Blame - meta-openembedded/meta-oe/recipes-support/nss/nss_3.51.1.bb - openbmc/owners-plugin-test

blob: fba80ce2abf5d8c70760a3bbd7291bda12afe858 [file] [log] [blame]

Andrew Geissler	82c905d	2020-04-13 13:39:40 -0500	[diff] [blame]	1	SUMMARY = "Mozilla's SSL and TLS implementation"
				2	DESCRIPTION = "Network Security Services (NSS) is a set of libraries \
				3	designed to support cross-platform development of \
				4	security-enabled client and server applications. \
				5	Applications built with NSS can support SSL v2 and v3, \
				6	TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 \
				7	v3 certificates, and other security standards."
				8	HOMEPAGE = "http://www.mozilla.org/projects/security/pki/nss/"
				9	SECTION = "libs"
				10
				11	DEPENDS = "sqlite3 nspr zlib nss-native"
				12	DEPENDS_class-native = "sqlite3-native nspr-native zlib-native"
				13
				14	LICENSE = "MPL-2.0 \| (MPL-2.0 & GPL-2.0+) \| (MPL-2.0 & LGPL-2.1+)"
				15
				16	LIC_FILES_CHKSUM = "file://nss/COPYING;md5=3b1e88e1b9c0b5a4b2881d46cce06a18 \
				17	file://nss/lib/freebl/mpi/doc/LICENSE;md5=491f158d09d948466afce85d6f1fe18f \
				18	file://nss/lib/freebl/mpi/doc/LICENSE-MPL;md5=5d425c8f3157dbf212db2ec53d9e5132"
				19
				20	VERSION_DIR = "${@d.getVar('BP').upper().replace('-', '_').replace('.', '_') + '_RTM'}"
				21
				22	SRC_URI = "http://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/${VERSION_DIR}/src/${BP}.tar.gz \
				23	file://nss.pc.in \
				24	file://signlibs.sh \
				25	file://0001-nss-fix-support-cross-compiling.patch \
				26	file://nss-no-rpath-for-cross-compiling.patch \
				27	file://nss-fix-incorrect-shebang-of-perl.patch \
				28	file://disable-Wvarargs-with-clang.patch \
				29	file://pqg.c-ULL_addend.patch \
				30	file://blank-cert9.db \
				31	file://blank-key4.db \
				32	file://system-pkcs11.txt \
				33	file://nss-fix-nsinstall-build.patch \
				34	file://0001-freebl-add-a-configure-option-to-disable-ARM-HW-cryp.patch \
				35	file://riscv.patch \
Andrew Geissler	e231d58	2020-05-05 08:53:09 -0500	[diff] [blame^]	36	file://0001-Enable-uint128-on-mips64.patch \
Andrew Geissler	82c905d	2020-04-13 13:39:40 -0500	[diff] [blame]	37	"
				38
				39	SRC_URI[md5sum] = "6acaf1ddff69306ae30a908881c6f233"
				40	SRC_URI[sha256sum] = "085c5eaceef040eddea639e2e068e70f0e368f840327a678ef74ae3d6c15ca78"
				41
				42	UPSTREAM_CHECK_URI = "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_Releases"
				43	UPSTREAM_CHECK_REGEX = "NSS_(?P<pver>.+)_release_notes"
				44
				45	inherit siteinfo
				46
				47	TD = "${S}/tentative-dist"
				48	TDS = "${S}/tentative-dist-staging"
				49
				50	TARGET_CC_ARCH += "${LDFLAGS}"
				51
				52	do_configure_prepend_libc-musl () {
				53	sed -i -e '/-DHAVE_SYS_CDEFS_H/d' ${S}/nss/lib/dbm/config/config.mk
				54	}
				55
				56	do_compile_prepend_class-native() {
				57	export NSPR_INCLUDE_DIR=${STAGING_INCDIR_NATIVE}/nspr
				58	export NSPR_LIB_DIR=${STAGING_LIBDIR_NATIVE}
				59	export NSS_ENABLE_WERROR=0
				60	}
				61
				62	do_compile_prepend_class-nativesdk() {
				63	export LDFLAGS=""
				64	}
				65
				66	do_compile_prepend_class-native() {
				67	# Need to set RPATH so that chrpath will do its job correctly
				68	RPATH="-Wl,-rpath-link,${STAGING_LIBDIR_NATIVE} -Wl,-rpath-link,${STAGING_BASE_LIBDIR_NATIVE} -Wl,-rpath,${STAGING_LIBDIR_NATIVE} -Wl,-rpath,${STAGING_BASE_LIBDIR_NATIVE}"
				69	}
				70
				71	do_compile() {
				72	export NSPR_INCLUDE_DIR=${STAGING_INCDIR}/nspr
				73
				74	export CROSS_COMPILE=1
				75	export NATIVE_CC="${BUILD_CC}"
				76	# Additional defines needed on Centos 7
				77	export NATIVE_FLAGS="${BUILD_CFLAGS} -DLINUX -Dlinux"
				78	export BUILD_OPT=1
				79
				80	export FREEBL_NO_DEPEND=1
				81	export FREEBL_LOWHASH=1
				82
				83	export LIBDIR=${libdir}
				84	export MOZILLA_CLIENT=1
				85	export NS_USE_GCC=1
				86	export NSS_USE_SYSTEM_SQLITE=1
				87	export NSS_ENABLE_ECC=1
				88
				89	${@bb.utils.contains("TUNE_FEATURES", "crypto", "export NSS_USE_ARM_HW_CRYPTO=1", "", d)}
				90
				91	export OS_RELEASE=3.4
				92	export OS_TARGET=Linux
				93	export OS_ARCH=Linux
				94
				95	if [ "${TARGET_ARCH}" = "powerpc" ]; then
				96	OS_TEST=ppc
				97	elif [ "${TARGET_ARCH}" = "powerpc64" ]; then
				98	OS_TEST=ppc64
				99	elif [ "${TARGET_ARCH}" = "mips" -o "${TARGET_ARCH}" = "mipsel" -o "${TARGET_ARCH}" = "mips64" -o "${TARGET_ARCH}" = "mips64el" ]; then
				100	OS_TEST=mips
				101	elif [ "${TARGET_ARCH}" = "aarch64_be" ]; then
				102	OS_TEST="aarch64"
				103	else
				104	OS_TEST="${TARGET_ARCH}"
				105	fi
				106
				107	if [ "${SITEINFO_BITS}" = "64" ]; then
				108	export USE_64=1
				109	elif [ "${TARGET_ARCH}" = "x86_64" -a "${SITEINFO_BITS}" = "32" ]; then
				110	export USE_X32=1
				111	fi
				112
				113	export NSS_DISABLE_GTESTS=1
				114
				115	# We can modify CC in the environment, but if we set it via an
				116	# argument to make, nsinstall, a host program, will also build with it!
				117	#
				118	# nss pretty much does its own thing with CFLAGS, so we put them into CC.
				119	# Optimization will get clobbered, but most of the stuff will survive.
				120	# The motivation for this is to point to the correct place for debug
				121	# source files and CFLAGS does that. Nothing uses CCC.
				122	#
				123	export CC="${CC} ${CFLAGS}"
				124	make -C ./nss CCC="${CXX} -g" \
				125	OS_TEST=${OS_TEST} \
				126	RPATH="${RPATH}"
				127	}
				128
				129	do_compile[vardepsexclude] += "SITEINFO_BITS"
				130
				131	do_install_prepend_class-nativesdk() {
				132	export LDFLAGS=""
				133	}
				134
				135	do_install() {
				136	export CROSS_COMPILE=1
				137	export NATIVE_CC="${BUILD_CC}"
				138	export BUILD_OPT=1
				139
				140	export FREEBL_NO_DEPEND=1
				141
				142	export LIBDIR=${libdir}
				143	export MOZILLA_CLIENT=1
				144	export NS_USE_GCC=1
				145	export NSS_USE_SYSTEM_SQLITE=1
				146	export NSS_ENABLE_ECC=1
				147
				148	export OS_RELEASE=3.4
				149	export OS_TARGET=Linux
				150	export OS_ARCH=Linux
				151
				152	if [ "${TARGET_ARCH}" = "powerpc" ]; then
				153	OS_TEST=ppc
				154	elif [ "${TARGET_ARCH}" = "powerpc64" ]; then
				155	OS_TEST=ppc64
				156	elif [ "${TARGET_ARCH}" = "mips" -o "${TARGET_ARCH}" = "mipsel" -o "${TARGET_ARCH}" = "mips64" -o "${TARGET_ARCH}" = "mips64el" ]; then
				157	OS_TEST=mips
				158	elif [ "${TARGET_ARCH}" = "aarch64_be" ]; then
				159	CPU_ARCH=aarch64
				160	OS_TEST="aarch64"
				161	else
				162	OS_TEST="${TARGET_ARCH}"
				163	fi
				164	if [ "${SITEINFO_BITS}" = "64" ]; then
				165	export USE_64=1
				166	elif [ "${TARGET_ARCH}" = "x86_64" -a "${SITEINFO_BITS}" = "32" ]; then
				167	export USE_X32=1
				168	fi
				169
				170	export NSS_DISABLE_GTESTS=1
				171
				172	make -C ./nss \
				173	CCC="${CXX}" \
				174	OS_TEST=${OS_TEST} \
				175	SOURCE_LIB_DIR="${TD}/${libdir}" \
				176	SOURCE_BIN_DIR="${TD}/${bindir}" \
				177	install
				178
				179	install -d ${D}/${libdir}/
				180	for file in ${S}/dist/.OBJ/lib/.so; do
				181	echo "Installing `basename $file`..."
				182	cp $file ${D}/${libdir}/
				183	done
				184
				185	for shared_lib in ${TD}/${libdir}/.so.; do
				186	if [ -f $shared_lib ]; then
				187	cp $shared_lib ${D}/${libdir}
				188	ln -sf $(basename $shared_lib) ${D}/${libdir}/$(basename $shared_lib .1oe)
				189	fi
				190	done
				191	for shared_lib in ${TD}/${libdir}/*.so; do
				192	if [ -f $shared_lib -a ! -e ${D}/${libdir}/$shared_lib ]; then
				193	cp $shared_lib ${D}/${libdir}
				194	fi
				195	done
				196
				197	install -d ${D}/${includedir}/nss3
				198	install -m 644 -t ${D}/${includedir}/nss3 dist/public/nss/*
				199
				200	install -d ${D}/${bindir}
				201	for binary in ${TD}/${bindir}/*; do
				202	install -m 755 -t ${D}/${bindir} $binary
				203	done
				204	}
				205
				206	do_install[vardepsexclude] += "SITEINFO_BITS"
				207
				208	do_install_append() {
				209	# Create empty .chk files for the NSS libraries at build time. They could
				210	# be regenerated at target's boot time.
				211	for file in libsoftokn3.chk libfreebl3.chk libnssdbm3.chk; do
				212	touch ${D}/${libdir}/$file
				213	chmod 755 ${D}/${libdir}/$file
				214	done
				215	install -D -m 755 ${WORKDIR}/signlibs.sh ${D}/${bindir}/signlibs.sh
				216
				217	install -d ${D}${libdir}/pkgconfig/
				218	sed 's/%NSS_VERSION%/${PV}/' ${WORKDIR}/nss.pc.in \| sed 's/%NSPR_VERSION%/4.9.2/' > ${D}${libdir}/pkgconfig/nss.pc
				219	sed -i s:OEPREFIX:${prefix}:g ${D}${libdir}/pkgconfig/nss.pc
				220	sed -i s:OEEXECPREFIX:${exec_prefix}:g ${D}${libdir}/pkgconfig/nss.pc
				221	sed -i s:OELIBDIR:${libdir}:g ${D}${libdir}/pkgconfig/nss.pc
				222	sed -i s:OEINCDIR:${includedir}/nss3:g ${D}${libdir}/pkgconfig/nss.pc
				223	}
				224
				225	do_install_append_class-target() {
				226	# It used to call certutil to create a blank certificate with empty password at
				227	# build time, but the checksum of key4.db changes every time when certutil is called.
				228	# It causes non-determinism issue, so provide databases with a blank certificate
				229	# which are originally from output of nss in qemux86-64 build. You can get these
				230	# databases by:
				231	# certutil -N -d sql:/database/path/ --empty-password
				232	install -d ${D}${sysconfdir}/pki/nssdb/
				233	install -m 0644 ${WORKDIR}/blank-cert9.db ${D}${sysconfdir}/pki/nssdb/cert9.db
				234	install -m 0644 ${WORKDIR}/blank-key4.db ${D}${sysconfdir}/pki/nssdb/key4.db
				235	install -m 0644 ${WORKDIR}/system-pkcs11.txt ${D}${sysconfdir}/pki/nssdb/pkcs11.txt
				236	}
				237
				238	PACKAGE_WRITE_DEPS += "nss-native"
				239	pkg_postinst_${PN} () {
				240	if [ -n "$D" ]; then
				241	for I in $D${libdir}/lib*.chk; do
				242	DN=`dirname $I`
				243	BN=`basename $I .chk`
				244	FN=$DN/$BN.so
				245	shlibsign -i $FN
				246	if [ $? -ne 0 ]; then
				247	exit 1
				248	fi
				249	done
				250	else
				251	signlibs.sh
				252	fi
				253	}
				254
				255	PACKAGES =+ "${PN}-smime"
				256	FILES_${PN}-smime = "\
				257	${bindir}/smime \
				258	"
				259
				260	FILES_${PN} = "\
				261	${sysconfdir} \
				262	${bindir} \
				263	${libdir}/lib*.chk \
				264	${libdir}/lib*.so \
				265	"
				266
				267	FILES_${PN}-dev = "\
				268	${libdir}/nss \
				269	${libdir}/pkgconfig/* \
				270	${includedir}/* \
				271	"
				272
				273	RDEPENDS_${PN}-smime = "perl"
				274
				275	BBCLASSEXTEND = "native nativesdk"