about summary refs log tree commit diff
path: root/nixpkgs/pkgs/development/libraries/nss
diff options
context:
space:
mode:
authorAlyssa Ross <hi@alyssa.is>2023-06-16 06:56:35 +0000
committerAlyssa Ross <hi@alyssa.is>2023-06-16 06:56:35 +0000
commit99fcaeccb89621dd492203ce1f2d551c06f228ed (patch)
tree41cb730ae07383004789779b0f6e11cb3f4642a3 /nixpkgs/pkgs/development/libraries/nss
parent59c5f5ac8682acc13bb22bc29c7cf02f7d75f01f (diff)
parent75a5ebf473cd60148ba9aec0d219f72e5cf52519 (diff)
downloadnixlib-99fcaeccb89621dd492203ce1f2d551c06f228ed.tar
nixlib-99fcaeccb89621dd492203ce1f2d551c06f228ed.tar.gz
nixlib-99fcaeccb89621dd492203ce1f2d551c06f228ed.tar.bz2
nixlib-99fcaeccb89621dd492203ce1f2d551c06f228ed.tar.lz
nixlib-99fcaeccb89621dd492203ce1f2d551c06f228ed.tar.xz
nixlib-99fcaeccb89621dd492203ce1f2d551c06f228ed.tar.zst
nixlib-99fcaeccb89621dd492203ce1f2d551c06f228ed.zip
Merge branch 'nixos-unstable' of https://github.com/NixOS/nixpkgs
Conflicts:
	nixpkgs/nixos/modules/config/console.nix
	nixpkgs/nixos/modules/services/mail/mailman.nix
	nixpkgs/nixos/modules/services/mail/public-inbox.nix
	nixpkgs/nixos/modules/services/mail/rss2email.nix
	nixpkgs/nixos/modules/services/networking/ssh/sshd.nix
	nixpkgs/pkgs/applications/networking/instant-messengers/dino/default.nix
	nixpkgs/pkgs/applications/networking/irc/weechat/default.nix
	nixpkgs/pkgs/applications/window-managers/sway/default.nix
	nixpkgs/pkgs/build-support/go/module.nix
	nixpkgs/pkgs/build-support/rust/build-rust-package/default.nix
	nixpkgs/pkgs/development/interpreters/python/default.nix
	nixpkgs/pkgs/development/node-packages/overrides.nix
	nixpkgs/pkgs/development/tools/b4/default.nix
	nixpkgs/pkgs/servers/dict/dictd-db.nix
	nixpkgs/pkgs/servers/mail/public-inbox/default.nix
	nixpkgs/pkgs/tools/security/pinentry/default.nix
	nixpkgs/pkgs/tools/text/unoconv/default.nix
	nixpkgs/pkgs/top-level/all-packages.nix
Diffstat (limited to 'nixpkgs/pkgs/development/libraries/nss')
-rw-r--r--nixpkgs/pkgs/development/libraries/nss/85_security_load_3.85+.patch (renamed from nixpkgs/pkgs/development/libraries/nss/85_security_load.patch)14
-rw-r--r--nixpkgs/pkgs/development/libraries/nss/ckpem.patch11
-rw-r--r--nixpkgs/pkgs/development/libraries/nss/esr.nix4
-rw-r--r--nixpkgs/pkgs/development/libraries/nss/gcc-13-esr.patch44
-rw-r--r--nixpkgs/pkgs/development/libraries/nss/generic.nix54
-rw-r--r--nixpkgs/pkgs/development/libraries/nss/latest.nix4
6 files changed, 81 insertions, 50 deletions
diff --git a/nixpkgs/pkgs/development/libraries/nss/85_security_load.patch b/nixpkgs/pkgs/development/libraries/nss/85_security_load_3.85+.patch
index 2b2cce465ba7..bc3f48e66744 100644
--- a/nixpkgs/pkgs/development/libraries/nss/85_security_load.patch
+++ b/nixpkgs/pkgs/development/libraries/nss/85_security_load_3.85+.patch
@@ -12,13 +12,13 @@ index ad8f3b84e..74676d039 100644
      if (!lib) {
          PR_fprintf(PR_STDERR, "loading softokn3 failed");
 diff --git nss/lib/pk11wrap/pk11load.c nss/lib/pk11wrap/pk11load.c
-index 9e7a0a546..a0a23a1a4 100644
+index 119c8c512..720d39ccc 100644
 --- nss/lib/pk11wrap/pk11load.c
 +++ nss/lib/pk11wrap/pk11load.c
-@@ -466,6 +466,15 @@ secmod_LoadPKCS11Module(SECMODModule *mod, SECMODModule **oldModule)
-          * unload the library if anything goes wrong from here on out...
-          */
+@@ -486,6 +486,15 @@ secmod_LoadPKCS11Module(SECMODModule *mod, SECMODModule **oldModule)
+ #else
          library = PR_LoadLibrary(mod->dllName);
+ #endif // defined(_WIN32)
 +#ifndef NSS_STATIC_SOFTOKEN
 +        if ((library == NULL) &&
 +            !rindex(mod->dllName, PR_GetDirectorySeparator())) {
@@ -32,7 +32,7 @@ index 9e7a0a546..a0a23a1a4 100644
  
          if (library == NULL) {
 diff --git nss/lib/util/secload.c nss/lib/util/secload.c
-index 12efd2f75..8b74478f6 100644
+index 1cebae4e2..9194bb761 100644
 --- nss/lib/util/secload.c
 +++ nss/lib/util/secload.c
 @@ -70,9 +70,14 @@ loader_LoadLibInReferenceDir(const char* referencePath, const char* name)
@@ -66,8 +66,8 @@ index 12efd2f75..8b74478f6 100644
 @@ -89,6 +99,10 @@ loader_LoadLibInReferenceDir(const char* referencePath, const char* name)
                                                         | PR_LD_ALT_SEARCH_PATH
  #endif
-                                           );
-+            if (! dlh) {
+             );
++            if (!dlh) {
 +                strcpy(fullName + referencePathSize, name);
 +                dlh = PR_LoadLibraryWithFlags(libSpec, PR_LD_NOW | PR_LD_LOCAL);
 +            }
diff --git a/nixpkgs/pkgs/development/libraries/nss/ckpem.patch b/nixpkgs/pkgs/development/libraries/nss/ckpem.patch
deleted file mode 100644
index c1a65a6c0b28..000000000000
--- a/nixpkgs/pkgs/development/libraries/nss/ckpem.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- nss/lib/ckfw/pem/ckpem.h	2018-01-03 13:36:12.000000000 -0800
-+++ nss/lib/ckfw/pem/ckpem.h	2018-01-03 13:36:20.000000000 -0800
-@@ -156,8 +156,6 @@
- NSS_EXTERN_DATA pemInternalObject nss_pem_data[];
- NSS_EXTERN_DATA const PRUint32               nss_pem_nObjects;
- 
--  PRBool          logged_in;
--
- /* our raw object data array */
- NSS_EXTERN_DATA pemInternalObject nss_pem_data[];
- NSS_EXTERN_DATA const PRUint32               nss_pem_nObjects;
diff --git a/nixpkgs/pkgs/development/libraries/nss/esr.nix b/nixpkgs/pkgs/development/libraries/nss/esr.nix
index a789f0306d32..d9103f75399a 100644
--- a/nixpkgs/pkgs/development/libraries/nss/esr.nix
+++ b/nixpkgs/pkgs/development/libraries/nss/esr.nix
@@ -1,4 +1,4 @@
 import ./generic.nix {
-  version = "3.68.4";
-  hash = "sha256-K5/T9aG0nzs7KdEgAmdPcEgRViV1b7R3KELsfDm+Fgs=";
+  version = "3.79.4";
+  hash = "sha256-Skcdv6Wzo7fsB4U8b8CijNBmn2mEEp4k9VQeLOFdcdU=";
 }
diff --git a/nixpkgs/pkgs/development/libraries/nss/gcc-13-esr.patch b/nixpkgs/pkgs/development/libraries/nss/gcc-13-esr.patch
new file mode 100644
index 000000000000..547ee0bd3761
--- /dev/null
+++ b/nixpkgs/pkgs/development/libraries/nss/gcc-13-esr.patch
@@ -0,0 +1,44 @@
+https://bugzilla.mozilla.org/show_bug.cgi?id=1771273
+https://hg.mozilla.org/projects/nss/raw-rev/21e7aaa1f7d94bca15d997e5b4c2329b32fad21a
+
+# HG changeset patch
+# User Sergei Trofimovich <slyich@gmail.com>
+# Date 1653552519 0
+# Node ID 21e7aaa1f7d94bca15d997e5b4c2329b32fad21a
+# Parent  ad1046e9eee5f5dc17dac7c9343e2f7f0da44b4e
+Bug 1771273 - cpputil/databuffer.h: add missing <cstdint> include r=nss-reviewers,mt
+
+Without the change build fails on this week's gcc-13 snapshot as:
+
+    ../../cpputil/databuffer.h:20:20: error: 'uint8_t' does not name a type
+       20 |   DataBuffer(const uint8_t* d, size_t l) : data_(nullptr), len_(0) {
+          |                    ^~~~~~~
+    ../../cpputil/databuffer.h:14:1: note: 'uint8_t' is defined in header '<cstdint>'; did you forget to '#include <cstdint>'?
+       13 | #include <iostream>
+      +++ |+#include <cstdint>
+       14 |
+
+Differential Revision: https://phabricator.services.mozilla.com/D147404
+
+diff --git a/cpputil/databuffer.h b/cpputil/databuffer.h
+--- nss/cpputil/databuffer.h
++++ nss/cpputil/databuffer.h
+@@ -6,16 +6,17 @@
+ 
+ #ifndef databuffer_h__
+ #define databuffer_h__
+ 
+ #include <algorithm>
+ #include <cstring>
+ #include <iomanip>
+ #include <iostream>
++#include <cstdint>
+ 
+ namespace nss_test {
+ 
+ class DataBuffer {
+  public:
+   DataBuffer() : data_(nullptr), len_(0) {}
+   DataBuffer(const uint8_t* d, size_t l) : data_(nullptr), len_(0) {
+     Assign(d, l);
+
diff --git a/nixpkgs/pkgs/development/libraries/nss/generic.nix b/nixpkgs/pkgs/development/libraries/nss/generic.nix
index febc2423388e..b2d1c1e15fd8 100644
--- a/nixpkgs/pkgs/development/libraries/nss/generic.nix
+++ b/nixpkgs/pkgs/development/libraries/nss/generic.nix
@@ -19,11 +19,6 @@
 }:
 
 let
-  nssPEM = fetchurl {
-    url = "http://dev.gentoo.org/~polynomial-c/mozilla/nss-3.15.4-pem-support-20140109.patch.xz";
-    sha256 = "10ibz6y0hknac15zr6dw4gv9nb5r5z9ym6gq18j3xqx7v7n3vpdw";
-  };
-
   underscoreVersion = lib.replaceStrings [ "." ] [ "_" ] version;
 in
 stdenv.mkDerivation rec {
@@ -44,37 +39,32 @@ stdenv.mkDerivation rec {
 
   propagatedBuildInputs = [ nspr ];
 
-  prePatch = ''
-    # strip the trailing whitespace from the patch line and the renamed CKO_NETSCAPE_ enum to CKO_NSS_
-    xz -d < ${nssPEM} | sed \
-       -e 's/-DIRS = builtins $/-DIRS = . builtins/g' \
-       -e 's/CKO_NETSCAPE_/CKO_NSS_/g' \
-       -e 's/CKT_NETSCAPE_/CKT_NSS_/g' \
-       | patch -p1
-
-    patchShebangs nss
-
-    for f in nss/coreconf/config.gypi nss/build.sh nss/coreconf/config.gypi; do
-      substituteInPlace "$f" --replace "/usr/bin/env" "${buildPackages.coreutils}/bin/env"
-    done
-
-    substituteInPlace nss/coreconf/config.gypi --replace "/usr/bin/grep" "${buildPackages.coreutils}/bin/env grep"
-  '';
-
   patches = [
     # Based on http://patch-tracker.debian.org/patch/series/dl/nss/2:3.15.4-1/85_security_load.patch
-    (if (lib.versionOlder version "3.77") then
-      ./85_security_load.patch
-    else
+    (if (lib.versionOlder version "3.84") then
       ./85_security_load_3.77+.patch
+    else
+      ./85_security_load_3.85+.patch
     )
-    ./ckpem.patch
     ./fix-cross-compilation.patch
+  ] ++ lib.optionals (lib.versionOlder version "3.89") [
+    # Backport gcc-13 build fix:
+    #  https://bugzilla.mozilla.org/show_bug.cgi?id=1771273
+    #  https://hg.mozilla.org/projects/nss/raw-rev/21e7aaa1f7d94bca15d997e5b4c2329b32fad21a
+    ./gcc-13-esr.patch
   ];
 
   patchFlags = [ "-p0" ];
 
-  postPatch = lib.optionalString stdenv.hostPlatform.isDarwin ''
+  postPatch = ''
+    patchShebangs nss
+
+    for f in nss/coreconf/config.gypi nss/build.sh nss/coreconf/config.gypi; do
+      substituteInPlace "$f" --replace "/usr/bin/env" "${buildPackages.coreutils}/bin/env"
+    done
+
+    substituteInPlace nss/coreconf/config.gypi --replace "/usr/bin/grep" "${buildPackages.coreutils}/bin/env grep"
+  '' + lib.optionalString stdenv.hostPlatform.isDarwin ''
     substituteInPlace nss/coreconf/Darwin.mk --replace '@executable_path/$(notdir $@)' "$out/lib/\$(notdir \$@)"
     substituteInPlace nss/coreconf/config.gypi --replace "'DYLIB_INSTALL_NAME_BASE': '@executable_path'" "'DYLIB_INSTALL_NAME_BASE': '$out/lib'"
   '';
@@ -111,6 +101,7 @@ stdenv.mkDerivation rec {
         -Dhost_arch=${host} \
         -Duse_system_zlib=1 \
         --enable-libpkix \
+        -j $NIX_BUILD_CORES \
         ${lib.optionalString enableFIPS "--enable-fips"} \
         ${lib.optionalString stdenv.isDarwin "--clang"} \
         ${lib.optionalString (stdenv.hostPlatform != stdenv.buildPlatform) "--disable-tests"}
@@ -118,7 +109,14 @@ stdenv.mkDerivation rec {
       runHook postBuild
     '';
 
-  NIX_CFLAGS_COMPILE = "-Wno-error -DNIX_NSS_LIBDIR=\"${placeholder "out"}/lib/\" " + lib.optionalString stdenv.hostPlatform.is64bit "-DNSS_USE_64=1";
+  env.NIX_CFLAGS_COMPILE = toString ([
+    "-Wno-error"
+    "-DNIX_NSS_LIBDIR=\"${placeholder "out"}/lib/\""
+  ] ++ lib.optionals stdenv.hostPlatform.is64bit [
+    "-DNSS_USE_64=1"
+  ] ++ lib.optionals stdenv.hostPlatform.isILP32 [
+    "-DNS_PTR_LE_32=1" # See RNG_RandomUpdate() in drdbg.c
+  ]);
 
   installPhase = ''
     runHook preInstall
diff --git a/nixpkgs/pkgs/development/libraries/nss/latest.nix b/nixpkgs/pkgs/development/libraries/nss/latest.nix
index f313cc328822..fc00cd84b727 100644
--- a/nixpkgs/pkgs/development/libraries/nss/latest.nix
+++ b/nixpkgs/pkgs/development/libraries/nss/latest.nix
@@ -5,6 +5,6 @@
 #       Example: nix-shell ./maintainers/scripts/update.nix --argstr package cacert
 
 import ./generic.nix {
-  version = "3.82";
-  hash = "sha256-Mr9nO3LC+ZU+07THAzq/WmytMChUokrliMV1plZ8FXM=";
+  version = "3.89.1";
+  hash = "sha256-OtrtuecMPF9AYDv2CgHjNhkKbb4Bkp05XxawH+hKAVY=";
 }
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-16 15:37:52 +0000