#!/bin/sh #-- nss for Slackware -- # Build script by Phantom X # Suggested usage: $ nss.SlackBuild 2>&1 | tee build.log #-- # Copyright 2008, 2009, 2010, 2011 Phantom X, Goiania, Brazil. # Copyright 2006 Martijn Dekker, Groningen, Netherlands. # # Redistribution and use of this script, with or without modification, is # permitted provided that the following conditions are met: # # 1. Redistributions of this script must retain the above copyright # notice, this list of conditions and the following disclaimer. # # THIS SOFTWARE IS PROVIDED BY THE AUTHOR `AS IS'' AND ANY EXPRESS OR IMPLIED # WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF # MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO # EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, # PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; # OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # http://www.mozilla.org/projects/security/pki/nss/ PACKAGER_ID=${PACKAGER_ID:-$USER} PACKAGER=${PACKAGER:-$USER@$HOSTNAME} # Set YES for native build with gcc >= 4.2 SB_NATIVE=${SB_NATIVE:-NO} # Set to YES to replicate slackbuild and patches SB_REP=${SB_REP:-YES} CWD=$(pwd) TMP=${TMP:-/tmp} if [ ! -d ${TMP} ]; then mkdir -p ${TMP} fi NAME=nss PKG=${PKG:-${TMP}/package-${NAME}} VERSION=${VERSION:-3.12.9} NSPR_VERSION=${NSPR_VERSION:-$(pkg-config nspr --modversion)} PEMVER=${PEMVER:-20101125} if [ "${SB_NATIVE}" = "YES" ] ;then ARCH=${ARCH:-$(uname -m)} else ARCH=${ARCH:-x86_64} fi if [ "${ARCH}" = "x86_64" ] ;then SLKTARGET=${SLKTARGET:-x86_64} else SLKTARGET=${SLKTARGET:-i486} fi SLKDTARGET=${SLKDTARGET:-slackware} BUILD=${BUILD:-2} NJOBS=${NJOBS:-$(( $(getconf _NPROCESSORS_ONLN) + 1 ))} DOCDIR=${PKG}/usr/doc/${NAME}-${VERSION} SBDIR=${PKG}/usr/src/slackbuilds/${NAME} PKGDEST=${PKGDEST:-${CWD}} PKGFORMAT=${PKGFORMAT:-txz} PKGNAME=${NAME}-$(echo ${VERSION} | tr - . )-${ARCH}-${BUILD}${PACKAGER_ID} # Set to YES to enable tests SB_TEST=${SB_TEST:-NO} DATE=$(LC_ALL=C date +%d-%b-%Y) SRCDIR=${NAME}-${VERSION} SRCARCHIVE=${SRCDIR}.tar.gz SRCDIR2=${NAME}-pem-${PEMVER} SRCARCHIVE2=${SRCDIR2}.tar.bz2 DL_PROG=${DL_PROG:-wget} DL_TO=${DL_TO:-5} DL_OPTS=${DL_OPTS:-"--timeout=${DL_TO}"} DL_URL="http://ftp.mozilla.org/pub/mozilla.org/security/${NAME}/releases/NSS_$(echo ${VERSION} | tr . _ )_RTM/src/${SRCARCHIVE}" FEDORADIST=fedora-dist.sh FEDORABRANCH=${FEDORABRANCH:-devel} # if source is not present, download in source rootdir if possible test -r ${CWD}/${SRCARCHIVE} || ${DL_PROG} ${DL_OPTS} ${DL_URL} if ! test -r ${CWD}/${SRCARCHIVE} ;then SRCARCHIVE=${SRCDIR}.tar.bz2 sh ${CWD}/${FEDORADIST} ${NAME} ${FEDORABRANCH} ${SRCARCHIVE} || exit 1 fi test -r ${CWD}/${SRCARCHIVE2} || sh ${CWD}/${FEDORADIST} ${NAME} ${FEDORABRANCH} ${SRCARCHIVE2} || exit 1 if [ "${SB_NATIVE}" = "YES" ] ;then SLKCFLAGS="-O2 -march=native -mtune=native ${SB_ECFLAGS} -pipe" else case "${ARCH}" in i[3-6]86) SLKCFLAGS="-O2 -march=${ARCH} -mtune=i686" ;; x86_64) SLKCFLAGS="-O2 -fPIC" ;; s390|*) SLKCFLAGS="-O2" ;; esac fi if [ "${ARCH}" = "x86_64" ] ;then LIBDIRSUFFIX="64" SLKCFLAGS="${SLKCFLAGS} -fPIC" export USE_64=1 else LIBDIRSUFFIX="" USE_64="" fi # Directory for unssuported tools UNSUPPORTED_TOOLS_DIR=usr/lib${LIBDIRSUFFIX}/nss/unsupported-tools if [ -d ${PKG} ]; then # Clean up a previous build rm -rf ${PKG} fi mkdir -p ${PKG} cd ${TMP} rm -rf ${SRCDIR} tar -xvf ${CWD}/${SRCARCHIVE} || exit 1 cd ${SRCDIR} || exit 1 tar -xvf ${CWD}/${SRCARCHIVE2} || exit 1 chmod -R u+w,go+r-w,a-s . if [ -r ${CWD}/apply-patches.sh ]; then . ${CWD}/apply-patches.sh || exit 1 fi # Respect LDFLAGS sed -i -e 's/\$(MKSHLIB) -o/\$(MKSHLIB) \$(LDFLAGS) -o/g' ./mozilla/security/*/rules.mk || exit 1 FREEBL_NO_DEPEND=1 export FREEBL_NO_DEPEND FREEBL_USE_PRELINK=1 export FREEBL_USE_PRELINK # Enable compiler optimizations and disable debugging code BUILD_OPT=1 export BUILD_OPT # Generate symbolic info for debuggers XCFLAGS="${SLKCFLAGS}" export XCFLAGS #export NSPR_INCLUDE_DIR=$(nspr-config --includedir) #export NSPR_LIB_DIR=$(nspr-config --libdir) PKG_CONFIG_ALLOW_SYSTEM_LIBS=1 PKG_CONFIG_ALLOW_SYSTEM_CFLAGS=1 export PKG_CONFIG_ALLOW_SYSTEM_LIBS export PKG_CONFIG_ALLOW_SYSTEM_CFLAGS NSPR_INCLUDE_DIR=$(/usr/bin/pkg-config --cflags-only-I nspr | sed 's/-I//') NSPR_LIB_DIR=$(/usr/bin/pkg-config --libs-only-L nspr | sed 's/-L//') export NSPR_INCLUDE_DIR export NSPR_LIB_DIR NSS_USE_SYSTEM_SQLITE=1 export NSS_USE_SYSTEM_SQLITE # NSS_ENABLE_ECC=1 # export NSS_ENABLE_ECC make -C ./mozilla/security/coreconf || exit 1 make -C ./mozilla/security/dbm || exit 1 make -C ./mozilla/security/nss || exit 1 # Set up our package file mkdir -p ${PKG}/usr/lib${LIBDIRSUFFIX}/pkgconfig NSS_VMAJOR=$(cat mozilla/security/nss/lib/nss/nss.h | grep "#define.*NSS_VMAJOR" | awk '{print $3}') NSS_VMINOR=$(cat mozilla/security/nss/lib/nss/nss.h | grep "#define.*NSS_VMINOR" | awk '{print $3}') NSS_VPATCH=$(cat mozilla/security/nss/lib/nss/nss.h | grep "#define.*NSS_VPATCH" | awk '{print $3}') NSS_VERSION="${NSS_VMAJOR}.${NSS_VMINOR}.${NSS_VPATCH}" export NSS_VMAJOR export NSS_VMINOR export NSS_VPATCH export NSS_VERSION NSSUTIL_VMAJOR=$(cat mozilla/security/nss/lib/util/nssutil.h | grep "#define.*NSSUTIL_VMAJOR" | awk '{print $3}') NSSUTIL_VMINOR=$(cat mozilla/security/nss/lib/util/nssutil.h | grep "#define.*NSSUTIL_VMINOR" | awk '{print $3}') NSSUTIL_VPATCH=$(cat mozilla/security/nss/lib/util/nssutil.h | grep "#define.*NSSUTIL_VPATCH" | awk '{print $3}') NSSUTIL_VERSION="${NSSUTIL_VMAJOR}.${NSSUTIL_VMINOR}.${NSSUTIL_VPATCH}" export NSSUTIL_VMAJOR export NSSUTIL_VMINOR export NSSUTIL_VPATCH export NSSUTIL_VERSION SOFTOKEN_VMAJOR=$(cat mozilla/security/nss/lib/softoken/softkver.h | grep "#define.*SOFTOKEN_VMAJOR" | awk '{print $3}') SOFTOKEN_VMINOR=$(cat mozilla/security/nss/lib/softoken/softkver.h | grep "#define.*SOFTOKEN_VMINOR" | awk '{print $3}') SOFTOKEN_VPATCH=$(cat mozilla/security/nss/lib/softoken/softkver.h | grep "#define.*SOFTOKEN_VPATCH" | awk '{print $3}') SOFTOKEN_VERSION="${SOFTOKEN_VMAJOR}.${SOFTOKEN_VMINOR}.${SOFTOKEN_VPATCH}" export SOFTOKEN_VMAJOR export SOFTOKEN_VMINOR export SOFTOKEN_VPATCH export SOFTOKEN_VERSION SBPKGCONFIGDIR=${CWD}/pkgconfig SB_PKGCONFIG() { zcat $1 | sed \ -e "s,_libdir_,/usr/lib${LIBDIRSUFFIX},g" \ -e "s,_prefix_,/usr,g" \ -e "s,_execprefix_,/usr,g" \ -e "s,_includedir_,/usr/include/nss3,g" \ -e "s,_NSPR_VERSION_,${NSPR_VERSION},g" \ -e "s,_NSS_VERSION_,${NSS_VERSION},g" \ -e "s,_NSSUTIL_VERSION_,${NSSUTIL_VERSION},g" \ -e "s,_SOFTOKEN_VERSION_,${SOFTOKEN_VERSION},g" \ > ${PKG}/usr/lib${LIBDIRSUFFIX}/pkgconfig/$2 } SB_PKGCONFIG ${SBPKGCONFIGDIR}/nss.pc.in.gz nss.pc || exit 1 SB_PKGCONFIG ${SBPKGCONFIGDIR}/nss-util.pc.in.gz nss-util.pc || exit 1 SB_PKGCONFIG ${SBPKGCONFIGDIR}/nss-softokn.pc.in.gz nss-softokn.pc || exit 1 mkdir -p ${PKG}/usr/bin zcat ${SBPKGCONFIGDIR}/nss-config.in.gz | sed \ -e "s,@libdir@,/usr/lib${LIBDIRSUFFIX},g" \ -e "s,@prefix@,/usr,g" \ -e "s,@exec_prefix@,/usr,g" \ -e "s,@includedir@,/usr/include/nss3,g" \ -e "s,@MOD_MAJOR_VERSION@,${NSS_VMAJOR},g" \ -e "s,@MOD_MINOR_VERSION@,${NSS_VMINOR},g" \ -e "s,@MOD_PATCH_VERSION@,${NSS_VPATCH},g" \ > ${PKG}/usr/bin/nss-config || exit 1 zcat ${SBPKGCONFIGDIR}/nss-util-config.in.gz | sed \ -e "s,@libdir@,/usr/lib${LIBDIRSUFFIX},g" \ -e "s,@prefix@,/usr,g" \ -e "s,@exec_prefix@,/usr,g" \ -e "s,@includedir@,/usr/include/nss3,g" \ -e "s,@MOD_MAJOR_VERSION@,${NSSUTIL_VMAJOR},g" \ -e "s,@MOD_MINOR_VERSION@,${NSSUTIL_VMINOR},g" \ -e "s,@MOD_PATCH_VERSION@,${NSSUTIL_VPATCH},g" \ > ${PKG}/usr/bin/nss-util-config || exit 1 zcat ${SBPKGCONFIGDIR}/nss-softokn-config.in.gz | sed \ -e "s,@libdir@,/usr/lib${LIBDIRSUFFIX},g" \ -e "s,@prefix@,/usr,g" \ -e "s,@exec_prefix@,/usr,g" \ -e "s,@includedir@,/usr/include/nss3,g" \ -e "s,@MOD_MAJOR_VERSION@,${SOFTOKEN_VMAJOR},g" \ -e "s,@MOD_MINOR_VERSION@,${SOFTOKEN_VMINOR},g" \ -e "s,@MOD_PATCH_VERSION@,${SOFTOKEN_VPATCH},g" \ > ${PKG}/usr/bin/nss-softokn-config || exit 1 chmod 755 ${PKG}/usr/bin/nss*-config install -pm0755 ${CWD}/setup-nsssysinit.sh ${PKG}/usr/bin/setup-nsssysinit.sh || exit 1 if [ "${SB_TEST}" = "YES" ] ; then echo "====================TESTING=========================" # enable the following line to force a test failure # find ./mozilla -name \*.chk | xargs rm -f # Run test suite. SPACEISBAD=$(find ./mozilla/security/nss/tests | grep -c ' ') if [ ${SPACEISBAD} -ne 0 ]; then echo "error: filenames containing space are not supported (xargs)" exit 1 fi MYRAND=$(perl -e 'print 9000 + int rand 1000'); echo ${MYRAND} RANDSERV=selfserv_${MYRAND}; echo ${RANDSERV} DISTBINDIR=$(ls -d ./mozilla/dist/*.OBJ/bin); echo ${DISTBINDIR} ( cd $(pwd) || exit 1 cd ${DISTBINDIR} || exit 1 ln -s selfserv ${RANDSERV} || exit 1 ) || exit 1 # man perlrun, man perlrequick # replace word-occurrences of selfserv with selfserv_$MYRAND find ./mozilla/security/nss/tests -type f |\ grep -v "\.db$" |grep -v "\.crl$" | grep -v "\.crt$" |\ grep -vw CVS |xargs grep -lw selfserv |\ xargs -l perl -pi -e "s/\bselfserv\b/$RANDSERV/g" ||: killall ${RANDSERV} rm -rf ./mozilla/tests_results ( cd ./mozilla/security/nss/tests/ || exit 1 # all.sh is the test suite script HOST="$(hostname -s)" DOMSUF="$(hostname -d)" PORT=${MYRAND} ./all.sh || exit 1 ) || exit 1 killall ${RANDSERV} TEST_FAILURES=$(grep -c FAILED ./mozilla/tests_results/security/$(hostname -s).1/output.log) || : if [ ${TEST_FAILURES} -ne 0 ]; then echo "error: test suite returned failure(s)" exit 1 fi echo "test suite completed" fi # There is no make install target so we'll do it ourselves. mkdir -p ${PKG}/usr/include/nss3 mkdir -p ${PKG}/usr/bin mkdir -p ${PKG}/usr/lib${LIBDIRSUFFIX} mkdir -p ${PKG}/${UNSUPPORTED_TOOLS_DIR} # Copy the binary libraries we want for file in \ libnssutil3.so \ libfreebl3.so libsoftokn3.so libnssdbm3.so \ libnss3.so libnssckbi.so libnsspem.so libnsssysinit.so libsmime3.so libssl3.so do install -p -m 755 mozilla/dist/*.OBJ/lib/${file} ${PKG}/usr/lib${LIBDIRSUFFIX}/${file} || exit 1 done || exit 1 # These ghost files will be generated in the post step for file in libsoftokn3 libfreebl3 libnssdbm3 do touch ${PKG}/usr/lib${LIBDIRSUFFIX}/${file}.chk || exit 1 done SB_DB_DIR=${CWD}/db # Install the empty NSS db files # Legacy db mkdir -p ${PKG}/etc/pki/nssdb zcat ${SB_DB_DIR}/blank-cert8.db.gz > ${PKG}/etc/pki/nssdb/cert8.db.new || exit 1 zcat ${SB_DB_DIR}/blank-key3.db.gz > ${PKG}/etc/pki/nssdb/key3.db.new || exit 1 zcat ${SB_DB_DIR}/blank-secmod.db.gz > ${PKG}/etc/pki/nssdb/secmod.db.new || exit 1 # Shared db zcat ${SB_DB_DIR}/blank-cert9.db.gz > ${PKG}/etc/pki/nssdb/cert9.db.new || exit 1 zcat ${SB_DB_DIR}/blank-key4.db.gz > ${PKG}/etc/pki/nssdb/key4.db.new || exit 1 install -pm0644 ${SB_DB_DIR}/system-pkcs11.txt ${PKG}/etc/pki/nssdb/pkcs11.txt.new || exit 1 # Copy the development libraries we want for file in libcrmf.a libnssb.a libnssckfw.a do install -p -m 644 mozilla/dist/*.OBJ/lib/${file} ${PKG}/usr/lib${LIBDIRSUFFIX}/ || exit 1 done || exit 1 # Copy the static freebl library for file in libfreebl.a do install -p -m 644 mozilla/dist/*.OBJ/lib/${file} ${PKG}/usr/lib${LIBDIRSUFFIX}/${file} || exit 1 done # Copy the binaries we want for file in certutil cmsutil crlutil modutil pk12util signtool signver ssltap do install -p -m 755 mozilla/dist/*.OBJ/bin/${file} ${PKG}/usr/bin/ || exit 1 done || exit 1 # Copy the binaries we ship as unsupported for file in atob btoa derdump ocspclnt pp selfserv shlibsign strsclnt symkeyutil tstclnt vfyserv vfychain do install -p -m 755 mozilla/dist/*.OBJ/bin/${file} \ ${PKG}/${UNSUPPORTED_TOOLS_DIR}/ || exit 1 done || exit 1 # Copy the include files we want for file in mozilla/dist/public/nss/*.h do install -m 644 ${file} ${PKG}/usr/include/nss3/ || exit 1 done || exit 1 find ${PKG} | xargs file | grep -e "executable" -e "shared object" | grep ELF \ | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null # Add a documentation directory: mkdir -p ${DOCDIR} cp -a \ ${CWD}/ChangeLog.SB \ ${DOCDIR}/ find ${DOCDIR}/ -type d -print0 | xargs -0 chmod 0755 find ${DOCDIR}/ -type f -print0 | xargs -0 chmod 0644 # Compress and link manpages, if any: if [ -d ${PKG}/usr/share/man ]; then mv ${PKG}/usr/share/man ${PKG}/usr/man rmdir ${PKG}/usr/share fi if [ -d ${PKG}/usr/man ]; then ( cd ${PKG}/usr/man for manpagedir in $(find . -type d -name "man*") ; do ( cd ${manpagedir} for eachpage in $( find . -type l -maxdepth 1) ; do ln -s $( readlink ${eachpage} ).gz ${eachpage}.gz rm ${eachpage} done gzip -9 *.? # Prevent errors rm -f *.gz.gz ) done ) fi mkdir -p ${PKG}/install cat ${CWD}/slack-desc > ${PKG}/install/slack-desc cat ${CWD}/slack-required > ${PKG}/install/slack-required cat > ${PKG}/install/doinst.sh </dev/null 2>/dev/null \${CHROOT} /${UNSUPPORTED_TOOLS_DIR}/shlibsign -i usr/lib${LIBDIRSUFFIX}/libfreebl3.so >/dev/null 2>/dev/null \${CHROOT} /${UNSUPPORTED_TOOLS_DIR}/shlibsign -i usr/lib${LIBDIRSUFFIX}/libnssdbm3.so >/dev/null 2>/dev/null fi if grep '^/usr/lib${LIBDIRSUFFIX}/seamonkey' etc/ld.so.conf 1> /dev/null 2> /dev/null ; then sed -i -e '/^\/usr\/lib${LIBDIRSUFFIX}\/seamonkey/s|^|#|g' etc/ld.so.conf fi if [ -x /sbin/ldconfig ]; then /sbin/ldconfig 2> /dev/null fi config() { NEW="\$1" OLD="\$(dirname \$NEW)/\$(basename \$NEW .new)" # If there's no config file by that name, mv it over: if [ ! -r \$OLD ]; then mv \$NEW \$OLD elif [ "\$(cat \$OLD | md5sum)" = "\$(cat \$NEW | md5sum)" ]; then # toss the redundant copy rm \$NEW fi # Otherwise, we leave the .new copy for the admin to consider... } ## List of conf files to check. The conf files in your package should end in .new EOF ( cd ${PKG} find etc/ -name *.new -exec echo config {} ';' | sort >> ${PKG}/install/doinst.sh echo >> ${PKG}/install/doinst.sh ) cat >> ${PKG}/install/doinst.sh <<'EOF' if [ -f etc/pki/nssdb/pkcs11.txt -a -x usr/bin/setup-nsssysinit.sh ] ;then ${CHROOT} /usr/bin/setup-nsssysinit.sh on fi EOF sed -i "s|_PACKAGER|${PACKAGER}|g; s|_BUILD_DATE|${DATE}|g" \ ${PKG}/install/slack-desc if [ "${SB_REP}" = "YES" ] ;then # Replicate slackbuild and patches mkdir -p ${SBDIR}/{db,patches,pkgconfig} install -m0644 ${CWD}/slack-desc ${CWD}/slack-required ${CWD}/ChangeLog.SB \ ${CWD}/${FEDORADIST} ${CWD}/apply-patches.sh ${CWD}/setup-*.sh \ ${SBDIR}/ install -m0755 ${CWD}/${NAME}.SlackBuild \ ${SBDIR}/${NAME}.SlackBuild install -m0644 ${CWD}/db/*.* \ ${SBDIR}/db/ install -m0644 ${CWD}/patches/*.* \ ${SBDIR}/patches/ install -m0644 ${CWD}/pkgconfig/*.gz \ ${SBDIR}/pkgconfig/ fi # Build package: set +o xtrace # no longer print commands upon execution ROOTCOMMANDS="set -o errexit -o xtrace ; cd ${PKG} ; /bin/chown --recursive root:root . ;" ROOTCOMMANDS="${ROOTCOMMANDS} /sbin/makepkg --prepend --linkadd y --chown n ${PKGDEST}/${PKGNAME}.${PKGFORMAT} " if test ${UID} = 0; then eval ${ROOTCOMMANDS} set +o xtrace elif test "$(type -t fakeroot)" = 'file'; then echo -e "\e[1mEntering fakeroot environment.\e[0m" echo ${ROOTCOMMANDS} | fakeroot else echo -e "\e[1mPlease enter your root password.\e[0m (Consider installing fakeroot.)" /bin/su -c "${ROOTCOMMANDS}" fi # Clean up the extra stuff: if [ "$1" = "--cleanup" ]; then echo "Cleaning..." if [ -d ${TMP}/${SRCDIR} ]; then rm -rf ${TMP}/${SRCDIR} && echo "${TMP}/${SRCDIR} cleanup completed" fi if [ -d ${PKG} ]; then rm -rf ${PKG} && echo "${PKG} cleanup completed" fi rmdir ${TMP} && echo "${TMP} cleanup completed" fi exit 0