + "NSDISTMODE=copy" + "NSS_USE_SYSTEM_SQLITE=1" + (string-append "NSPR_INCLUDE_DIR=" nspr "/include/nspr") + ;; Add $out/lib/nss to RPATH. + (string-append "RPATH=" rpath) + (string-append "LDFLAGS=" rpath))) + #:modules ((guix build gnu-build-system) + (guix build utils) + (ice-9 ftw) + (ice-9 match) + (srfi srfi-26)) + #:phases + (modify-phases %standard-phases + (replace 'configure + (lambda _ + (setenv "CC" "gcc") + ;; Tells NSS to build for the 64-bit ABI if we are 64-bit system. + ,@(match (%current-system) + ((or "x86_64-linux" "aarch64-linux") + `((setenv "USE_64" "1"))) + (_ + '())) + #t)) + (replace 'check + (lambda _ + ;; Use 127.0.0.1 instead of $HOST.$DOMSUF as HOSTADDR for testing. + ;; The later requires a working DNS or /etc/hosts. + (setenv "DOMSUF" "localdomain") + (setenv "USE_IP" "TRUE") + (setenv "IP_ADDRESS" "127.0.0.1") + + ;; The "PayPalEE.cert" certificate expires every six months, + ;; leading to test failures: + ;; . To + ;; work around that, set the time to roughly the release date. + (invoke "faketime" "2020-02-01" "./nss/tests/all.sh"))) + (replace 'install + (lambda* (#:key outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (bin (string-append (assoc-ref outputs "bin") "/bin")) + (inc (string-append out "/include/nss")) + (lib (string-append out "/lib/nss")) + (obj (match (scandir "dist" (cut string-suffix? "OBJ" <>)) + ((obj) (string-append "dist/" obj))))) + ;; Install nss-config to $out/bin. + (install-file (string-append obj "/bin/nss-config") + (string-append out "/bin")) + (delete-file (string-append obj "/bin/nss-config")) + ;; Install nss.pc to $out/lib/pkgconfig. + (install-file (string-append obj "/lib/pkgconfig/nss.pc") + (string-append out "/lib/pkgconfig")) + (delete-file (string-append obj "/lib/pkgconfig/nss.pc")) + (rmdir (string-append obj "/lib/pkgconfig")) + ;; Install other files. + (copy-recursively "dist/public/nss" inc) + (copy-recursively (string-append obj "/bin") bin) + (copy-recursively (string-append obj "/lib") lib) + #t)))))))) diff --git a/gnu/packages/patches/nss-3.56-pkgconfig.patch b/gnu/packages/patches/nss-3.56-pkgconfig.patch new file mode 100644 index 0000000000..42fff822bc --- /dev/null +++ b/gnu/packages/patches/nss-3.56-pkgconfig.patch @@ -0,0 +1,228 @@ +Description: Create nss.pc and nss-config +Author: Lars Wendler +Source: http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/dev-libs/nss/files/nss-3.17.1-gentoo-fixups.patch + +Modifications: + Change libdir from ${prefix}/lib64 to ${prefix}/lib/nss. + Remove optional patching in nss/Makefile. + Include -L$libdir in output from "nss-config --libs". + +Later adapted to apply cleanly to nss-3.53. + +--- nss-3.21/nss/config/Makefile ++++ nss-3.21/nss/config/Makefile +@@ -0,0 +1,40 @@ ++CORE_DEPTH = .. ++DEPTH = .. ++ ++include $(CORE_DEPTH)/coreconf/config.mk ++ ++NSS_MAJOR_VERSION = `grep "NSS_VMAJOR" ../lib/nss/nss.h | awk '{print $$3}'` ++NSS_MINOR_VERSION = `grep "NSS_VMINOR" ../lib/nss/nss.h | awk '{print $$3}'` ++NSS_PATCH_VERSION = `grep "NSS_VPATCH" ../lib/nss/nss.h | awk '{print $$3}'` ++PREFIX = /usr ++ ++all: export libs ++ ++export: ++ # Create the nss.pc file ++ mkdir -p $(DIST)/lib/pkgconfig ++ sed -e "s,@prefix@,$(PREFIX)," \ ++ -e "s,@exec_prefix@,\$${prefix}," \ ++ -e "s,@libdir@,\$${prefix}/lib/nss," \ ++ -e "s,@includedir@,\$${prefix}/include/nss," \ ++ -e "s,@NSS_MAJOR_VERSION@,$(NSS_MAJOR_VERSION),g" \ ++ -e "s,@NSS_MINOR_VERSION@,$(NSS_MINOR_VERSION)," \ ++ -e "s,@NSS_PATCH_VERSION@,$(NSS_PATCH_VERSION)," \ ++ nss.pc.in > nss.pc ++ chmod 0644 nss.pc ++ cp nss.pc $(DIST)/lib/pkgconfig ++ ++ # Create the nss-config script ++ mkdir -p $(DIST)/bin ++ sed -e "s,@prefix@,$(PREFIX)," \ ++ -e "s,@NSS_MAJOR_VERSION@,$(NSS_MAJOR_VERSION)," \ ++ -e "s,@NSS_MINOR_VERSION@,$(NSS_MINOR_VERSION)," \ ++ -e "s,@NSS_PATCH_VERSION@,$(NSS_PATCH_VERSION)," \ ++ nss-config.in > nss-config ++ chmod 0755 nss-config ++ cp nss-config $(DIST)/bin ++ ++libs: ++ ++dummy: all export libs ++ +--- nss-3.21/nss/config/nss-config.in ++++ nss-3.21/nss/config/nss-config.in +@@ -0,0 +1,145 @@ ++#!/bin/sh ++ ++prefix=@prefix@ ++ ++major_version=@NSS_MAJOR_VERSION@ ++minor_version=@NSS_MINOR_VERSION@ ++patch_version=@NSS_PATCH_VERSION@ ++ ++usage() ++{ ++ cat <&2 ++fi ++ ++lib_ssl=yes ++lib_smime=yes ++lib_nss=yes ++lib_nssutil=yes ++ ++while test $# -gt 0; do ++ case "$1" in ++ -*=*) optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'` ;; ++ *) optarg= ;; ++ esac ++ ++ case $1 in ++ --prefix=*) ++ prefix=$optarg ++ ;; ++ --prefix) ++ echo_prefix=yes ++ ;; ++ --exec-prefix=*) ++ exec_prefix=$optarg ++ ;; ++ --exec-prefix) ++ echo_exec_prefix=yes ++ ;; ++ --includedir=*) ++ includedir=$optarg ++ ;; ++ --includedir) ++ echo_includedir=yes ++ ;; ++ --libdir=*) ++ libdir=$optarg ++ ;; ++ --libdir) ++ echo_libdir=yes ++ ;; ++ --version) ++ echo ${major_version}.${minor_version}.${patch_version} ++ ;; ++ --cflags) ++ echo_cflags=yes ++ ;; ++ --libs) ++ echo_libs=yes ++ ;; ++ ssl) ++ lib_ssl=yes ++ ;; ++ smime) ++ lib_smime=yes ++ ;; ++ nss) ++ lib_nss=yes ++ ;; ++ nssutil) ++ lib_nssutil=yes ++ ;; ++ *) ++ usage 1 1>&2 ++ ;; ++ esac ++ shift ++done ++ ++# Set variables that may be dependent upon other variables ++if test -z "$exec_prefix"; then ++ exec_prefix=`pkg-config --variable=exec_prefix nss` ++fi ++if test -z "$includedir"; then ++ includedir=`pkg-config --variable=includedir nss` ++fi ++if test -z "$libdir"; then ++ libdir=`pkg-config --variable=libdir nss` ++fi ++ ++if test "$echo_prefix" = "yes"; then ++ echo $prefix ++fi ++ ++if test "$echo_exec_prefix" = "yes"; then ++ echo $exec_prefix ++fi ++ ++if test "$echo_includedir" = "yes"; then ++ echo $includedir ++fi ++ ++if test "$echo_libdir" = "yes"; then ++ echo $libdir ++fi ++ ++if test "$echo_cflags" = "yes"; then ++ echo -I$includedir ++fi ++ ++if test "$echo_libs" = "yes"; then ++ libdirs=-L$libdir ++ if test -n "$lib_ssl"; then ++ libdirs="$libdirs -lssl${major_version}" ++ fi ++ if test -n "$lib_smime"; then ++ libdirs="$libdirs -lsmime${major_version}" ++ fi ++ if test -n "$lib_nss"; then ++ libdirs="$libdirs -lnss${major_version}" ++ fi ++ if test -n "$lib_nssutil"; then ++ libdirs="$libdirs -lnssutil${major_version}" ++ fi ++ echo $libdirs ++fi ++ +--- nss-3.21/nss/config/nss.pc.in ++++ nss-3.21/nss/config/nss.pc.in +@@ -0,0 +1,12 @@ ++prefix=@prefix@ ++exec_prefix=@exec_prefix@ ++libdir=@libdir@ ++includedir=@includedir@ ++ ++Name: NSS ++Description: Network Security Services ++Version: @NSS_MAJOR_VERSION@.@NSS_MINOR_VERSION@.@NSS_PATCH_VERSION@ ++Requires: nspr >= 4.8 ++Libs: -L${libdir} -lssl3 -lsmime3 -lnss3 -lnssutil3 ++Cflags: -I${includedir} ++ +--- nss-3.21/nss/manifest.mn ++++ nss-3.21/nss/manifest.mn +@@ -10,7 +10,7 @@ + + RELEASE = nss + +-DIRS = coreconf lib cmd cpputil gtests ++DIRS = coreconf lib cmd cpputil gtests config + + lib: coreconf + cmd: lib -- 2.28.0