summaryrefslogtreecommitdiffstats
path: root/abs/extra/nss/PKGBUILD
blob: d948ba29e02f808677353c930703756015dd6ca3 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
# $Id$
# Maintainer: Jan de Groot <jgc@archlinux.org>

pkgbase=nss
pkgname=(nss ca-certificates-mozilla)
pkgver=3.17
pkgrel=3
pkgdesc="Mozilla Network Security Services"
arch=(i686 x86_64)
url="http://www.mozilla.org/projects/security/pki/nss/"
license=('MPL' 'GPL')
_nsprver=4.10.7
depends=("nspr>=${_nsprver}" 'sqlite' 'zlib' 'sh' 'p11-kit')
makedepends=('perl' 'python2')
options=('!strip' '!makeflags' 'staticlibs')
source=("ftp://ftp.mozilla.org/pub/security/nss/releases/NSS_${pkgver//./_}_RTM/src/${pkgbase}-${pkgver}.tar.gz"
        "certdata2pem.py::http://anonscm.debian.org/cgit/collab-maint/ca-certificates.git/plain/mozilla/certdata2pem.py?id=15470c64b5464d273556a290b1e7b50b32a2e5a0"
        nss.pc.in
        nss-config.in
        ssl-renegotiate-transitional.patch
        certdata2pem.py-loudness.patch)
sha256sums=('3b1abcd8f89211dda2cc739bfa76552d080f7ea80482ef2727b006548a7f0c81'
            '57bd6f309736825fc0edbf7d522726224764520595dfdddd0dba59158839e863'
            'b9f1428ca2305bf30b109507ff335fa00bce5a7ce0434b50acd26ad7c47dd5bd'
            'e44ac5095b4d88f24ec7b2e6a9f1581560bd3ad41a3d198596d67ef22f67adb9'
            '12df04bccbf674db1eef7a519a28987927b5e9c107b1dc386686f05e64f49a97'
            '90f8e72fbcca9ce907dcf6565bcd95ca23d2da5d87caee64c141ac54680f8703')

prepare() {
  mkdir certs
  patch --follow-symlinks certdata2pem.py certdata2pem.py-loudness.patch

  cd nss-$pkgver

  # Adds transitional SSL renegotiate support - patch from Debian
  patch -Np3 -i ../ssl-renegotiate-transitional.patch

  # Respect LDFLAGS
  sed -e 's/\$(MKSHLIB) -o/\$(MKSHLIB) \$(LDFLAGS) -o/' \
      -i nss/coreconf/rules.mk

  ln -sr nss/lib/ckfw/builtins/certdata.txt ../certs/
}


build() {
  cd certs
  python2 ../certdata2pem.py
  printf "mozilla/%s\n" *.crt > mozilla.conf
  test -s mozilla.conf

  cd ../nss-$pkgver/nss
  export BUILD_OPT=1
  export NSS_USE_SYSTEM_SQLITE=1
  export NSS_ENABLE_ECC=1
  export NSPR_INCLUDE_DIR="`nspr-config --includedir`"
  export NSPR_LIB_DIR="`nspr-config --libdir`"
  export XCFLAGS="${CFLAGS}"

  [ "$CARCH" = "x86_64" ] && export USE_64=1

  make -C coreconf
  make -C lib/dbm
  make
}

package_nss() {
  cd nss-$pkgver
  install -d "$pkgdir"/usr/{bin,include/nss,lib/pkgconfig}

  NSS_VMAJOR=$(grep '#define.*NSS_VMAJOR' nss/lib/nss/nss.h | awk '{print $3}')
  NSS_VMINOR=$(grep '#define.*NSS_VMINOR' nss/lib/nss/nss.h | awk '{print $3}')
  NSS_VPATCH=$(grep '#define.*NSS_VPATCH' nss/lib/nss/nss.h | awk '{print $3}')

  sed ../nss.pc.in \
    -e "s,%libdir%,/usr/lib,g" \
    -e "s,%prefix%,/usr,g" \
    -e "s,%exec_prefix%,/usr/bin,g" \
    -e "s,%includedir%,/usr/include/nss,g" \
    -e "s,%NSPR_VERSION%,${_nsprver},g" \
    -e "s,%NSS_VERSION%,${pkgver},g" \
    > "$pkgdir/usr/lib/pkgconfig/nss.pc"
  ln -s nss.pc "$pkgdir/usr/lib/pkgconfig/mozilla-nss.pc"

  sed ../nss-config.in \
    -e "s,@libdir@,/usr/lib,g" \
    -e "s,@prefix@,/usr/bin,g" \
    -e "s,@exec_prefix@,/usr/bin,g" \
    -e "s,@includedir@,/usr/include/nss,g" \
    -e "s,@MOD_MAJOR_VERSION@,${NSS_VMAJOR},g" \
    -e "s,@MOD_MINOR_VERSION@,${NSS_VMINOR},g" \
    -e "s,@MOD_PATCH_VERSION@,${NSS_VPATCH},g" \
    > "$pkgdir/usr/bin/nss-config"
  chmod 755 "$pkgdir/usr/bin/nss-config"

  cd dist/*.OBJ/bin
  install -t "$pkgdir/usr/bin" *util shlibsign signtool signver ssltap

  cd ../lib
  install -t "$pkgdir/usr/lib" *.so
  install -t "$pkgdir/usr/lib" -m644 libcrmf.a *.chk

  cd ../../public/nss
  install -t "$pkgdir/usr/include/nss" -m644 *.h

  rm "$pkgdir/usr/lib/libnssckbi.so"
  ln -s pkcs11/p11-kit-trust.so "$pkgdir/usr/lib/libnssckbi.so"
}

package_ca-certificates-mozilla() {
  pkgdesc="Mozilla's set of trusted CA certificates"
  depends=(ca-certificates-utils)
  install=ca-certificates-mozilla.install

  cd certs

  local _certdir="$pkgdir/usr/share/ca-certificates/mozilla"
  install -d "$_certdir"
  install -t "$_certdir" -m644 *.crt

  install -Dm644 mozilla.conf "$pkgdir/etc/ca-certificates/conf.d/mozilla.conf"
}