%define srcver %(echo %version | tr . _) #%define nspr_version %(rpm -q --queryformat '%{VERSION}' libnspr) %define nspr_version %(%{_bindir}/nspr-config --version) %define with_test 0 %define with_nsspem 1 Name: libnss Version: 3.22 Release: 1mamba Summary: Network Security Services Group: System/Libraries Vendor: openmamba Distribution: openmamba Packager: Silvan Calarco URL: http://www.mozilla.org/projects/security/pki/nss/ Source0: http://ftp.mozilla.org/pub/security/nss/releases/NSS_%{srcver}_RTM/src/nss-%{version}.tar.gz Source1: nss.pc.in Source2: nss-config.in Source3: blank-cert8.db Source4: blank-key3.db Source5: blank-secmod.db Source6: blank-cert9.db Source7: blank-key4.db Source8: nss-pkcs11.txt Source9: setup-nsssysinit.sh # from fedora # git clone https://git.fedorahosted.org/git/nss-pem.git # tar cjf ../SOURCES/libnss-pem-20140218.tar.bz2 nss-pem/ %if %with_nsspem #Source10: libnss-pem-20140218.tar.bz2 Source10: https://git.fedorahosted.org/git/nss-pem.git/master/nss-pem-%{version}.tar.bz2 %endif Patch1: libnss-3.12.3-no-rpath.patch Patch2: libnss-3.12.3-nolocalsql.patch Patch3: libnss-3.12.9-renegotiate-transitional.patch Patch4: libnss-3.12.9-enable-pem.patch Patch5: libnss-3.12.9-nsspem-642433.patch Patch6: libnss-3.12.3-enable-pem.patch Patch7: libnss-3.12.3-stubs-bug502133.patch Patch8: libnss-3.12.9-honor-user-trust-preferences.patch Patch9: libnss-3.12.9-system-nspr.patch Patch10: libnss-3.15.1-opt_flags.patch Patch11: libnss-3.12.9-ipv6-type-connections-bug539183.patch Patch12: libnss-3.15.4-add-missing-RSA_BlockOAEP.patch Patch13: libnss-3.15.1-lfs-buildfixes.patch Patch14: nss-pem-3.22-buildfix.patch License: GPL, MPL 1.1, LGPL ## AUTOBUILDREQ-BEGIN BuildRequires: glibc-devel BuildRequires: libnspr-devel BuildRequires: libsqlite-devel BuildRequires: libz-devel ## AUTOBUILDREQ-END BuildRequires: gawk BuildRequires: perl BuildRequires: pkgconfig BuildRequires: psmisc Obsoletes: libmozilla-nss Provides: libmozilla-nss = %{?epoch:%epoch:}%{version}-%{release} Obsoletes: libmozilla Conflicts: libmozilla <= 1.7.13-1 Requires: %{name}-sysinit = %{?epoch:%epoch:}%{version}-%{release} BuildRoot: %{_tmppath}/%{name}-%{version}-root %description Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards. %package tools Summary: Tools for the Network Security Services Group: Applications/Security Requires: %{name} = %{?epoch:%epoch:}%{version}-%{release} %description tools Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards. Install the nss-tools package if you need command-line tools to manipulate the NSS certificate and key database. %package devel Group: Development/Libraries Summary: Static libraries and headers for %{name} Obsoletes: libmozilla-nss-devel Provides: libmozilla-nss-devel = %{?epoch:%epoch:}%{version}-%{release} Conflicts: libmozilla-devel <= 1.7.13-1 Requires: %{name} = %{?epoch:%epoch:}%{version}-%{release} %description devel Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards. This package contains static libraries and header files need for development. %package sysinit Summary: System NSS Initilization Group: System/Tools Requires: %{name} = %{?epoch:%epoch:}%{version}-%{release} Requires: coreutils Requires: sed %description sysinit Default Operating System module that manages applications loading NSS globally on the system. This module loads the system defined PKCS #11 modules for NSS and chains with other NSS modules to load any system or user configured modules. %prep %setup -q -n nss-%{version} #-D -T #:<< __EOF %patch3 -p3 %if %with_nsspem tar -xf %{SOURCE10} mv nss-pem-%{version}/nss/lib/ckfw/pem/ nss/lib/ckfw/ %patch14 -p0 %patch4 -p3 #%patch5 -p3 %endif #%patch8 -p1 #%patch9 -p0 %patch10 -p0 #%patch11 -p0 #%patch12 -p1 #%patch13 -p1 %build #:<< __EOF export BUILD_OPT=1 export XCFLAGS="%{optflags}" export PKG_CONFIG_ALLOW_SYSTEM_LIBS=1 export PKG_CONFIG_ALLOW_SYSTEM_CFLAGS=1 NSPR_INCLUDE_DIR=`/usr/bin/pkg-config --cflags-only-I nspr | sed 's/-I//'` NSPR_LIB_DIR=`/usr/bin/pkg-config --libs-only-L nspr | sed 's/-L//'` export NSPR_INCLUDE_DIR export NSPR_LIB_DIR export NSS_USE_SYSTEM_SQLITE=1 export OPT_FLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing" %ifarch x86_64 ia64 export USE_64=1 %endif make -C ./nss/coreconf make -C ./nss/lib/dbm make -C ./nss CORE_DEPTH=`pwd`/nss cat %{SOURCE1} | sed -e "s,%%libdir%%,%{_libdir},g" \ -e "s,%%prefix%%,%{_prefix},g" \ -e "s,%%exec_prefix%%,%{_prefix},g" \ -e "s,%%includedir%%,%{_includedir}/nss3,g" \ -e "s,%%NSPR_VERSION%%,%{nspr_version},g" \ -e "s,%%NSS_VERSION%%,%{version},g" > custom_nss.pc %define majver %(echo %version | cut -d. -f1) %define minver %(echo %version | cut -d. -f2) %define patchver %(echo %version | cut -d. -f3) NSS_VMAJOR=%majver NSS_VMINOR=%minver NSS_VPATCH=%patchver cat %{SOURCE2} | sed -e "s,@libdir@,%{_libdir},g" \ -e "s,@prefix@,%{_prefix},g" \ -e "s,@exec_prefix@,%{_prefix},g" \ -e "s,@includedir@,%{_includedir}/nss3,g" \ -e "s,@MOD_MAJOR_VERSION@,$NSS_VMAJOR,g" \ -e "s,@MOD_MINOR_VERSION@,$NSS_VMINOR,g" \ -e "s,@MOD_PATCH_VERSION@,$NSS_VPATCH,g" > custom_nss-config cat %{SOURCE9} > setup-nsssysinit.sh %if %with_test export BUILD_OPT=1 export HOST="localhost" export DOMSUF=" " export USE_IP=TRUE export IP_ADDRESS="127.0.0.1" cd nss/tests ./all.sh #TEST_FAILURES=`grep -c FAILED ../../../tests_results/security/localhost.1/output.log` || : #if [ $TEST_FAILURES -ne 0 ]; then # echo "error: test suite returned failure(s)" # exit 1 #fi %endif %install [ "%{buildroot}" != / ] && rm -rf "%{buildroot}" install -D -m 644 custom_nss.pc %{buildroot}%{_libdir}/pkgconfig/nss.pc install -D -m 755 custom_nss-config %{buildroot}%{_bindir}/nss-config # copy all the binary libraries for file in libfreebl3.so libnss3.so libnssckbi.so libsmime3.so libsoftokn3.so libssl3.so libnssutil3.so libnssdbm3.so libnsssysinit.so; do install -m 755 dist/*.OBJ/lib/$file %{buildroot}%{_libdir} done %if %with_nsspem install -m 755 dist/*.OBJ/lib/libnsspem.so %{buildroot}%{_libdir} %endif # copy alle the chk files for file in libfreebl3.chk libsoftokn3.chk libnssdbm3.chk; do install -m 644 dist/*.OBJ/lib/$file %{buildroot}%{_libdir} done # install the empty NSS db files # legacy db install -d %{buildroot}%{_sysconfdir}/pki/nssdb install -m 644 %{SOURCE3} %{buildroot}%{_sysconfdir}/pki/nssdb/cert8.db install -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/pki/nssdb/key3.db install -m 644 %{SOURCE5} %{buildroot}%{_sysconfdir}/pki/nssdb/secmod.db # shared db install -m 644 %{SOURCE6} %{buildroot}%{_sysconfdir}/pki/nssdb/cert9.db install -m 644 %{SOURCE7} %{buildroot}%{_sysconfdir}/pki/nssdb/key4.db install -m 644 %{SOURCE8} %{buildroot}%{_sysconfdir}/pki/nssdb/pkcs11.txt # copy the development libraries we want for file in libcrmf.a libnssb.a libnssckfw.a; do install -m 644 dist/*.OBJ/lib/$file %{buildroot}%{_libdir} done # copy the binaries we want for file in certutil cmsutil crlutil modutil pk12util signtool signver ssltap; do install -m 755 dist/*.OBJ/bin/$file %{buildroot}%{_bindir} done # copy unsupported tools mkdir -p %{buildroot}%{_libexecdir}/nss for file in atob btoa derdump ocspclnt pp selfserv shlibsign strsclnt symkeyutil tstclnt vfyserv vfychain; do install -m 755 dist/*.OBJ/bin/$file %{buildroot}%{_libexecdir}/nss done # pkcs11 configuration script mkdir -p %{buildroot}%{_sbindir} install -pm 755 setup-nsssysinit.sh %{buildroot}%{_sbindir}/setup-nsssysinit.sh # copy the include files install -d %{buildroot}%{_includedir}/nss3 for file in dist/public/nss/*.h; do install -m 644 $file %{buildroot}%{_includedir}/nss3 done %clean [ "%{buildroot}" != / ] && rm -rf "%{buildroot}" %post -p /sbin/ldconfig %postun -p /sbin/ldconfig %files %defattr(-,root,root) %{_libdir}/libnss3.so %{_libdir}/libssl3.so %{_libdir}/libsmime3.so %{_libdir}/libsoftokn3.so %{_libdir}/libsoftokn3.chk %{_libdir}/libnssckbi.so %{_libdir}/libfreebl3.so %{_libdir}/libfreebl3.chk %{_libdir}/libnssutil3.so %{_libdir}/libnssdbm3.so %{_libdir}/libnssdbm3.chk %if %with_nsspem %{_libdir}/libnsspem.so %endif %dir %{_sysconfdir}/pki/nssdb %config(noreplace) %{_sysconfdir}/pki/nssdb/cert8.db %config(noreplace) %{_sysconfdir}/pki/nssdb/key3.db %config(noreplace) %{_sysconfdir}/pki/nssdb/secmod.db %post sysinit /sbin/ldconfig %{_sbindir}/setup-nsssysinit.sh on %preun sysinit if [ $1 = 0 ]; then %{_sbindir}/setup-nsssysinit.sh off fi %postun sysinit -p /sbin/ldconfig %files sysinit %defattr(-,root,root) %{_sbindir}/setup-nsssysinit.sh %{_libdir}/libnsssysinit.so %config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/pki/nssdb/cert9.db %config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/pki/nssdb/key4.db %config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/pki/nssdb/pkcs11.txt %files tools %defattr(-,root,root) %{_bindir}/certutil %{_bindir}/cmsutil %{_bindir}/crlutil %{_bindir}/modutil %{_bindir}/pk12util %{_bindir}/signtool %{_bindir}/signver %{_bindir}/ssltap %dir %{_libexecdir}/nss %{_libexecdir}/nss/* %files devel %defattr(-,root,root) %{_bindir}/nss-config %{_libdir}/libcrmf.a %{_libdir}/libnssb.a %{_libdir}/libnssckfw.a %{_libdir}/pkgconfig/nss.pc %{_includedir}/nss3/ %changelog * Fri Feb 19 2016 Silvan Calarco 3.22-1mamba - update to 3.22 * Wed Nov 04 2015 Automatic Build System 3.20.1-1mamba - automatic version update by autodist * Sat Oct 10 2015 Silvan Calarco 3.20-1mamba - update to 3.20 * Fri Jun 26 2015 Automatic Build System 3.19.2-1mamba - automatic version update by autodist * Thu Jun 11 2015 Automatic Build System 3.19.1-1mamba - automatic version update by autodist * Sun May 17 2015 Automatic Build System 3.18.1-1mamba - automatic version update by autodist * Sat Mar 21 2015 Silvan Calarco 3.18-1mamba - update to 3.18 - fix version in /usr/bin/nss-config * Tue Feb 17 2015 Automatic Build System 3.17.4-1mamba - automatic version update by autodist * Thu Dec 11 2014 Automatic Build System 3.17.3-1mamba - automatic version update by autodist * Fri Nov 14 2014 Automatic Build System 3.17.2-1mamba - automatic version update by autodist * Thu Oct 02 2014 Automatic Build System 3.17.1-1mamba - automatic version update by autodist * Tue Sep 23 2014 Automatic Build System 3.17-1mamba - automatic version update by autodist * Tue Jul 22 2014 Automatic Build System 3.16.3-1mamba - automatic version update by autodist * Sat May 10 2014 Automatic Build System 3.16.1-1mamba - automatic version update by autodist * Wed Apr 09 2014 Automatic Build System 3.16-1mamba - automatic version update by autodist * Sun Mar 30 2014 Automatic Build System 3.15.5-1mamba - automatic version update by autodist * Tue Feb 18 2014 Silvan Calarco 3.15.4-1mamba - update to 3.15.4 * Tue Dec 10 2013 Automatic Build System 3.15.3.1-1mamba - automatic version update by autodist * Thu Nov 14 2013 Automatic Build System 3.15.3-2mamba - rebuilt after breaking and fixing rpm * Wed Nov 13 2013 Automatic Build System 3.15.3-1mamba - automatic version update by autodist * Mon Oct 07 2013 Automatic Build System 3.15.2-1mamba - automatic version update by autodist * Fri Aug 30 2013 Automatic Build System 3.15.1-1mamba - automatic version update by autodist * Sun Apr 07 2013 Automatic Build System 3.14.3-1mamba - automatic version update by autodist * Fri Dec 28 2012 Automatic Build System 3.14.1-1mamba - automatic version update by autodist * Sat Dec 01 2012 Automatic Build System 3.14-1mamba - automatic version update by autodist * Wed Oct 10 2012 Automatic Build System 3.13.6-1mamba - automatic version update by autodist * Mon Mar 12 2012 Silvan Calarco 3.13.3-1mamba - update to 3.13.3 * Fri Jan 06 2012 Silvan Calarco 3.13.1-1mamba - update to 3.13.1 * Tue Aug 02 2011 Silvan Calarco 3.12.10-1mamba - update to 3.12.10 * Sat Apr 09 2011 Ercole 'ercolinux' Carpanetto 3.12.9-3mamba - rebuilt with libsqlite 3.7.3-2 * Sun Mar 20 2011 gil 3.12.9-2mamba - ... add a changelog entry * Tue Jan 25 2011 gil 3.12.9-1mamba - update to 3.12.9 * Mon Nov 29 2010 gil 3.12.8-1mamba - update to 3.12.8 * Tue Sep 14 2010 gil 3.12.7-1mamba - update to 3.12.7 * Thu Jul 22 2010 gil 3.12.6-2mamba - rebuil with libnspr 4.8.6; libsqlite 3.7.0 * Fri Apr 02 2010 gil 3.12.6-1mamba - update to 3.12.6 * Sat Dec 12 2009 gil 3.12.4-1mamba - update to 3.12.4 * Wed Jul 01 2009 Silvan Calarco 3.12.3-1mamba - update to 3.12.3 * Mon Jun 23 2008 Silvan Calarco 3.12-2mamba - add patch to use system libsqlite - development nss-config and nss.pc files updated for linking with libnssutil3 * Sat Jun 21 2008 gil 3.12-1mamba - update to 3.12 * Sat May 31 2008 gil 3.11.9-1mamba - update to 3.11.9 * Wed Jan 31 2007 Silvan Calarco 3.11.4-3qilnx - obsolete libmozilla * Wed Jan 24 2007 Davide Madrisan 3.11.4-2qilnx - conflicts libmozilla * Tue Jan 16 2007 Davide Madrisan 3.11.4-1qilnx - package created by autospec