diff options
Diffstat (limited to 'dev-libs/nss/nss-9999.ebuild')
| -rw-r--r-- | dev-libs/nss/nss-9999.ebuild | 192 |
1 files changed, 0 insertions, 192 deletions
diff --git a/dev-libs/nss/nss-9999.ebuild b/dev-libs/nss/nss-9999.ebuild deleted file mode 100644 index 927fb82..0000000 --- a/dev-libs/nss/nss-9999.ebuild +++ /dev/null @@ -1,192 +0,0 @@ -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: $ - -EAPI="3" - -inherit mozilla-scm flag-o-matic - -DESCRIPTION="Mozilla's Network Security Services library that implements PKI support" -HOMEPAGE="http://www.mozilla.org/projects/security/pki/nss/" - -KEYWORDS="~amd64 ~x86 ~amd64-linux ~x86-linux" -IUSE="utils" - -DEPEND="" -RDEPEND="~dev-libs/nspr-9999 - >=dev-db/sqlite-3.5" - -src_prepare() { - # Custom changes for gentoo - epatch "${FILESDIR}/nss-config-pkgconfig.patch" - epatch "${FILESDIR}/fixup-warnings.patch" - - cd "${S}"/security/coreconf - # hack nspr paths - echo 'INCLUDES += -I'"${EPREFIX}"'/usr/include/nspr -I$(DIST)/include/dbm' \ - >> headers.mk || die "failed to append include" - - # modify install path - sed -e 's:SOURCE_PREFIX = $(CORE_DEPTH)/\.\./dist:SOURCE_PREFIX = $(CORE_DEPTH)/dist:' \ - -i source.mk - - # Respect LDFLAGS - sed -i -e 's/\$(MKSHLIB) -o/\$(MKSHLIB) \$(LDFLAGS) -o/g' rules.mk - - # Ensure we stay multilib aware - #sed -i -e "s:gentoo\/nss:$(get_libdir):" "${S}"/security/nss/config/Makefile || die "Failed to fix for multilib" - - # Fix pkgconfig file for Prefix - #sed -i -e "/^PREFIX =/s:= /usr:= ${EPREFIX}/usr:" \ - #"${S}"/security/nss/config/Makefile - - # dirty hack - cd "${S}"/security/nss - sed -i -e "/CRYPTOLIB/s:\$(SOFTOKEN_LIB_DIR):../freebl/\$(OBJDIR):" \ - lib/ssl/config.mk || die - sed -i -e "/CRYPTOLIB/s:\$(SOFTOKEN_LIB_DIR):../../lib/freebl/\$(OBJDIR):" \ - cmd/platlibs.mk || die - - ln -sf Linux2.6.mk "${S}"/security/coreconf/Linux3.0.mk -} - -src_configure() { - strip-flags - - use amd64 && export USE_64=1 - - export NSPR_INCLUDE_DIR=`nspr-config --includedir` - export NSPR_LIB_DIR=`nspr-config --libdir` - export BUILD_OPT=1 - export NSS_USE_SYSTEM_SQLITE=1 - export NSDISTMODE=copy - export NSS_ENABLE_ECC=1 - export XCFLAGS="${CFLAGS}" - export FREEBL_NO_DEPEND=1 -} - -src_compile() { - cd "${S}"/security/coreconf - emake -j1 CC="$(tc-getCC)" || die "coreconf make failed" - cd "${S}"/security/dbm - emake -j1 CC="$(tc-getCC)" || die "dbm make failed" - cd "${S}"/security/nss - emake -j1 CC="$(tc-getCC)" || die "nss make failed" -} - -# Altering these 3 libraries breaks the CHK verification. -# All of the following cause it to break: -# - stripping -# - prelink -# - ELF signing -# http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn6.html -# Either we have to NOT strip them, or we have to forcibly resign after -# stripping. -#local_libdir="$(get_libdir)" -#export STRIP_MASK=" -# */${local_libdir}/libfreebl3.so* -# */${local_libdir}/libnssdbm3.so* -# */${local_libdir}/libsoftokn3.so*" - -export NSS_CHK_SIGN_LIBS="freebl3 nssdbm3 softokn3" - -generate_chk() { - local shlibsign="$1" - local libdir="$2" - einfo "Resigning core NSS libraries for FIPS validation" - shift 2 - for i in ${NSS_CHK_SIGN_LIBS} ; do - local libname=lib${i}.so - local chkname=lib${i}.chk - "${shlibsign}" \ - -i "${libdir}"/${libname} \ - -o "${libdir}"/${chkname}.tmp \ - && mv -f \ - "${libdir}"/${chkname}.tmp \ - "${libdir}"/${chkname} \ - || die "Failed to sign ${libname}" - done -} - -cleanup_chk() { - local libdir="$1" - shift 1 - for i in ${NSS_CHK_SIGN_LIBS} ; do - local libfname="${libdir}/lib${i}.so" - # If the major version has changed, then we have old chk files. - [ ! -f "${libfname}" -a -f "${libfname}.chk" ] \ - && rm -f "${libfname}.chk" - done -} - -src_install () { - MINOR_VERSION=$(sed -n -r -e 's|.*NSS_[0-9]+_([0-9]+)_[0-9]+.*|\1|p' "${S}"/security/nss/TAG-INFO) - cd "${S}"/security/dist - - dodir /usr/$(get_libdir) - cp -L */lib/*$(get_libname) "${ED}"/usr/$(get_libdir) || die "copying shared libs failed" - # We generate these after stripping the libraries, else they don't match. - #cp -L */lib/*.chk "${ED}"/usr/$(get_libdir) || die "copying chk files failed" - cp -L */lib/libcrmf.a "${ED}"/usr/$(get_libdir) || die "copying libs failed" - - # Install nss-config and pkgconfig file - dodir /usr/bin - cp -L */bin/nss-config "${ED}"/usr/bin - dodir /usr/$(get_libdir)/pkgconfig - cp -L */lib/pkgconfig/nss.pc "${ED}"/usr/$(get_libdir)/pkgconfig - - # all the include files - insinto /usr/include/nss - doins public/nss/*.h - cd "${ED}"/usr/$(get_libdir) - local n= - for file in *$(get_libname); do - n=${file%$(get_libname)}$(get_libname ${MINOR_VERSION}) - mv ${file} ${n} - ln -s ${n} ${file} - done - - local nssutils - # Always enabled because we need it for chk generation. - nssutils="shlibsign" - if use utils; then - # The tests we do not need to install. - #nssutils_test="bltest crmftest dbtest dertimetest - #fipstest remtest sdrtest" - nssutils="addbuiltin atob baddbdir btoa certcgi certutil checkcert - cmsutil conflict crlutil derdump digest makepqg mangle modutil multinit - nonspr10 ocspclnt oidcalc p7content p7env p7sign p7verify pk11mode - pk12util pp rsaperf selfserv shlibsign signtool signver ssltap strsclnt - symkeyutil tstclnt vfychain vfyserv" - fi - cd "${S}"/security/dist/*/bin/ - for f in $nssutils; do - dobin ${f} - done - - # Prelink breaks the CHK files. We don't have any reliable way to run - # shlibsign after prelink. - declare -a libs - for l in ${NSS_CHK_SIGN_LIBS} ; do - libs+=("${EPREFIX}/usr/$(get_libdir)/lib${l}.so") - done - OLD_IFS="${IFS}" IFS=":" ; liblist="${libs[*]}" ; IFS="${OLD_IFS}" - echo -e "PRELINK_PATH_MASK=${liblist}" >"${T}/90nss" - unset libs liblist - doenvd "${T}/90nss" -} - -pkg_postinst() { - elog "We have reverted back to using upstreams soname." - elog "Please run revdep-rebuild --library libnss3.so.12 , this" - elog "will correct most issues. If you find a binary that does" - elog "not run please re-emerge package to ensure it properly" - elog " links after upgrade." - elog - # We must re-sign the libraries AFTER they are stripped. - generate_chk "${EROOT}"/usr/bin/shlibsign "${EROOT}"/usr/$(get_libdir) -} - -pkg_postrm() { - cleanup_chk "${EROOT}"/usr/$(get_libdir) -} |