%global nss_softokn_fips_version 3.12.4
Name: nss
-Version: 3.13.6
+BuildRequires: gcc-c++
+BuildRequires: nspr-devel
+BuildRequires: pkg-config
+BuildRequires: zlib-devel
+BuildRequires: pkgconfig(sqlite3)
+Version: 3.15.4
Release: 0
-License: MPL-1.1 or GPL-2.0+ or LGPL-2.1+
Summary: Network Security Services
+License: MPL-1.1 or GPL-2.0+ or LGPL-2.1+
+Group: Security/Crypto Libraries
Url: http://www.mozilla.org/projects/security/pki/nss/
-Group: System/Libraries
# cvs -d :pserver:anonymous@cvs-mirror.mozilla.org:/cvsroot co -r <RTM_TAG> NSS
Source: nss-%{version}.tar.bz2
Source1: nss.pc.in
Source7: cert9.db
Source8: key4.db
Source9: pkcs11.txt
-Patch1: nss-opt.patch
-Patch2: system-nspr.patch
-Patch3: char.patch
-Patch4: nss-no-rpath.patch
-Patch5: renegotiate-transitional.patch
-Patch6: malloc.patch
-BuildRequires: gcc-c++
-BuildRequires: nspr-devel
-BuildRequires: pkg-config
-BuildRequires: sqlite3-devel
-BuildRequires: zlib-devel
-Requires: nss-certs
-BuildRoot: %{_tmppath}/%{name}-%{version}-build
+Source1001: nss.manifest
%define nspr_ver %(rpm -q --queryformat '%{VERSION}' nspr)
Requires(pre): nspr >= %nspr_ver
Requires(pre): libfreebl3 >= %{nss_softokn_fips_version}
Requires(pre): libsoftokn3 >= %{nss_softokn_fips_version}
+Requires: nss-certs
%define nssdbdir %{_sysconfdir}/pki/nssdb
%define run_testsuite 0
TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3
certificates, and other security standards.
+
%package devel
Summary: Network (Netscape) Security Services development files
-Group: Development/Libraries/Other
+Group: Development/Libraries
Requires: libfreebl3
Requires: libsoftokn3
Requires: nspr-devel
-Requires: nss = %{version}
+Requires: nss = %{version}-%{release}
%description devel
Network Security Services (NSS) is a set of libraries designed to
TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3
certificates, and other security standards.
+
%package tools
Summary: Tools for developing, debugging, and managing applications that use NSS
-Group: System/Management
+Group: Security/Crypto Libraries
Requires(pre): nss >= %{version}
%description tools
The NSS Security Tools allow developers to test, debug, and manage
applications that use NSS.
+
%package sysinit
Summary: System NSS Initialization
Group: System/Management
PKCS #11 modules for NSS and chains with other NSS modules to load
any system or user configured modules.
+
%package -n libfreebl3
Summary: Freebl library for the Network Security Services
-Group: System/Libraries
+Group: Security/Crypto Libraries
%description -n libfreebl3
Network Security Services (NSS) is a set of libraries designed to
This package installs the freebl library from NSS.
+
%package -n libsoftokn3
Summary: Network Security Services Softoken Module
-Group: System/Libraries
-Requires: libfreebl3 = %{version}
+Group: Security/Network
+Requires: libfreebl3 = %{version}-%{release}
%description -n libsoftokn3
Network Security Services (NSS) is a set of libraries designed to
Network Security Services Softoken Cryptographic Module
+
%package certs
Summary: CA certificates for NSS
-Group: Productivity/Networking/Security
+Group: Security/Certificate Management
%description certs
This package contains the integrated CA root certificates from the
Mozilla project.
+
%prep
%setup -n nss-%{version} -q
-cd mozilla
-%patch1
-%patch2
-%patch3
-%patch4
-%patch5
-%patch6
+cp %{SOURCE1001} .
%build
-modified="$(sed -n '/^----/n;s/ - .*$//;p;q' "%{_sourcedir}/%{name}.changes")"
-DATE="\"$(date -d "${modified}" "+%%b %%e %%Y")\""
-TIME="\"$(date -d "${modified}" "+%%R")\""
-find . -name '*.[ch]' -print -exec sed -i "s/__DATE__/${DATE}/g;s/__TIME__/${TIME}/g" {} +
+#modified="$(sed -n '/^----/n;s/ - .*$//;p;q' "%{_sourcedir}/%{name}.changes")"
+#DATE="\"$(date -d "${modified}" "+%%b %%e %%Y")\""
+#TIME="\"$(date -d "${modified}" "+%%R")\""
+#find . -name '*.[ch]' -print -exec sed -i "s/__DATE__/${DATE}/g;s/__TIME__/${TIME}/g" {} +
-cd mozilla/security/nss
+cd nss
export FREEBL_NO_DEPEND=1
export NSPR_INCLUDE_DIR=`nspr-config --includedir`
export NSPR_LIB_DIR=`nspr-config --libdir`
-export OPT_FLAGS="%{optflags} -fno-strict-aliasing"
+export OPT_FLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing"
export LIBDIR=%{_libdir}
-%ifarch x86_64 s390x ppc64 ia64
+%ifarch x86_64 aarch64
export USE_64=1
%endif
export NSS_USE_SYSTEM_SQLITE=1
%endif
%install
-mkdir -p %{buildroot}%{_libdir}
-mkdir -p %{buildroot}%{_libexecdir}/nss
-mkdir -p %{buildroot}%{_includedir}/nss3
-mkdir -p %{buildroot}%{_bindir}
-mkdir -p %{buildroot}%{_sbindir}
-mkdir -p %{buildroot}/%{_lib}
-mkdir -p %{buildroot}%{nssdbdir}
-pushd mozilla/dist/Linux*
+mkdir -p $RPM_BUILD_ROOT%{_libdir}
+mkdir -p $RPM_BUILD_ROOT%{_libexecdir}/nss
+mkdir -p $RPM_BUILD_ROOT%{_includedir}/nss3
+mkdir -p $RPM_BUILD_ROOT%{_bindir}
+mkdir -p $RPM_BUILD_ROOT%{_sbindir}
+mkdir -p $RPM_BUILD_ROOT%{nssdbdir}
+pushd dist/Linux*
# copy headers
-cp -rL ../public/nss/*.h %{buildroot}%{_includedir}/nss3
+cp -rL ../public/nss/*.h $RPM_BUILD_ROOT%{_includedir}/nss3
# copy dynamic libs
cp -L lib/libnss3.so \
lib/libnssdbm3.so \
lib/libsoftokn3.so \
lib/libsoftokn3.chk \
lib/libssl3.so \
- %{buildroot}%{_libdir}
+ $RPM_BUILD_ROOT%{_libdir}
cp -L lib/libfreebl3.so \
lib/libfreebl3.chk \
- %{buildroot}/%{_lib}
+ $RPM_BUILD_ROOT/%{_libdir}
# copy static libs
cp -L lib/libcrmf.a \
lib/libnssb.a \
lib/libnssckfw.a \
- %{buildroot}%{_libdir}
+ $RPM_BUILD_ROOT%{_libdir}
# copy tools
cp -L bin/certutil \
bin/cmsutil \
bin/signtool \
bin/signver \
bin/ssltap \
- %{buildroot}%{_bindir}
+ $RPM_BUILD_ROOT%{_bindir}
# copy unsupported tools
cp -L bin/atob \
bin/btoa \
bin/tstclnt \
bin/vfyserv \
bin/vfychain \
- %{buildroot}%{_libexecdir}/nss
+ $RPM_BUILD_ROOT%{_libexecdir}/nss
# prepare pkgconfig file
-mkdir -p %{buildroot}%{_libdir}/pkgconfig/
+mkdir -p $RPM_BUILD_ROOT%{_libdir}/pkgconfig/
sed "s:%%LIBDIR%%:%{_libdir}:g
s:%%VERSION%%:%{version}:g
s:%%NSPR_VERSION%%:%{nspr_ver}:g" \
- %{SOURCE1} > %{buildroot}%{_libdir}/pkgconfig/nss.pc
+ %{SOURCE1} > $RPM_BUILD_ROOT%{_libdir}/pkgconfig/nss.pc
# prepare nss-config file
popd
-NSS_VMAJOR=`cat mozilla/security/nss/lib/nss/nss.h | grep "#define.*NSS_VMAJOR" | awk '{print $3}'`
-NSS_VMINOR=`cat mozilla/security/nss/lib/nss/nss.h | grep "#define.*NSS_VMINOR" | awk '{print $3}'`
-NSS_VPATCH=`cat mozilla/security/nss/lib/nss/nss.h | grep "#define.*NSS_VPATCH" | awk '{print $3}'`
+NSS_VMAJOR=`cat nss/lib/nss/nss.h | grep "#define.*NSS_VMAJOR" | awk '{print $3}'`
+NSS_VMINOR=`cat nss/lib/nss/nss.h | grep "#define.*NSS_VMINOR" | awk '{print $3}'`
+NSS_VPATCH=`cat nss/lib/nss/nss.h | grep "#define.*NSS_VPATCH" | awk '{print $3}'`
cat %{SOURCE3} | sed -e "s,@libdir@,%{_libdir},g" \
-e "s,@prefix@,%{_prefix},g" \
-e "s,@exec_prefix@,%{_prefix},g" \
-e "s,@MOD_MAJOR_VERSION@,$NSS_VMAJOR,g" \
-e "s,@MOD_MINOR_VERSION@,$NSS_VMINOR,g" \
-e "s,@MOD_PATCH_VERSION@,$NSS_VPATCH,g" \
- > %{buildroot}/%{_bindir}/nss-config
-chmod 755 %{buildroot}/%{_bindir}/nss-config
+ > $RPM_BUILD_ROOT/%{_bindir}/nss-config
+chmod 755 $RPM_BUILD_ROOT/%{_bindir}/nss-config
# setup-nsssysinfo.sh
-install -m 744 %{SOURCE6} %{buildroot}%{_sbindir}/
+install -m 744 %{SOURCE6} $RPM_BUILD_ROOT%{_sbindir}/
# create empty NSS database
-#LD_LIBRARY_PATH=%{buildroot}/%{_lib}:%{buildroot}%{_libdir} %{buildroot}%{_bindir}/modutil -force -dbdir "sql:%{buildroot}%{nssdbdir}" -create
-#LD_LIBRARY_PATH=%{buildroot}/%{_lib}:%{buildroot}%{_libdir} %{buildroot}%{_bindir}/certutil -N -d "sql:%{buildroot}%{nssdbdir}" -f /dev/null 2>&1 > /dev/null
-#chmod 644 "%{buildroot}%{nssdbdir}"/*
+#LD_LIBRARY_PATH=$RPM_BUILD_ROOT/%{_lib}:$RPM_BUILD_ROOT%{_libdir} $RPM_BUILD_ROOT%{_bindir}/modutil -force -dbdir "sql:$RPM_BUILD_ROOT%{nssdbdir}" -create
+#LD_LIBRARY_PATH=$RPM_BUILD_ROOT/%{_lib}:$RPM_BUILD_ROOT%{_libdir} $RPM_BUILD_ROOT%{_bindir}/certutil -N -d "sql:$RPM_BUILD_ROOT%{nssdbdir}" -f /dev/null 2>&1 > /dev/null
+#chmod 644 "$RPM_BUILD_ROOT%{nssdbdir}"/*
#sed "s:%{buildroot}::g
#s/^library=$/library=libnsssysinit.so/
#/^NSS/s/\(Flags=internal\)\(,[^m]\)/\1,moduleDBOnly\2/" \
-# %{buildroot}%{nssdbdir}/pkcs11.txt > %{buildroot}%{nssdbdir}/pkcs11.txt.sed
-# mv %{buildroot}%{nssdbdir}/pkcs11.txt{.sed,}
+# $RPM_BUILD_ROOT%{nssdbdir}/pkcs11.txt > $RPM_BUILD_ROOT%{nssdbdir}/pkcs11.txt.sed
+# mv $RPM_BUILD_ROOT%{nssdbdir}/pkcs11.txt{.sed,}
# copy empty NSS database
-install -m 644 %{SOURCE7} %{buildroot}%{nssdbdir}
-install -m 644 %{SOURCE8} %{buildroot}%{nssdbdir}
-install -m 644 %{SOURCE9} %{buildroot}%{nssdbdir}
+install -m 644 %{SOURCE7} $RPM_BUILD_ROOT%{nssdbdir}
+install -m 644 %{SOURCE8} $RPM_BUILD_ROOT%{nssdbdir}
+install -m 644 %{SOURCE9} $RPM_BUILD_ROOT%{nssdbdir}
# create shlib sigs after extracting debuginfo
%define __spec_install_post \
%{?__debug_package:%{__debug_install_post}} \
%{__arch_install_post} \
%{__os_install_post} \
- LD_LIBRARY_PATH=%{buildroot}/%{_lib}:%{buildroot}%{_libdir} %{buildroot}%{_libexecdir}/nss/shlibsign -i %{buildroot}%{_libdir}/libsoftokn3.so \
- LD_LIBRARY_PATH=%{buildroot}/%{_lib}:%{buildroot}%{_libdir} %{buildroot}%{_libexecdir}/nss/shlibsign -i %{buildroot}%{_libdir}/libnssdbm3.so \
- LD_LIBRARY_PATH=%{buildroot}/%{_lib}:%{buildroot}%{_libdir} %{buildroot}%{_libexecdir}/nss/shlibsign -i %{buildroot}/%{_lib}/libfreebl3.so \
+ LD_LIBRARY_PATH=$RPM_BUILD_ROOT/%{_lib}:$RPM_BUILD_ROOT%{_libdir} $RPM_BUILD_ROOT%{_libexecdir}/nss/shlibsign -i $RPM_BUILD_ROOT%{_libdir}/libsoftokn3.so \
+ LD_LIBRARY_PATH=$RPM_BUILD_ROOT/%{_lib}:$RPM_BUILD_ROOT%{_libdir} $RPM_BUILD_ROOT%{_libexecdir}/nss/shlibsign -i $RPM_BUILD_ROOT%{_libdir}/libnssdbm3.so \
+ LD_LIBRARY_PATH=$RPM_BUILD_ROOT/%{_lib}:$RPM_BUILD_ROOT%{_libdir} $RPM_BUILD_ROOT%{_libexecdir}/nss/shlibsign -i $RPM_BUILD_ROOT/%{_libdir}/libfreebl3.so \
%{nil}
%post -p /sbin/ldconfig
%postun sysinit -p /sbin/ldconfig
+%clean
+rm -rf $RPM_BUILD_ROOT
+
%files
+%manifest %{name}.manifest
%defattr(-, root, root)
%{_libdir}/libnss3.so
%{_libdir}/libnssutil3.so
%{_libdir}/libssl3.so
%files devel
+%manifest %{name}.manifest
%defattr(644, root, root, 755)
%{_includedir}/nss3/
%{_libdir}/*.a
%attr(755,root,root) %{_bindir}/nss-config
%files tools
+%manifest %{name}.manifest
%defattr(-, root, root)
%{_bindir}/*
%exclude %{_sbindir}/setup-nsssysinit.sh
%exclude %{_bindir}/nss-config
%files sysinit
+%manifest %{name}.manifest
%defattr(-, root, root)
%dir %{_sysconfdir}/pki
%dir %{_sysconfdir}/pki/nssdb
%{_sbindir}/setup-nsssysinit.sh
%files -n libfreebl3
+%manifest %{name}.manifest
%defattr(-, root, root)
-/%{_lib}/libfreebl3.so
-/%{_lib}/libfreebl3.chk
+%{_libdir}/libfreebl3.so
+%{_libdir}/libfreebl3.chk
%files -n libsoftokn3
+%manifest %{name}.manifest
%defattr(-, root, root)
%{_libdir}/libsoftokn3.so
%{_libdir}/libsoftokn3.chk
%{_libdir}/libnssdbm3.chk
%files certs
+%manifest %{name}.manifest
%defattr(-, root, root)
%{_libdir}/libnssckbi.so