2012-08-21 05:10:33 +01:00
|
|
|
{ stdenv, fetchurl, fetchgit, nspr, perl, zlib, sqlite
|
2012-08-20 08:39:55 +01:00
|
|
|
, includeTools ? false
|
|
|
|
}:
|
2005-08-24 10:54:42 +01:00
|
|
|
|
2009-07-06 12:42:21 +01:00
|
|
|
let
|
|
|
|
|
2012-08-21 05:10:33 +01:00
|
|
|
nssPEM = fetchgit {
|
|
|
|
url = "git://git.fedorahosted.org/git/nss-pem.git";
|
|
|
|
rev = "07a683505d4a0a1113c4085c1ce117425d0afd80";
|
|
|
|
sha256 = "e4a9396d90e50e8b3cceff45f312eda9aaf356423f4eddd354a0e1afbbfd4cf8";
|
|
|
|
};
|
|
|
|
|
2012-08-22 01:46:48 +01:00
|
|
|
secLoadPatch = fetchurl {
|
2012-09-17 08:28:24 +01:00
|
|
|
name = "security_load.patch";
|
|
|
|
urls = [
|
2013-01-06 15:13:29 +00:00
|
|
|
# "http://patch-tracker.debian.org/patch/series/dl/nss/2:3.13.6-1/85_security_load.patch"
|
|
|
|
# "http://anonscm.debian.org/gitweb/?p=pkg-mozilla/nss.git;a=blob_plain;f=debian/patches/85_security_load.patch;hb=HEAD"
|
|
|
|
"http://www.parsix.org/export/7797/pkg/security/raul/main/nss/trunk/debian/patches/85_security_load.patch"
|
2012-09-17 08:28:24 +01:00
|
|
|
];
|
2012-08-22 01:46:48 +01:00
|
|
|
sha256 = "8a8d0ae4ebbd7c389973fa5d26d8bc5f473046c6cb1d8283cb9a3c1f4c565c47";
|
|
|
|
};
|
2009-07-06 12:42:21 +01:00
|
|
|
|
2012-08-22 01:46:48 +01:00
|
|
|
in stdenv.mkDerivation rec {
|
2012-08-20 04:41:58 +01:00
|
|
|
name = "nss-${version}";
|
2013-03-01 08:18:14 +00:00
|
|
|
version = "3.14.3";
|
2012-10-31 13:04:58 +00:00
|
|
|
|
|
|
|
src = fetchurl {
|
2013-03-01 08:18:14 +00:00
|
|
|
url = "http://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_14_3_RTM/src/${name}.tar.gz";
|
|
|
|
sha1 = "94d8781d1fa29cfbd37453dda3e9488709b82c4c";
|
2005-08-24 10:54:42 +01:00
|
|
|
};
|
|
|
|
|
2012-08-20 08:39:55 +01:00
|
|
|
buildInputs = [ nspr perl zlib sqlite ];
|
2009-07-06 10:12:44 +01:00
|
|
|
|
2012-08-21 05:10:33 +01:00
|
|
|
postUnpack = ''
|
|
|
|
cp -rdv "${nssPEM}/mozilla/security/nss/lib/ckfw/pem" \
|
|
|
|
"$sourceRoot/mozilla/security/nss/lib/ckfw/"
|
|
|
|
chmod -R u+w "$sourceRoot/mozilla/security/nss/lib/ckfw/pem"
|
|
|
|
'';
|
|
|
|
|
2012-08-22 01:46:48 +01:00
|
|
|
patches = [
|
2013-03-01 08:18:14 +00:00
|
|
|
./nss-3.14.1-gentoo-fixups-r1.patch
|
2012-08-22 01:46:48 +01:00
|
|
|
secLoadPatch
|
|
|
|
./nix_secload_fixup.patch
|
2013-03-01 08:18:14 +00:00
|
|
|
./sync-up-with-upstream-softokn-changes.patch
|
2012-08-22 01:46:48 +01:00
|
|
|
];
|
2011-01-03 17:02:58 +00:00
|
|
|
|
|
|
|
postPatch = ''
|
2012-08-21 05:10:33 +01:00
|
|
|
sed -i -e 's/^DIRS.*$/& pem/' mozilla/security/nss/lib/ckfw/manifest.mn
|
2013-03-01 08:18:14 +00:00
|
|
|
|
|
|
|
# Fix up the patch from Gentoo
|
|
|
|
sed -i \
|
|
|
|
-e "/^PREFIX =/s|= /usr|= $out|" \
|
|
|
|
-e '/@libdir@/s|gentoo/nss|lib|' \
|
|
|
|
-e '/ln -sf/d' \
|
|
|
|
mozilla/security/nss/config/Makefile
|
|
|
|
|
|
|
|
# Note for spacing/tab nazis: The TAB characters are intentional!
|
|
|
|
cat >> mozilla/security/nss/config/Makefile <<INSTALL_TARGET
|
|
|
|
install:
|
|
|
|
mkdir -p \$(DIST)/lib/pkgconfig
|
|
|
|
cp nss.pc \$(DIST)/lib/pkgconfig
|
|
|
|
INSTALL_TARGET
|
2011-01-03 17:02:58 +00:00
|
|
|
'';
|
|
|
|
|
2009-07-06 10:12:44 +01:00
|
|
|
preConfigure = "cd mozilla/security/nss";
|
|
|
|
|
nss: Clean up build/make flags.
First of all, let's remove that redundant BUILD_OPT variable.
This variable already is in makeFlags, so we really don't want it to be lurking
around in the attribute set of the derivation, and it annoys me for being there
for days.
We now state build targets explicitly rather than relying on "nss_build_all".
This makes NSPR_CONFIG_STATUS and the touch of build_nspr stamp obsolete, as
only nss_build_all includes build_nspr.
In addition, we don't need the -lz hack anymore, as this has been fixed in
recent NSS versions, so we can completly remove the postBuild hook.
And while we're at it, we're removing those outdated build instructions as well,
especially because we don't and can't follow official building guidelines
anymore, as those are difficult to apply to Nix.
2012-08-21 09:47:29 +01:00
|
|
|
makeFlags = [
|
|
|
|
"NSPR_INCLUDE_DIR=${nspr}/include/nspr"
|
|
|
|
"NSPR_LIB_DIR=${nspr}/lib"
|
|
|
|
"NSDISTMODE=copy"
|
|
|
|
"BUILD_OPT=1"
|
|
|
|
"SOURCE_PREFIX=\$(out)"
|
|
|
|
"NSS_ENABLE_ECC=1"
|
|
|
|
"NSS_USE_SYSTEM_SQLITE=1"
|
|
|
|
] ++ stdenv.lib.optional stdenv.is64bit "USE_64=1";
|
|
|
|
|
|
|
|
buildFlags = [ "build_coreconf" "build_dbm" "all" ];
|
2005-08-24 10:54:42 +01:00
|
|
|
|
2012-08-22 03:22:43 +01:00
|
|
|
postInstall = ''
|
|
|
|
rm -rf $out/private
|
|
|
|
mv $out/public $out/include
|
|
|
|
mv $out/*.OBJ/* $out/
|
|
|
|
rmdir $out/*.OBJ
|
2012-03-06 20:57:39 +00:00
|
|
|
|
2012-08-22 03:22:43 +01:00
|
|
|
cp -av config/nss-config $out/bin/nss-config
|
|
|
|
'';
|
2012-08-21 20:35:46 +01:00
|
|
|
|
|
|
|
postFixup = ''
|
|
|
|
for libname in freebl3 nssdbm3 softokn3
|
|
|
|
do
|
|
|
|
libfile="$out/lib/lib$libname.so"
|
|
|
|
LD_LIBRARY_PATH=$out/lib $out/bin/shlibsign -v -i "$libfile"
|
|
|
|
done
|
2012-08-22 03:24:44 +01:00
|
|
|
'' + stdenv.lib.optionalString (!includeTools) ''
|
|
|
|
find $out/bin -type f \( -name nss-config -o -delete \)
|
2012-08-21 20:35:46 +01:00
|
|
|
'';
|
2005-08-24 10:54:42 +01:00
|
|
|
}
|