# Contributor: Łukasz Jendrysik <scadu@yandex.com>
# Maintainer: A. Wilcox <awilfox@adelielinux.org>
pkgname=nss
pkgver=3.75
_ver=$(printf '%s' "$pkgver" | tr . _)
pkgrel=0
pkgdesc="Mozilla Network Security Services"
url="https://firefox-source-docs.mozilla.org/security/nss/index.html"
arch="all"
options="!check"
license="MPL-2.0"
depends=""
depends_dev="nspr-dev"
makedepends="nspr-dev sqlite-dev zlib-dev perl bsd-compat-headers"
subpackages="$pkgname-static $pkgname-dev $pkgname-tools"
source="https://ftp.mozilla.org/pub/security/$pkgname/releases/NSS_${_ver}_RTM/src/$pkgname-$pkgver.tar.gz
nss.pc.in
nss-util.pc.in
nss-softokn.pc.in
nss-config.in
"
# secfixes:
# 3.75-r0:
# - CVE-2021-43527
# 3.45-r0:
# - CVE-2019-11719
# - CVE-2019-11727
# - CVE-2019-11729
prepare() {
default_prepare
# Respect LDFLAGS
sed -i -e 's/\$(MKSHLIB) -o/\$(MKSHLIB) \$(LDFLAGS) -o/g' \
"$builddir"/nss/coreconf/rules.mk
}
build() {
unset CFLAGS
unset CXXFLAGS
export BUILD_OPT=1
export PKG_CONFIG_ALLOW_SYSTEM_LIBS=1
export PKG_CONFIG_ALLOW_SYSTEM_CFLAGS=1
export FREEBL_NO_DEPEND=0
export NSS_USE_SYSTEM_SQLITE=1
export NSS_ENABLE_WERROR=0
export NSS_ENABLE_ECC=1
export NSPR_INCLUDE_DIR=`pkg-config --cflags-only-I nspr | sed 's/-I//'`
export NSPR_LIB_DIR=`pkg-config --libs-only-L nspr | sed 's/-L.//'`
case "$CARCH" in
*64* | s390x) export USE_64=1;;
esac
# This actually enables -mvsx and -mcrypto too, and those can't
# be turned off separately in this case:
#
# altivec-types.h:20:1: error: use of _long long_ in AltiVec
# types is invalid without _-mvsx_
#
# typedef __vector signed long long vec_s64;
# ^~~~~~~
export NSS_DISABLE_ALTIVEC=1
make -j 1 -C nss/coreconf
make -C nss all
}
package() {
install -m755 -d "$pkgdir"/usr/lib/pkgconfig
install -m755 -d "$pkgdir"/usr/bin
install -m755 -d "$pkgdir"/usr/include/nss/private
NSS_VMAJOR=`awk '/#define.*NSS_VMAJOR/ {print $3}' nss/lib/nss/nss.h `
msg "DEBUG: $NSS_VMAJOR"
NSS_VMINOR=`awk '/#define.*NSS_VMINOR/ {print $3}' nss/lib/nss/nss.h`
NSS_VPATCH=`awk '/#define.*NSS_VPATCH/ {print $3}' nss/lib/nss/nss.h`
# pkgconfig files
local _pc; for _pc in nss.pc nss-util.pc nss-softokn.pc; do
sed "$srcdir"/${_pc}.in \
-e "s,%libdir%,/usr/lib,g" \
-e "s,%prefix%,/usr,g" \
-e "s,%exec_prefix%,/usr/bin,g" \
-e "s,%includedir%,/usr/include/nss,g" \
-e "s,%SOFTOKEN_VERSION%,$pkgver,g" \
-e "s,%NSPR_VERSION%,$pkgver,g" \
-e "s,%NSS_VERSION%,$pkgver,g" \
-e "s,%NSSUTIL_VERSION%,$pkgver,g" \
> "$pkgdir"/usr/lib/pkgconfig/${_pc}
done
ln -sf nss.pc "$pkgdir"/usr/lib/pkgconfig/mozilla-nss.pc
chmod 644 "$pkgdir"/usr/lib/pkgconfig/*.pc
# nss-config
sed "$srcdir"/nss-config.in \
-e "s,@libdir@,/usr/lib,g" \
-e "s,@prefix@,/usr/bin,g" \
-e "s,@exec_prefix@,/usr/bin,g" \
-e "s,@includedir@,/usr/include/nss,g" \
-e "s,@MOD_MAJOR_VERSION@,${NSS_VMAJOR},g" \
-e "s,@MOD_MINOR_VERSION@,${NSS_VMINOR},g" \
-e "s,@MOD_PATCH_VERSION@,${NSS_VPATCH},g" \
> "$pkgdir"/usr/bin/nss-config
chmod 755 "$pkgdir"/usr/bin/nss-config
minor="${pkgver#*.}"
minor=${minor%.*}
for file in $(find dist/*.OBJ/lib -name "*.so"); do
install -m755 $file \
"$pkgdir"/usr/lib/${file##*/}.$minor
ln -s ${file##*/}.$minor "$pkgdir"/usr/lib/${file##*/}
done
install -m644 dist/*.OBJ/lib/*.a "$pkgdir"/usr/lib/
install -m644 dist/*.OBJ/lib/*.chk "$pkgdir"/usr/lib/
for file in certutil cmsutil crlutil modutil pk12util shlibsign \
signtool signver ssltap; do
install -m755 dist/*.OBJ/bin/${file} "$pkgdir"/usr/bin/
done
install -m644 dist/public/nss/*.h "$pkgdir"/usr/include/nss/
install -m644 dist/private/nss/blapi.h dist/private/nss/alghmac.h "$pkgdir"/usr/include/nss/private/
}
static() {
pkgdesc="Static libraries for Network Security Services"
mkdir -p "$subpkgdir"/usr/lib
mv "$pkgdir"/usr/lib/*.a "$subpkgdir"/usr/lib/
# remove libssl.a which conflicts with libressl
rm "$subpkgdir"/usr/lib/libssl.a
}
dev() {
# we cannot use default_dev because we need the .so symlinks in main package
pkgdesc="Development files for Network Security Services"
depends="$pkgname $depends_dev"
mkdir -p "$subpkgdir"/usr/bin
mv "$pkgdir"/usr/bin/nss-config "$subpkgdir"/usr/bin
cd "$pkgdir"
for i in usr/include usr/lib/pkgconfig usr/lib/*.a; do
if [ -e "$pkgdir/$i" ] || [ -L "$pkgdir/$i" ]; then
d="$subpkgdir/${i%/*}" # dirname $i
mkdir -p "$d"
mv "$pkgdir/$i" "$d"
rmdir "$pkgdir/${i%/*}" 2>/dev/null || true
fi
done
mv "$pkgdir"/usr/lib/libnsssysinit.* "$subpkgdir"/usr/lib
}
tools() {
pkgdesc="Tools for Network Security Services"
replaces="nss"
mkdir -p "$subpkgdir"/usr/
mv "$pkgdir"/usr/bin "$subpkgdir"/usr/
}
sha512sums="0ad42f663b48649d7d16dc8b8956d2971a9566c0f7f655dd0609b94877f400977e5ad693f2eb44e1e277e55d1669294f07b3ba7a32573d3d72837b3944adf86d nss-3.75.tar.gz
75dbd648a461940647ff373389cc73bc8ec609139cd46c91bcce866af02be6bcbb0524eb3dfb721fbd5b0bc68c20081ed6f7debf6b24317f2a7ba823e8d3c531 nss.pc.in
0f2efa8563b11da68669d281b4459289a56f5a3a906eb60382126f3adcfe47420cdcedc6ab57727a3afeeffa2bbb4c750b43bef8b5f343a75c968411dfa30e09 nss-util.pc.in
09c69d4cc39ec9deebc88696a80d0f15eb2d8c94d9daa234a2adfec941b63805eb4ce7f2e1943857b938bddcaee1beac246a0ec627b71563d9f846e6119a4a15 nss-softokn.pc.in
2971669e128f06a9af40a5ba88218fa7c9eecfeeae8b0cf42e14f31ed12bf6fa4c5ce60289e078f50e2669a9376b56b45d7c29d726a7eac69ebe1d1e22dc710b nss-config.in"