diff options
author | Armin Kuster <akuster808@gmail.com> | 2018-06-24 19:33:33 -0700 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2018-06-27 13:55:21 +0100 |
commit | 1e36258c5a5961c5bb8d1ccc9cc957e3fd07629d (patch) | |
tree | dcafb66efcdd5ee3fa999a21e7e23d6c5f674a2c /meta/recipes-support/nss/nss_3.37.1.bb | |
parent | 0507645e3b7956e9edb2b47ffef6010b89988a12 (diff) | |
download | poky-1e36258c5a5961c5bb8d1ccc9cc957e3fd07629d.tar.gz |
nss: update to 3.37.1
remove Fix-compilation-for-X32.patch as a solution simular is included in update.
notable changes:
The TLS 1.3 implementation was updated to Draft 28.
The CA certificates list was updated to version 2.24.
refresh patches
fix 32 bit build error nss bug: https://bugzilla.mozilla.org/show_bug.cgi?format=default&id=1459739
(From OE-Core rev: 1ed072515f2a23de75ee56b86d8607c85b42605c)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-support/nss/nss_3.37.1.bb')
-rw-r--r-- | meta/recipes-support/nss/nss_3.37.1.bb | 258 |
1 files changed, 258 insertions, 0 deletions
diff --git a/meta/recipes-support/nss/nss_3.37.1.bb b/meta/recipes-support/nss/nss_3.37.1.bb new file mode 100644 index 0000000000..0e8b5be365 --- /dev/null +++ b/meta/recipes-support/nss/nss_3.37.1.bb | |||
@@ -0,0 +1,258 @@ | |||
1 | SUMMARY = "Mozilla's SSL and TLS implementation" | ||
2 | DESCRIPTION = "Network Security Services (NSS) is a set of libraries \ | ||
3 | designed to support cross-platform development of \ | ||
4 | security-enabled client and server applications. \ | ||
5 | Applications built with NSS can support SSL v2 and v3, \ | ||
6 | TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 \ | ||
7 | v3 certificates, and other security standards." | ||
8 | HOMEPAGE = "http://www.mozilla.org/projects/security/pki/nss/" | ||
9 | SECTION = "libs" | ||
10 | |||
11 | LICENSE = "MPL-2.0 | (MPL-2.0 & GPL-2.0+) | (MPL-2.0 & LGPL-2.1+)" | ||
12 | |||
13 | LIC_FILES_CHKSUM = "file://nss/COPYING;md5=3b1e88e1b9c0b5a4b2881d46cce06a18 \ | ||
14 | file://nss/lib/freebl/mpi/doc/LICENSE;md5=491f158d09d948466afce85d6f1fe18f \ | ||
15 | file://nss/lib/freebl/mpi/doc/LICENSE-MPL;md5=5d425c8f3157dbf212db2ec53d9e5132" | ||
16 | |||
17 | VERSION_DIR = "${@d.getVar('BP').upper().replace('-', '_').replace('.', '_') + '_RTM'}" | ||
18 | |||
19 | SRC_URI = "http://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/${VERSION_DIR}/src/${BP}.tar.gz \ | ||
20 | file://nss.pc.in \ | ||
21 | file://signlibs.sh \ | ||
22 | file://0001-nss-fix-support-cross-compiling.patch \ | ||
23 | file://nss-no-rpath-for-cross-compiling.patch \ | ||
24 | file://nss-fix-incorrect-shebang-of-perl.patch \ | ||
25 | file://nss-fix-nsinstall-build.patch \ | ||
26 | file://disable-Wvarargs-with-clang.patch \ | ||
27 | file://pqg.c-ULL_addend.patch \ | ||
28 | file://0001-Bug-1432455-Build-FStar.c-when-not-building-with-int.patch \ | ||
29 | " | ||
30 | |||
31 | SRC_URI[md5sum] = "e9526d7217d02afa96b90b89924c38df" | ||
32 | SRC_URI[sha256sum] = "097b30e436479ad737b3703b25b6198b6513e202731085c6f097d8853dd20405" | ||
33 | |||
34 | UPSTREAM_CHECK_URI = "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_Releases" | ||
35 | UPSTREAM_CHECK_REGEX = "NSS_(?P<pver>.+)_release_notes" | ||
36 | |||
37 | inherit siteinfo | ||
38 | |||
39 | DEPENDS = "sqlite3 nspr zlib nss-native" | ||
40 | DEPENDS_class-native = "sqlite3-native nspr-native zlib-native" | ||
41 | RDEPENDS_${PN}-smime = "perl" | ||
42 | |||
43 | TD = "${S}/tentative-dist" | ||
44 | TDS = "${S}/tentative-dist-staging" | ||
45 | |||
46 | TARGET_CC_ARCH += "${LDFLAGS}" | ||
47 | |||
48 | do_configure_prepend_libc-musl () { | ||
49 | sed -i -e '/-DHAVE_SYS_CDEFS_H/d' ${S}/nss/lib/dbm/config/config.mk | ||
50 | } | ||
51 | |||
52 | do_compile_prepend_class-native() { | ||
53 | export NSPR_INCLUDE_DIR=${STAGING_INCDIR_NATIVE} | ||
54 | export NSPR_LIB_DIR=${STAGING_LIBDIR_NATIVE} | ||
55 | export NSS_ENABLE_WERROR=0 | ||
56 | } | ||
57 | |||
58 | do_compile_prepend_class-nativesdk() { | ||
59 | export LDFLAGS="" | ||
60 | } | ||
61 | |||
62 | do_compile_prepend_class-native() { | ||
63 | # Need to set RPATH so that chrpath will do its job correctly | ||
64 | RPATH="-Wl,-rpath-link,${STAGING_LIBDIR_NATIVE} -Wl,-rpath-link,${STAGING_BASE_LIBDIR_NATIVE} -Wl,-rpath,${STAGING_LIBDIR_NATIVE} -Wl,-rpath,${STAGING_BASE_LIBDIR_NATIVE}" | ||
65 | } | ||
66 | |||
67 | do_compile() { | ||
68 | export CROSS_COMPILE=1 | ||
69 | export NATIVE_CC="${BUILD_CC}" | ||
70 | export NATIVE_FLAGS="${BUILD_CFLAGS}" | ||
71 | export BUILD_OPT=1 | ||
72 | |||
73 | export FREEBL_NO_DEPEND=1 | ||
74 | export FREEBL_LOWHASH=1 | ||
75 | |||
76 | export LIBDIR=${libdir} | ||
77 | export MOZILLA_CLIENT=1 | ||
78 | export NS_USE_GCC=1 | ||
79 | export NSS_USE_SYSTEM_SQLITE=1 | ||
80 | export NSS_ENABLE_ECC=1 | ||
81 | |||
82 | export OS_RELEASE=3.4 | ||
83 | export OS_TARGET=Linux | ||
84 | export OS_ARCH=Linux | ||
85 | |||
86 | if [ "${TARGET_ARCH}" = "powerpc" ]; then | ||
87 | OS_TEST=ppc | ||
88 | elif [ "${TARGET_ARCH}" = "powerpc64" ]; then | ||
89 | OS_TEST=ppc64 | ||
90 | elif [ "${TARGET_ARCH}" = "mips" -o "${TARGET_ARCH}" = "mipsel" -o "${TARGET_ARCH}" = "mips64" -o "${TARGET_ARCH}" = "mips64el" ]; then | ||
91 | OS_TEST=mips | ||
92 | elif [ "${TARGET_ARCH}" = "aarch64_be" ]; then | ||
93 | OS_TEST="aarch64" | ||
94 | else | ||
95 | OS_TEST="${TARGET_ARCH}" | ||
96 | fi | ||
97 | |||
98 | if [ "${SITEINFO_BITS}" = "64" ]; then | ||
99 | export USE_64=1 | ||
100 | elif [ "${TARGET_ARCH}" = "x86_64" -a "${SITEINFO_BITS}" = "32" ]; then | ||
101 | export USE_X32=1 | ||
102 | fi | ||
103 | |||
104 | export NSS_DISABLE_GTESTS=1 | ||
105 | |||
106 | # We can modify CC in the environment, but if we set it via an | ||
107 | # argument to make, nsinstall, a host program, will also build with it! | ||
108 | # | ||
109 | # nss pretty much does its own thing with CFLAGS, so we put them into CC. | ||
110 | # Optimization will get clobbered, but most of the stuff will survive. | ||
111 | # The motivation for this is to point to the correct place for debug | ||
112 | # source files and CFLAGS does that. Nothing uses CCC. | ||
113 | # | ||
114 | export CC="${CC} ${CFLAGS}" | ||
115 | make -C ./nss CCC="${CXX} -g" \ | ||
116 | OS_TEST=${OS_TEST} \ | ||
117 | RPATH="${RPATH}" | ||
118 | } | ||
119 | do_compile[vardepsexclude] += "SITEINFO_BITS" | ||
120 | |||
121 | |||
122 | do_install_prepend_class-nativesdk() { | ||
123 | export LDFLAGS="" | ||
124 | } | ||
125 | |||
126 | do_install() { | ||
127 | export CROSS_COMPILE=1 | ||
128 | export NATIVE_CC="${BUILD_CC}" | ||
129 | export BUILD_OPT=1 | ||
130 | |||
131 | export FREEBL_NO_DEPEND=1 | ||
132 | |||
133 | export LIBDIR=${libdir} | ||
134 | export MOZILLA_CLIENT=1 | ||
135 | export NS_USE_GCC=1 | ||
136 | export NSS_USE_SYSTEM_SQLITE=1 | ||
137 | export NSS_ENABLE_ECC=1 | ||
138 | |||
139 | export OS_RELEASE=3.4 | ||
140 | export OS_TARGET=Linux | ||
141 | export OS_ARCH=Linux | ||
142 | |||
143 | if [ "${TARGET_ARCH}" = "powerpc" ]; then | ||
144 | OS_TEST=ppc | ||
145 | elif [ "${TARGET_ARCH}" = "powerpc64" ]; then | ||
146 | OS_TEST=ppc64 | ||
147 | elif [ "${TARGET_ARCH}" = "mips" -o "${TARGET_ARCH}" = "mipsel" -o "${TARGET_ARCH}" = "mips64" -o "${TARGET_ARCH}" = "mips64el" ]; then | ||
148 | OS_TEST=mips | ||
149 | elif [ "${TARGET_ARCH}" = "aarch64_be" ]; then | ||
150 | CPU_ARCH=aarch64 | ||
151 | OS_TEST="aarch64" | ||
152 | else | ||
153 | OS_TEST="${TARGET_ARCH}" | ||
154 | fi | ||
155 | if [ "${SITEINFO_BITS}" = "64" ]; then | ||
156 | export USE_64=1 | ||
157 | elif [ "${TARGET_ARCH}" = "x86_64" -a "${SITEINFO_BITS}" = "32" ]; then | ||
158 | export USE_X32=1 | ||
159 | fi | ||
160 | |||
161 | export NSS_DISABLE_GTESTS=1 | ||
162 | |||
163 | make -C ./nss \ | ||
164 | CCC="${CXX}" \ | ||
165 | OS_TEST=${OS_TEST} \ | ||
166 | SOURCE_LIB_DIR="${TD}/${libdir}" \ | ||
167 | SOURCE_BIN_DIR="${TD}/${bindir}" \ | ||
168 | install | ||
169 | |||
170 | install -d ${D}/${libdir}/ | ||
171 | for file in ${S}/dist/*.OBJ/lib/*.so; do | ||
172 | echo "Installing `basename $file`..." | ||
173 | cp $file ${D}/${libdir}/ | ||
174 | done | ||
175 | |||
176 | for shared_lib in ${TD}/${libdir}/*.so.*; do | ||
177 | if [ -f $shared_lib ]; then | ||
178 | cp $shared_lib ${D}/${libdir} | ||
179 | ln -sf $(basename $shared_lib) ${D}/${libdir}/$(basename $shared_lib .1oe) | ||
180 | fi | ||
181 | done | ||
182 | for shared_lib in ${TD}/${libdir}/*.so; do | ||
183 | if [ -f $shared_lib -a ! -e ${D}/${libdir}/$shared_lib ]; then | ||
184 | cp $shared_lib ${D}/${libdir} | ||
185 | fi | ||
186 | done | ||
187 | |||
188 | install -d ${D}/${includedir}/nss3 | ||
189 | install -m 644 -t ${D}/${includedir}/nss3 dist/public/nss/* | ||
190 | |||
191 | install -d ${D}/${bindir} | ||
192 | for binary in ${TD}/${bindir}/*; do | ||
193 | install -m 755 -t ${D}/${bindir} $binary | ||
194 | done | ||
195 | } | ||
196 | do_install[vardepsexclude] += "SITEINFO_BITS" | ||
197 | |||
198 | do_install_append() { | ||
199 | # Create empty .chk files for the NSS libraries at build time. They could | ||
200 | # be regenerated at target's boot time. | ||
201 | for file in libsoftokn3.chk libfreebl3.chk libnssdbm3.chk; do | ||
202 | touch ${D}/${libdir}/$file | ||
203 | chmod 755 ${D}/${libdir}/$file | ||
204 | done | ||
205 | install -D -m 755 ${WORKDIR}/signlibs.sh ${D}/${bindir}/signlibs.sh | ||
206 | |||
207 | install -d ${D}${libdir}/pkgconfig/ | ||
208 | sed 's/%NSS_VERSION%/${PV}/' ${WORKDIR}/nss.pc.in | sed 's/%NSPR_VERSION%/4.9.2/' > ${D}${libdir}/pkgconfig/nss.pc | ||
209 | sed -i s:OEPREFIX:${prefix}:g ${D}${libdir}/pkgconfig/nss.pc | ||
210 | sed -i s:OEEXECPREFIX:${exec_prefix}:g ${D}${libdir}/pkgconfig/nss.pc | ||
211 | sed -i s:OELIBDIR:${libdir}:g ${D}${libdir}/pkgconfig/nss.pc | ||
212 | sed -i s:OEINCDIR:${includedir}/nss3:g ${D}${libdir}/pkgconfig/nss.pc | ||
213 | } | ||
214 | |||
215 | do_install_append_class-target() { | ||
216 | # Create a blank certificate | ||
217 | mkdir -p ${D}${sysconfdir}/pki/nssdb/ | ||
218 | touch ./empty_password | ||
219 | certutil -N -d ${D}${sysconfdir}/pki/nssdb/ -f ./empty_password | ||
220 | chmod 644 ${D}${sysconfdir}/pki/nssdb/*.db | ||
221 | rm ./empty_password | ||
222 | } | ||
223 | |||
224 | PACKAGE_WRITE_DEPS += "nss-native" | ||
225 | pkg_postinst_${PN} () { | ||
226 | if [ -n "$D" ]; then | ||
227 | for I in $D${libdir}/lib*.chk; do | ||
228 | DN=`dirname $I` | ||
229 | BN=`basename $I .chk` | ||
230 | FN=$DN/$BN.so | ||
231 | shlibsign -i $FN | ||
232 | if [ $? -ne 0 ]; then | ||
233 | exit 1 | ||
234 | fi | ||
235 | done | ||
236 | else | ||
237 | signlibs.sh | ||
238 | fi | ||
239 | } | ||
240 | |||
241 | PACKAGES =+ "${PN}-smime" | ||
242 | FILES_${PN}-smime = "\ | ||
243 | ${bindir}/smime \ | ||
244 | " | ||
245 | FILES_${PN} = "\ | ||
246 | ${sysconfdir} \ | ||
247 | ${bindir} \ | ||
248 | ${libdir}/lib*.chk \ | ||
249 | ${libdir}/lib*.so \ | ||
250 | " | ||
251 | FILES_${PN}-dev = "\ | ||
252 | ${libdir}/nss \ | ||
253 | ${libdir}/pkgconfig/* \ | ||
254 | ${includedir}/* \ | ||
255 | " | ||
256 | |||
257 | BBCLASSEXTEND = "native nativesdk" | ||
258 | |||