From: Anas Nashif Date: Mon, 5 Nov 2012 21:25:06 +0000 (-0800) Subject: add packaging X-Git-Tag: accepted/tizen/base/20151223.052345~30 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=fe660b59be2a9ac40527bf904fdcd2511802d30d;p=platform%2Fupstream%2Fnss.git add packaging Change-Id: Ie1bd55e7a7f46febd91c2f69e6371e7666c0ae4e --- diff --git a/packaging/cert9.db b/packaging/cert9.db new file mode 100644 index 0000000..1763264 Binary files /dev/null and b/packaging/cert9.db differ diff --git a/packaging/key4.db b/packaging/key4.db new file mode 100644 index 0000000..987ffe0 Binary files /dev/null and b/packaging/key4.db differ diff --git a/packaging/nss-config.in b/packaging/nss-config.in new file mode 100644 index 0000000..78df755 --- /dev/null +++ b/packaging/nss-config.in @@ -0,0 +1,143 @@ +#!/bin/sh + +prefix=@prefix@ + +major_version=@MOD_MAJOR_VERSION@ +minor_version=@MOD_MINOR_VERSION@ +patch_version=@MOD_PATCH_VERSION@ + +usage() +{ + cat <&2 +fi + +lib_ssl=yes +lib_smime=yes +lib_nss=yes +lib_nssutil=yes + +while test $# -gt 0; do + case "$1" in + -*=*) optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'` ;; + *) optarg= ;; + esac + + case $1 in + --prefix=*) + prefix=$optarg + ;; + --prefix) + echo_prefix=yes + ;; + --exec-prefix=*) + exec_prefix=$optarg + ;; + --exec-prefix) + echo_exec_prefix=yes + ;; + --includedir=*) + includedir=$optarg + ;; + --includedir) + echo_includedir=yes + ;; + --libdir=*) + libdir=$optarg + ;; + --libdir) + echo_libdir=yes + ;; + --version) + echo ${major_version}.${minor_version}.${patch_version} + ;; + --cflags) + echo_cflags=yes + ;; + --libs) + echo_libs=yes + ;; + ssl) + lib_ssl=yes + ;; + smime) + lib_smime=yes + ;; + nss) + lib_nss=yes + ;; + nssutil) + lib_nssutil=yes + ;; + *) + usage 1 1>&2 + ;; + esac + shift +done + +# Set variables that may be dependent upon other variables +if test -z "$exec_prefix"; then + exec_prefix=@exec_prefix@ +fi +if test -z "$includedir"; then + includedir=@includedir@ +fi +if test -z "$libdir"; then + libdir=@libdir@ +fi + +if test "$echo_prefix" = "yes"; then + echo $prefix +fi + +if test "$echo_exec_prefix" = "yes"; then + echo $exec_prefix +fi + +if test "$echo_includedir" = "yes"; then + echo $includedir +fi + +if test "$echo_libdir" = "yes"; then + echo $libdir +fi + +if test "$echo_cflags" = "yes"; then + echo -I$includedir +fi + +if test "$echo_libs" = "yes"; then + libdirs="-Wl,-rpath-link,$libdir -L$libdir" + if test -n "$lib_ssl"; then + libdirs="$libdirs -lssl${major_version}" + fi + if test -n "$lib_smime"; then + libdirs="$libdirs -lsmime${major_version}" + fi + if test -n "$lib_nss"; then + libdirs="$libdirs -lnss${major_version}" + fi + if test -n "$lib_nssutil"; then + libdirs="$libdirs -lnssutil${major_version}" + fi + echo $libdirs +fi diff --git a/packaging/nss-rpmlintrc b/packaging/nss-rpmlintrc new file mode 100644 index 0000000..213f56b --- /dev/null +++ b/packaging/nss-rpmlintrc @@ -0,0 +1,5 @@ +addFilter("shlib-policy-name-error") +addFilter("shlib-policy-missing-lib") +addFilter("shlib-policy-missing-suffix") +addFilter("shlib-unversioned-lib") +addFilter("shlib-fixed-dependency") diff --git a/packaging/nss.pc.in b/packaging/nss.pc.in new file mode 100644 index 0000000..3fac988 --- /dev/null +++ b/packaging/nss.pc.in @@ -0,0 +1,11 @@ +prefix=/usr +exec_prefix=${prefix} +libdir=%LIBDIR% +includedir=${prefix}/include/nss3 + +Name: NSS +Description: Network Security Services +Version: %VERSION% +Requires: nspr >= %NSPR_VERSION% +Libs: -lssl3 -lsmime3 -lnss3 -lnssutil3 +Cflags: -I${includedir} diff --git a/packaging/nss.spec b/packaging/nss.spec index ed190e2..f569892 100644 --- a/packaging/nss.spec +++ b/packaging/nss.spec @@ -1,12 +1,17 @@ %global nss_softokn_fips_version 3.12.4 Name: nss +BuildRequires: gcc-c++ +BuildRequires: nspr-devel +BuildRequires: pkg-config +BuildRequires: sqlite3-devel +BuildRequires: zlib-devel Version: 3.13.6 Release: 0 -License: MPL-1.1 or GPL-2.0+ or LGPL-2.1+ Summary: Network Security Services -Url: http://www.mozilla.org/projects/security/pki/nss/ +License: MPL-1.1 or GPL-2.0+ or LGPL-2.1+ Group: System/Libraries +Url: http://www.mozilla.org/projects/security/pki/nss/ # cvs -d :pserver:anonymous@cvs-mirror.mozilla.org:/cvsroot co -r NSS Source: nss-%{version}.tar.bz2 Source1: nss.pc.in @@ -23,17 +28,12 @@ Patch3: char.patch Patch4: nss-no-rpath.patch Patch5: renegotiate-transitional.patch Patch6: malloc.patch -BuildRequires: gcc-c++ -BuildRequires: nspr-devel -BuildRequires: pkg-config -BuildRequires: sqlite3-devel -BuildRequires: zlib-devel -Requires: nss-certs -BuildRoot: %{_tmppath}/%{name}-%{version}-build %define nspr_ver %(rpm -q --queryformat '%{VERSION}' nspr) Requires(pre): nspr >= %nspr_ver Requires(pre): libfreebl3 >= %{nss_softokn_fips_version} Requires(pre): libsoftokn3 >= %{nss_softokn_fips_version} +Requires: nss-certs +BuildRoot: %{_tmppath}/%{name}-%{version}-build %define nssdbdir %{_sysconfdir}/pki/nssdb %define run_testsuite 0 @@ -44,13 +44,14 @@ applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards. + %package devel Summary: Network (Netscape) Security Services development files Group: Development/Libraries/Other Requires: libfreebl3 Requires: libsoftokn3 Requires: nspr-devel -Requires: nss = %{version} +Requires: nss = %{version}-%{release} %description devel Network Security Services (NSS) is a set of libraries designed to @@ -59,6 +60,7 @@ applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards. + %package tools Summary: Tools for developing, debugging, and managing applications that use NSS Group: System/Management @@ -68,6 +70,7 @@ Requires(pre): nss >= %{version} The NSS Security Tools allow developers to test, debug, and manage applications that use NSS. + %package sysinit Summary: System NSS Initialization Group: System/Management @@ -80,6 +83,7 @@ NSS globally on the system. This module loads the system defined PKCS #11 modules for NSS and chains with other NSS modules to load any system or user configured modules. + %package -n libfreebl3 Summary: Freebl library for the Network Security Services Group: System/Libraries @@ -93,10 +97,11 @@ certificates, and other security standards. This package installs the freebl library from NSS. + %package -n libsoftokn3 Summary: Network Security Services Softoken Module Group: System/Libraries -Requires: libfreebl3 = %{version} +Requires: libfreebl3 = %{version}-%{release} %description -n libsoftokn3 Network Security Services (NSS) is a set of libraries designed to @@ -107,6 +112,7 @@ certificates, and other security standards. Network Security Services Softoken Cryptographic Module + %package certs Summary: CA certificates for NSS Group: Productivity/Networking/Security @@ -115,6 +121,7 @@ Group: Productivity/Networking/Security This package contains the integrated CA root certificates from the Mozilla project. + %prep %setup -n nss-%{version} -q cd mozilla @@ -135,7 +142,7 @@ cd mozilla/security/nss export FREEBL_NO_DEPEND=1 export NSPR_INCLUDE_DIR=`nspr-config --includedir` export NSPR_LIB_DIR=`nspr-config --libdir` -export OPT_FLAGS="%{optflags} -fno-strict-aliasing" +export OPT_FLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing" export LIBDIR=%{_libdir} %ifarch x86_64 s390x ppc64 ia64 export USE_64=1 @@ -159,16 +166,16 @@ fi %endif %install -mkdir -p %{buildroot}%{_libdir} -mkdir -p %{buildroot}%{_libexecdir}/nss -mkdir -p %{buildroot}%{_includedir}/nss3 -mkdir -p %{buildroot}%{_bindir} -mkdir -p %{buildroot}%{_sbindir} -mkdir -p %{buildroot}/%{_lib} -mkdir -p %{buildroot}%{nssdbdir} +mkdir -p $RPM_BUILD_ROOT%{_libdir} +mkdir -p $RPM_BUILD_ROOT%{_libexecdir}/nss +mkdir -p $RPM_BUILD_ROOT%{_includedir}/nss3 +mkdir -p $RPM_BUILD_ROOT%{_bindir} +mkdir -p $RPM_BUILD_ROOT%{_sbindir} +mkdir -p $RPM_BUILD_ROOT/%{_lib} +mkdir -p $RPM_BUILD_ROOT%{nssdbdir} pushd mozilla/dist/Linux* # copy headers -cp -rL ../public/nss/*.h %{buildroot}%{_includedir}/nss3 +cp -rL ../public/nss/*.h $RPM_BUILD_ROOT%{_includedir}/nss3 # copy dynamic libs cp -L lib/libnss3.so \ lib/libnssdbm3.so \ @@ -180,15 +187,15 @@ cp -L lib/libnss3.so \ lib/libsoftokn3.so \ lib/libsoftokn3.chk \ lib/libssl3.so \ - %{buildroot}%{_libdir} + $RPM_BUILD_ROOT%{_libdir} cp -L lib/libfreebl3.so \ lib/libfreebl3.chk \ - %{buildroot}/%{_lib} + $RPM_BUILD_ROOT/%{_lib} # copy static libs cp -L lib/libcrmf.a \ lib/libnssb.a \ lib/libnssckfw.a \ - %{buildroot}%{_libdir} + $RPM_BUILD_ROOT%{_libdir} # copy tools cp -L bin/certutil \ bin/cmsutil \ @@ -198,7 +205,7 @@ cp -L bin/certutil \ bin/signtool \ bin/signver \ bin/ssltap \ - %{buildroot}%{_bindir} + $RPM_BUILD_ROOT%{_bindir} # copy unsupported tools cp -L bin/atob \ bin/btoa \ @@ -212,13 +219,13 @@ cp -L bin/atob \ bin/tstclnt \ bin/vfyserv \ bin/vfychain \ - %{buildroot}%{_libexecdir}/nss + $RPM_BUILD_ROOT%{_libexecdir}/nss # prepare pkgconfig file -mkdir -p %{buildroot}%{_libdir}/pkgconfig/ +mkdir -p $RPM_BUILD_ROOT%{_libdir}/pkgconfig/ sed "s:%%LIBDIR%%:%{_libdir}:g s:%%VERSION%%:%{version}:g s:%%NSPR_VERSION%%:%{nspr_ver}:g" \ - %{SOURCE1} > %{buildroot}%{_libdir}/pkgconfig/nss.pc + %{SOURCE1} > $RPM_BUILD_ROOT%{_libdir}/pkgconfig/nss.pc # prepare nss-config file popd NSS_VMAJOR=`cat mozilla/security/nss/lib/nss/nss.h | grep "#define.*NSS_VMAJOR" | awk '{print $3}'` @@ -231,31 +238,31 @@ cat %{SOURCE3} | sed -e "s,@libdir@,%{_libdir},g" \ -e "s,@MOD_MAJOR_VERSION@,$NSS_VMAJOR,g" \ -e "s,@MOD_MINOR_VERSION@,$NSS_VMINOR,g" \ -e "s,@MOD_PATCH_VERSION@,$NSS_VPATCH,g" \ - > %{buildroot}/%{_bindir}/nss-config -chmod 755 %{buildroot}/%{_bindir}/nss-config + > $RPM_BUILD_ROOT/%{_bindir}/nss-config +chmod 755 $RPM_BUILD_ROOT/%{_bindir}/nss-config # setup-nsssysinfo.sh -install -m 744 %{SOURCE6} %{buildroot}%{_sbindir}/ +install -m 744 %{SOURCE6} $RPM_BUILD_ROOT%{_sbindir}/ # create empty NSS database -#LD_LIBRARY_PATH=%{buildroot}/%{_lib}:%{buildroot}%{_libdir} %{buildroot}%{_bindir}/modutil -force -dbdir "sql:%{buildroot}%{nssdbdir}" -create -#LD_LIBRARY_PATH=%{buildroot}/%{_lib}:%{buildroot}%{_libdir} %{buildroot}%{_bindir}/certutil -N -d "sql:%{buildroot}%{nssdbdir}" -f /dev/null 2>&1 > /dev/null -#chmod 644 "%{buildroot}%{nssdbdir}"/* +#LD_LIBRARY_PATH=$RPM_BUILD_ROOT/%{_lib}:$RPM_BUILD_ROOT%{_libdir} $RPM_BUILD_ROOT%{_bindir}/modutil -force -dbdir "sql:$RPM_BUILD_ROOT%{nssdbdir}" -create +#LD_LIBRARY_PATH=$RPM_BUILD_ROOT/%{_lib}:$RPM_BUILD_ROOT%{_libdir} $RPM_BUILD_ROOT%{_bindir}/certutil -N -d "sql:$RPM_BUILD_ROOT%{nssdbdir}" -f /dev/null 2>&1 > /dev/null +#chmod 644 "$RPM_BUILD_ROOT%{nssdbdir}"/* #sed "s:%{buildroot}::g #s/^library=$/library=libnsssysinit.so/ #/^NSS/s/\(Flags=internal\)\(,[^m]\)/\1,moduleDBOnly\2/" \ -# %{buildroot}%{nssdbdir}/pkcs11.txt > %{buildroot}%{nssdbdir}/pkcs11.txt.sed -# mv %{buildroot}%{nssdbdir}/pkcs11.txt{.sed,} +# $RPM_BUILD_ROOT%{nssdbdir}/pkcs11.txt > $RPM_BUILD_ROOT%{nssdbdir}/pkcs11.txt.sed +# mv $RPM_BUILD_ROOT%{nssdbdir}/pkcs11.txt{.sed,} # copy empty NSS database -install -m 644 %{SOURCE7} %{buildroot}%{nssdbdir} -install -m 644 %{SOURCE8} %{buildroot}%{nssdbdir} -install -m 644 %{SOURCE9} %{buildroot}%{nssdbdir} +install -m 644 %{SOURCE7} $RPM_BUILD_ROOT%{nssdbdir} +install -m 644 %{SOURCE8} $RPM_BUILD_ROOT%{nssdbdir} +install -m 644 %{SOURCE9} $RPM_BUILD_ROOT%{nssdbdir} # create shlib sigs after extracting debuginfo %define __spec_install_post \ %{?__debug_package:%{__debug_install_post}} \ %{__arch_install_post} \ %{__os_install_post} \ - LD_LIBRARY_PATH=%{buildroot}/%{_lib}:%{buildroot}%{_libdir} %{buildroot}%{_libexecdir}/nss/shlibsign -i %{buildroot}%{_libdir}/libsoftokn3.so \ - LD_LIBRARY_PATH=%{buildroot}/%{_lib}:%{buildroot}%{_libdir} %{buildroot}%{_libexecdir}/nss/shlibsign -i %{buildroot}%{_libdir}/libnssdbm3.so \ - LD_LIBRARY_PATH=%{buildroot}/%{_lib}:%{buildroot}%{_libdir} %{buildroot}%{_libexecdir}/nss/shlibsign -i %{buildroot}/%{_lib}/libfreebl3.so \ + LD_LIBRARY_PATH=$RPM_BUILD_ROOT/%{_lib}:$RPM_BUILD_ROOT%{_libdir} $RPM_BUILD_ROOT%{_libexecdir}/nss/shlibsign -i $RPM_BUILD_ROOT%{_libdir}/libsoftokn3.so \ + LD_LIBRARY_PATH=$RPM_BUILD_ROOT/%{_lib}:$RPM_BUILD_ROOT%{_libdir} $RPM_BUILD_ROOT%{_libexecdir}/nss/shlibsign -i $RPM_BUILD_ROOT%{_libdir}/libnssdbm3.so \ + LD_LIBRARY_PATH=$RPM_BUILD_ROOT/%{_lib}:$RPM_BUILD_ROOT%{_libdir} $RPM_BUILD_ROOT%{_libexecdir}/nss/shlibsign -i $RPM_BUILD_ROOT/%{_lib}/libfreebl3.so \ %{nil} %post -p /sbin/ldconfig @@ -282,6 +289,9 @@ fi %postun sysinit -p /sbin/ldconfig +%clean +rm -rf $RPM_BUILD_ROOT + %files %defattr(-, root, root) %{_libdir}/libnss3.so diff --git a/packaging/pkcs11.txt b/packaging/pkcs11.txt new file mode 100644 index 0000000..8581180 --- /dev/null +++ b/packaging/pkcs11.txt @@ -0,0 +1,4 @@ +library=libnsssysinit.so +name=NSS Internal PKCS #11 Module +parameters=configdir='sql:/etc/pki/nssdb' certPrefix='' keyPrefix='' secmod='secmod.db' flags= updatedir='' updateCertPrefix='' updateKeyPrefix='' updateid='' updateTokenDescription='' +NSS=Flags=internal,moduleDBOnly,critical trustOrder=75 cipherOrder=100 slotParams=(1={slotFlags=[RSA,DSA,DH,RC2,RC4,DES,RANDOM,SHA1,MD5,MD2,SSL,TLS,AES,Camellia,SEED,SHA256,SHA512] askpw=any timeout=30}) diff --git a/packaging/setup-nsssysinit.sh b/packaging/setup-nsssysinit.sh new file mode 100644 index 0000000..71cb631 --- /dev/null +++ b/packaging/setup-nsssysinit.sh @@ -0,0 +1,55 @@ +#!/bin/sh +# +# Turns on or off the nss-sysinit module db by editing the +# global PKCS #11 congiguration file. +# +# This script can be invoked by the user as super user. +# It is invoked at nss-sysinit post install time with argument on +# and at nss-sysinit pre uninstall with argument off. +# +usage() +{ + cat <&2 +fi + +# the system-wide configuration file +p11conf="/etc/pki/nssdb/pkcs11.txt" +# must exist, otherwise report it and exit with failure +if [ ! -f $p11conf ]; then + echo "Could not find ${p11conf}" + exit 1 +fi + +on="1" +case "$1" in + on | ON ) + cat ${p11conf} | \ + sed -e 's/^library=$/library=libnsssysinit.so/' \ + -e '/^NSS/s/\(Flags=internal\)\(,[^m]\)/\1,moduleDBOnly\2/' > \ + ${p11conf}.on + mv ${p11conf}.on ${p11conf} + ;; + off | OFF ) + if [ ! `grep "^library=libnsssysinit" ${p11conf}` ]; then + exit 0 + fi + cat ${p11conf} | \ + sed -e 's/^library=libnsssysinit.so/library=/' \ + -e '/^NSS/s/Flags=internal,moduleDBOnly/Flags=internal/' > \ + ${p11conf}.off + mv ${p11conf}.off ${p11conf} + ;; + * ) + usage 1 1>&2 + ;; +esac