Revert "Switch to gyp buildsystem"
It turned out that libpkix cannot be enabled in gyp build.
This reverts commit 390eaefc52
.
This commit is contained in:
parent
af46412ffe
commit
cab16c0490
13
iquote.patch
Normal file
13
iquote.patch
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
diff -up nss/coreconf/location.mk.iquote nss/coreconf/location.mk
|
||||||
|
--- nss/coreconf/location.mk.iquote 2017-07-27 16:09:32.000000000 +0200
|
||||||
|
+++ nss/coreconf/location.mk 2017-09-06 13:23:14.633611555 +0200
|
||||||
|
@@ -75,4 +75,9 @@ ifndef SQLITE_LIB_NAME
|
||||||
|
SQLITE_LIB_NAME = sqlite3
|
||||||
|
endif
|
||||||
|
|
||||||
|
+# Prefer in-tree headers over system headers
|
||||||
|
+ifdef IN_TREE_FREEBL_HEADERS_FIRST
|
||||||
|
+ INCLUDES += -iquote $(DIST)/../public/nss -iquote $(DIST)/../private/nss
|
||||||
|
+endif
|
||||||
|
+
|
||||||
|
MK_LOCATION = included
|
74
nss.spec
74
nss.spec
@ -64,9 +64,6 @@ BuildRequires: gawk
|
|||||||
BuildRequires: psmisc
|
BuildRequires: psmisc
|
||||||
BuildRequires: perl-interpreter
|
BuildRequires: perl-interpreter
|
||||||
BuildRequires: gcc-c++
|
BuildRequires: gcc-c++
|
||||||
BuildRequires: gyp
|
|
||||||
BuildRequires: ninja-build
|
|
||||||
BuildRequires: /usr/bin/python
|
|
||||||
|
|
||||||
Source0: https://ftp.mozilla.org/pub/security/nss/releases/%{nss_release_tag}/src/%{name}-%{nss_archive_version}.tar.gz
|
Source0: https://ftp.mozilla.org/pub/security/nss/releases/%{nss_release_tag}/src/%{name}-%{nss_archive_version}.tar.gz
|
||||||
Source1: nss-util.pc.in
|
Source1: nss-util.pc.in
|
||||||
@ -97,6 +94,18 @@ Source28: nss-p11-kit.config
|
|||||||
|
|
||||||
# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=617723
|
# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=617723
|
||||||
Patch2: nss-539183.patch
|
Patch2: nss-539183.patch
|
||||||
|
# This patch uses the GCC -iquote option documented at
|
||||||
|
# http://gcc.gnu.org/onlinedocs/gcc/Directory-Options.html#Directory-Options
|
||||||
|
# to give the in-tree headers a higher priority over the system headers,
|
||||||
|
# when they are included through the quote form (#include "file.h").
|
||||||
|
#
|
||||||
|
# This ensures a build even when system headers are older. Such is the
|
||||||
|
# case when starting an update with API changes or even private export
|
||||||
|
# changes.
|
||||||
|
#
|
||||||
|
# Once the buildroot aha been bootstrapped the patch may be removed
|
||||||
|
# but it doesn't hurt to keep it.
|
||||||
|
Patch4: iquote.patch
|
||||||
|
|
||||||
%description
|
%description
|
||||||
Network Security Services (NSS) is a set of libraries designed to
|
Network Security Services (NSS) is a set of libraries designed to
|
||||||
@ -233,32 +242,60 @@ popd
|
|||||||
|
|
||||||
%build
|
%build
|
||||||
|
|
||||||
|
export FREEBL_NO_DEPEND=1
|
||||||
|
|
||||||
|
# Must export FREEBL_LOWHASH=1 for nsslowhash.h so that it gets
|
||||||
|
# copied to dist and the rpm install phase can find it
|
||||||
|
# This due of the upstream changes to fix
|
||||||
|
# https://bugzilla.mozilla.org/show_bug.cgi?id=717906
|
||||||
|
export FREEBL_LOWHASH=1
|
||||||
|
|
||||||
# uncomment if the iquote patch is activated
|
# uncomment if the iquote patch is activated
|
||||||
export IN_TREE_FREEBL_HEADERS_FIRST=1
|
export IN_TREE_FREEBL_HEADERS_FIRST=1
|
||||||
|
|
||||||
export NSS_FORCE_FIPS=1
|
export NSS_FORCE_FIPS=1
|
||||||
|
|
||||||
|
# Enable compiler optimizations and disable debugging code
|
||||||
|
export BUILD_OPT=1
|
||||||
|
|
||||||
# Uncomment to disable optimizations
|
# Uncomment to disable optimizations
|
||||||
#RPM_OPT_FLAGS=`echo $RPM_OPT_FLAGS | sed -e 's/-O2/-O0/g'`
|
#RPM_OPT_FLAGS=`echo $RPM_OPT_FLAGS | sed -e 's/-O2/-O0/g'`
|
||||||
#export RPM_OPT_FLAGS
|
#export RPM_OPT_FLAGS
|
||||||
|
|
||||||
# Generate symbolic info for debuggers
|
# Generate symbolic info for debuggers
|
||||||
export CFLAGS=$RPM_OPT_FLAGS
|
export XCFLAGS=$RPM_OPT_FLAGS
|
||||||
|
|
||||||
export LDFLAGS=$RPM_LD_FLAGS
|
export LDFLAGS=$RPM_LD_FLAGS
|
||||||
|
|
||||||
|
export DSO_LDOPTS=$RPM_LD_FLAGS
|
||||||
|
|
||||||
export PKG_CONFIG_ALLOW_SYSTEM_LIBS=1
|
export PKG_CONFIG_ALLOW_SYSTEM_LIBS=1
|
||||||
export PKG_CONFIG_ALLOW_SYSTEM_CFLAGS=1
|
export PKG_CONFIG_ALLOW_SYSTEM_CFLAGS=1
|
||||||
|
|
||||||
export NSPR_INCLUDE_DIR=`/usr/bin/pkg-config --cflags-only-I nspr | sed -e 's/-I//' -e 's/ *$//'`
|
export NSPR_INCLUDE_DIR=`/usr/bin/pkg-config --cflags-only-I nspr | sed 's/-I//'`
|
||||||
export NSPR_LIB_DIR=%{_libdir}
|
export NSPR_LIB_DIR=%{_libdir}
|
||||||
|
|
||||||
|
export NSS_USE_SYSTEM_SQLITE=1
|
||||||
|
|
||||||
|
export NSS_ALLOW_SSLKEYLOGFILE=1
|
||||||
|
|
||||||
|
%ifnarch noarch
|
||||||
|
%if 0%{__isa_bits} == 64
|
||||||
|
export USE_64=1
|
||||||
|
%endif
|
||||||
|
%endif
|
||||||
|
|
||||||
|
##### phase 2: build the rest of nss
|
||||||
|
make -C ./nss/coreconf
|
||||||
|
make -C ./nss/lib/dbm
|
||||||
|
|
||||||
# Set the policy file location
|
# Set the policy file location
|
||||||
# if set NSS will always check for the policy file and load if it exists
|
# if set NSS will always check for the policy file and load if it exists
|
||||||
export POLICY_FILE="nss.config"
|
export POLICY_FILE="nss.config"
|
||||||
# location of the policy file
|
# location of the policy file
|
||||||
export POLICY_PATH="/etc/crypto-policies/back-ends"
|
export POLICY_PATH="/etc/crypto-policies/back-ends"
|
||||||
|
|
||||||
nss/build.sh --gcc --opt --with-nspr="$NSPR_INCLUDE_DIR" --system-sqlite --enable-fips
|
make -C ./nss
|
||||||
|
|
||||||
# build the man pages clean
|
# build the man pages clean
|
||||||
pushd ./nss
|
pushd ./nss
|
||||||
@ -371,6 +408,20 @@ done
|
|||||||
|
|
||||||
%check
|
%check
|
||||||
%if %{with tests}
|
%if %{with tests}
|
||||||
|
# Begin -- copied from the build section
|
||||||
|
|
||||||
|
export FREEBL_NO_DEPEND=1
|
||||||
|
|
||||||
|
export BUILD_OPT=1
|
||||||
|
|
||||||
|
%ifnarch noarch
|
||||||
|
%if 0%{__isa_bits} == 64
|
||||||
|
export USE_64=1
|
||||||
|
%endif
|
||||||
|
%endif
|
||||||
|
|
||||||
|
# End -- copied from the build section
|
||||||
|
|
||||||
# This is necessary because the test suite tests algorithms that are
|
# This is necessary because the test suite tests algorithms that are
|
||||||
# disabled by the system policy.
|
# disabled by the system policy.
|
||||||
export NSS_IGNORE_SYSTEM_POLICY=1
|
export NSS_IGNORE_SYSTEM_POLICY=1
|
||||||
@ -491,7 +542,7 @@ mkdir -p $RPM_BUILD_ROOT%{_mandir}/man5
|
|||||||
# Copy the binary libraries we want
|
# Copy the binary libraries we want
|
||||||
for file in libnssutil3.so libsoftokn3.so libnssdbm3.so libfreebl3.so libfreeblpriv3.so libnss3.so libnsssysinit.so libsmime3.so libssl3.so
|
for file in libnssutil3.so libsoftokn3.so libnssdbm3.so libfreebl3.so libfreeblpriv3.so libnss3.so libnsssysinit.so libsmime3.so libssl3.so
|
||||||
do
|
do
|
||||||
install -p -m 755 dist/Release/lib/$file $RPM_BUILD_ROOT/%{_libdir}
|
install -p -m 755 dist/*.OBJ/lib/$file $RPM_BUILD_ROOT/%{_libdir}
|
||||||
done
|
done
|
||||||
|
|
||||||
# Install the empty NSS db files
|
# Install the empty NSS db files
|
||||||
@ -508,19 +559,19 @@ install -p -m 644 %{SOURCE15} $RPM_BUILD_ROOT/%{_sysconfdir}/pki/nssdb/pkcs11.tx
|
|||||||
# Copy the development libraries we want
|
# Copy the development libraries we want
|
||||||
for file in libcrmf.a libnssb.a libnssckfw.a
|
for file in libcrmf.a libnssb.a libnssckfw.a
|
||||||
do
|
do
|
||||||
install -p -m 644 nss/out/Release/$file $RPM_BUILD_ROOT/%{_libdir}
|
install -p -m 644 dist/*.OBJ/lib/$file $RPM_BUILD_ROOT/%{_libdir}
|
||||||
done
|
done
|
||||||
|
|
||||||
# Copy the binaries we want
|
# Copy the binaries we want
|
||||||
for file in certutil cmsutil crlutil modutil nss-policy-check pk12util signver ssltap
|
for file in certutil cmsutil crlutil modutil nss-policy-check pk12util signver ssltap
|
||||||
do
|
do
|
||||||
install -p -m 755 dist/Release/bin/$file $RPM_BUILD_ROOT/%{_bindir}
|
install -p -m 755 dist/*.OBJ/bin/$file $RPM_BUILD_ROOT/%{_bindir}
|
||||||
done
|
done
|
||||||
|
|
||||||
# Copy the binaries we ship as unsupported
|
# Copy the binaries we ship as unsupported
|
||||||
for file in bltest ecperf fbectest fipstest shlibsign atob btoa derdump listsuites ocspclnt pp selfserv signtool strsclnt symkeyutil tstclnt vfyserv vfychain
|
for file in bltest ecperf fbectest fipstest shlibsign atob btoa derdump listsuites ocspclnt pp selfserv signtool strsclnt symkeyutil tstclnt vfyserv vfychain
|
||||||
do
|
do
|
||||||
install -p -m 755 dist/Release/bin/$file $RPM_BUILD_ROOT/%{unsupported_tools_directory}
|
install -p -m 755 dist/*.OBJ/bin/$file $RPM_BUILD_ROOT/%{unsupported_tools_directory}
|
||||||
done
|
done
|
||||||
|
|
||||||
# Copy the include files we want
|
# Copy the include files we want
|
||||||
@ -538,7 +589,7 @@ done
|
|||||||
# Copy the static freebl library
|
# Copy the static freebl library
|
||||||
for file in libfreebl.a
|
for file in libfreebl.a
|
||||||
do
|
do
|
||||||
install -p -m 644 nss/out/Release/$file $RPM_BUILD_ROOT/%{_libdir}
|
install -p -m 644 dist/*.OBJ/lib/$file $RPM_BUILD_ROOT/%{_libdir}
|
||||||
done
|
done
|
||||||
|
|
||||||
# Copy the template files we want
|
# Copy the template files we want
|
||||||
@ -853,7 +904,6 @@ update-crypto-policies
|
|||||||
- Update to NSS 3.41
|
- Update to NSS 3.41
|
||||||
|
|
||||||
* Thu Dec 6 2018 Daiki Ueno <dueno@redhat.com> - 3.40.1-3
|
* Thu Dec 6 2018 Daiki Ueno <dueno@redhat.com> - 3.40.1-3
|
||||||
- Switch to gyp buildsystem
|
|
||||||
- Remove unnecessary patches
|
- Remove unnecessary patches
|
||||||
|
|
||||||
* Thu Dec 6 2018 Daiki Ueno <dueno@redhat.com> - 3.40.1-2
|
* Thu Dec 6 2018 Daiki Ueno <dueno@redhat.com> - 3.40.1-2
|
||||||
|
Loading…
Reference in New Issue
Block a user