]>
Commit | Line | Data |
---|---|---|
1 | # Conditional build: | |
2 | %bcond_with tests # enable tests | |
3 | ||
4 | %define nspr_ver 1:4.28 | |
5 | %define foover %(echo %{version} | tr . _) | |
6 | Summary: NSS - Network Security Services | |
7 | Summary(pl.UTF-8): NSS - Network Security Services | |
8 | Name: nss | |
9 | Version: 3.56 | |
10 | Release: 1 | |
11 | Epoch: 1 | |
12 | License: MPL v2.0 | |
13 | Group: Libraries | |
14 | Source0: http://ftp.mozilla.org/pub/security/nss/releases/NSS_%{foover}_RTM/src/%{name}-%{version}.tar.gz | |
15 | # Source0-md5: ec4c24003069d28d5f9cc5c78a30cc5e | |
16 | Source1: %{name}-mozilla-nss.pc | |
17 | Source2: %{name}-config.in | |
18 | Source3: http://www.cacert.org/certs/root.der | |
19 | # Source3-md5: a61b375e390d9c3654eebd2031461f6b | |
20 | Source4: nss-softokn.pc.in | |
21 | # Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1083900 | |
22 | URL: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS | |
23 | BuildRequires: nspr-devel >= %{nspr_ver} | |
24 | BuildRequires: nss-tools | |
25 | BuildRequires: perl-base | |
26 | BuildRequires: sqlite3-devel | |
27 | BuildRequires: zlib-devel | |
28 | BuildConflicts: mozilla < 0.9.6-3 | |
29 | Requires: %{name}-softokn-freebl = %{epoch}:%{version}-%{release} | |
30 | Requires: nspr >= %{nspr_ver} | |
31 | Obsoletes: libnss3 | |
32 | # needs http2 code update: https://bugzilla.mozilla.org/show_bug.cgi?id=1323209 | |
33 | Conflicts: firefox < 50.1.0-2 | |
34 | Conflicts: iceape < 2.46-1 | |
35 | Conflicts: iceweasel < 51 | |
36 | Conflicts: mozilla-firefox < 51 | |
37 | Conflicts: seamonkey < 2.47 | |
38 | BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) | |
39 | ||
40 | %define specflags -fno-strict-aliasing | |
41 | # signed - stripped before signing | |
42 | %define _noautostrip .*%{_libdir}/libfreebl3.so\\|.*%{_libdir}/libsoftokn3.so | |
43 | %define _noautochrpath .*%{_libdir}/libfreebl3.so\\|.*%{_libdir}/libsoftokn3.so | |
44 | ||
45 | %description | |
46 | NSS supports cross-platform development of security-enabled server | |
47 | applications. Applications built with NSS can support PKCS #5, | |
48 | PKCS #7, PKCS #11, PKCS #12, S/MIME, TLS, SSL v2 and v3, X.509 v3 | |
49 | certificates, and other security standards. | |
50 | ||
51 | %description -l pl.UTF-8 | |
52 | NSS wspomaga pisanie wieloplatformowych bezpiecznych serwerów. | |
53 | Aplikacja używająca NSS jest w stanie obsłużyć PKCS #5, PKCS #7, | |
54 | PKCS #11, PKCS #12, S/MIME, TLS, SSL v2 oraz v3, certyfikaty X.509 v3, | |
55 | i wiele innych bezpiecznych standardów. | |
56 | ||
57 | %package tools | |
58 | Summary: NSS command line tools and utilities | |
59 | Summary(pl.UTF-8): Narzędzia NSS obsługiwane z linii poleceń | |
60 | Group: Applications | |
61 | Requires: %{name} = %{epoch}:%{version}-%{release} | |
62 | ||
63 | %description tools | |
64 | The NSS Toolkit command line tool. | |
65 | ||
66 | %description tools -l pl.UTF-8 | |
67 | Narzędzia NSS obsługiwane z linii poleceń. | |
68 | ||
69 | %package devel | |
70 | Summary: NSS - header files | |
71 | Summary(pl.UTF-8): NSS - pliki nagłówkowe | |
72 | Group: Development/Libraries | |
73 | Requires: %{name} = %{epoch}:%{version}-%{release} | |
74 | Requires: nspr-devel >= %{nspr_ver} | |
75 | Obsoletes: libnss3-devel | |
76 | ||
77 | %description devel | |
78 | Development part of NSS library. | |
79 | ||
80 | %description devel -l pl.UTF-8 | |
81 | Część biblioteki NSS przeznaczona dla programistów. | |
82 | ||
83 | %package static | |
84 | Summary: NSS - static library | |
85 | Summary(pl.UTF-8): NSS - biblioteka statyczna | |
86 | Group: Development/Libraries | |
87 | Requires: %{name}-devel = %{epoch}:%{version}-%{release} | |
88 | ||
89 | %description static | |
90 | Static NSS Toolkit libraries. | |
91 | ||
92 | %description static -l pl.UTF-8 | |
93 | Statyczne wersje bibliotek z NSS. | |
94 | ||
95 | %package softokn-freebl | |
96 | Summary: Freebl library for the Network Security Services | |
97 | Summary(pl.UTF-8): Biblioteka freebl dla bibliotek NSS | |
98 | Group: Libraries | |
99 | ||
100 | %description softokn-freebl | |
101 | Freebl cryptographic library for the Network Security Services. | |
102 | ||
103 | %description softokn-freebl -l pl.UTF-8 | |
104 | Biblioteka kryptograficzna freebl dla bibliotek NSS. | |
105 | ||
106 | %prep | |
107 | %setup -q | |
108 | ||
109 | %if 0%{!?debug:1} | |
110 | # strip before signing | |
111 | %{__sed} -i -e '/export ADDON_PATH$/a\ echo STRIP \; %{__strip} --strip-unneeded -R.comment -R.note ${5}' nss/cmd/shlibsign/sign.sh | |
112 | %endif | |
113 | ||
114 | %build | |
115 | # http://wiki.cacert.org/wiki/NSSLib | |
116 | addbuiltin -n "CAcert Inc." -t "CT,C,C" < %{SOURCE3} >> nss/lib/ckfw/builtins/certdata.txt | |
117 | ||
118 | %ifarch %{x8664} ppc64 sparc64 aarch64 | |
119 | export USE_64=1 | |
120 | %endif | |
121 | ||
122 | # http://pki.fedoraproject.org/wiki/ECC_Capable_NSS | |
123 | for dir in ecc noecc; do | |
124 | install -d $dir | |
125 | cp -a nss $dir/nss | |
126 | done | |
127 | ||
128 | export BUILD_OPT=1 | |
129 | export MOZILLA_CLIENT=1 | |
130 | export NSDISTMODE=copy | |
131 | export NSPR_INCLUDE_DIR=/usr/include/nspr | |
132 | export NSS_USE_SYSTEM_SQLITE=1 | |
133 | export USE_PTHREADS=1 | |
134 | export USE_SYSTEM_ZLIB=1 | |
135 | export ZLIB_LIBS="-lz" | |
136 | %ifarch x32 | |
137 | export USE_X32=1 | |
138 | %endif | |
139 | %{!?with_tests:export NSS_DISABLE_GTESTS=1} | |
140 | ||
141 | # https://bugzilla.mozilla.org/show_bug.cgi?id=1084623 | |
142 | ||
143 | # Forcing ecc with this hack would produce broken librares (softoken, freebl etc). | |
144 | # Thus we also build noecc version (which doesn't require hack) and use these | |
145 | # libs from there. | |
146 | %{__sed} -i -e 's|#error|//error|g' ecc/nss/lib/freebl/ecl/ecl-curve.h | |
147 | %{__make} -C ecc/nss all \ | |
148 | NSS_ECC_MORE_THAN_SUITE_B=1 \ | |
149 | CC="%{__cc}" \ | |
150 | OPTIMIZER="%{rpmcflags} %{rpmcppflags}" \ | |
151 | NS_USE_GCC=1 | |
152 | ||
153 | %{__make} -C noecc/nss all \ | |
154 | CC="%{__cc}" \ | |
155 | OPTIMIZER="%{rpmcflags} %{rpmcppflags}" \ | |
156 | NS_USE_GCC=1 | |
157 | ||
158 | %install | |
159 | rm -rf $RPM_BUILD_ROOT | |
160 | install -d $RPM_BUILD_ROOT{%{_bindir},%{_mandir}/man1,%{_includedir}/nss,/%{_lib},%{_libdir},%{_pkgconfigdir}} | |
161 | ||
162 | cp -p ecc/dist/private/nss/* $RPM_BUILD_ROOT%{_includedir}/nss | |
163 | cp -p ecc/dist/public/dbm/* $RPM_BUILD_ROOT%{_includedir}/nss | |
164 | cp -p ecc/dist/public/nss/* $RPM_BUILD_ROOT%{_includedir}/nss | |
165 | install -p ecc/dist/Linux*/bin/* $RPM_BUILD_ROOT%{_bindir} | |
166 | install -p ecc/dist/Linux*/lib/* $RPM_BUILD_ROOT%{_libdir} | |
167 | ||
168 | # non-ECC version, we need only libnssdbm3, libsoftokn3, libfreebl3 | |
169 | install -p noecc/dist/Linux*/lib/libnssdbm3.* $RPM_BUILD_ROOT%{_libdir} | |
170 | install -p noecc/dist/Linux*/lib/libsoftokn3.* $RPM_BUILD_ROOT%{_libdir} | |
171 | install -p noecc/dist/Linux*/lib/libfreebl3.* $RPM_BUILD_ROOT%{_libdir} | |
172 | ||
173 | cp -p nss/doc/nroff/*.1 $RPM_BUILD_ROOT%{_mandir}/man1 | |
174 | ||
175 | %{__sed} -e ' | |
176 | s#libdir=.*#libdir=%{_libdir}#g | |
177 | s#includedir=.*#includedir=%{_includedir}#g | |
178 | s#VERSION#%{version}#g | |
179 | ' %{SOURCE1} > $RPM_BUILD_ROOT%{_pkgconfigdir}/nss.pc | |
180 | # compatibility symlink | |
181 | ln -s nss.pc $RPM_BUILD_ROOT%{_pkgconfigdir}/mozilla-nss.pc | |
182 | ||
183 | cat %{SOURCE4} | \ | |
184 | sed -e "s,%%libdir%%,%{_libdir},g" \ | |
185 | -e "s,%%prefix%%,%{_prefix},g" \ | |
186 | -e "s,%%exec_prefix%%,%{_prefix},g" \ | |
187 | -e "s,%%includedir%%,%{_includedir}/nss,g" \ | |
188 | -e "s,%%NSPR_VERSION%%,$(echo %{nspr_ver} | sed -e 's#.*:##g'),g" \ | |
189 | -e "s,%%NSS_VERSION%%,%{version},g" \ | |
190 | -e "s,%%SOFTOKEN_VERSION%%,%{version},g" > \ | |
191 | $RPM_BUILD_ROOT%{_pkgconfigdir}/nss-softokn.pc | |
192 | ||
193 | NSS_VMAJOR=$(awk '/#define.*NSS_VMAJOR/ {print $3}' nss/lib/nss/nss.h) | |
194 | NSS_VMINOR=$(awk '/#define.*NSS_VMINOR/ {print $3}' nss/lib/nss/nss.h) | |
195 | NSS_VPATCH=$(awk '/#define.*NSS_VPATCH/ {print $3}' nss/lib/nss/nss.h) | |
196 | %{__sed} -e " | |
197 | s,@libdir@,%{_libdir},g | |
198 | s,@prefix@,%{_prefix},g | |
199 | s,@exec_prefix@,%{_prefix},g | |
200 | s,@includedir@,%{_includedir}/nss,g | |
201 | s,@MOD_MAJOR_VERSION@,$NSS_VMAJOR,g | |
202 | s,@MOD_MINOR_VERSION@,$NSS_VMINOR,g | |
203 | s,@MOD_PATCH_VERSION@,$NSS_VPATCH,g | |
204 | " %{SOURCE2} > $RPM_BUILD_ROOT%{_bindir}/nss-config | |
205 | chmod +x $RPM_BUILD_ROOT%{_bindir}/nss-config | |
206 | ||
207 | %{__mv} $RPM_BUILD_ROOT%{_libdir}/libfreebl3.so $RPM_BUILD_ROOT/%{_lib} | |
208 | ln -s /%{_lib}/libfreebl3.so $RPM_BUILD_ROOT%{_libdir}/libfreebl3.so | |
209 | %{__mv} $RPM_BUILD_ROOT%{_libdir}/libfreebl3.chk $RPM_BUILD_ROOT/%{_lib} | |
210 | ln -s /%{_lib}/libfreebl3.chk $RPM_BUILD_ROOT%{_libdir}/libfreebl3.chk | |
211 | %{__mv} $RPM_BUILD_ROOT%{_libdir}/libfreeblpriv3.so $RPM_BUILD_ROOT/%{_lib} | |
212 | ln -s /%{_lib}/libfreeblpriv3.so $RPM_BUILD_ROOT%{_libdir}/libfreeblpriv3.so | |
213 | %{__mv} $RPM_BUILD_ROOT%{_libdir}/libfreeblpriv3.chk $RPM_BUILD_ROOT/%{_lib} | |
214 | ln -s /%{_lib}/libfreeblpriv3.chk $RPM_BUILD_ROOT%{_libdir}/libfreeblpriv3.chk | |
215 | ||
216 | # conflict with openssl-static | |
217 | %{__mv} $RPM_BUILD_ROOT%{_libdir}/libssl{,3}.a | |
218 | ||
219 | # unit tests | |
220 | %if %{with tests} | |
221 | %{__rm} $RPM_BUILD_ROOT%{_bindir}/{certdb,certhigh,cryptohi,der,pk11,softoken,smime,ssl,util}_gtest | |
222 | %{__rm} $RPM_BUILD_ROOT%{_bindir}/nss_bogo_shim | |
223 | %{__rm} $RPM_BUILD_ROOT%{_libdir}/libgtest* | |
224 | %{__rm} $RPM_BUILD_ROOT%{_libdir}/libpkcs11testmodule.* | |
225 | %{__rm} $RPM_BUILD_ROOT%{_libdir}/libcpputil.* | |
226 | %endif | |
227 | %{__rm} $RPM_BUILD_ROOT%{_bindir}/fbectest | |
228 | %{__rm} $RPM_BUILD_ROOT%{_bindir}/pk11ectest | |
229 | %{__rm} $RPM_BUILD_ROOT%{_bindir}/pk11importtest | |
230 | %{__rm} $RPM_BUILD_ROOT%{_bindir}/rsapoptst | |
231 | %{__rm} $RPM_BUILD_ROOT%{_libdir}/libnss*-testlib.so | |
232 | ||
233 | if [ ! -f "$RPM_BUILD_ROOT%{_includedir}/nss/nsslowhash.h" ]; then | |
234 | echo >&2 "ERROR: %{_includedir}/nss/nsslowhash.h not installed. Needed by glibc" | |
235 | exit 1 | |
236 | fi | |
237 | ||
238 | %clean | |
239 | rm -rf $RPM_BUILD_ROOT | |
240 | ||
241 | %post -p /sbin/ldconfig | |
242 | %postun -p /sbin/ldconfig | |
243 | ||
244 | %files | |
245 | %defattr(644,root,root,755) | |
246 | # COPYING beside MPL v2.0 text contains GPL/LGPL compatibility notes | |
247 | %doc nss/{COPYING,trademarks.txt} | |
248 | %attr(755,root,root) %{_libdir}/libfreebl3.so | |
249 | %attr(755,root,root) %{_libdir}/libfreeblpriv3.so | |
250 | %attr(755,root,root) %{_libdir}/libnss3.so | |
251 | %attr(755,root,root) %{_libdir}/libnssckbi.so | |
252 | %attr(755,root,root) %{_libdir}/libnssdbm3.so | |
253 | %attr(755,root,root) %{_libdir}/libnssutil3.so | |
254 | %attr(755,root,root) %{_libdir}/libsmime3.so | |
255 | %attr(755,root,root) %{_libdir}/libsoftokn3.so | |
256 | %attr(755,root,root) %{_libdir}/libssl3.so | |
257 | %{_libdir}/libfreebl3.chk | |
258 | %{_libdir}/libfreeblpriv3.chk | |
259 | %{_libdir}/libnssdbm3.chk | |
260 | %{_libdir}/libsoftokn3.chk | |
261 | ||
262 | %files devel | |
263 | %defattr(644,root,root,755) | |
264 | %attr(755,root,root) %{_bindir}/nss-config | |
265 | %{_libdir}/libcrmf.a | |
266 | %{_libdir}/libfreebl.a | |
267 | %{_includedir}/nss | |
268 | %{_pkgconfigdir}/mozilla-nss.pc | |
269 | %{_pkgconfigdir}/nss.pc | |
270 | %{_pkgconfigdir}/nss-softokn.pc | |
271 | ||
272 | %files tools | |
273 | %defattr(644,root,root,755) | |
274 | %attr(755,root,root) %{_bindir}/addbuiltin | |
275 | %attr(755,root,root) %{_bindir}/atob | |
276 | %attr(755,root,root) %{_bindir}/baddbdir | |
277 | %attr(755,root,root) %{_bindir}/bltest | |
278 | %attr(755,root,root) %{_bindir}/btoa | |
279 | %attr(755,root,root) %{_bindir}/certutil | |
280 | %attr(755,root,root) %{_bindir}/chktest | |
281 | %attr(755,root,root) %{_bindir}/cmsutil | |
282 | %attr(755,root,root) %{_bindir}/conflict | |
283 | %attr(755,root,root) %{_bindir}/crlutil | |
284 | %attr(755,root,root) %{_bindir}/crmftest | |
285 | %attr(755,root,root) %{_bindir}/dbtest | |
286 | %attr(755,root,root) %{_bindir}/derdump | |
287 | %attr(755,root,root) %{_bindir}/dertimetest | |
288 | %attr(755,root,root) %{_bindir}/digest | |
289 | %attr(755,root,root) %{_bindir}/ecperf | |
290 | %attr(755,root,root) %{_bindir}/encodeinttest | |
291 | %attr(755,root,root) %{_bindir}/fipstest | |
292 | %attr(755,root,root) %{_bindir}/httpserv | |
293 | %attr(755,root,root) %{_bindir}/listsuites | |
294 | %attr(755,root,root) %{_bindir}/lowhashtest | |
295 | %attr(755,root,root) %{_bindir}/makepqg | |
296 | %attr(755,root,root) %{_bindir}/mangle | |
297 | %attr(755,root,root) %{_bindir}/modutil | |
298 | %attr(755,root,root) %{_bindir}/multinit | |
299 | %attr(755,root,root) %{_bindir}/nonspr10 | |
300 | %attr(755,root,root) %{_bindir}/nss-policy-check | |
301 | %attr(755,root,root) %{_bindir}/ocspclnt | |
302 | %attr(755,root,root) %{_bindir}/ocspresp | |
303 | %attr(755,root,root) %{_bindir}/oidcalc | |
304 | %attr(755,root,root) %{_bindir}/p7content | |
305 | %attr(755,root,root) %{_bindir}/p7env | |
306 | %attr(755,root,root) %{_bindir}/p7sign | |
307 | %attr(755,root,root) %{_bindir}/p7verify | |
308 | %attr(755,root,root) %{_bindir}/pk11gcmtest | |
309 | %attr(755,root,root) %{_bindir}/pk11mode | |
310 | %attr(755,root,root) %{_bindir}/pk12util | |
311 | %attr(755,root,root) %{_bindir}/pk1sign | |
312 | %attr(755,root,root) %{_bindir}/pkix-errcodes | |
313 | %attr(755,root,root) %{_bindir}/pp | |
314 | %attr(755,root,root) %{_bindir}/pwdecrypt | |
315 | %attr(755,root,root) %{_bindir}/remtest | |
316 | %attr(755,root,root) %{_bindir}/rsaperf | |
317 | %attr(755,root,root) %{_bindir}/sdrtest | |
318 | %attr(755,root,root) %{_bindir}/secmodtest | |
319 | %attr(755,root,root) %{_bindir}/selfserv | |
320 | %attr(755,root,root) %{_bindir}/shlibsign | |
321 | %attr(755,root,root) %{_bindir}/signtool | |
322 | %attr(755,root,root) %{_bindir}/signver | |
323 | %attr(755,root,root) %{_bindir}/ssltap | |
324 | %attr(755,root,root) %{_bindir}/strsclnt | |
325 | %attr(755,root,root) %{_bindir}/symkeyutil | |
326 | %attr(755,root,root) %{_bindir}/tstclnt | |
327 | %attr(755,root,root) %{_bindir}/vfychain | |
328 | %attr(755,root,root) %{_bindir}/vfyserv | |
329 | %{_mandir}/man1/certutil.1* | |
330 | %{_mandir}/man1/cmsutil.1* | |
331 | %{_mandir}/man1/crlutil.1* | |
332 | %{_mandir}/man1/derdump.1* | |
333 | %{_mandir}/man1/modutil.1* | |
334 | %{_mandir}/man1/pk12util.1* | |
335 | %{_mandir}/man1/pp.1* | |
336 | %{_mandir}/man1/signtool.1* | |
337 | %{_mandir}/man1/signver.1* | |
338 | %{_mandir}/man1/ssltap.1* | |
339 | %{_mandir}/man1/vfychain.1* | |
340 | %{_mandir}/man1/vfyserv.1* | |
341 | ||
342 | %files static | |
343 | %defattr(644,root,root,755) | |
344 | %{_libdir}/libcertdb.a | |
345 | %{_libdir}/libcerthi.a | |
346 | %{_libdir}/libcryptohi.a | |
347 | %{_libdir}/libdbm.a | |
348 | %{_libdir}/libjar.a | |
349 | %{_libdir}/libnss.a | |
350 | %{_libdir}/libnssb.a | |
351 | %{_libdir}/libnssckfw.a | |
352 | %{_libdir}/libnssdbm.a | |
353 | %{_libdir}/libnssdev.a | |
354 | %{_libdir}/libnsspki.a | |
355 | %{_libdir}/libnssutil.a | |
356 | %{_libdir}/libpk11wrap.a | |
357 | %{_libdir}/libpkcs12.a | |
358 | %{_libdir}/libpkcs7.a | |
359 | %{_libdir}/libpkixcertsel.a | |
360 | %{_libdir}/libpkixchecker.a | |
361 | %{_libdir}/libpkixcrlsel.a | |
362 | %{_libdir}/libpkixmodule.a | |
363 | %{_libdir}/libpkixparams.a | |
364 | %{_libdir}/libpkixpki.a | |
365 | %{_libdir}/libpkixresults.a | |
366 | %{_libdir}/libpkixstore.a | |
367 | %{_libdir}/libpkixsystem.a | |
368 | %{_libdir}/libpkixtop.a | |
369 | %{_libdir}/libpkixutil.a | |
370 | %{_libdir}/libsectool.a | |
371 | %{_libdir}/libsmime.a | |
372 | %{_libdir}/libsoftokn.a | |
373 | %{_libdir}/libssl3.a | |
374 | ||
375 | %files softokn-freebl | |
376 | %defattr(644,root,root,755) | |
377 | %attr(755,root,root) /%{_lib}/libfreebl3.so | |
378 | %attr(755,root,root) /%{_lib}/libfreeblpriv3.so | |
379 | /%{_lib}/libfreebl3.chk | |
380 | /%{_lib}/libfreeblpriv3.chk |