You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

149 lines
4.5 KiB

  1. #
  2. # Copyright (C) 2019 Lucian Cristian
  3. #
  4. # This is free software, licensed under the GNU General Public License v2.
  5. # See /LICENSE for more information.
  6. #
  7. include $(TOPDIR)/rules.mk
  8. PKG_NAME:=nss
  9. PKG_VERSION:=3.51
  10. PKG_RELEASE:=1
  11. PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
  12. PKG_SOURCE_URL:= \
  13. https://download.cdn.mozilla.net/pub/security/$(PKG_NAME)/releases/NSS_$(subst .,_,$(PKG_VERSION))_RTM/src \
  14. https://archive.mozilla.org/pub/security/$(PKG_NAME)/releases/NSS_$(subst .,_,$(PKG_VERSION))_RTM/src
  15. PKG_HASH:=75348b3b3229362486c57a880db917da1f96ef4eb639dc9cc2ff17d72268459c
  16. PKG_MAINTAINER:=Lucian Cristian <lucian.cristian@gmail.com>
  17. PKG_LICENCE:=MPL-2.0
  18. PKG_LICENSE_FILES:=nss/COPYING
  19. PKG_CPE_ID:=cpe:/a:mozilla:network_security_services
  20. PKG_BUILD_PARALLEL:=0
  21. include $(INCLUDE_DIR)/package.mk
  22. define Package/libnss
  23. SECTION:=libs
  24. SUBMENU:=SSL
  25. CATEGORY:=Libraries
  26. TITLE:=Mozilla's SSL and TLS implementation
  27. URL:=https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS
  28. DEPENDS:=+libpthread +libsqlite3 +nspr
  29. endef
  30. define Package/nss-utils
  31. SECTION:=utils
  32. CATEGORY:=Utilities
  33. TITLE:=Utilities for Mozilla's SSL and TLS implementation
  34. URL:=https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS
  35. DEPENDS:=+libnss
  36. endef
  37. define Package/libnss/description
  38. Network Security Services (NSS) is a set of libraries designed to support
  39. cross-platform development of security-enabled client and server applications.
  40. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7,
  41. PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security standards.
  42. endef
  43. CONFIGURE_PATH = ./nss
  44. MAKE_PATH = ./nss
  45. LBITS = $(shell $(TARGET_CC) -dM -E - </dev/null | grep -q "__LP64__" && echo 64 || echo 32)
  46. ifeq ($(LBITS),64)
  47. export USE_64=1
  48. endif
  49. ifeq ($(CONFIG_CPU_TYPE),"xscale")
  50. TARGET_CFLAGS+= -mfloat-abi=softfp
  51. endif
  52. TARGET_CFLAGS += -D_GNU_SOURCE
  53. TARGET_LDFLAGS += -Wl,--gc-sections,--as-needed
  54. export CROSS_COMPILE=1
  55. export BUILD_OPT=1
  56. export NATIVE_CC=$(HOSTCC)
  57. export NATIVE_FLAGS=$(HOST_CFLAGS)
  58. export NSDISTMODE=copy
  59. export NSS_ENABLE_WERROR=0
  60. export NSS_DISABLE_GTESTS=1
  61. export NSS_USE_SYSTEM_SQLITE=1
  62. export OS_TARGET=Linux
  63. export OS_ARCH=Linux
  64. export OS_TEST=$(ARCH)
  65. export CPU_ARCH=$(ARCH)
  66. export fpic=$(FPIC)
  67. export NSPR_INCLUDE_DIR=$(STAGING_DIR)/usr/include/nspr
  68. export SEED_ONLY_DEV_URANDOM=1
  69. export OS_REL_CFLAGS=$(TARGET_CFLAGS)
  70. export NS_USE_GCC=1
  71. export FREEBL_NO_DEPEND=1
  72. #size optimisation, seems to not impact speed
  73. export NSS_DISABLE_DBM=1
  74. export NSS_PKIX_NO_LDAP=1
  75. export ALLOW_OPT_CODE_SIZE=1
  76. export OPT_CODE_SIZE=1
  77. #native compile nsinstall
  78. define Build/Prepare
  79. $(call Build/Prepare/Default)
  80. USE_NATIVE=1 OS_REL_CFLAGS="$(HOST_CFLAGS)" LDFLAGS="$(HOST_LDFLAGS)" CC="$(HOSTCC)" \
  81. $(MAKE) -C $(PKG_BUILD_DIR)/nss/coreconf/nsinstall
  82. endef
  83. define Package/libnss/conffiles
  84. /etc/pki/nssdb
  85. endef
  86. define Build/InstallDev
  87. $(INSTALL_DIR) \
  88. $(1)/usr/include/nss \
  89. $(1)/usr/lib \
  90. $(1)/usr/lib/pkgconfig
  91. $(CP) $(PKG_BUILD_DIR)/dist/private/nss/*.h \
  92. $(1)/usr/include/nss/
  93. $(CP) $(PKG_BUILD_DIR)/dist/public/nss/*.h \
  94. $(1)/usr/include/nss/
  95. $(CP) $(PKG_BUILD_DIR)/dist/build_dir/lib/*.so \
  96. $(1)/usr/lib/
  97. $(CP) $(PKG_BUILD_DIR)/nss/config/*.pc \
  98. $(1)/usr/lib/pkgconfig/
  99. endef
  100. define Package/nss-utils/install
  101. $(INSTALL_DIR) \
  102. $(1)/usr/bin
  103. $(CP) $(PKG_BUILD_DIR)/dist/build_dir/bin/certutil $(1)/usr/bin
  104. $(CP) $(PKG_BUILD_DIR)/dist/build_dir/bin/pk12util $(1)/usr/bin
  105. endef
  106. #for now pack only libreswan needed libs
  107. define Package/libnss/install
  108. $(INSTALL_DIR) \
  109. $(1)/usr/lib \
  110. $(1)/etc/pki/nssdb \
  111. $(1)/etc/ipsec.d
  112. $(CP) $(PKG_BUILD_DIR)/dist/build_dir/lib/libfreebl3.so $(1)/usr/lib/
  113. $(CP) $(PKG_BUILD_DIR)/dist/build_dir/lib/libnss3.so $(1)/usr/lib/
  114. $(CP) $(PKG_BUILD_DIR)/dist/build_dir/lib/libnssckbi.so $(1)/usr/lib/
  115. $(CP) $(PKG_BUILD_DIR)/dist/build_dir/lib/libnssutil3.so $(1)/usr/lib/
  116. $(CP) $(PKG_BUILD_DIR)/dist/build_dir/lib/libsmime3.so $(1)/usr/lib/
  117. $(CP) $(PKG_BUILD_DIR)/dist/build_dir/lib/libsoftokn3.so $(1)/usr/lib/
  118. $(CP) $(PKG_BUILD_DIR)/dist/build_dir/lib/libssl3.so $(1)/usr/lib/
  119. # Provide databases with a blank certificate
  120. $(CP) ./files/blank-cert9.db $(1)/etc/pki/nssdb/cert9.db
  121. $(CP) ./files/blank-key4.db $(1)/etc/pki/nssdb/key4.db
  122. $(CP) ./files/system-pkcs11.txt $(1)/etc/pki/nssdb/pkcs11.txt
  123. ln -s /etc/pki/nssdb/cert9.db $(1)/etc/ipsec.d/cert9.db
  124. ln -s /etc/pki/nssdb/key4.db $(1)/etc/ipsec.d/key4.db
  125. ln -s /etc/pki/nssdb/pkcs11.txt $(1)/etc/ipsec.d/pkcs11.txt
  126. endef
  127. $(eval $(call BuildPackage,nss-utils))
  128. $(eval $(call BuildPackage,libnss))