libnss/libnss.spec

%define        srcver                        %(echo %version | tr . _)
#%define        nspr_version                  %(rpm -q --queryformat '%{VERSION}' libnspr)
%define        nspr_version                  %(%{_bindir}/nspr-config --version)
%define        with_test   1
%define        with_nsspem 1
Name:          libnss
Version:       3.20.1
Release:       1mamba
Summary:       Network Security Services
Group:         System/Libraries
Vendor:        openmamba
Distribution:  openmamba
Packager:      Silvan Calarco <silvan.calarco@mambasoft.it>
URL:           http://www.mozilla.org/projects/security/pki/nss/
Source0:       http://ftp.mozilla.org/pub/security/nss/releases/NSS_%{srcver}_RTM/src/nss-%{version}.tar.gz
Source1:       nss.pc.in
Source2:       nss-config.in
Source3:       blank-cert8.db
Source4:       blank-key3.db
Source5:       blank-secmod.db
Source6:       blank-cert9.db
Source7:       blank-key4.db
Source8:       nss-pkcs11.txt
Source9:       setup-nsssysinit.sh
# from fedora
# git clone https://git.fedorahosted.org/git/nss-pem.git
# tar cjf ../SOURCES/libnss-pem-20140218.tar.bz2 nss-pem/
%if %with_nsspem
Source10:      libnss-pem-20140218.tar.bz2
%endif
Patch1:        libnss-3.12.3-no-rpath.patch
Patch2:        libnss-3.12.3-nolocalsql.patch
Patch3:        libnss-3.12.9-renegotiate-transitional.patch
Patch4:        libnss-3.12.9-enable-pem.patch
Patch5:        libnss-3.12.9-nsspem-642433.patch
Patch6:        libnss-3.12.3-enable-pem.patch
Patch7:        libnss-3.12.3-stubs-bug502133.patch
Patch8:        libnss-3.12.9-honor-user-trust-preferences.patch
Patch9:        libnss-3.12.9-system-nspr.patch
Patch10:       libnss-3.15.1-opt_flags.patch
Patch11:       libnss-3.12.9-ipv6-type-connections-bug539183.patch
Patch12:       libnss-3.15.4-add-missing-RSA_BlockOAEP.patch
Patch13:       libnss-3.15.1-lfs-buildfixes.patch
License:       GPL, MPL 1.1, LGPL
## AUTOBUILDREQ-BEGIN
BuildRequires: glibc-devel
BuildRequires: libnspr-devel
BuildRequires: libsqlite-devel
BuildRequires: libz-devel
## AUTOBUILDREQ-END
BuildRequires: gawk
BuildRequires: perl
BuildRequires: pkgconfig
BuildRequires: psmisc
Obsoletes:     libmozilla-nss
Provides:      libmozilla-nss = %{?epoch:%epoch:}%{version}-%{release}
Obsoletes:     libmozilla
Conflicts:     libmozilla <= 1.7.13-1
Requires:      %{name}-sysinit = %{?epoch:%epoch:}%{version}-%{release}
BuildRoot:     %{_tmppath}/%{name}-%{version}-root

%description
Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications.
Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards.

%package tools
Summary:       Tools for the Network Security Services
Group:         Applications/Security
Requires:      %{name} = %{?epoch:%epoch:}%{version}-%{release}

%description tools
Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications.
Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards.

Install the nss-tools package if you need command-line tools to manipulate the NSS certificate and key database.

%package devel
Group:         Development/Libraries
Summary:       Static libraries and headers for %{name}
Obsoletes:     libmozilla-nss-devel
Provides:      libmozilla-nss-devel = %{?epoch:%epoch:}%{version}-%{release}
Conflicts:     libmozilla-devel <= 1.7.13-1
Requires:      %{name} = %{?epoch:%epoch:}%{version}-%{release}

%description devel
Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications.
Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards.

This package contains static libraries and header files need for development.

%package sysinit
Summary:       System NSS Initilization
Group:         System/Tools
Requires:      %{name} = %{?epoch:%epoch:}%{version}-%{release}
Requires:      coreutils
Requires:      sed

%description sysinit
Default Operating System module that manages applications loading NSS globally on the system. This module loads the system defined PKCS #11 modules for NSS and chains with other NSS modules to load any system or user configured modules.

%prep
%setup -q -n nss-%{version}
#-D -T
#:<< __EOF
%patch3 -p3
%if %with_nsspem
tar -xf %{SOURCE10}
mv nss-pem/nss/lib/ckfw/pem/ nss/lib/ckfw/

%patch4 -p3
#%patch5 -p3
%endif
#%patch8 -p1
#%patch9 -p0
%patch10 -p0
#%patch11 -p0
#%patch12 -p1
#%patch13 -p1

%build
#:<< __EOF
export BUILD_OPT=1
export XCFLAGS="%{optflags}"
export PKG_CONFIG_ALLOW_SYSTEM_LIBS=1
export PKG_CONFIG_ALLOW_SYSTEM_CFLAGS=1
NSPR_INCLUDE_DIR=`/usr/bin/pkg-config --cflags-only-I nspr | sed 's/-I//'`
NSPR_LIB_DIR=`/usr/bin/pkg-config --libs-only-L nspr | sed 's/-L//'`
export NSPR_INCLUDE_DIR
export NSPR_LIB_DIR
export NSS_USE_SYSTEM_SQLITE=1
export OPT_FLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing"

%ifarch x86_64 ia64
export USE_64=1
%endif

make -C ./nss/coreconf
make -C ./nss/lib/dbm
make -C ./nss CORE_DEPTH=`pwd`/nss

cat %{SOURCE1} | sed -e "s,%%libdir%%,%{_libdir},g" \
                 -e "s,%%prefix%%,%{_prefix},g" \
                 -e "s,%%exec_prefix%%,%{_prefix},g" \
                 -e "s,%%includedir%%,%{_includedir}/nss3,g" \
                 -e "s,%%NSPR_VERSION%%,%{nspr_version},g" \
                 -e "s,%%NSS_VERSION%%,%{version},g" > custom_nss.pc

%define majver %(echo %version | cut -d. -f1)
%define minver %(echo %version | cut -d. -f2)
%define patchver %(echo %version | cut -d. -f3)

NSS_VMAJOR=%majver
NSS_VMINOR=%minver
NSS_VPATCH=%patchver
cat %{SOURCE2} | sed -e "s,@libdir@,%{_libdir},g" \
                 -e "s,@prefix@,%{_prefix},g" \
                 -e "s,@exec_prefix@,%{_prefix},g" \
                 -e "s,@includedir@,%{_includedir}/nss3,g" \
                 -e "s,@MOD_MAJOR_VERSION@,$NSS_VMAJOR,g" \
                 -e "s,@MOD_MINOR_VERSION@,$NSS_VMINOR,g" \
                 -e "s,@MOD_PATCH_VERSION@,$NSS_VPATCH,g" > custom_nss-config

cat %{SOURCE9} > setup-nsssysinit.sh

%if %with_test
export BUILD_OPT=1
export HOST="localhost"
export DOMSUF=" "
export USE_IP=TRUE
export IP_ADDRESS="127.0.0.1"
cd nss/tests
./all.sh
#TEST_FAILURES=`grep -c FAILED ../../../tests_results/security/localhost.1/output.log` || :
#if [ $TEST_FAILURES -ne 0 ]; then
#  echo "error: test suite returned failure(s)"
#  exit 1
#fi
%endif

%install
[ "%{buildroot}" != / ] && rm -rf "%{buildroot}"
install -D -m 644 custom_nss.pc %{buildroot}%{_libdir}/pkgconfig/nss.pc
install -D -m 755 custom_nss-config %{buildroot}%{_bindir}/nss-config

# copy all the binary libraries
for file in libfreebl3.so libnss3.so libnssckbi.so libsmime3.so libsoftokn3.so libssl3.so libnssutil3.so libnssdbm3.so libnsssysinit.so; do
   install -m 755 dist/*.OBJ/lib/$file %{buildroot}%{_libdir}
done

%if %with_nsspem
install -m 755 dist/*.OBJ/lib/libnsspem.so %{buildroot}%{_libdir}
%endif

# copy alle the chk files
for file in libfreebl3.chk libsoftokn3.chk libnssdbm3.chk; do
   install -m 644 dist/*.OBJ/lib/$file %{buildroot}%{_libdir}
done

# install the empty NSS db files
# legacy db
install -d %{buildroot}%{_sysconfdir}/pki/nssdb
install -m 644 %{SOURCE3} %{buildroot}%{_sysconfdir}/pki/nssdb/cert8.db
install -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/pki/nssdb/key3.db
install -m 644 %{SOURCE5} %{buildroot}%{_sysconfdir}/pki/nssdb/secmod.db
# shared db
install -m 644 %{SOURCE6} %{buildroot}%{_sysconfdir}/pki/nssdb/cert9.db
install -m 644 %{SOURCE7} %{buildroot}%{_sysconfdir}/pki/nssdb/key4.db
install -m 644 %{SOURCE8} %{buildroot}%{_sysconfdir}/pki/nssdb/pkcs11.txt


# copy the development libraries we want
for file in libcrmf.a libnssb.a libnssckfw.a; do
   install -m 644 dist/*.OBJ/lib/$file %{buildroot}%{_libdir}
done

# copy the binaries we want
for file in certutil cmsutil crlutil modutil pk12util signtool signver ssltap; do
   install -m 755 dist/*.OBJ/bin/$file %{buildroot}%{_bindir}
done

# copy unsupported tools
mkdir -p %{buildroot}%{_libexecdir}/nss
for file in atob btoa derdump ocspclnt pp selfserv shlibsign strsclnt symkeyutil tstclnt vfyserv vfychain; do
   install -m 755 dist/*.OBJ/bin/$file %{buildroot}%{_libexecdir}/nss
done

# pkcs11 configuration script
mkdir -p %{buildroot}%{_sbindir}
install -pm 755 setup-nsssysinit.sh %{buildroot}%{_sbindir}/setup-nsssysinit.sh

# copy the include files
install -d %{buildroot}%{_includedir}/nss3
for file in dist/public/nss/*.h; do
   install -m 644 $file %{buildroot}%{_includedir}/nss3
done

%clean
[ "%{buildroot}" != / ] && rm -rf "%{buildroot}"

%post -p /sbin/ldconfig
%postun -p /sbin/ldconfig

%files
%defattr(-,root,root)
%{_libdir}/libnss3.so
%{_libdir}/libssl3.so
%{_libdir}/libsmime3.so
%{_libdir}/libsoftokn3.so
%{_libdir}/libsoftokn3.chk
%{_libdir}/libnssckbi.so
%{_libdir}/libfreebl3.so
%{_libdir}/libfreebl3.chk
%{_libdir}/libnssutil3.so
%{_libdir}/libnssdbm3.so
%{_libdir}/libnssdbm3.chk
%if %with_nsspem
%{_libdir}/libnsspem.so
%endif
%dir %{_sysconfdir}/pki/nssdb
%config(noreplace) %{_sysconfdir}/pki/nssdb/cert8.db
%config(noreplace) %{_sysconfdir}/pki/nssdb/key3.db
%config(noreplace) %{_sysconfdir}/pki/nssdb/secmod.db


%post sysinit
/sbin/ldconfig
%{_sbindir}/setup-nsssysinit.sh on

%preun sysinit
if [ $1 = 0 ]; then
  %{_sbindir}/setup-nsssysinit.sh off
fi

%postun sysinit -p /sbin/ldconfig

%files sysinit
%defattr(-,root,root)
%{_sbindir}/setup-nsssysinit.sh
%{_libdir}/libnsssysinit.so
%config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/pki/nssdb/cert9.db
%config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/pki/nssdb/key4.db
%config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/pki/nssdb/pkcs11.txt

%files tools
%defattr(-,root,root)
%{_bindir}/certutil
%{_bindir}/cmsutil
%{_bindir}/crlutil
%{_bindir}/modutil
%{_bindir}/pk12util
%{_bindir}/signtool
%{_bindir}/signver
%{_bindir}/ssltap
%dir %{_libexecdir}/nss
%{_libexecdir}/nss/*

%files devel
%defattr(-,root,root)
%{_bindir}/nss-config
%{_libdir}/libcrmf.a
%{_libdir}/libnssb.a
%{_libdir}/libnssckfw.a
%{_libdir}/pkgconfig/nss.pc
%{_includedir}/nss3/

%changelog
* Wed Nov 04 2015 Automatic Build System <autodist@mambasoft.it> 3.20.1-1mamba
- automatic version update by autodist

* Sat Oct 10 2015 Silvan Calarco <silvan.calarco@mambasoft.it> 3.20-1mamba
- update to 3.20

* Fri Jun 26 2015 Automatic Build System <autodist@mambasoft.it> 3.19.2-1mamba
- automatic version update by autodist

* Thu Jun 11 2015 Automatic Build System <autodist@mambasoft.it> 3.19.1-1mamba
- automatic version update by autodist

* Sun May 17 2015 Automatic Build System <autodist@mambasoft.it> 3.18.1-1mamba
- automatic version update by autodist

* Sat Mar 21 2015 Silvan Calarco <silvan.calarco@mambasoft.it> 3.18-1mamba
- update to 3.18
- fix version in /usr/bin/nss-config

* Tue Feb 17 2015 Automatic Build System <autodist@mambasoft.it> 3.17.4-1mamba
- automatic version update by autodist

* Thu Dec 11 2014 Automatic Build System <autodist@mambasoft.it> 3.17.3-1mamba
- automatic version update by autodist

* Fri Nov 14 2014 Automatic Build System <autodist@mambasoft.it> 3.17.2-1mamba
- automatic version update by autodist

* Thu Oct 02 2014 Automatic Build System <autodist@mambasoft.it> 3.17.1-1mamba
- automatic version update by autodist

* Tue Sep 23 2014 Automatic Build System <autodist@mambasoft.it> 3.17-1mamba
- automatic version update by autodist

* Tue Jul 22 2014 Automatic Build System <autodist@mambasoft.it> 3.16.3-1mamba
- automatic version update by autodist

* Sat May 10 2014 Automatic Build System <autodist@mambasoft.it> 3.16.1-1mamba
- automatic version update by autodist

* Wed Apr 09 2014 Automatic Build System <autodist@mambasoft.it> 3.16-1mamba
- automatic version update by autodist

* Sun Mar 30 2014 Automatic Build System <autodist@mambasoft.it> 3.15.5-1mamba
- automatic version update by autodist

* Tue Feb 18 2014 Silvan Calarco <silvan.calarco@mambasoft.it> 3.15.4-1mamba
- update to 3.15.4

* Tue Dec 10 2013 Automatic Build System <autodist@mambasoft.it> 3.15.3.1-1mamba
- automatic version update by autodist

* Thu Nov 14 2013 Automatic Build System <autodist@mambasoft.it> 3.15.3-2mamba
- rebuilt after breaking and fixing rpm

* Wed Nov 13 2013 Automatic Build System <autodist@mambasoft.it> 3.15.3-1mamba
- automatic version update by autodist

* Mon Oct 07 2013 Automatic Build System <autodist@mambasoft.it> 3.15.2-1mamba
- automatic version update by autodist

* Fri Aug 30 2013 Automatic Build System <autodist@mambasoft.it> 3.15.1-1mamba
- automatic version update by autodist

* Sun Apr 07 2013 Automatic Build System <autodist@mambasoft.it> 3.14.3-1mamba
- automatic version update by autodist

* Fri Dec 28 2012 Automatic Build System <autodist@mambasoft.it> 3.14.1-1mamba
- automatic version update by autodist

* Sat Dec 01 2012 Automatic Build System <autodist@mambasoft.it> 3.14-1mamba
- automatic version update by autodist

* Wed Oct 10 2012 Automatic Build System <autodist@mambasoft.it> 3.13.6-1mamba
- automatic version update by autodist

* Mon Mar 12 2012 Silvan Calarco <silvan.calarco@mambasoft.it> 3.13.3-1mamba
- update to 3.13.3

* Fri Jan 06 2012 Silvan Calarco <silvan.calarco@mambasoft.it> 3.13.1-1mamba
- update to 3.13.1

* Tue Aug 02 2011 Silvan Calarco <silvan.calarco@mambasoft.it> 3.12.10-1mamba
- update to 3.12.10

* Sat Apr 09 2011 Ercole 'ercolinux' Carpanetto <ercole69@gmail.com> 3.12.9-3mamba
- rebuilt with libsqlite 3.7.3-2

* Sun Mar 20 2011 gil <puntogil@libero.it> 3.12.9-2mamba
- ... add a changelog entry

* Tue Jan 25 2011 gil <puntogil@libero.it> 3.12.9-1mamba
- update to 3.12.9

* Mon Nov 29 2010 gil <puntogil@libero.it> 3.12.8-1mamba
- update to 3.12.8

* Tue Sep 14 2010 gil <puntogil@libero.it> 3.12.7-1mamba
- update to 3.12.7

* Thu Jul 22 2010 gil <puntogil@libero.it> 3.12.6-2mamba
- rebuil with libnspr 4.8.6; libsqlite 3.7.0

* Fri Apr 02 2010 gil <puntogil@libero.it> 3.12.6-1mamba
- update to 3.12.6

* Sat Dec 12 2009 gil <puntogil@libero.it> 3.12.4-1mamba
- update to 3.12.4

* Wed Jul 01 2009 Silvan Calarco <silvan.calarco@mambasoft.it> 3.12.3-1mamba
- update to 3.12.3

* Mon Jun 23 2008 Silvan Calarco <silvan.calarco@mambasoft.it> 3.12-2mamba
- add patch to use system libsqlite
- development nss-config and nss.pc files updated for linking with libnssutil3

* Sat Jun 21 2008 gil <puntogil@libero.it> 3.12-1mamba
- update to 3.12

* Sat May 31 2008 gil <puntogil@libero.it> 3.11.9-1mamba
- update to 3.11.9

* Wed Jan 31 2007 Silvan Calarco <silvan.calarco@mambasoft.it> 3.11.4-3qilnx
- obsolete libmozilla

* Wed Jan 24 2007 Davide Madrisan <davide.madrisan@qilinux.it> 3.11.4-2qilnx
- conflicts libmozilla

* Tue Jan 16 2007 Davide Madrisan <davide.madrisan@qilinux.it> 3.11.4-1qilnx
- package created by autospec