- Update all of NSS to to NSS_3_12_RC4

- Require NSPR 4.7, SQLite - Run the test suite after the build and abort on failures.
2008-06-02 12:52:04 +00:00 · 2008-06-02 12:52:04 +00:00 · f392a1d793
parent 198b4182db
commit f392a1d793
5 changed files with 174 additions and 105 deletions
--- a/.cvsignore
+++ b/.cvsignore
@ -1,4 +1,2 @@
-nss-3.11.5-fbst-stripped.tar.gz
-nss-3.11.7-no-fbst-with-ckbi-1.64.tar.gz
-nss-3.12-alpha-ckfw.tar.gz
-nss-3.12-alpha-pem.tar.gz
+nss-pem-20080124.tar.bz2
+nss-3.12.0.3-stripped.tar.bz2
--- a/nss-fix-tests.patch
+++ b/nss-fix-tests.patch
@ -0,0 +1,44 @@
+diff -up ./mozilla/security/nss/tests/header.prex ./mozilla/security/nss/tests/header
+--- ./mozilla/security/nss/tests/header.prex	2008-03-17 21:36:11.000000000 +0100
+++ ./mozilla/security/nss/tests/header	2008-03-17 21:36:47.000000000 +0100
+@@ -1114,8 +1114,8 @@ qa_stat_get_sysinfo()
+ set_objdir()
+ {
+     Debug "set object dir"
+-    OBJDIR=`cd ${TESTSCRIPTDIR}/common; gmake objdir_name`
+-    OS_ARCH=`cd ${TESTSCRIPTDIR}/common; gmake os_arch`
+    OBJDIR=`cd ${TESTSCRIPTDIR}/common; gmake --no-print-directory objdir_name`
+    OS_ARCH=`cd ${TESTSCRIPTDIR}/common; gmake --no-print-directory os_arch`
+     
+     #at this point $MASTERBUILD needs to be either NT or unix
+ 
+diff -up ./mozilla/security/nss/tests/nsspath.prex ./mozilla/security/nss/tests/nsspath
+--- ./mozilla/security/nss/tests/nsspath.prex	2008-03-17 21:37:10.000000000 +0100
+++ ./mozilla/security/nss/tests/nsspath	2008-03-17 21:37:23.000000000 +0100
+@@ -2,7 +2,7 @@
+ 
+ set PWD=`pwd`
+ source /u/sonmi/bin/nssdir $*
+-set OBJDIR=`(cd mozilla/security/nss/tests/common; gmake objdir_name)`
+set OBJDIR=`(cd mozilla/security/nss/tests/common; gmake --no-print-directory objdir_name)`
+ setenv PATH `perl /u/sonmi/bin/path_uniq -s "${PATH}:${UXDIST}/${OBJDIR}/bin"`
+ if ( `uname -n` == "iws-perf" ) then
+     setenv LD_LIBRARY_PATH "${UXDIST}/${OBJDIR}/lib:/opt/nfast/toolkits/pkcs11"
+diff -up ./mozilla/security/nss/tests/common/init.sh.prex ./mozilla/security/nss/tests/common/init.sh
+--- ./mozilla/security/nss/tests/common/init.sh.prex	2008-03-17 21:37:32.000000000 +0100
+++ ./mozilla/security/nss/tests/common/init.sh	2008-03-17 21:38:52.000000000 +0100
+@@ -269,10 +269,10 @@ if [ -z "${INIT_SOURCED}" -o "${INIT_SOU
+     DIST=${DIST-${MOZILLA_ROOT}/dist}
+     SECURITY_ROOT=${SECURITY_ROOT-${MOZILLA_ROOT}/security/nss}
+     TESTDIR=${TESTDIR-${MOZILLA_ROOT}/tests_results/security}
+-    OBJDIR=`(cd $COMMON; $MAKE objdir_name)`
+-    OS_ARCH=`(cd $COMMON; $MAKE os_arch)`
+-    DLL_PREFIX=`(cd $COMMON; $MAKE dll_prefix)`
+-    DLL_SUFFIX=`(cd $COMMON; $MAKE dll_suffix)`
+    OBJDIR=`(cd $COMMON; $MAKE --no-print-directory objdir_name)`
+    OS_ARCH=`(cd $COMMON; $MAKE --no-print-directory os_arch)`
+    DLL_PREFIX=`(cd $COMMON; $MAKE --no-print-directory dll_prefix)`
+    DLL_SUFFIX=`(cd $COMMON; $MAKE --no-print-directory dll_suffix)`
+     OS_NAME=`uname -s | sed -e "s/-[0-9]*\.[0-9]*//" | sed -e "s/-WOW64//"`
+ 
+     BINDIR="${DIST}/${OBJDIR}/bin"
--- a/nss-nolocalsql.patch
+++ b/nss-nolocalsql.patch
@ -0,0 +1,53 @@
+diff -up mozilla/security/nss/lib/Makefile.nolocalsql mozilla/security/nss/lib/Makefile
+--- mozilla/security/nss/lib/Makefile.nolocalsql	2007-11-06 15:12:37.000000000 +0100
+++ mozilla/security/nss/lib/Makefile	2007-11-06 15:13:35.000000000 +0100
+@@ -62,11 +62,11 @@ ifeq ($(OS_TARGET), WINCE)
+ DIRS := $(filter-out fortcrypt,$(DIRS))
+ endif
+ 
+-ifndef MOZILLA_CLIENT
+-ifndef NSS_USE_SYSTEM_SQLITE
+-DIRS := sqlite $(DIRS)
+-endif
+-endif
+#ifndef MOZILLA_CLIENT
+#ifndef NSS_USE_SYSTEM_SQLITE
+#DIRS := sqlite $(DIRS)
+#endif
+#endif
+ 
+ #######################################################################
+ # (5) Execute "global" rules. (OPTIONAL)                              #
+diff -up mozilla/security/nss/lib/softoken/legacydb/manifest.mn.nolocalsql mozilla/security/nss/lib/softoken/legacydb/manifest.mn
+--- mozilla/security/nss/lib/softoken/legacydb/manifest.mn.nolocalsql	2007-11-06 15:10:59.000000000 +0100
+++ mozilla/security/nss/lib/softoken/legacydb/manifest.mn	2007-11-06 15:11:07.000000000 +0100
+@@ -46,9 +46,9 @@ MAPFILE = $(OBJDIR)/nssdbm.def
+ 
+ DEFINES += -DSHLIB_SUFFIX=\"$(DLL_SUFFIX)\" -DSHLIB_PREFIX=\"$(DLL_PREFIX)\" -DSOFTOKEN_LIB_NAME=\"$(notdir $(SHARED_LIBRARY))\"
+ 
+-ifdef MOZILLA_CLIENT
+-INCLUDES += -I$(DIST)/include/sqlite3
+-endif
+#ifdef MOZILLA_CLIENT
+#INCLUDES += -I$(DIST)/include/sqlite3
+#endif
+ 
+ CSRCS = \
+ 	dbmshim.c \
+diff -up mozilla/security/nss/lib/softoken/manifest.mn.nolocalsql mozilla/security/nss/lib/softoken/manifest.mn
+--- mozilla/security/nss/lib/softoken/manifest.mn.nolocalsql	2007-11-06 15:08:14.000000000 +0100
+++ mozilla/security/nss/lib/softoken/manifest.mn	2007-11-06 15:10:21.000000000 +0100
+@@ -47,9 +47,9 @@ MAPFILE = $(OBJDIR)/softokn.def
+ 
+ DEFINES += -DSHLIB_SUFFIX=\"$(DLL_SUFFIX)\" -DSHLIB_PREFIX=\"$(DLL_PREFIX)\" -DSOFTOKEN_LIB_NAME=\"$(notdir $(SHARED_LIBRARY))\" -DSHLIB_VERSION=\"$(LIBRARY_VERSION)\"
+ 
+-ifdef MOZILLA_CLIENT
+-INCLUDES += -I$(DIST)/include/sqlite3
+-endif
+#ifdef MOZILLA_CLIENT
+#INCLUDES += -I$(DIST)/include/sqlite3
+#endif
+ 
+ EXPORTS = \
+ 	pkcs11.h \
+diff -up mozilla/security/nss/lib/softoken/config.mk.nolocalsql mozilla/security/nss/lib/softoken/config.mk
--- a/nss.spec
+++ b/nss.spec
@ -1,47 +1,39 @@
-%define nspr_version 4.6.2
+%define nspr_version 4.7
 %define unsupported_tools_directory %{_libdir}/nss/unsupported-tools
-%define fips_source_version 3.11.5
-%define ckfw_source_version 3.12-alpha
-%define ckbi_version 1.64

 Summary:          Network Security Services
 Name:             nss
-Version:          3.11.7
-Release:          10%{?dist}
+Version:          3.12.0.3
+Release:          0.8.1%{?dist}
 License:          MPLv1.1 or GPLv2+ or LGPLv2+
 URL:              http://www.mozilla.org/projects/security/pki/nss/
 Group:            System Environment/Libraries
 Requires:         nspr >= %{nspr_version}
+Requires:         sqlite
 BuildRoot:        %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires:    nspr-devel >= %{nspr_version}
+BuildRequires:    sqlite-devel
 BuildRequires:    pkgconfig
 BuildRequires:    gawk
+BuildRequires:    psmisc
+BuildRequires:    perl
 Provides:         mozilla-nss
 Obsoletes:        mozilla-nss

-#Source0:          %{name}-%{version}-no-fbst.tar.gz
-Source0:          %{name}-%{version}-no-fbst-with-ckbi-%{ckbi_version}.tar.gz
-# ckbi is the builtin roots module which may get released separately.
+Source0:          %{name}-%{version}-stripped.tar.bz2

 Source1:          nss.pc.in
 Source2:          nss-config.in
 Source3:          blank-cert8.db
 Source4:          blank-key3.db
 Source5:          blank-secmod.db
-Source7:          fake-kstat.h
 Source8:          nss-prelink.conf
-Source10:         %{name}-%{fips_source_version}-fbst-stripped.tar.gz
-Source11:         %{name}-%{ckfw_source_version}-ckfw.tar.gz
-Source12:         %{name}-%{ckfw_source_version}-pem.tar.gz
+Source12:         %{name}-pem-20080124.tar.bz2

 Patch1:           nss-no-rpath.patch
-Patch2:           nss-smartcard-auth.patch
-Patch3:           nss-use-netstat-hack.patch
-Patch4:           nss-decouple-softokn.patch
-Patch5:           nss-disable-build-freebl-softoken.patch
+Patch2:           nss-nolocalsql.patch
 Patch6:           nss-enable-pem.patch
-Patch7:           nss-create-obj.patch
-
+patch7:           nss-fix-tests.patch

 %description
 Network Security Services (NSS) is a set of libraries designed to
@ -91,51 +83,12 @@ low level services.

 %prep
 %setup -q
-%setup -q -T -D -n %{name}-%{version} -a 10
-%setup -q -T -D -n %{name}-%{version} -a 11
 %setup -q -T -D -n %{name}-%{version} -a 12

-%define old_nss_lib %{name}-%{fips_source_version}/mozilla/security/nss/lib
-%define new_nss_lib mozilla/security/nss/lib
-%define new_ckfw_lib %{name}-%{ckfw_source_version}/mozilla/security/nss/lib
-
-# Ensure we will not use new freebl/softoken code
-rm -rf %{new_nss_lib}/freebl
-rm -rf %{new_nss_lib}/softoken
-
-# However, in order to build newer NSS we need some exports
-cp -a %{old_nss_lib}/freebl %{new_nss_lib}
-cp -a %{old_nss_lib}/softoken %{new_nss_lib}
-
-# set up ckfw
-rm -rf %{new_nss_lib}/ckfw
-cp -a %{new_ckfw_lib}/ckfw %{new_nss_lib}
-
-# Ensure the newer NSS tree will not build code, except the loader
-mv -i %{new_nss_lib}/freebl/loader.c %{new_nss_lib}/freebl/loader.c.save
-rm -rf %{new_nss_lib}/freebl/*.c %{new_nss_lib}/freebl/*.s
-rm -rf %{new_nss_lib}/softoken/*.c %{new_nss_lib}/softoken/*.s
-mv -i %{new_nss_lib}/freebl/loader.c.save %{new_nss_lib}/freebl/loader.c
-
-# These currently don't build without freebl/softoken in the same tree
-rm -rf mozilla/security/nss/cmd/bltest
-rm -rf mozilla/security/nss/cmd/fipstest
-rm -rf mozilla/security/nss/cmd/certcgi
-
-# Apply the patches to the newer NSS tree
 %patch1 -p0
-%patch2 -p0 -b .smartcard-auth
-%patch4 -p0 -b .decouple-softokn
-%patch5 -p0 -b .nofbst
+%patch2 -p0
 %patch6 -p0 -b .libpem
-%patch7 -p0 -b .create-obj
-
-# Apply the patches to the tree where we build freebl/softoken
-cd nss-%{fips_source_version}
-%patch3 -p0 -b .use-netstat-hack
-%{__mkdir_p} mozilla/security/nss/lib/fake/
-cp -i %{SOURCE7} mozilla/security/nss/lib/fake/kstat.h
-cd ..
+%patch7 -p0 -b .prex


 %build
@ -171,26 +124,6 @@ export USE_64
 # NSS_ENABLE_ECC=1
 # export NSS_ENABLE_ECC

-##### first, build freebl and softokn shared libraries
-
-cd nss-%{fips_source_version}
-%{__make} -C ./mozilla/security/coreconf
-%{__make} -C ./mozilla/security/dbm
-%{__make} -C ./mozilla/security/nss export
-%{__make} -C ./mozilla/security/nss/lib/base
-%{__make} -C ./mozilla/security/nss/lib/util
-%{__make} -C ./mozilla/security/nss/lib/freebl
-touch ./mozilla/security/nss/lib/freebl/unix_rand.c
-rm -f ./mozilla/security/nss/lib/freebl/*/*/libfreebl3*
-rm -f ./mozilla/security/nss/lib/freebl/*/*/sysrand*
-USE_NETSTAT_HACK=1 %{__make} -C ./mozilla/security/nss/lib/freebl
-%{__make} -C ./mozilla/security/nss/lib/freebl install
-%{__make} -C ./mozilla/security/nss/lib/softoken
-%{__make} -C ./mozilla/security/nss/lib/softoken install
-cd ..
-
-##### second, build all the rest of NSS
-
 %{__make} -C ./mozilla/security/coreconf
 %{__make} -C ./mozilla/security/dbm
 %{__make} -C ./mozilla/security/nss
@ -225,6 +158,56 @@ export NSS_VPATCH

 chmod 755 $RPM_BUILD_ROOT/%{_bindir}/nss-config

+# enable the following line to force a test failure
+# find ./mozilla -name \*.chk | xargs rm -f
+
+# Run test suite.
+# In order to support multiple concurrent executions of the test suite
+# (caused by concurrent RPM builds) on a single host,
+# we'll use a random port. Also, we want to clean up any stuck
+# selfserv processes. If process name "selfserv" is used everywhere,
+# we can't simply do a "killall selfserv", because it could disturb
+# concurrent builds. Therefore we'll do a search and replace and use
+# a different process name.
+# Using xargs doesn't mix well with spaces in filenames, in order to
+# avoid weird quoting we'll require that no spaces are being used.
+
+SPACEISBAD=`find ./mozilla/security/nss/tests | grep -c ' '` ||:
+if [ SPACEISBAD -ne 0 ]; then
+  echo "error: filenames containing space are not supported (xargs)"
+  exit 1
+fi
+MYRAND=`perl -e 'print 9000 + int rand 1000'`; echo $MYRAND ||:
+RANDSERV=selfserv_${MYRAND}; echo $RANDSERV ||:
+DISTBINDIR=`ls -d ./mozilla/dist/*.OBJ/bin`; echo $DISTBINDIR ||:
+pushd `pwd`
+cd $DISTBINDIR
+ln -s selfserv $RANDSERV
+popd
+# man perlrun, man perlrequick
+# replace word-occurrences of selfserv with selfserv_$MYRAND
+find ./mozilla/security/nss/tests -type f |\
+  grep -v "\.db$" |grep -v "\.crl$" | grep -v "\.crt$" |\
+  grep -vw CVS  |xargs grep -lw selfserv |\
+  xargs -l perl -pi -e "s/\bselfserv\b/$RANDSERV/g" ||:
+
+killall $RANDSERV || :
+
+rm -rf ./mozilla/tests_results
+cd ./mozilla/security/nss/tests/
+# all.sh is the test suite script
+HOST=localhost DOMSUF=localdomain PORT=$MYRAND ./all.sh
+cd ../../../../
+
+killall $RANDSERV || :
+
+TEST_FAILURES=`grep -c FAILED ./mozilla/tests_results/security/localhost.1/output.log` || :
+if [ $TEST_FAILURES -ne 0 ]; then
+  echo "error: test suite returned failure(s)"
+  exit 1
+fi
+echo "test suite completed"
+

 %install

@ -236,14 +219,8 @@ chmod 755 $RPM_BUILD_ROOT/%{_bindir}/nss-config
 %{__mkdir_p} $RPM_BUILD_ROOT/%{unsupported_tools_directory}

 # Copy the binary libraries we want
-for file in libsoftokn3.so libfreebl3.so
-do
-  %{__install} -m 755 nss-%{fips_source_version}/mozilla/dist/*.OBJ/lib/$file \
-                      $RPM_BUILD_ROOT/%{_libdir}
-done
-
-# Copy the binary libraries we want
-for file in libnss3.so libssl3.so libsmime3.so libnssckbi.so libnsspem.so
+for file in libsoftokn3.so libfreebl3.so libnss3.so libnssutil3.so \
+            libssl3.so libsmime3.so libnssckbi.so libnsspem.so libnssdbm3.so
 do
  %{__install} -m 755 mozilla/dist/*.OBJ/lib/$file $RPM_BUILD_ROOT/%{_libdir}
 done
@ -278,15 +255,6 @@ do
  %{__install} -m 755 mozilla/dist/*.OBJ/bin/$file $RPM_BUILD_ROOT/%{unsupported_tools_directory}
 done

-# Copy the include files we want from freebl/softoken sources
-# and remove those files from the other area
-for file in blapit.h shsign.h ecl-exp.h pkcs11.h pkcs11f.h pkcs11p.h pkcs11t.h pkcs11n.h pkcs11u.h
-do
-  %{__install} -m 644 nss-%{fips_source_version}/mozilla/dist/public/nss/$file \
-                      $RPM_BUILD_ROOT/%{_includedir}/nss3
-  rm mozilla/dist/public/nss/$file
-done
-
 # Copy the include files we want
 for file in mozilla/dist/public/nss/*.h
 do
@ -311,6 +279,8 @@ done
 %files
 %defattr(-,root,root)
 %{_libdir}/libnss3.so
+%{_libdir}/libnssutil3.so
+%{_libdir}/libnssdbm3.so
 %{_libdir}/libssl3.so
 %{_libdir}/libsmime3.so
 %{_libdir}/libsoftokn3.so
@ -437,6 +407,7 @@ done
 %{_includedir}/nss3/sslerr.h
 %{_includedir}/nss3/sslproto.h
 %{_includedir}/nss3/sslt.h
+%{_includedir}/nss3/utilrename.h
 %{_includedir}/nss3/watcomfx.h


@ -457,6 +428,11 @@ done


 %changelog
+* Mon Jun 02 2008 Kai Engert <kengert@redhat.com> - 3.12.0.3-0.8.1
+- Update all of NSS to to NSS_3_12_RC4
+- Require NSPR 4.7, SQLite
+- Run the test suite after the build and abort on failures.
+
 * Wed Oct 10 2007 Kai Engert <kengert@redhat.com> - 3.11.7-10
 - Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist
  our signed libraries and protect them from modification.
--- a/6
+++ b/6
@ -1,4 +1,2 @@
-68c5e1bd8ba091e5a50babcd9e552bc5  nss-3.11.5-fbst-stripped.tar.gz
-c1053d1e001a5b1eb4b7c296a968ca5c  nss-3.11.7-no-fbst-with-ckbi-1.64.tar.gz
-baa96599af6f0a2b656479d8e4efd58f  nss-3.12-alpha-ckfw.tar.gz
-cb4e4fc7c06ad3b02178ed453273abec  nss-3.12-alpha-pem.tar.gz
+084675e4f793ed82e1ba78f76745ada8  nss-pem-20080124.tar.bz2
+3cd51c37fd84d5c56cdd2bf807d16625  nss-3.12.0.3-stripped.tar.bz2