Commit 9c207060 authored by Natanael Copa's avatar Natanael Copa

main/nss: actually upgrade to 3.15.1

parent 398523f6
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=nss
pkgver=3.15.1
_pkgver=3.14.1
_ver=${pkgver//./_}
pkgrel=0
pkgrel=1
pkgdesc="Mozilla Network Security Services"
url="http://www.mozilla.org/projects/security/pki/nss/"
arch="all"
......@@ -11,8 +10,7 @@ license="MPL GPL"
depends=
makedepends="nspr-dev sqlite-dev zlib-dev perl"
subpackages="$pkgname-dev $pkgname-tools"
#source="ftp://ftp.mozilla.org/pub/security/$pkgname/releases/NSS_${_ver}_RTM/src/$pkgname-$pkgver.tar.gz
source="ftp://ftp.mozilla.org/pub/security/nss/releases/NSS_3_14_1_WITH_CKBI_1_93_RTM/src/${pkgname}-3.14.1.with.ckbi.1.93.tar.gz
source="ftp://ftp.mozilla.org/pub/security/$pkgname/releases/NSS_${_ver}_RTM/src/$pkgname-$pkgver.tar.gz
nss.pc.in
nss-config.in
add_spi+cacert_ca_certs.patch
......@@ -20,7 +18,7 @@ source="ftp://ftp.mozilla.org/pub/security/nss/releases/NSS_3_14_1_WITH_CKBI_1_9
"
depends_dev="nspr-dev"
_builddir="$srcdir"/$pkgname-$_pkgver
_builddir="$srcdir"/$pkgname-$pkgver
prepare() {
cd "$_builddir"
for i in $source; do
......@@ -31,7 +29,7 @@ prepare() {
# Respect LDFLAGS
sed -i -e 's/\$(MKSHLIB) -o/\$(MKSHLIB) \$(LDFLAGS) -o/g' \
mozilla/security/coreconf/rules.mk
nss/coreconf/rules.mk
}
......@@ -49,9 +47,9 @@ build() {
if [ "$CARCH" = "x86_64" ]; then
export USE_64=1
fi
make -j 1 -C mozilla/security/coreconf || return 1
make -j 1 -C mozilla/security/dbm || return 1
make -j 1 -C mozilla/security/nss || return 1
make -j 1 -C nss/coreconf || return 1
make -j 1 -C nss/lib/dbm || return 1
make -j 1 -C nss || return 1
}
package() {
......@@ -63,10 +61,10 @@ package() {
install -m755 -d "$pkgdir"/usr/bin
install -m755 -d "$pkgdir"/usr/include/nss
NSS_VMAJOR=`awk '/#define.*NSS_VMAJOR/ {print $3}' mozilla/security/nss/lib/nss/nss.h `
NSS_VMAJOR=`awk '/#define.*NSS_VMAJOR/ {print $3}' nss/lib/nss/nss.h `
msg "DEBUG: $NSS_VMAJOR"
NSS_VMINOR=`awk '/#define.*NSS_VMINOR/ {print $3}' mozilla/security/nss/lib/nss/nss.h`
NSS_VPATCH=`awk '/#define.*NSS_VPATCH"/ {print $3}' mozilla/security/nss/lib/nss/nss.h`
NSS_VMINOR=`awk '/#define.*NSS_VMINOR/ {print $3}' nss/lib/nss/nss.h`
NSS_VPATCH=`awk '/#define.*NSS_VPATCH"/ {print $3}' nss/lib/nss/nss.h`
# pkgconfig files
sed "$srcdir"/nss.pc.in \
......@@ -74,8 +72,8 @@ package() {
-e "s,%prefix%,/usr,g" \
-e "s,%exec_prefix%,/usr/bin,g" \
-e "s,%includedir%,/usr/include/nss,g" \
-e "s,%NSPR_VERSION%,$_pkgver,g" \
-e "s,%NSS_VERSION%,$_pkgver,g" \
-e "s,%NSPR_VERSION%,$pkgver,g" \
-e "s,%NSS_VERSION%,$pkgver,g" \
> "$pkgdir"/usr/lib/pkgconfig/nss.pc \
|| return 1
ln -sf nss.pc "$pkgdir"/usr/lib/pkgconfig/mozilla-nss.pc || return 1
......@@ -92,25 +90,25 @@ package() {
-e "s,@MOD_PATCH_VERSION@,${NSS_VPATCH},g" \
> "$pkgdir"/usr/bin/nss-config || return 1
chmod 755 "$pkgdir"/usr/bin/nss-config || return 1
local minor=${_pkgver#*.}
local minor=${pkgver#*.}
minor=${minor%.*}
for file in libsoftokn3.so libfreebl3.so libnss3.so libnssutil3.so \
libssl3.so libsmime3.so libnssckbi.so libnssdbm3.so; do
install -m755 mozilla/dist/*.OBJ/lib/${file} \
install -m755 dist/*.OBJ/lib/${file} \
"$pkgdir"/usr/lib/${file}.$minor || return 1
ln -s $file.$minor "$pkgdir"/usr/lib/$file
done
install -m644 mozilla/dist/*.OBJ/lib/libcrmf.a "$pkgdir"/usr/lib/ \
install -m644 dist/*.OBJ/lib/libcrmf.a "$pkgdir"/usr/lib/ \
|| return 1
install -m644 mozilla/dist/*.OBJ/lib/*.chk "$pkgdir"/usr/lib/ \
install -m644 dist/*.OBJ/lib/*.chk "$pkgdir"/usr/lib/ \
|| return 1
for file in certutil cmsutil crlutil modutil pk12util shlibsign \
signtool signver ssltap; do
install -m755 mozilla/dist/*.OBJ/bin/${file} "$pkgdir"/usr/bin/\
install -m755 dist/*.OBJ/bin/${file} "$pkgdir"/usr/bin/\
|| return 1
done
install -m644 mozilla/dist/public/nss/*.h "$pkgdir"/usr/include/nss/ \
install -m644 dist/public/nss/*.h "$pkgdir"/usr/include/nss/ \
|| return 1
}
......@@ -141,18 +139,18 @@ tools() {
mv "$pkgdir"/usr/bin "$subpkgdir"/usr/
}
md5sums="49e6661758deb0c469f0b4edd4e727d5 nss-3.14.1.with.ckbi.1.93.tar.gz
md5sums="fb68f4d210ac9397dd0d3c39c4f938eb nss-3.15.1.tar.gz
c547b030c57fe1ed8b77c73bf52b3ded nss.pc.in
46bee81908f1e5b26d6a7a2e14c64d9f nss-config.in
7f39c19b1dfd62d7db7d8bf19f156fed add_spi+cacert_ca_certs.patch
d83c7b61abb7e9f8f7bcd157183d1ade ssl-renegotiate-transitional.patch"
sha256sums="e22ffcca62d604029145e4f904c59e4a967a20d1276f123a91e76ecaae48ba98 nss-3.14.1.with.ckbi.1.93.tar.gz
981e0df9e9cb7a9426b316f68911fb17 add_spi+cacert_ca_certs.patch
2412ff2e97b3ec452cb016f2506a0e08 ssl-renegotiate-transitional.patch"
sha256sums="f994106a33d1f3210f4151bbb3419a1c28fd1cb545caa7dc9afdebd6da626284 nss-3.15.1.tar.gz
b9f1428ca2305bf30b109507ff335fa00bce5a7ce0434b50acd26ad7c47dd5bd nss.pc.in
e44ac5095b4d88f24ec7b2e6a9f1581560bd3ad41a3d198596d67ef22f67adb9 nss-config.in
a9fa92d29d3079d73894288afed7ac736b3527f7c1de990eb3b314978eb3107b add_spi+cacert_ca_certs.patch
12df04bccbf674db1eef7a519a28987927b5e9c107b1dc386686f05e64f49a97 ssl-renegotiate-transitional.patch"
sha512sums="e2d49abc87e76ea3fb5edb09b1c9be1c14b25212fceb69f19b00662e59add972c2d9799626a32e7735095126157bad0aed6c732f472764017304da2ef2696a0e nss-3.14.1.with.ckbi.1.93.tar.gz
592aa85184c5edb076c3355f85e50373a59dfcd06a4f4a79621f43df19404c1e add_spi+cacert_ca_certs.patch
1a49be9d7f835be737825252f50e4ee2869228eb303a087dde7fb81794b92ebd ssl-renegotiate-transitional.patch"
sha512sums="173bd80771c9a64307750733a6aa2f716e61d4b060cc61d11ec741b0b214a33b188d3e23924c062f28587785077902266f3d30e60d2c141dc54d2679736f88ec nss-3.15.1.tar.gz
75dbd648a461940647ff373389cc73bc8ec609139cd46c91bcce866af02be6bcbb0524eb3dfb721fbd5b0bc68c20081ed6f7debf6b24317f2a7ba823e8d3c531 nss.pc.in
2971669e128f06a9af40a5ba88218fa7c9eecfeeae8b0cf42e14f31ed12bf6fa4c5ce60289e078f50e2669a9376b56b45d7c29d726a7eac69ebe1d1e22dc710b nss-config.in
301ca0936ce5d51280e441b6b395841e9231d8739227bcecf73e809d909c9ac6d165758234d5728fc77649ec3697c9b15168fa215e353b4b0401e22ca90c5382 add_spi+cacert_ca_certs.patch
0c2d54a15636851947e9dfdf0b652f94d89b7f187d7e0f0d47751bc4383c742d9fe5cc932c30b41bced0cf547c59dfab51f65f307bf63300965df83811067e75 ssl-renegotiate-transitional.patch"
6e04556858499aec465d6670818465327ba2cb099061c2afee4b5cac8aa61938e0095906acfb38df6a1b70a6bde6dd69f08bb4c00a9d188e4cb3131b26c1bc16 add_spi+cacert_ca_certs.patch
c21a82247d87d74cb27575efc517a6771476320ce412cd444e83d0782e29f82552676247da093518b07d3eb7dc67c53cd1901ee8d6f59b342d02e47784c39192 ssl-renegotiate-transitional.patch"
--- a/mozilla/security/nss/lib/ckfw/builtins/certdata.txt
+++ b/mozilla/security/nss/lib/ckfw/builtins/certdata.txt
--- a/nss/lib/ckfw/builtins/certdata.txt
+++ b/nss/lib/ckfw/builtins/certdata.txt
@@ -20926,3 +20926,558 @@ CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
......
......@@ -6,10 +6,10 @@ to continue to renegotiate with vulnerable servers.
This value should only be used during the transition period when few
servers have been upgraded.
diff --git a/mozilla/security/nss/lib/ssl/sslsock.c b/mozilla/security/nss/lib/ssl/sslsock.c
diff --git a/nss/lib/ssl/sslsock.c b/mozilla/security/nss/lib/ssl/sslsock.c
index f1d1921..c074360 100644
--- a/mozilla/security/nss/lib/ssl/sslsock.c
+++ b/mozilla/security/nss/lib/ssl/sslsock.c
--- a/nss/lib/ssl/sslsock.c
+++ b/nss/lib/ssl/sslsock.c
@@ -181,7 +181,7 @@ static sslOptions ssl_defaults = {
PR_FALSE, /* noLocks */
PR_FALSE, /* enableSessionTickets */
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment