Consolidate NSPR with this package

NSPR is no longer used outside of NSS, it makes little sense to keep
it as a separate source package, but costs the packaging burden as NSS
requires a buildroot override.
This commit is contained in:
Daiki Ueno 2020-10-22 08:35:31 +02:00
parent e698f2504c
commit ef0e3207fd
6 changed files with 389 additions and 7 deletions

1
.gitignore vendored
View File

@ -55,3 +55,4 @@ TestUser51.cert
/nss-3.56.tar.gz
/nss-3.57.tar.gz
/nss-3.58.tar.gz
/nspr-4.29.tar.gz

37
nspr-config-pc.patch Normal file
View File

@ -0,0 +1,37 @@
diff -up nspr/config/nspr-config.in.flags nspr/config/nspr-config.in
--- nspr/config/nspr-config.in.flags 2013-05-29 13:46:34.147971410 -0700
+++ nspr/config/nspr-config.in 2013-05-29 14:17:10.990838914 -0700
@@ -102,7 +102,7 @@ if test -z "$includedir"; then
includedir=@includedir@
fi
if test -z "$libdir"; then
- libdir=@libdir@
+ libdir=`pkg-config --variable=libdir nspr`
fi
if test "$echo_prefix" = "yes"; then
@@ -136,12 +136,12 @@ if test "$echo_libs" = "yes"; then
if test -n "$lib_nspr"; then
libdirs="$libdirs -lnspr${major_version}"
fi
- os_ldflags="@LDFLAGS@"
+ os_ldflags=`pkg-config --variable=ldflags nspr`
for i in $os_ldflags ; do
if echo $i | grep \^-L >/dev/null; then
libdirs="$libdirs $i"
fi
done
- echo $libdirs @OS_LIBS@
+ echo $libdirs `pkg-config --variable=os_libs nspr`
fi
diff -up nspr/config/nspr.pc.in.flags nspr/config/nspr.pc.in
--- nspr/config/nspr.pc.in.flags 2013-05-29 13:48:15.026643570 -0700
+++ nspr/config/nspr.pc.in 2013-05-29 13:49:47.795202949 -0700
@@ -6,5 +6,5 @@ includedir=@includedir@
Name: NSPR
Description: The Netscape Portable Runtime
Version: @MOD_MAJOR_VERSION@.@MOD_MINOR_VERSION@.@MOD_PATCH_VERSION@
-Libs: -L@libdir@ -lplds@MOD_MAJOR_VERSION@ -lplc@MOD_MAJOR_VERSION@ -lnspr@MOD_MAJOR_VERSION@
+Libs: -L@libdir@ -lplds@MOD_MAJOR_VERSION@ -lplc@MOD_MAJOR_VERSION@ -lnspr@MOD_MAJOR_VERSION@ @OS_LIBS@
Cflags: -I@includedir@

127
nspr-config.xml Normal file
View File

@ -0,0 +1,127 @@
<?xml version='1.0' encoding='utf-8'?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
<!ENTITY date SYSTEM "date.xml">
<!ENTITY version SYSTEM "version.xml">
]>
<refentry id="nspr-config">
<refentryinfo>
<date>&date;</date>
<title>Netscape Portable Runtime</title>
<productname>nspr</productname>
<productnumber>&version;</productnumber>
</refentryinfo>
<refmeta>
<refentrytitle>nspr-config</refentrytitle>
<manvolnum>1</manvolnum>
</refmeta>
<refnamediv>
<refname>nspr-config</refname>
<refpurpose>Return meta information about nspr libraries</refpurpose>
</refnamediv>
<refsynopsisdiv>
<cmdsynopsis>
<command>nspr-config</command>
<arg><option>--prefix</option></arg>
<arg><option>--exec-prefix</option></arg>
<arg><option>--includedir</option></arg>
<arg><option>--libs</option></arg>
<arg><option>--cflags</option></arg>
<arg><option>--libdir</option></arg>
<arg><option>--version</option></arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsection id="description">
<title>Description</title>
<para><command>nspr-config</command> is a shell script which can be used to obtain gcc options for building client pacakges of nspr.</para>
</refsection>
<refsection>
<title>Options</title>
<variablelist>
<varlistentry>
<term><option>--prefix</option></term>
<listitem><simpara>Returns the top level system directory under which the nspr libraries are installed.</simpara></listitem>
</varlistentry>
<varlistentry>
<term><option>--exec-prefix</option></term>
<listitem><simpara>Returns the top level system directory under which any nspr binaries would be installed.</simpara></listitem>
</varlistentry>
<varlistentry>
<term><option>--includedir</option> <replaceable>count</replaceable></term>
<listitem><simpara>Returns the path to the directory were the nspr headers are installed.</simpara></listitem>
</varlistentry>
<varlistentry>
<term><option>--version</option></term>
<listitem><simpara>Returns the upstream version of nspr in the form major_version-minor_version-patch_version.</simpara></listitem>
</varlistentry>
<varlistentry>
<term><option>--libs</option></term>
<listitem><simpara>Returns the compiler linking flags.</simpara></listitem>
</varlistentry>
<varlistentry>
<term><option>--cflags</option></term>
<listitem><simpara>Returns the compiler include flags.</simpara></listitem>
</varlistentry>
<varlistentry>
<term><option>--libdir</option></term>
<listitem><simpara>Returns the path to the directory were the nspr libraries are installed.</simpara></listitem>
</varlistentry>
</variablelist>
</refsection>
<refsection>
<title>Examples</title>
<para>The following example will query for both include path and linkage flags:
<programlisting>
/usr/bin/nspr-config --cflags --libs
</programlisting>
</para>
</refsection>
<refsection>
<title>Files</title>
<para><filename>/usr/bin/nspr-config</filename></para>
</refsection>
<refsection>
<title>See also</title>
<para>pkg-config(1)</para>
</refsection>
<refsection id="authors">
<title>Authors</title>
<para>The NSPR liraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.</para>
<para>
Authors: Elio Maldonado &lt;emaldona@redhat.com>.
</para>
</refsection>
<!-- don't change -->
<refsection id="license">
<title>LICENSE</title>
<para>Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
</para>
</refsection>
</refentry>

77
nspr-gcc-atomics.patch Normal file
View File

@ -0,0 +1,77 @@
diff --git a/pr/include/md/_linux.h b/pr/include/md/_linux.h
--- a/pr/include/md/_linux.h
+++ b/pr/include/md/_linux.h
@@ -82,53 +82,73 @@
#define NO_DLOPEN_NULL
#endif
#if defined(__FreeBSD_kernel__) || defined(__GNU__)
#define _PR_HAVE_SOCKADDR_LEN
#endif
#if defined(__i386__)
+#if defined(__GNUC__)
+/* Use GCC built-in functions */
+#define _PR_HAVE_ATOMIC_OPS
+#define _MD_INIT_ATOMIC()
+#define _MD_ATOMIC_INCREMENT(ptr) __sync_add_and_fetch(ptr, 1)
+#define _MD_ATOMIC_DECREMENT(ptr) __sync_sub_and_fetch(ptr, 1)
+#define _MD_ATOMIC_ADD(ptr, i) __sync_add_and_fetch(ptr, i)
+#define _MD_ATOMIC_SET(ptr, nv) __sync_lock_test_and_set(ptr, nv)
+#else
#define _PR_HAVE_ATOMIC_OPS
#define _MD_INIT_ATOMIC()
extern PRInt32 _PR_x86_AtomicIncrement(PRInt32 *val);
#define _MD_ATOMIC_INCREMENT _PR_x86_AtomicIncrement
extern PRInt32 _PR_x86_AtomicDecrement(PRInt32 *val);
#define _MD_ATOMIC_DECREMENT _PR_x86_AtomicDecrement
extern PRInt32 _PR_x86_AtomicAdd(PRInt32 *ptr, PRInt32 val);
#define _MD_ATOMIC_ADD _PR_x86_AtomicAdd
extern PRInt32 _PR_x86_AtomicSet(PRInt32 *val, PRInt32 newval);
#define _MD_ATOMIC_SET _PR_x86_AtomicSet
#endif
+#endif
#if defined(__ia64__)
#define _PR_HAVE_ATOMIC_OPS
#define _MD_INIT_ATOMIC()
extern PRInt32 _PR_ia64_AtomicIncrement(PRInt32 *val);
#define _MD_ATOMIC_INCREMENT _PR_ia64_AtomicIncrement
extern PRInt32 _PR_ia64_AtomicDecrement(PRInt32 *val);
#define _MD_ATOMIC_DECREMENT _PR_ia64_AtomicDecrement
extern PRInt32 _PR_ia64_AtomicAdd(PRInt32 *ptr, PRInt32 val);
#define _MD_ATOMIC_ADD _PR_ia64_AtomicAdd
extern PRInt32 _PR_ia64_AtomicSet(PRInt32 *val, PRInt32 newval);
#define _MD_ATOMIC_SET _PR_ia64_AtomicSet
#endif
#if defined(__x86_64__)
+#if defined(__GNUC__)
+/* Use GCC built-in functions */
+#define _PR_HAVE_ATOMIC_OPS
+#define _MD_INIT_ATOMIC()
+#define _MD_ATOMIC_INCREMENT(ptr) __sync_add_and_fetch(ptr, 1)
+#define _MD_ATOMIC_DECREMENT(ptr) __sync_sub_and_fetch(ptr, 1)
+#define _MD_ATOMIC_ADD(ptr, i) __sync_add_and_fetch(ptr, i)
+#define _MD_ATOMIC_SET(ptr, nv) __sync_lock_test_and_set(ptr, nv)
+#else
#define _PR_HAVE_ATOMIC_OPS
#define _MD_INIT_ATOMIC()
extern PRInt32 _PR_x86_64_AtomicIncrement(PRInt32 *val);
#define _MD_ATOMIC_INCREMENT _PR_x86_64_AtomicIncrement
extern PRInt32 _PR_x86_64_AtomicDecrement(PRInt32 *val);
#define _MD_ATOMIC_DECREMENT _PR_x86_64_AtomicDecrement
extern PRInt32 _PR_x86_64_AtomicAdd(PRInt32 *ptr, PRInt32 val);
#define _MD_ATOMIC_ADD _PR_x86_64_AtomicAdd
extern PRInt32 _PR_x86_64_AtomicSet(PRInt32 *val, PRInt32 newval);
#define _MD_ATOMIC_SET _PR_x86_64_AtomicSet
#endif
+#endif
#if defined(__or1k__)
#if defined(__GNUC__)
/* Use GCC built-in functions */
#define _PR_HAVE_ATOMIC_OPS
#define _MD_INIT_ATOMIC()
#define _MD_ATOMIC_INCREMENT(ptr) __sync_add_and_fetch(ptr, 1)
#define _MD_ATOMIC_DECREMENT(ptr) __sync_sub_and_fetch(ptr, 1)

153
nss.spec
View File

@ -1,4 +1,5 @@
%global nspr_version 4.29.0
%global nspr_release 2
%global nss_version 3.58.0
%global unsupported_tools_directory %{_libdir}/nss/unsupported-tools
%global saved_files_dir %{_libdir}/nss/saved
@ -31,6 +32,11 @@
# The upstream omits the trailing ".0", while we need it for
# consistency with the pkg-config version:
# https://bugzilla.redhat.com/show_bug.cgi?id=1578106
%{lua:
rpm.define(string.format("nspr_archive_version %s",
string.gsub(rpm.expand("%nspr_version"), "(.*)%.0$", "%1")))
}
%{lua:
rpm.define(string.format("nss_archive_version %s",
string.gsub(rpm.expand("%nss_version"), "(.*)%.0$", "%1")))
@ -44,7 +50,7 @@ rpm.define(string.format("nss_release_tag NSS_%s_RTM",
Summary: Network Security Services
Name: nss
Version: %{nss_version}
Release: 4%{?dist}
Release: 5%{?dist}
License: MPLv2.0
URL: http://www.mozilla.org/projects/security/pki/nss/
Requires: nspr >= %{nspr_version}
@ -54,7 +60,6 @@ Requires: nss-softokn%{_isa} >= %{nss_version}
Requires: nss-system-init
Requires: p11-kit-trust
Requires: /usr/bin/update-crypto-policies
BuildRequires: nspr-devel >= %{nspr_version}
# for shlibsign
BuildRequires: nss-softokn
BuildRequires: sqlite-devel
@ -92,6 +97,9 @@ Source26: key4.db.xml
Source27: secmod.db.xml
Source28: nss-p11-kit.config
Source100: nspr-%{nspr_archive_version}.tar.gz
Source101: nspr-config.xml
# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=617723
Patch2: nss-539183.patch
# This patch uses the GCC -iquote option documented at
@ -117,6 +125,9 @@ Patch20: nss-gcm-param-default-pkcs11v2.patch
%endif
%endif
Patch100: nspr-config-pc.patch
Patch101: nspr-gcc-atomics.patch
%description
Network Security Services (NSS) is a set of libraries designed to
support cross-platform development of security-enabled client and
@ -236,16 +247,52 @@ Requires: nss-softokn-freebl-devel%{?_isa} = %{version}-%{release}
Requires: nspr-devel >= %{nspr_version}
Requires: nss-util-devel >= %{version}-%{release}
Requires: pkgconfig
BuildRequires: nspr-devel >= %{nspr_version}
%description softokn-devel
Header and library files for doing development with Network Security Services.
%package -n nspr
Summary: Netscape Portable Runtime
Version: %{nspr_version}
Release: %{nspr_release}%{?dist}
License: MPLv2.0
URL: http://www.mozilla.org/projects/nspr/
Conflicts: filesystem < 3
BuildRequires: gcc
%description -n nspr
NSPR provides platform independence for non-GUI operating system
facilities. These facilities include threads, thread synchronization,
normal file and network I/O, interval timing and calendar time, basic
memory management (malloc and free) and shared library linking.
%package -n nspr-devel
Summary: Development libraries for the Netscape Portable Runtime
Version: %{nspr_version}
Release: %{nspr_release}%{?dist}
Requires: nspr = %{nspr_version}-%{nspr_release}
Requires: pkgconfig
BuildRequires: xmlto
Conflicts: filesystem < 3
%description -n nspr-devel
Header files for doing development with the Netscape Portable Runtime.
%prep
%autosetup -N -S quilt -n %{name}-%{nss_archive_version}
%setup -q -T -b 100 -n nspr-%{nspr_archive_version}
%setup -q -T -b 0 -n %{name}-%{nss_archive_version}
mv ../nspr-%{nspr_archive_version}/nspr .
cp ./nspr/config/nspr-config.in ./nspr/config/nspr-config-pc.in
%patch100 -p0 -b .flags
pushd nspr
%patch101 -p1 -b .gcc-atomics
popd
pushd nss
%autopatch -p1
%autopatch -p1 -M 99
popd
# https://bugzilla.redhat.com/show_bug.cgi?id=1247353
@ -253,6 +300,48 @@ find nss/lib/libpkix -perm /u+x -type f -exec chmod -x {} \;
%build
# Build, check, and install NSPR for building NSS in the later phase
#
# TODO: This phase can be done by the NSS build process if we switch
# to using "make nss_build_all". For now, however, we need some
# adjustment in the NSS build process.
mkdir -p nspr_build
pushd nspr_build
../nspr/configure \
--prefix=%{_prefix} \
--libdir=%{_libdir} \
--includedir=%{_includedir}/nspr4 \
--with-dist-prefix=$PWD/../dist \
%ifnarch noarch
%if 0%{__isa_bits} == 64
--enable-64bit \
%endif
%endif
%ifarch armv7l armv7hl armv7nhl
--enable-thumb2 \
%endif
--enable-optimize="$RPM_OPT_FLAGS" \
--disable-debug
# The assembly files are only for legacy atomics, to which we prefer GCC atomics
%ifarch i686 x86_64
sed -i '/^PR_MD_ASFILES/d' config/autoconf.mk
%endif
make
date +"%e %B %Y" | tr -d '\n' > date.xml
echo -n %{nspr_version} > version.xml
for m in %{SOURCE101}; do
cp ${m} .
done
for m in nspr-config.xml; do
xmlto man ${m}
done
popd
# Build NSS
#
# This package fails its testsuite with LTO. Disable LTO for now
%global _lto_cflags %{nil}
@ -292,8 +381,7 @@ export DSO_LDOPTS=$RPM_LD_FLAGS
export PKG_CONFIG_ALLOW_SYSTEM_LIBS=1
export PKG_CONFIG_ALLOW_SYSTEM_CFLAGS=1
export NSPR_INCLUDE_DIR=`/usr/bin/pkg-config --cflags-only-I nspr | sed 's/-I//'`
export NSPR_LIB_DIR=%{_libdir}
export NSPR_INCLUDE_DIR=$PWD/dist/include/nspr
export NSS_USE_SYSTEM_SQLITE=1
@ -429,6 +517,20 @@ done
%check
%if %{with tests}
pushd nspr_build
# Run test suite.
perl ../nspr/pr/tests/runtests.pl 2>&1 | tee output.log
TEST_FAILURES=`grep -c FAILED ./output.log` || :
if [ $TEST_FAILURES -ne 0 ]; then
echo "error: test suite returned failure(s)"
exit 1
fi
echo "test suite completed"
popd
%endif
%if %{with tests}
# Begin -- copied from the build section
@ -507,6 +609,27 @@ killall $RANDSERV || :
%install
pushd nspr_build
make install DESTDIR=$RPM_BUILD_ROOT
mkdir -p $RPM_BUILD_ROOT%{_mandir}/man1
mkdir -p $RPM_BUILD_ROOT/%{_libdir}/pkgconfig
# Get rid of the things we don't want installed (per upstream)
rm -rf \
$RPM_BUILD_ROOT/%{_bindir}/compile-et.pl \
$RPM_BUILD_ROOT/%{_bindir}/prerr.properties \
$RPM_BUILD_ROOT/%{_libdir}/libnspr4.a \
$RPM_BUILD_ROOT/%{_libdir}/libplc4.a \
$RPM_BUILD_ROOT/%{_libdir}/libplds4.a \
$RPM_BUILD_ROOT/%{_datadir}/aclocal/nspr.m4 \
$RPM_BUILD_ROOT/%{_includedir}/nspr4/md
for f in nspr-config; do
install -c -m 644 ${f}.1 $RPM_BUILD_ROOT%{_mandir}/man1/${f}.1
done
popd
# There is no make install target so we'll do it ourselves.
mkdir -p $RPM_BUILD_ROOT/%{_includedir}/nss3
@ -904,8 +1027,24 @@ update-crypto-policies &> /dev/null || :
%{_includedir}/nss3/nsslowhash.h
%{_includedir}/nss3/shsign.h
%files -n nspr
%{!?_licensedir:%global license %%doc}
%license nspr/LICENSE
%{_libdir}/libnspr4.so
%{_libdir}/libplc4.so
%{_libdir}/libplds4.so
%files -n nspr-devel
%{_includedir}/nspr4
%{_libdir}/pkgconfig/nspr.pc
%{_bindir}/nspr-config
%{_mandir}/man*/*
%changelog
* Tue Oct 27 2020 Daiki Ueno <dueno@redhat.com> - 3.58.0-5
- Consolidate NSPR package with this package
* Mon Oct 26 2020 Bob Relyea <rrelyea@redhat.com> - 3.58.0-4
- fix pkix ocsp to tolerate OCSP checking on intermediates
when the root is signed by sha1 and sha1 is disabled by

View File

@ -3,4 +3,5 @@ SHA512 (blank-cert9.db) = 2f8eab4c0612210ee47db8a3a80c1b58a0b43849551af78c7da403
SHA512 (blank-key3.db) = 01f7314e9fc8a7c9aa997652624cfcde213d18a6b3bb31840c1a60bbd662e56b5bc3221d13874abb42ce78163b225a6dfce2e1326cf6dd29366ad9c28ba5a71c
SHA512 (blank-key4.db) = 8fedae93af7163da23fe9492ea8e785a44c291604fa98e58438448efb69c85d3253fc22b926d5c3209c62e58a86038fd4d78a1c4c068bc00600a7f3e5382ebe7
SHA512 (blank-secmod.db) = 06a2dbd861839ef6315093459328b500d3832333a34b30e6fac4a2503af337f014a4d319f0f93322409e719142904ce8bc08252ae9a4f37f30d4c3312e900310
SHA512 (nspr-4.29.tar.gz) = ba5ac275fe0beb69d7a7674c9ee9e4429bd5761daed285edd975ccc829af30d062bf4a0f5e44361e3bd191f21b1905f96ab146d53b55324020f13ecb3c05609b
SHA512 (nss-3.58.tar.gz) = 03d2ab1517ac07620ea3f02dcf680cf019e0129006ff2559b2d0a047036340c20b98c9679b17a594e5502aa30e158caf309f046901b9ec7c7adeeaa13ec50b80