Commit Graph

137 Commits

Author SHA1 Message Date
taku0
16ee6b5ed9 nss: 3.34.1 -> 3.35; cacert.certdata2pem: 20160104 -> 20170717 2018-03-16 03:42:09 +00:00
Väinö Järvelä
aacd3e5267 nss: link libraries with absolute paths on Darwin 2018-02-21 07:33:11 +02:00
Andreas Rammhold
e524549536
nss: 3.33 -> 3.34.1 2018-01-31 01:51:28 +01:00
John Wiegley
e8caa47b35 nss: Omit an extraneous definition; fix other problems on Darwin 2018-01-03 15:18:00 -08:00
taku0
b5f2a090de nss: 3.32.1 -> 3.33 2017-11-13 23:01:02 +09:00
Robin Gloster
034c168aa2
nss: fix includedir for pkgconfig 2017-10-09 20:49:36 +02:00
taku0
6e2744ab0f nss: 3.31 -> 3.32.1 2017-10-04 21:12:12 +09:00
taku0
0ed1aead70 nss: 3.30 -> 3.31 2017-06-14 21:50:02 +09:00
Vladimír Čunát
8eab29e26f
nss: 3.28.3 -> 3.30 (close #24508) 2017-04-01 13:31:05 +02:00
Nikolay Amiantov
1715e3643b nss: propagate nspr 2017-03-23 00:03:32 +03:00
Alexey Shmalko
cb670556c5
nss: 3.28.1 -> 3.28.3
This should fix firefox build, which fails due to nss being too old.
2017-03-08 13:27:16 +02:00
aszlig
ca7923f111
nss: Provide a more stable URL for pkgconfig patch
Since 2bf0f84f1f, the patch isn't in our
repository anymore but being fetched from its origin.

However, the origin URL is always pointing to the latest master version
of Gentoo. This has the downside that whenever Gentoo changes the patch,
our build of NSS will be broken.

Also, I'm providing a comment here indicating what the patch does.

As to the reason *why* the patch is there, I vaguely remeber seeing a
few libraries/applications that depend on NSS relying that there's a
pkgconfig file.

After checking a few distros, they all seem to have it:

https://anonscm.debian.org/cgit/pkg-mozilla/nss.git/tree/debian?id=5306c4192d6bc0a2685842e9fd533196e7302297
https://apps.fedoraproject.org/packages/nss-devel/
https://git.archlinux.org/svntogit/packages.git/tree/trunk?h=packages/nss&id=3f7f54b357e23b7ac1cec849693334ad29be07d2

The issue is already reported upstream but hasn't been fixed yet:

https://bugzilla.mozilla.org/show_bug.cgi?id=530672

Tested by building nss on x86_64-linux (the hash didn't change anyway,
but just to be sure).

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-01-25 16:25:00 +01:00
Vladimír Čunát
30a94deac5
nss: remove parameter that just got unused 2017-01-24 15:56:36 +01:00
Vladimír Čunát
f8e39ec13c
nss: fetchpatch -> fetchurl
This isn't a dynamically generated patch, so it's not required,
and the hash was for unmodified patch anyway.
2017-01-24 15:43:53 +01:00
Eelco Dolstra
2bf0f84f1f
nss: 3.27.2 -> 3.28.1 2017-01-24 14:49:46 +01:00
Eelco Dolstra
b221fc137c
nss: 3.27.1 -> 3.27.2 2016-12-01 13:02:35 +01:00
Eelco Dolstra
1624f7f174
nss: 3.26 -> 3.27.1 2016-11-15 16:58:45 +01:00
Tuomas Tynkkynen
a17216af4c treewide: Shuffle outputs
Make either 'bin' or 'out' the first output.
2016-08-29 14:49:51 +03:00
Eelco Dolstra
6aabe2e4bb nss: 3.24 -> 3.26 2016-08-11 15:20:35 +02:00
rnhmjoj
f2842da8b2
nss: 3.23 -> 3.24 2016-08-07 23:38:03 +02:00
Eelco Dolstra
cb37ab146b Add mirror://mozilla scheme 2016-05-09 19:37:22 +02:00
Vladimír Čunát
ab15a62c68 Merge branch 'master' into closure-size
Beware that stdenv doesn't build. It seems something more will be needed
than just resolution of merge conflicts.
2016-04-01 10:06:01 +02:00
Franz Pletz
1a9b272c09 nss: 3.22.2 -> 3.23 (security)
Fixes CVE-2016-1950.

See: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.23_release_notes
2016-03-21 21:27:59 +01:00
Domen Kožar
603ea2652f nss: 3.22 -> 3.22.2 (CVE-2016-1950) 2016-03-11 12:18:18 +00:00
Vladimír Čunát
d039c87984 Merge branch 'master' into closure-size 2016-02-14 08:33:51 +01:00
Eelco Dolstra
1f952e0172 nss: 3.21 -> 3.22 2016-02-12 16:10:59 +01:00
Vladimír Čunát
f9f6f41bff Merge branch 'master' into closure-size
TODO: there was more significant refactoring of qtbase and plasma 5.5
on master, and I'm deferring pointing to correct outputs to later.
2015-12-31 09:53:02 +01:00
Eelco Dolstra
86bf3662df nss: 3.20.1 -> 3.21 2015-12-16 16:18:42 +01:00
Luca Bruno
e289717414 rename moveToOutput and propagatedBuildInputs 2015-12-02 10:05:36 +01:00
Vladimír Čunát
333d69a5f0 Merge staging into closure-size
The most complex problems were from dealing with switches reverted in
the meantime (gcc5, gmp6, ncurses6).
It's likely that darwin is (still) broken nontrivially.
2015-11-20 14:32:58 +01:00
William A. Kennington III
e8cbf833ef nss: 3.20 -> 3.20.1 2015-11-04 00:58:28 -08:00
Vladimír Čunát
ba9b80c7e0 nspr,nss: split into multiple outputs
Hopefully most references are OK.
2015-10-13 20:18:44 +02:00
William A. Kennington III
ec18091961 nss: Add platforms 2015-09-18 14:52:52 -07:00
William A. Kennington III
b5d599af8c nss: 3.19.3 -> 3.20 2015-08-20 15:32:47 -07:00
Eelco Dolstra
36ab9c695a nss: Update to 3.19.3 2015-08-11 14:26:30 +02:00
William A. Kennington III
f80dc98ca9 nss: 3.19.1 -> 3.19.2 2015-06-24 18:14:17 -07:00
Eelco Dolstra
98a4eabd99 Revert "qemu: 2.2.2 -> 2.3.0"
This reverts commit 19c259161b.
2015-06-04 14:54:48 +02:00
William A. Kennington III
5483697ab1 nss: 3.19 -> 3.19.1 2015-05-29 15:29:53 -07:00
William A. Kennington III
19c259161b qemu: 2.2.2 -> 2.3.0 2015-05-20 18:30:22 -07:00
William A. Kennington III
9f337e8cc7 nss: 3.18.1 -> 3.19 2015-05-08 06:14:35 -07:00
Eelco Dolstra
1d8590afe4 nss: Update to 3.18.1 2015-04-21 16:53:43 +02:00
William A. Kennington III
7215167342 nss: 3.17.4 -> 3.18 2015-03-27 11:37:06 -07:00
Eelco Dolstra
843f21fd6a nss: Update to 3.17.4 2015-02-24 18:50:04 +01:00
William A. Kennington III
ffee9f6a92 nss: Fix gentoo patch to specify library path in nss.pc 2015-01-02 00:24:49 -08:00
Vladimír Čunát
2e1bb14b93 nss: security update fixing CVE-2014-1569 2014-12-02 21:51:25 +01:00
Eelco Dolstra
f445fb8240 nss: Update to 3.17.2 2014-10-14 22:53:56 +02:00
Eelco Dolstra
711d67263a nss: Update to 3.16.5
CVE-2014-1568
2014-09-25 11:43:23 +02:00
Eelco Dolstra
b3b06af89a nss: Update to 3.16.4 2014-09-03 22:51:55 +02:00
Eelco Dolstra
ea0013a0d9 nss: Update to 3.16.3 2014-07-23 17:28:36 +02:00
Eelco Dolstra
ec332f520c nss: Update to 3.16.1 2014-05-19 16:04:32 +02:00
Eelco Dolstra
6fe24bda2d nss: Update to 3.16 2014-04-22 14:55:51 +02:00
James Cook
ce5f84ce56 nss: update to 3.15.4 2014-02-06 12:15:43 -08:00
Domen Kožar
5b982bd090 nss: patch http location moved, let's keep it in filesystem 2014-01-22 10:46:37 +01:00
Eelco Dolstra
72feb8e011 nss: Update to 3.15.3.1
http://www.mozilla.org/security/announce/2013/mfsa2013-117.html
2014-01-06 17:42:32 +01:00
Ricardo M. Correia
94536ea09f nss: Fix patch download URL 2013-12-24 11:16:58 +01:00
Shea Levy
2909634cac nss: Bump
Signed-off-by: Shea Levy <shea@shealevy.com>
2013-11-18 15:39:13 -05:00
Eelco Dolstra
11960d2f47 nss: Update to 3.15.2 2013-10-15 17:24:33 +02:00
Eelco Dolstra
d17f7d2fdf nss: Update to 3.15.1 2013-08-07 17:12:33 +02:00
aszlig
964621438a nss: Update to version 3.14.3.
This update involves a bunch of fixes on our side:

Update the Gentoo patch to 3.14.1 from http://bit.ly/ZG8OK5 and drop the older
one from http://bit.ly/15mN0X1 (for 3.12.5).

While checking the old patch from Gentoo, I discovered, that the patch added in
revision 06c543b11d wasn't the original one in the
Gentoo repository.

Instead of doing the same again, we now patch up our specific modifications
using sed within the postPatch hook.

In addition to that, we now have another patch from RedHat/Fedora which syncs
the NSS PEM support repository with the latest upstream changes. Patch is coming
from the SRPM at http://koji.fedoraproject.org/koji/rpminfo?rpmID=3772072 and I
just stripped the "0001-" prefix from the filename.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2013-03-01 09:42:38 +01:00
Mathijs Kwik
6f90b481db nss: add yet another mirror to get the patch from
the original url throws 500
the mirror's patch differs (probably upgraded for newer nss)
so I found one more source, with a (versioned) url
2013-01-13 14:30:55 +01:00
Eelco Dolstra
df5cca471e nss: Update to 3.14 2012-10-31 14:04:58 +01:00
aszlig
9a65507b0f
nss: Fix and add URL for security_load.patch.
We now provide an additional URL from the Debian Git repository as well, just to
be sure that the URL is available.

And, well, of course fix the URL that has gone invalid.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2012-09-17 09:31:47 +02:00
aszlig
808108105d nss: Just delete files if includeTools is false.
Before, the entire directory was deleted and recreated, which fails if we want
to sign libraries (shlibsign is obviously deleted in that step as well), so we
delete everything but "nss-config" on postFixup.
2012-08-22 08:29:10 +02:00
aszlig
c672997dc6 nss: Remove redundant nss-config.in.
This file is already contained in nss-3.12.5-gentoo-fixups.diff, so we don't
need to do all that cruft twice.
2012-08-22 08:29:10 +02:00
aszlig
38a4d77665 nss: Fix referencePath to security modules.
This adds a patch from Debian, as they're already have security modules from NSS
in it's own library directory rather than /usr/lib{,64}/ and patch in loading of
libsoftokn as well.

The patch and our own fix of the patch (well, they hardcode Debian specific
stuff in there) ensures that SECMOD_AddNewModule() will find the right module
from the derivation's output path, so the built-in CA root certificates are
recognized and verified correctly.
2012-08-22 08:29:09 +02:00
aszlig
9e0aaf30aa nss: Sign libraries after striping.
Running NSS in FIPS mode is only possible if the libraries are signed correctly,
so we're doing this in the postFixup hook, to insure nothing gets altered after
that phase.

For more information about FIPS mode, please see:
https://developer.mozilla.org/en-US/docs/NSS/FIPS_Mode_-_an_explanation
2012-08-22 08:29:09 +02:00
aszlig
29fce94665 nss: Clean up build/make flags.
First of all, let's remove that redundant BUILD_OPT variable.

This variable already is in makeFlags, so we really don't want it to be lurking
around in the attribute set of the derivation, and it annoys me for being there
for days.

We now state build targets explicitly rather than relying on "nss_build_all".
This makes NSPR_CONFIG_STATUS and the touch of build_nspr stamp obsolete, as
only nss_build_all includes build_nspr.

In addition, we don't need the -lz hack anymore, as this has been fixed in
recent NSS versions, so we can completly remove the postBuild hook.

And while we're at it, we're removing those outdated build instructions as well,
especially because we don't and can't follow official building guidelines
anymore, as those are difficult to apply to Nix.
2012-08-22 08:29:09 +02:00
aszlig
5f4ca8ec18 nss: Add nss-pem module from fedora.
This is a compatibility module which adds suport for PEM certificates used by
OpenSSL and compatible libraries. The module gets built but isn't used at the
moment, so we're going to work on integration of it later.
2012-08-22 08:29:09 +02:00
aszlig
485dcc9152 nss: Build using system libsqlite.
Let's use system SQLite library, which makes sense anyway. More importantly
because it conflicts with the sqlite package, as NSS is building this as a
shared library aswell.
2012-08-22 08:29:09 +02:00
aszlig
0e768ba98d nss: Update NSS to version 3.13.6.
So to begin with fixing NSS let's get to the latest upstream release and start
fixing, so we won't carry around historic crap we then will throw away anyway.
2012-08-22 08:29:09 +02:00
Peter Simons
f750ad3871 nss: updated to version 3.13.3 to fix build errors on Linux 3.2
svn path=/nixpkgs/trunk/; revision=32834
2012-03-06 20:57:39 +00:00
Alexander Tsamutali
a26835c2bc development/libraries/nss: Fix building on Linux 3.x.
svn path=/nixpkgs/trunk/; revision=29399
2011-09-20 19:46:40 +00:00
Evgeny Egorochkin
06c543b11d NSS: version bump and patch to provide pkgconfig info.
svn path=/nixpkgs/trunk/; revision=25366
2011-01-03 17:02:58 +00:00
Rob Vermaas
a60809353a updated nss and nspr, added variant of nss including tools
svn path=/nixpkgs/trunk/; revision=23105
2010-08-11 09:38:09 +00:00
Eelco Dolstra
396b40f6d4 * Updated nspr, nss.
svn path=/nixpkgs/trunk/; revision=20993
2010-04-09 13:37:41 +00:00
Eelco Dolstra
05fce85edc * Thunderbird 3.0. It doesn't use the Xulrunner package, as building
against an external Xulrunner seems to be unsupported currently.

svn path=/nixpkgs/trunk/; revision=19169
2010-01-02 13:21:50 +00:00
Eelco Dolstra
d869913b27 * RPM updated to 4.7.2.
* nspr updated to 4.8.2.
* nss updated to 3.12.4.
* elfutils updated to 0.143.

svn path=/nixpkgs/trunk/; revision=18867
2009-12-09 22:34:51 +00:00
Eelco Dolstra
a641e7666e * Compile NSS with ECC support. Hopefully this fixes certificate
checking in Firefox 3.5.

svn path=/nixpkgs/trunk/; revision=16214
2009-07-07 13:01:52 +00:00
Eelco Dolstra
e5a611030f * Doh.
svn path=/nixpkgs/trunk/; revision=16213
2009-07-07 11:40:57 +00:00
Eelco Dolstra
cc28087b5a * Make doesn't like newlines.
svn path=/nixpkgs/trunk/; revision=16210
2009-07-07 10:59:18 +00:00
Eelco Dolstra
200ad5eb63 * NSPR and NSS need to be told explicitly to do a 64-bit build.
svn path=/nixpkgs/trunk/; revision=16201
2009-07-07 09:52:20 +00:00
Eelco Dolstra
19963e0447 * Xulrunner/Firefox 3.5: build with --with-system-nss.
svn path=/nixpkgs/trunk/; revision=16186
2009-07-06 11:42:21 +00:00
Eelco Dolstra
a796d839f9 * Updated NSS.
svn path=/nixpkgs/trunk/; revision=16183
2009-07-06 09:12:44 +00:00
Eelco Dolstra
a0159dee8e * Reverted r6713, r6711, r4623, r3660, r2237. There rewrote fetchurl
URLs to http://nix.cs.uu.nl/dist/tarballs.  With content-addressable
  mirror support (r9190, NIXPKGS-70) this is no longer necessary:
  fetchurl will try to download from that location automatically.  So
  we can keep the original URLs.

svn path=/nixpkgs/trunk/; revision=9192
2007-08-24 12:32:36 +00:00
Eelco Dolstra
3389f4bc36 * Copy lots of files to nix.cs.uu.nl.
svn path=/nixpkgs/trunk/; revision=4623
2006-01-30 16:04:03 +00:00
Eelco Dolstra
82e678362f * "." -> "source".
svn path=/nixpkgs/trunk/; revision=4335
2005-12-05 14:11:09 +00:00
Martin Bravenboer
975db72a72 Added Mozilla NSS, NSPR and Gaim to Nix. Gaim in Nix supports SSL
svn path=/nixpkgs/trunk/; revision=3676
2005-08-24 09:54:42 +00:00