1
0
Fork 0
mirror of git://slackware.nl/current.git synced 2025-01-15 15:41:54 +01:00
slackware-current/source/l/mozilla-nss/mozilla-nss.SlackBuild
Patrick J Volkerding 90c1d5c2c0 Tue Dec 19 21:24:05 UTC 2023
a/sysvinit-scripts-15.1-noarch-9.txz:  Rebuilt.
  rc.cpufreq: also default to "performance" for amd-pstate-epp.
  Thanks to pghvlaans.
l/LibRaw-0.21.2-x86_64-1.txz:  Upgraded.
l/gtk+3-3.24.39-x86_64-1.txz:  Upgraded.
l/libssh-0.10.6-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  Command injection using proxycommand.
  Potential downgrade attack using strict kex.
  Missing checks for return values of MD functions.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-6004
    https://www.cve.org/CVERecord?id=CVE-2023-48795
    https://www.cve.org/CVERecord?id=CVE-2023-6918
  (* Security fix *)
l/mozilla-nss-3.96.1-x86_64-1.txz:  Upgraded.
n/bluez-5.71-x86_64-2.txz:  Rebuilt.
  Fix a regression in bluez-5.71:
  [PATCH] adapter: Fix link key address type for old kernels.
  Thanks to marav.
xap/mozilla-firefox-115.6.0esr-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/115.6.0/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2023-54/
    https://www.cve.org/CVERecord?id=CVE-2023-6856
    https://www.cve.org/CVERecord?id=CVE-2023-6865
    https://www.cve.org/CVERecord?id=CVE-2023-6857
    https://www.cve.org/CVERecord?id=CVE-2023-6858
    https://www.cve.org/CVERecord?id=CVE-2023-6859
    https://www.cve.org/CVERecord?id=CVE-2023-6860
    https://www.cve.org/CVERecord?id=CVE-2023-6867
    https://www.cve.org/CVERecord?id=CVE-2023-6861
    https://www.cve.org/CVERecord?id=CVE-2023-6862
    https://www.cve.org/CVERecord?id=CVE-2023-6863
    https://www.cve.org/CVERecord?id=CVE-2023-6864
  (* Security fix *)
xap/mozilla-thunderbird-115.6.0-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.thunderbird.net/en-US/thunderbird/115.6.0/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/
    https://www.cve.org/CVERecord?id=CVE-2023-50762
    https://www.cve.org/CVERecord?id=CVE-2023-50761
    https://www.cve.org/CVERecord?id=CVE-2023-6856
    https://www.cve.org/CVERecord?id=CVE-2023-6857
    https://www.cve.org/CVERecord?id=CVE-2023-6858
    https://www.cve.org/CVERecord?id=CVE-2023-6859
    https://www.cve.org/CVERecord?id=CVE-2023-6860
    https://www.cve.org/CVERecord?id=CVE-2023-6861
    https://www.cve.org/CVERecord?id=CVE-2023-6862
    https://www.cve.org/CVERecord?id=CVE-2023-6863
    https://www.cve.org/CVERecord?id=CVE-2023-6864
  (* Security fix *)
2023-12-19 23:05:28 +01:00

185 lines
5.9 KiB
Bash
Executable file

#!/bin/bash
# Copyright 2005, 2006, 2008, 2009, 2010, 2012 Eric Hameleers, Eindhoven, NL
# Copyright 2013, 2014, 2015, 2017, 2018, 2019, 2020, 2023 Patrick J. Volkerding, Sebeka, MN, USA
# All rights reserved.
#
# Permission to use, copy, modify, and distribute this software for
# any purpose with or without fee is hereby granted, provided that
# the above copyright notice and this permission notice appear in all
# copies.
#
# THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
# IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR
# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
# OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
# -----------------------------------------------------------------------------
cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=mozilla-nss
SRCNAM=nss
VERSION=${VERSION:-3.96.1}
NSPR=${NSPR:-4.35}
BUILD=${BUILD:-1}
# Automatically determine the architecture we're building on:
MARCH=$( uname -m )
if [ -z "$ARCH" ]; then
case "$MARCH" in
i?86) export ARCH=i586 ;;
armv7hl) export ARCH=$MARCH ;;
arm*) export ARCH=arm ;;
# Unless $ARCH is already set, use uname -m for all other archs:
*) export ARCH=$MARCH ;;
esac
fi
# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
# the name of the created package would be, and then exit. This information
# could be useful to other scripts.
if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
exit 0
fi
if [ "$ARCH" = "i586" ]; then
SLKCFLAGS="-O2 -march=i586 -mtune=i686"
LIBDIRSUFFIX=""
elif [ "$ARCH" = "x86_64" ]; then
SLKCFLAGS="-O2 -fPIC"
LIBDIRSUFFIX="64"
export USE_64=1
elif [ "$ARCH" = "armv7hl" ]; then
SLKCFLAGS="-O2 -march=armv7-a -mfpu=vfpv3-d16"
LIBDIRSUFFIX=""
else
SLKCFLAGS="-O2"
LIBDIRSUFFIX=""
fi
TMP=${TMP:-/tmp}
PKG=$TMP/package-$PKGNAM
NUMJOBS=${NUMJOBS:-" -j $(expr $(nproc) + 1) "}
rm -rf $PKG
mkdir -p $TMP $PKG
cd $TMP
rm -rf nss-${VERSION}
rm -rf nspr-${NSPR}
tar xvf $CWD/nss-$VERSION.tar.?z || exit 1
cd nss-$VERSION
tar xvf $CWD/nspr-$NSPR.tar.?z || exit 1
mv nspr*/nspr .
## -Werror is problematic with gcc7:
#sed -i "s|\ -Werror| |" nss/coreconf/Werror.mk || exit 1
# Make sure ownerships and permissions are sane:
chown -R root:root .
find . \
\( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
-exec chmod 755 {} \+ -o \
\( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
-exec chmod 644 {} \+
cd nss
./build.sh -v $NUMJOBS --opt --system-sqlite --enable-libpkix --disable-tests
cd -
# Install all the needed stuff to the package dir:
mkdir -p $PKG/usr/{bin,lib${LIBDIRSUFFIX},include/{nss,nspr}}
cd dist/Release
cp -pL bin/{certutil,cmsutil,crlutil,modutil,pk12util,shlibsign,signtool,signver,ssltap} $PKG/usr/bin/
cp -pL lib/* $PKG/usr/lib${LIBDIRSUFFIX}/
chmod 755 $PKG/usr/lib${LIBDIRSUFFIX}/*.so*
cp -rL include/* $PKG/usr/include/
cp -rpL ../public/nss/*.h $PKG/usr/include/nss/
# Remove some things we do not need:
rm -f $PKG/usr/bin/*.so
rm -f $PKG/usr/lib${LIBDIRSUFFIX}/*.{TOC,a}
rm -rf $PKG/usr/include/nspr/md
# We require a few static libraries. Why? I don't remember.
cp -L ../../nss/out/Release/lib{crmf,nssb,nssckfw}.a $PKG/usr/lib${LIBDIRSUFFIX}/ || exit 1
cd -
cd nss/cmd/smimetools
cp -a smime $PKG/usr/bin/
chmod 0755 $PKG/usr/bin/smime
sed -i -e 's#/usr/local/bin#/usr/bin#g' $PKG/usr/bin/smime
cd -
# Install nspr-config:
cat nspr/Release/config/nspr-config | sed -e "s,^prefix=.*$,prefix=/usr,g" | sed -e "s,libdir=\${exec_prefix}/lib,libdir=\${exec_prefix}/lib${LIBDIRSUFFIX},g" > $PKG/usr/bin/nspr-config
chmod 755 $PKG/usr/bin/nspr-config
# Install nss-config:
sed -e "s,@prefix@,/usr,g" \
-e "s,@MOD_MAJOR_VERSION@,$(printf $VERSION | cut -d. -f1),g" \
-e "s,@MOD_MINOR_VERSION@,$(printf $VERSION | cut -d. -f2),g" \
-e "s,@MOD_PATCH_VERSION@,$(printf $VERSION | cut -d. -f3),g" \
$CWD/nss-config.in > $PKG/usr/bin/nss-config
chmod 755 $PKG/usr/bin/nss-config
# Provide pkg-config files:
mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig
cat <<EOT > $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig/mozilla-nss.pc
prefix=/usr
exec_prefix=\${prefix}
libdir=/usr/lib${LIBDIRSUFFIX}
includedir=\${prefix}/include/nss
Name: NSS
Description: Network Security Services
Version: $VERSION
Requires: nspr >= $NSPR sqlite3
Libs: -L\${libdir} -lnss3 -lsmime3 -lssl3 -lsoftokn3 -lnssutil3
Cflags: -I\${includedir}
EOT
cat <<EOT > $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig/mozilla-nspr.pc
prefix=/usr
exec_prefix=\${prefix}
libdir=/usr/lib${LIBDIRSUFFIX}
includedir=\${prefix}/include/nspr
Name: NSPR
Description: The Netscape Portable Runtime
Version: $NSPR
Libs: -L\${libdir} -lplds4 -lplc4 -lnspr4
Cflags: -I\${includedir}
EOT
( cd $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig
ln -s mozilla-nspr.pc nspr.pc
ln -s mozilla-nss.pc nss.pc
)
# Add documentation:
mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION
cp -a \
$CWD/MPL-1.1.txt $CWD/gpl-2.0.txt $CWD/lgpl-2.1.txt \
$CWD/faq.html \
$PKG/usr/doc/$PKGNAM-$VERSION
chown -R root:root $PKG/usr/doc/$PKGNAM-$VERSION
# Strip binaries:
find $PKG | xargs file | grep -e "executable" -e "shared object" \
| grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
# Add a package description:
mkdir -p $PKG/install
cat $CWD/slack-desc > $PKG/install/slack-desc
# Build the package:
cd $PKG
/sbin/makepkg -l y -c n $TMP/${PKGNAM}-${VERSION}-${ARCH}-${BUILD}.txz