packaging/nss.spec

   1 %global nss_softokn_fips_version 3.12.4
   2
   3 Name:           nss
   4 BuildRequires:  gcc-c++
   5 BuildRequires:  nspr-devel
   6 BuildRequires:  pkg-config
   7 BuildRequires:  zlib-devel
   8 BuildRequires:  pkgconfig(sqlite3)
   9 Version:        3.15.4
  10 Release:        0
  11 Summary:        Network Security Services
  12 License:        MPL-1.1 or GPL-2.0+ or LGPL-2.1+
  13 Group:          Security/Crypto Libraries
  14 Url:            http://www.mozilla.org/projects/security/pki/nss/
  15 # cvs -d :pserver:anonymous@cvs-mirror.mozilla.org:/cvsroot co -r <RTM_TAG> NSS
  16 Source:         nss-%{version}.tar.bz2
  17 Source1:        nss.pc.in
  18 Source3:        nss-config.in
  19 Source4:        %{name}-rpmlintrc
  20 Source5:        baselibs.conf
  21 Source6:        setup-nsssysinit.sh
  22 Source7:        cert9.db
  23 Source8:        key4.db
  24 Source9:        pkcs11.txt
  25 Source1001:     nss.manifest
  26 %define nspr_ver %(rpm -q --queryformat '%{VERSION}' nspr)
  27 Requires(pre):  nspr >= %nspr_ver
  28 Requires(pre):  libfreebl3 >= %{nss_softokn_fips_version}
  29 Requires(pre):  libsoftokn3 >= %{nss_softokn_fips_version}
  30 Requires:       nss-certs
  31 %define nssdbdir %{_sysconfdir}/pki/nssdb
  32 %define run_testsuite 0
  33
  34 %description
  35 Network Security Services (NSS) is a set of libraries designed to
  36 support cross-platform development of security-enabled server
  37 applications. Applications built with NSS can support SSL v2 and v3,
  38 TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3
  39 certificates, and other security standards.
  40
  41
  42 %package devel
  43 Summary:        Network (Netscape) Security Services development files
  44 Group:          Development/Libraries
  45 Requires:       libfreebl3
  46 Requires:       libsoftokn3
  47 Requires:       nspr-devel
  48 Requires:       nss = %{version}-%{release}
  49
  50 %description devel
  51 Network Security Services (NSS) is a set of libraries designed to
  52 support cross-platform development of security-enabled server
  53 applications. Applications built with NSS can support SSL v2 and v3,
  54 TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3
  55 certificates, and other security standards.
  56
  57
  58 %package tools
  59 Summary:        Tools for developing, debugging, and managing applications that use NSS
  60 Group:          Security/Crypto Libraries
  61 Requires(pre):  nss >= %{version}
  62
  63 %description tools
  64 The NSS Security Tools allow developers to test, debug, and manage
  65 applications that use NSS.
  66
  67
  68 %package sysinit
  69 Summary:        System NSS Initialization
  70 Group:          System/Management
  71 Requires:       nss >= %{version}
  72 Requires(post): coreutils
  73
  74 %description sysinit
  75 Default Operation System module that manages applications loading
  76 NSS globally on the system. This module loads the system defined
  77 PKCS #11 modules for NSS and chains with other NSS modules to load
  78 any system or user configured modules.
  79
  80
  81 %package -n libfreebl3
  82 Summary:        Freebl library for the Network Security Services
  83 Group:          Security/Crypto Libraries
  84
  85 %description -n libfreebl3
  86 Network Security Services (NSS) is a set of libraries designed to
  87 support cross-platform development of security-enabled server
  88 applications. Applications built with NSS can support SSL v2 and v3,
  89 TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3
  90 certificates, and other security standards.
  91
  92 This package installs the freebl library from NSS.
  93
  94
  95 %package -n libsoftokn3
  96 Summary:        Network Security Services Softoken Module
  97 Group:          Security/Network
  98 Requires:       libfreebl3 = %{version}-%{release}
  99
 100 %description -n libsoftokn3
 101 Network Security Services (NSS) is a set of libraries designed to
 102 support cross-platform development of security-enabled server
 103 applications. Applications built with NSS can support SSL v2 and v3,
 104 TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3
 105 certificates, and other security standards.
 106
 107 Network Security Services Softoken Cryptographic Module
 108
 109
 110 %package certs
 111 Summary:        CA certificates for NSS
 112 Group:          Security/Certificate Management
 113
 114 %description certs
 115 This package contains the integrated CA root certificates from the
 116 Mozilla project.
 117
 118
 119 %prep
 120 %setup -n nss-%{version} -q
 121 cp %{SOURCE1001} .
 122
 123 %build
 124 #modified="$(sed -n '/^----/n;s/ - .*$//;p;q' "%{_sourcedir}/%{name}.changes")"
 125 #DATE="\"$(date -d "${modified}" "+%%b %%e %%Y")\""
 126 #TIME="\"$(date -d "${modified}" "+%%R")\""
 127 #find . -name '*.[ch]' -print -exec sed -i "s/__DATE__/${DATE}/g;s/__TIME__/${TIME}/g" {} +
 128
 129 cd nss
 130 export FREEBL_NO_DEPEND=1
 131 export NSPR_INCLUDE_DIR=`nspr-config --includedir`
 132 export NSPR_LIB_DIR=`nspr-config --libdir`
 133 export OPT_FLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing"
 134 export LIBDIR=%{_libdir}
 135 %ifarch x86_64
 136 export USE_64=1
 137 %endif
 138 export NSS_USE_SYSTEM_SQLITE=1
 139 MAKE_FLAGS="BUILD_OPT=1 NSS_ENABLE_ECC=1"
 140 make nss_build_all $MAKE_FLAGS
 141 # run testsuite
 142 %if 0%{?run_testsuite}
 143 export BUILD_OPT=1
 144 export HOST="localhost"
 145 export DOMSUF=" "
 146 export USE_IP=TRUE
 147 export IP_ADDRESS="127.0.0.1"
 148 cd tests
 149 ./all.sh
 150 if grep "FAILED" ../../../tests_results/security/localhost.1/output.log ; then
 151   echo "Testsuite FAILED"
 152   exit 1
 153 fi
 154 %endif
 155
 156 %install
 157 mkdir -p $RPM_BUILD_ROOT%{_libdir}
 158 mkdir -p $RPM_BUILD_ROOT%{_libexecdir}/nss
 159 mkdir -p $RPM_BUILD_ROOT%{_includedir}/nss3
 160 mkdir -p $RPM_BUILD_ROOT%{_bindir}
 161 mkdir -p $RPM_BUILD_ROOT%{_sbindir}
 162 mkdir -p $RPM_BUILD_ROOT%{nssdbdir}
 163 pushd dist/Linux*
 164 # copy headers
 165 cp -rL ../public/nss/*.h $RPM_BUILD_ROOT%{_includedir}/nss3
 166 # copy dynamic libs
 167 cp -L  lib/libnss3.so \
 168        lib/libnssdbm3.so \
 169        lib/libnssdbm3.chk \
 170        lib/libnssutil3.so \
 171        lib/libnssckbi.so \
 172        lib/libnsssysinit.so \
 173        lib/libsmime3.so \
 174        lib/libsoftokn3.so \
 175        lib/libsoftokn3.chk \
 176        lib/libssl3.so \
 177        $RPM_BUILD_ROOT%{_libdir}
 178 cp -L  lib/libfreebl3.so \
 179        lib/libfreebl3.chk \
 180        $RPM_BUILD_ROOT/%{_libdir}
 181 # copy static libs
 182 cp -L  lib/libcrmf.a \
 183        lib/libnssb.a \
 184        lib/libnssckfw.a \
 185        $RPM_BUILD_ROOT%{_libdir}
 186 # copy tools
 187 cp -L  bin/certutil \
 188        bin/cmsutil \
 189        bin/crlutil \
 190        bin/modutil \
 191        bin/pk12util \
 192        bin/signtool \
 193        bin/signver \
 194        bin/ssltap \
 195        $RPM_BUILD_ROOT%{_bindir}
 196 # copy unsupported tools
 197 cp -L  bin/atob \
 198        bin/btoa \
 199        bin/derdump \
 200        bin/ocspclnt \
 201        bin/pp \
 202        bin/selfserv \
 203        bin/shlibsign \
 204        bin/strsclnt \
 205        bin/symkeyutil \
 206        bin/tstclnt \
 207        bin/vfyserv \
 208        bin/vfychain \
 209        $RPM_BUILD_ROOT%{_libexecdir}/nss
 210 # prepare pkgconfig file
 211 mkdir -p $RPM_BUILD_ROOT%{_libdir}/pkgconfig/
 212 sed "s:%%LIBDIR%%:%{_libdir}:g
 213 s:%%VERSION%%:%{version}:g
 214 s:%%NSPR_VERSION%%:%{nspr_ver}:g" \
 215   %{SOURCE1} > $RPM_BUILD_ROOT%{_libdir}/pkgconfig/nss.pc
 216 # prepare nss-config file
 217 popd
 218 NSS_VMAJOR=`cat nss/lib/nss/nss.h | grep "#define.*NSS_VMAJOR" | awk '{print $3}'`
 219 NSS_VMINOR=`cat nss/lib/nss/nss.h | grep "#define.*NSS_VMINOR" | awk '{print $3}'`
 220 NSS_VPATCH=`cat nss/lib/nss/nss.h | grep "#define.*NSS_VPATCH" | awk '{print $3}'`
 221 cat %{SOURCE3} | sed -e "s,@libdir@,%{_libdir},g" \
 222                      -e "s,@prefix@,%{_prefix},g" \
 223                      -e "s,@exec_prefix@,%{_prefix},g" \
 224                      -e "s,@includedir@,%{_includedir}/nss3,g" \
 225                      -e "s,@MOD_MAJOR_VERSION@,$NSS_VMAJOR,g" \
 226                      -e "s,@MOD_MINOR_VERSION@,$NSS_VMINOR,g" \
 227                      -e "s,@MOD_PATCH_VERSION@,$NSS_VPATCH,g" \
 228                      > $RPM_BUILD_ROOT/%{_bindir}/nss-config
 229 chmod 755 $RPM_BUILD_ROOT/%{_bindir}/nss-config
 230 # setup-nsssysinfo.sh
 231 install -m 744 %{SOURCE6} $RPM_BUILD_ROOT%{_sbindir}/
 232 # create empty NSS database
 233 #LD_LIBRARY_PATH=$RPM_BUILD_ROOT/%{_lib}:$RPM_BUILD_ROOT%{_libdir} $RPM_BUILD_ROOT%{_bindir}/modutil -force -dbdir "sql:$RPM_BUILD_ROOT%{nssdbdir}" -create
 234 #LD_LIBRARY_PATH=$RPM_BUILD_ROOT/%{_lib}:$RPM_BUILD_ROOT%{_libdir} $RPM_BUILD_ROOT%{_bindir}/certutil -N -d "sql:$RPM_BUILD_ROOT%{nssdbdir}" -f /dev/null 2>&1 > /dev/null
 235 #chmod 644 "$RPM_BUILD_ROOT%{nssdbdir}"/*
 236 #sed "s:%{buildroot}::g
 237 #s/^library=$/library=libnsssysinit.so/
 238 #/^NSS/s/\(Flags=internal\)\(,[^m]\)/\1,moduleDBOnly\2/" \
 239 #  $RPM_BUILD_ROOT%{nssdbdir}/pkcs11.txt > $RPM_BUILD_ROOT%{nssdbdir}/pkcs11.txt.sed
 240 #  mv $RPM_BUILD_ROOT%{nssdbdir}/pkcs11.txt{.sed,}
 241 # copy empty NSS database
 242 install -m 644 %{SOURCE7} $RPM_BUILD_ROOT%{nssdbdir}
 243 install -m 644 %{SOURCE8} $RPM_BUILD_ROOT%{nssdbdir}
 244 install -m 644 %{SOURCE9} $RPM_BUILD_ROOT%{nssdbdir}
 245 # create shlib sigs after extracting debuginfo
 246 %define __spec_install_post \
 247   %{?__debug_package:%{__debug_install_post}} \
 248   %{__arch_install_post} \
 249   %{__os_install_post} \
 250   LD_LIBRARY_PATH=$RPM_BUILD_ROOT/%{_lib}:$RPM_BUILD_ROOT%{_libdir} $RPM_BUILD_ROOT%{_libexecdir}/nss/shlibsign -i $RPM_BUILD_ROOT%{_libdir}/libsoftokn3.so \
 251   LD_LIBRARY_PATH=$RPM_BUILD_ROOT/%{_lib}:$RPM_BUILD_ROOT%{_libdir} $RPM_BUILD_ROOT%{_libexecdir}/nss/shlibsign -i $RPM_BUILD_ROOT%{_libdir}/libnssdbm3.so \
 252   LD_LIBRARY_PATH=$RPM_BUILD_ROOT/%{_lib}:$RPM_BUILD_ROOT%{_libdir} $RPM_BUILD_ROOT%{_libexecdir}/nss/shlibsign -i $RPM_BUILD_ROOT/%{_libdir}/libfreebl3.so \
 253 %{nil}
 254
 255 %post -p /sbin/ldconfig
 256
 257 %postun -p /sbin/ldconfig
 258
 259 %post -n libfreebl3 -p /sbin/ldconfig
 260
 261 %postun -n libfreebl3 -p /sbin/ldconfig
 262
 263 %post -n libsoftokn3 -p /sbin/ldconfig
 264
 265 %postun -n libsoftokn3 -p /sbin/ldconfig
 266
 267 %post sysinit
 268 /sbin/ldconfig
 269 # make sure the current config is enabled
 270 %{_sbindir}/setup-nsssysinit.sh on
 271
 272 %preun sysinit
 273 if [ $1 = 0 ]; then
 274   %{_sbindir}/setup-nsssysinit.sh off
 275 fi
 276
 277 %postun sysinit -p /sbin/ldconfig
 278
 279 %clean
 280 rm -rf $RPM_BUILD_ROOT
 281
 282 %files
 283 %manifest %{name}.manifest
 284 %defattr(-, root, root)
 285 %{_libdir}/libnss3.so
 286 %{_libdir}/libnssutil3.so
 287 %{_libdir}/libsmime3.so
 288 %{_libdir}/libssl3.so
 289
 290 %files devel
 291 %manifest %{name}.manifest
 292 %defattr(644, root, root, 755)
 293 %{_includedir}/nss3/
 294 %{_libdir}/*.a
 295 %{_libdir}/pkgconfig/*
 296 %attr(755,root,root) %{_bindir}/nss-config
 297
 298 %files tools
 299 %manifest %{name}.manifest
 300 %defattr(-, root, root)
 301 %{_bindir}/*
 302 %exclude %{_sbindir}/setup-nsssysinit.sh
 303 %{_libexecdir}/nss/
 304 %exclude %{_bindir}/nss-config
 305
 306 %files sysinit
 307 %manifest %{name}.manifest
 308 %defattr(-, root, root)
 309 %dir %{_sysconfdir}/pki
 310 %dir %{_sysconfdir}/pki/nssdb
 311 %config(noreplace) %{_sysconfdir}/pki/nssdb/*
 312 %{_libdir}/libnsssysinit.so
 313 %{_sbindir}/setup-nsssysinit.sh
 314
 315 %files -n libfreebl3
 316 %manifest %{name}.manifest
 317 %defattr(-, root, root)
 318 %{_libdir}/libfreebl3.so
 319 %{_libdir}/libfreebl3.chk
 320
 321 %files -n libsoftokn3
 322 %manifest %{name}.manifest
 323 %defattr(-, root, root)
 324 %{_libdir}/libsoftokn3.so
 325 %{_libdir}/libsoftokn3.chk
 326 %{_libdir}/libnssdbm3.so
 327 %{_libdir}/libnssdbm3.chk
 328
 329 %files certs
 330 %manifest %{name}.manifest
 331 %defattr(-, root, root)
 332 %{_libdir}/libnssckbi.so
 333
 334 %changelog