dist-git conversion

#2781)

.cvsignore

@@ -1,4 +0,0 @@
-nss-3.11.5-fbst-stripped.tar.gz
-nss-3.11.7-no-fbst-with-ckbi-1.64.tar.gz
-nss-3.12-alpha-ckfw.tar.gz
-nss-3.12-alpha-pem.tar.gz

.gitignore

@@ -0,0 +1,2 @@
+nss-pem-20080124.tar.bz2
+nss-3.12.2.0-stripped.tar.bz2

Makefile

@@ -1,21 +0,0 @@
-# Makefile for source rpm: nss
-# $Id: Makefile,v 1.1 2005/12/15 19:34:51 caillon Exp $
-NAME := nss
-SPECFILE = $(firstword $(wildcard *.spec))
-
-define find-makefile-common
-for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
-endef
-
-MAKEFILE_COMMON := $(shell $(find-makefile-common))
-
-ifeq ($(MAKEFILE_COMMON),)
-# attempt a checkout
-define checkout-makefile-common
-test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2
-endef
-
-MAKEFILE_COMMON := $(shell $(checkout-makefile-common))
-endif
-
-include $(MAKEFILE_COMMON)

nss-config.in

@@ -20,6 +20,7 @@ Options:
 	[--cflags]
 Dynamic Libraries:
 	nss
+	nssutil
 	ssl
 	smime
 EOF
@@ -33,6 +34,7 @@ fi
 lib_ssl=yes
 lib_smime=yes
 lib_nss=yes
+lib_nssutil=yes
 
 while test $# -gt 0; do
   case "$1" in
@@ -83,6 +85,9 @@ while test $# -gt 0; do
     nss)
       lib_nss=yes
       ;;
+    nssutil)
+      lib_nssutil=yes
+      ;;
     *)
       usage 1 1>&2
       ;;
@@ -132,6 +137,9 @@ if test "$echo_libs" = "yes"; then
       if test -n "$lib_nss"; then
 	libdirs="$libdirs -lnss${major_version}"
       fi
+      if test -n "$lib_nssutil"; then
+	libdirs="$libdirs -lnssutil${major_version}"
+      fi
       echo $libdirs
 fi      
 

nss-nolocalsql.patch

@@ -0,0 +1,53 @@
+diff -up mozilla/security/nss/lib/Makefile.nolocalsql mozilla/security/nss/lib/Makefile
+--- mozilla/security/nss/lib/Makefile.nolocalsql	2007-11-06 15:12:37.000000000 +0100
++++ mozilla/security/nss/lib/Makefile	2007-11-06 15:13:35.000000000 +0100
+@@ -62,11 +62,11 @@ ifeq ($(OS_TARGET), WINCE)
+ DIRS := $(filter-out fortcrypt,$(DIRS))
+ endif
+ 
+-ifndef MOZILLA_CLIENT
+-ifndef NSS_USE_SYSTEM_SQLITE
+-DIRS := sqlite $(DIRS)
+-endif
+-endif
++#ifndef MOZILLA_CLIENT
++#ifndef NSS_USE_SYSTEM_SQLITE
++#DIRS := sqlite $(DIRS)
++#endif
++#endif
+ 
+ #######################################################################
+ # (5) Execute "global" rules. (OPTIONAL)                              #
+diff -up mozilla/security/nss/lib/softoken/legacydb/manifest.mn.nolocalsql mozilla/security/nss/lib/softoken/legacydb/manifest.mn
+--- mozilla/security/nss/lib/softoken/legacydb/manifest.mn.nolocalsql	2007-11-06 15:10:59.000000000 +0100
++++ mozilla/security/nss/lib/softoken/legacydb/manifest.mn	2007-11-06 15:11:07.000000000 +0100
+@@ -46,9 +46,9 @@ MAPFILE = $(OBJDIR)/nssdbm.def
+ 
+ DEFINES += -DSHLIB_SUFFIX=\"$(DLL_SUFFIX)\" -DSHLIB_PREFIX=\"$(DLL_PREFIX)\" -DSOFTOKEN_LIB_NAME=\"$(notdir $(SHARED_LIBRARY))\"
+ 
+-ifdef MOZILLA_CLIENT
+-INCLUDES += -I$(DIST)/include/sqlite3
+-endif
++#ifdef MOZILLA_CLIENT
++#INCLUDES += -I$(DIST)/include/sqlite3
++#endif
+ 
+ CSRCS = \
+ 	dbmshim.c \
+diff -up mozilla/security/nss/lib/softoken/manifest.mn.nolocalsql mozilla/security/nss/lib/softoken/manifest.mn
+--- mozilla/security/nss/lib/softoken/manifest.mn.nolocalsql	2007-11-06 15:08:14.000000000 +0100
++++ mozilla/security/nss/lib/softoken/manifest.mn	2007-11-06 15:10:21.000000000 +0100
+@@ -47,9 +47,9 @@ MAPFILE = $(OBJDIR)/softokn.def
+ 
+ DEFINES += -DSHLIB_SUFFIX=\"$(DLL_SUFFIX)\" -DSHLIB_PREFIX=\"$(DLL_PREFIX)\" -DSOFTOKEN_LIB_NAME=\"$(notdir $(SHARED_LIBRARY))\" -DSHLIB_VERSION=\"$(LIBRARY_VERSION)\"
+ 
+-ifdef MOZILLA_CLIENT
+-INCLUDES += -I$(DIST)/include/sqlite3
+-endif
++#ifdef MOZILLA_CLIENT
++#INCLUDES += -I$(DIST)/include/sqlite3
++#endif
+ 
+ EXPORTS = \
+ 	pkcs11.h \
+diff -up mozilla/security/nss/lib/softoken/config.mk.nolocalsql mozilla/security/nss/lib/softoken/config.mk

nss-pem-bug429175.patch

@@ -0,0 +1,12 @@
+diff -u --recursive mozilla.orig/security/nss/lib/ckfw/pem/pobject.c mozilla/security/nss/lib/ckfw/pem/pobject.c
+--- mozilla.orig/security/nss/lib/ckfw/pem/pobject.c    2007-09-06 16:46:30.000000000 -0400
++++ mozilla/security/nss/lib/ckfw/pem/pobject.c 2008-08-13 21:08:43.000000000 -0400
+@@ -160,7 +160,7 @@
+     (void *) &ck_false, (PRUint32) sizeof(CK_BBOOL)
+ };
+ static const NSSItem pem_x509Item = {
+-    (void *) &ckc_x509, (PRUint32) sizeof(CKC_X_509)
++    (void *) &ckc_x509, (PRUint32) sizeof(CK_ULONG)
+ };
+ static const NSSItem pem_rsaItem = {
+     (void *) &ckk_rsa, (PRUint32) sizeof(CK_KEY_TYPE)

nss.pc.in

@@ -7,5 +7,5 @@ Name: NSS
 Description: Network Security Services
 Version: %NSS_VERSION%
 Requires: nspr >= %NSPR_VERSION%
-Libs: -lssl3 -lsmime3 -lnss3
+Libs: -lssl3 -lsmime3 -lnss3 -lnssutil3
 Cflags: -I${includedir}

nss.spec

@@ -1,47 +1,42 @@
-%define nspr_version 4.6.2
+%define nspr_version 4.7
 %define unsupported_tools_directory %{_libdir}/nss/unsupported-tools
-%define fips_source_version 3.11.5
-%define ckfw_source_version 3.12-alpha
-%define ckbi_version 1.64
+%define ckbi_version 1.72
 
 Summary:          Network Security Services
 Name:             nss
-Version:          3.11.7
-Release:          10%{?dist}
+Version:          3.12.2.0
+Release:          1.1%{?dist}
 License:          MPLv1.1 or GPLv2+ or LGPLv2+
 URL:              http://www.mozilla.org/projects/security/pki/nss/
 Group:            System Environment/Libraries
 Requires:         nspr >= %{nspr_version}
+Requires:         sqlite
 BuildRoot:        %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires:    nspr-devel >= %{nspr_version}
+BuildRequires:    sqlite-devel
 BuildRequires:    pkgconfig
 BuildRequires:    gawk
+BuildRequires:    psmisc
+BuildRequires:    perl
+BuildRequires:    zlib-devel
 Provides:         mozilla-nss
 Obsoletes:        mozilla-nss
 
-#Source0:          %{name}-%{version}-no-fbst.tar.gz
-Source0:          %{name}-%{version}-no-fbst-with-ckbi-%{ckbi_version}.tar.gz
-# ckbi is the builtin roots module which may get released separately.
+Source0:          %{name}-%{version}-stripped.tar.bz2
+#Source0:          %{name}-%{version}-ckbi-%{ckbi_version}-stripped.tar.bz2
 
 Source1:          nss.pc.in
 Source2:          nss-config.in
 Source3:          blank-cert8.db
 Source4:          blank-key3.db
 Source5:          blank-secmod.db
-Source7:          fake-kstat.h
 Source8:          nss-prelink.conf
-Source10:         %{name}-%{fips_source_version}-fbst-stripped.tar.gz
-Source11:         %{name}-%{ckfw_source_version}-ckfw.tar.gz
-Source12:         %{name}-%{ckfw_source_version}-pem.tar.gz
+Source12:         %{name}-pem-20080124.tar.bz2
 
 Patch1:           nss-no-rpath.patch
-Patch2:           nss-smartcard-auth.patch
-Patch3:           nss-use-netstat-hack.patch
-Patch4:           nss-decouple-softokn.patch
-Patch5:           nss-disable-build-freebl-softoken.patch
+Patch2:           nss-nolocalsql.patch
+Patch5:           nss-pem-bug429175.patch
 Patch6:           nss-enable-pem.patch
-Patch7:           nss-create-obj.patch
-
 
 %description
 Network Security Services (NSS) is a set of libraries designed to
@@ -55,6 +50,7 @@ v3 certificates, and other security standards.
 Summary:          Tools for the Network Security Services
 Group:            System Environment/Base
 Requires:         nss = %{version}-%{release}
+Requires:         zlib
 
 %description tools
 Network Security Services (NSS) is a set of libraries designed to
@@ -91,51 +87,12 @@ low level services.
 
 %prep
 %setup -q
-%setup -q -T -D -n %{name}-%{version} -a 10
-%setup -q -T -D -n %{name}-%{version} -a 11
 %setup -q -T -D -n %{name}-%{version} -a 12
 
-%define old_nss_lib %{name}-%{fips_source_version}/mozilla/security/nss/lib
-%define new_nss_lib mozilla/security/nss/lib
-%define new_ckfw_lib %{name}-%{ckfw_source_version}/mozilla/security/nss/lib
-
-# Ensure we will not use new freebl/softoken code
-rm -rf %{new_nss_lib}/freebl
-rm -rf %{new_nss_lib}/softoken
-
-# However, in order to build newer NSS we need some exports
-cp -a %{old_nss_lib}/freebl %{new_nss_lib}
-cp -a %{old_nss_lib}/softoken %{new_nss_lib}
-
-# set up ckfw
-rm -rf %{new_nss_lib}/ckfw
-cp -a %{new_ckfw_lib}/ckfw %{new_nss_lib}
-
-# Ensure the newer NSS tree will not build code, except the loader
-mv -i %{new_nss_lib}/freebl/loader.c %{new_nss_lib}/freebl/loader.c.save
-rm -rf %{new_nss_lib}/freebl/*.c %{new_nss_lib}/freebl/*.s
-rm -rf %{new_nss_lib}/softoken/*.c %{new_nss_lib}/softoken/*.s
-mv -i %{new_nss_lib}/freebl/loader.c.save %{new_nss_lib}/freebl/loader.c
-
-# These currently don't build without freebl/softoken in the same tree
-rm -rf mozilla/security/nss/cmd/bltest
-rm -rf mozilla/security/nss/cmd/fipstest
-rm -rf mozilla/security/nss/cmd/certcgi
-
-# Apply the patches to the newer NSS tree
 %patch1 -p0
-%patch2 -p0 -b .smartcard-auth
-%patch4 -p0 -b .decouple-softokn
-%patch5 -p0 -b .nofbst
+%patch2 -p0
+%patch5 -p0 -b .429175
 %patch6 -p0 -b .libpem
-%patch7 -p0 -b .create-obj
-
-# Apply the patches to the tree where we build freebl/softoken
-cd nss-%{fips_source_version}
-%patch3 -p0 -b .use-netstat-hack
-%{__mkdir_p} mozilla/security/nss/lib/fake/
-cp -i %{SOURCE7} mozilla/security/nss/lib/fake/kstat.h
-cd ..
 
 
 %build
@@ -171,26 +128,6 @@ export USE_64
 # NSS_ENABLE_ECC=1
 # export NSS_ENABLE_ECC
 
-##### first, build freebl and softokn shared libraries
-
-cd nss-%{fips_source_version}
-%{__make} -C ./mozilla/security/coreconf
-%{__make} -C ./mozilla/security/dbm
-%{__make} -C ./mozilla/security/nss export
-%{__make} -C ./mozilla/security/nss/lib/base
-%{__make} -C ./mozilla/security/nss/lib/util
-%{__make} -C ./mozilla/security/nss/lib/freebl
-touch ./mozilla/security/nss/lib/freebl/unix_rand.c
-rm -f ./mozilla/security/nss/lib/freebl/*/*/libfreebl3*
-rm -f ./mozilla/security/nss/lib/freebl/*/*/sysrand*
-USE_NETSTAT_HACK=1 %{__make} -C ./mozilla/security/nss/lib/freebl
-%{__make} -C ./mozilla/security/nss/lib/freebl install
-%{__make} -C ./mozilla/security/nss/lib/softoken
-%{__make} -C ./mozilla/security/nss/lib/softoken install
-cd ..
-
-##### second, build all the rest of NSS
-
 %{__make} -C ./mozilla/security/coreconf
 %{__make} -C ./mozilla/security/dbm
 %{__make} -C ./mozilla/security/nss
@@ -225,6 +162,56 @@ export NSS_VPATCH
 
 chmod 755 $RPM_BUILD_ROOT/%{_bindir}/nss-config
 
+# enable the following line to force a test failure
+# find ./mozilla -name \*.chk | xargs rm -f
+
+# Run test suite.
+# In order to support multiple concurrent executions of the test suite
+# (caused by concurrent RPM builds) on a single host,
+# we'll use a random port. Also, we want to clean up any stuck
+# selfserv processes. If process name "selfserv" is used everywhere,
+# we can't simply do a "killall selfserv", because it could disturb
+# concurrent builds. Therefore we'll do a search and replace and use
+# a different process name.
+# Using xargs doesn't mix well with spaces in filenames, in order to
+# avoid weird quoting we'll require that no spaces are being used.
+
+SPACEISBAD=`find ./mozilla/security/nss/tests | grep -c ' '` ||:
+if [ SPACEISBAD -ne 0 ]; then
+  echo "error: filenames containing space are not supported (xargs)"
+  exit 1
+fi
+MYRAND=`perl -e 'print 9000 + int rand 1000'`; echo $MYRAND ||:
+RANDSERV=selfserv_${MYRAND}; echo $RANDSERV ||:
+DISTBINDIR=`ls -d ./mozilla/dist/*.OBJ/bin`; echo $DISTBINDIR ||:
+pushd `pwd`
+cd $DISTBINDIR
+ln -s selfserv $RANDSERV
+popd
+# man perlrun, man perlrequick
+# replace word-occurrences of selfserv with selfserv_$MYRAND
+find ./mozilla/security/nss/tests -type f |\
+  grep -v "\.db$" |grep -v "\.crl$" | grep -v "\.crt$" |\
+  grep -vw CVS  |xargs grep -lw selfserv |\
+  xargs -l perl -pi -e "s/\bselfserv\b/$RANDSERV/g" ||:
+
+killall $RANDSERV || :
+
+rm -rf ./mozilla/tests_results
+cd ./mozilla/security/nss/tests/
+# all.sh is the test suite script
+HOST=localhost DOMSUF=localdomain PORT=$MYRAND ./all.sh
+cd ../../../../
+
+killall $RANDSERV || :
+
+TEST_FAILURES=`grep -c FAILED ./mozilla/tests_results/security/localhost.1/output.log` || :
+if [ $TEST_FAILURES -ne 0 ]; then
+  echo "error: test suite returned failure(s)"
+  exit 1
+fi
+echo "test suite completed"
+
 
 %install
 
@@ -236,14 +223,8 @@ chmod 755 $RPM_BUILD_ROOT/%{_bindir}/nss-config
 %{__mkdir_p} $RPM_BUILD_ROOT/%{unsupported_tools_directory}
 
 # Copy the binary libraries we want
-for file in libsoftokn3.so libfreebl3.so
-do
-  %{__install} -m 755 nss-%{fips_source_version}/mozilla/dist/*.OBJ/lib/$file \
-                      $RPM_BUILD_ROOT/%{_libdir}
-done
-
-# Copy the binary libraries we want
-for file in libnss3.so libssl3.so libsmime3.so libnssckbi.so libnsspem.so
+for file in libsoftokn3.so libfreebl3.so libnss3.so libnssutil3.so \
+            libssl3.so libsmime3.so libnssckbi.so libnsspem.so libnssdbm3.so
 do
   %{__install} -m 755 mozilla/dist/*.OBJ/lib/$file $RPM_BUILD_ROOT/%{_libdir}
 done
@@ -278,15 +259,6 @@ do
   %{__install} -m 755 mozilla/dist/*.OBJ/bin/$file $RPM_BUILD_ROOT/%{unsupported_tools_directory}
 done
 
-# Copy the include files we want from freebl/softoken sources
-# and remove those files from the other area
-for file in blapit.h shsign.h ecl-exp.h pkcs11.h pkcs11f.h pkcs11p.h pkcs11t.h pkcs11n.h pkcs11u.h
-do
-  %{__install} -m 644 nss-%{fips_source_version}/mozilla/dist/public/nss/$file \
-                      $RPM_BUILD_ROOT/%{_includedir}/nss3
-  rm mozilla/dist/public/nss/$file
-done
-
 # Copy the include files we want
 for file in mozilla/dist/public/nss/*.h
 do
@@ -311,6 +283,8 @@ done
 %files
 %defattr(-,root,root)
 %{_libdir}/libnss3.so
+%{_libdir}/libnssutil3.so
+%{_libdir}/libnssdbm3.so
 %{_libdir}/libssl3.so
 %{_libdir}/libsmime3.so
 %{_libdir}/libsoftokn3.so
@@ -437,6 +411,7 @@ done
 %{_includedir}/nss3/sslerr.h
 %{_includedir}/nss3/sslproto.h
 %{_includedir}/nss3/sslt.h
+%{_includedir}/nss3/utilrename.h
 %{_includedir}/nss3/watcomfx.h
 
 
@@ -457,6 +432,24 @@ done
 
 
 %changelog
+* Wed Nov 19 2008 Kai Engert <kengert@redhat.com> - 3.12.2.0-1.1
+- Update to NSS_3_12_2_RC1
+- Use system zlib
+* Thu Nov 06 2008 Kai Engert <kengert@redhat.com> - 3.12.1.1-2
+- Update to NSS_3_12_1_WITH_CKBI_1_72_RTM
+* Fri Sep 05 2008 Kai Engert <kengert@redhat.com> - 3.12.1.1-1
+- Update to NSS_3_12_1_RC2
+* Fri Aug 22 2008 Kai Engert <kaie@redhat.com> - 3.12.1.0-1
+- NSS 3.12.1 RC1
+* Fri Aug 22 2008 Kai Engert <kengert@redhat.com> - 3.12.0.3-0.8.3
+- fix bug bug 429175 in libpem module
+* Mon Jun 30 2008 Kai Engert <kengert@redhat.com> - 3.12.0.3-0.8.2
+- Update nss-config and nss.pc to include libnssutil
+* Mon Jun 02 2008 Kai Engert <kengert@redhat.com> - 3.12.0.3-0.8.1
+- Update all of NSS to to NSS_3_12_RC4
+- Require NSPR 4.7, SQLite
+- Run the test suite after the build and abort on failures.
+
 * Wed Oct 10 2007 Kai Engert <kengert@redhat.com> - 3.11.7-10
 - Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist
   our signed libraries and protect them from modification.

sources

@@ -1,4 +1,2 @@
-68c5e1bd8ba091e5a50babcd9e552bc5  nss-3.11.5-fbst-stripped.tar.gz
-c1053d1e001a5b1eb4b7c296a968ca5c  nss-3.11.7-no-fbst-with-ckbi-1.64.tar.gz
-baa96599af6f0a2b656479d8e4efd58f  nss-3.12-alpha-ckfw.tar.gz
-cb4e4fc7c06ad3b02178ed453273abec  nss-3.12-alpha-pem.tar.gz
+084675e4f793ed82e1ba78f76745ada8  nss-pem-20080124.tar.bz2
+44f67ccacc95eb7cd712aadcf37ec36c  nss-3.12.2.0-stripped.tar.bz2