[SVN-Commit] r1155 - in trunk/security: ca_root_nss ca_root_nss/files nss nss/files
svn-freebsd-gecko at chruetertee.ch
svn-freebsd-gecko at chruetertee.ch
Sat Feb 2 13:13:17 UTC 2013
Author: jbeich
Date: Sat Feb 2 13:13:11 2013
New Revision: 1155
Log:
remove homegrown macro preprocessing
Added:
trunk/security/ca_root_nss/files/MAca-bundle.pl.in
- copied, changed from r1154, trunk/security/ca_root_nss/files/MAca-bundle.pl
Deleted:
trunk/security/ca_root_nss/files/MAca-bundle.pl
Modified:
trunk/security/ca_root_nss/Makefile
trunk/security/nss/Makefile
trunk/security/nss/files/nss-config.in
trunk/security/nss/files/nss.pc.in
Modified: trunk/security/ca_root_nss/Makefile
==============================================================================
--- trunk/security/ca_root_nss/Makefile Sat Feb 2 13:13:02 2013 (r1154)
+++ trunk/security/ca_root_nss/Makefile Sat Feb 2 13:13:11 2013 (r1155)
@@ -30,6 +30,8 @@
NSS_SUFFIX= .with.ckbi.1.93
CERTDATA_TXT_PATH= nss-${VERSION_NSS}/mozilla/security/nss/lib/ckfw/builtins/certdata.txt
BUNDLE_PROCESSOR= MAca-bundle.pl
+SUB_FILES= MAca-bundle.pl
+SUB_LIST= VERSION_NSS=${VERSION_NSS}
.include <bsd.port.options.mk>
@@ -52,14 +54,9 @@
@${TAR} -C ${WRKDIR} -xf ${DISTDIR}/nss-${VERSION_NSS}${NSS_SUFFIX}${EXTRACT_SUFX} \
${CERTDATA_TXT_PATH}
@${CP} ${WRKDIR}/${CERTDATA_TXT_PATH} ${WRKDIR}
- @${CP} ${FILESDIR}/${BUNDLE_PROCESSOR} ${WRKDIR}
@${RM} -rf ${WRKDIR}/nss-${VERSION_NSS}
-post-patch:
- @${PERL} -pi -e 's,%%VERSION_NSS%%,${VERSION_NSS}${NSS_SUFFIX},g;' \
- ${WRKDIR}/${BUNDLE_PROCESSOR}
-
-do-build:
+do-build: apply-slist
@${PERL} ${WRKDIR}/${BUNDLE_PROCESSOR} \
< ${WRKDIR}/certdata.txt > \
${WRKDIR}/ca-root-nss.crt
Deleted: trunk/security/ca_root_nss/files/MAca-bundle.pl
==============================================================================
--- trunk/security/ca_root_nss/files/MAca-bundle.pl Sat Feb 2 13:13:11 2013 (r1154)
+++ /dev/null 00:00:00 1970 (deleted)
@@ -1,190 +0,0 @@
-##
-## MAca-bundle.pl -- Regenerate ca-root-nss.crt from the Mozilla certdata.txt
-##
-## Rewritten in September 2011 by Matthias Andree to heed untrust
-##
-
-## Copyright (c) 2011, Matthias Andree
-## All rights reserved.
-##
-## Redistribution and use in source and binary forms, with or without
-## modification, are permitted provided that the following conditions are
-## met:
-##
-## * Redistributions of source code must retain the above copyright
-## notice, this list of conditions and the following disclaimer.
-##
-## * Redistributions in binary form must reproduce the above copyright
-## notice, this list of conditions and the following disclaimer in the
-## documentation and/or other materials provided with the distribution.
-##
-## THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-## "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-## LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-## FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-## COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-## INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-## BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-## LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-## CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-## LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-## ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-## POSSIBILITY OF SUCH DAMAGE.
-
-use strict;
-use MIME::Base64;
-
-my $VERSION = '$FreeBSD: ports/security/ca_root_nss/files/MAca-bundle.pl,v 1.3 2011/09/04 15:11:48 mandree Exp $';
-
-# configuration
-print <<EOH;
-##
-## ca-root-nss.crt -- Bundle of CA Root Certificates
-##
-## This is a bundle of X.509 certificates of public Certificate
-## Authorities (CA). These were automatically extracted from Mozilla's
-## root CA list (the file `certdata.txt').
-##
-## Extracted from nss-%%VERSION_NSS%%
-## with $VERSION
-##
-EOH
-my $debug = 1;
-
-my %certs;
-my %trusts;
-
-sub printcert_plain($$)
-{
- my ($label, $certdata) = @_;
- print "=== $label ===\n" if $label;
- print
- "-----BEGIN CERTIFICATE-----\n",
- MIME::Base64::encode_base64($certdata),
- "-----END CERTIFICATE-----\n\n";
-}
-
-sub printcert_info($$)
-{
- my (undef, $certdata) = @_;
- return unless $certdata;
- open(OUT, "|openssl x509 -text -inform DER -fingerprint")
- || die "could not pipe to openssl x509";
- print OUT $certdata;
- close(OUT) or die "openssl x509 failed with exit code $?";
-}
-
-sub printcert($$) {
- my ($a, $b) = @_;
- printcert_info($a, $b);
-}
-
-sub graboct()
-{
- my $data;
-
- while (<>) {
- last if /^END/;
- my (undef, at oct) = split /\\/;
- my @bin = map(chr(oct), @oct);
- $data .= join('', @bin);
- }
-
- return $data;
-}
-
-
-sub grabcert()
-{
- my $certdata;
- my $cka_label;
- my $serial;
-
- while (<>) {
- chomp;
- last if ($_ eq '');
-
- if (/^CKA_LABEL UTF8 "([^"]+)"/) {
- $cka_label = $1;
- }
-
- if (/^CKA_VALUE MULTILINE_OCTAL/) {
- $certdata = graboct();
- }
-
- if (/^CKA_SERIAL_NUMBER MULTILINE_OCTAL/) {
- $serial = graboct();
- }
- }
- return ($serial, $cka_label, $certdata);
-}
-
-sub grabtrust() {
- my $cka_label;
- my $serial;
- my $trust = 1;
-
- while (<>) {
- chomp;
- last if ($_ eq '');
-
- if (/^CKA_LABEL UTF8 "([^"]+)"/) {
- $cka_label = $1;
- }
-
- if (/^CKA_SERIAL_NUMBER MULTILINE_OCTAL/) {
- $serial = graboct();
- }
-
- if (/^CKA_TRUST_.*\s.*_(UN|NOT_)TRUSTED/) {
- $trust = 0;
- }
- }
- return ($serial, $cka_label, $trust);
-}
-
-while (<>) {
- if (/^CKA_CLASS .* CKO_CERTIFICATE/) {
- my ($serial, $label, $certdata) = grabcert();
- if (defined $certs{$serial.$label}) {
- warn "Certificate $label duplicated!\n";
- }
- $certs{$serial.$label} = $certdata;
- } elsif (/^CKA_CLASS .* CKO_(NSS|NETSCAPE)_TRUST/) {
- my ($serial, $label, $trust) = grabtrust();
- if (defined $trusts{$serial.$label}) {
- warn "Trust for $label duplicated!\n";
- }
- $trusts{$serial.$label} = $trust;
- } elsif (/^CVS_ID.*Revision: ([^ ]*).*/) {
- print "## Source: \"certdata.txt\" CVS revision $1\n##\n\n";
- }
-}
-
-# weed out untrusted certificates
-my $untrusted = 0;
-foreach my $it (keys %trusts) {
- if (!$trusts{$it}) {
- if (!exists($certs{$it})) {
- warn "Found trust for nonexistent certificate\n";
- } else {
- delete $certs{$it};
- $untrusted++;
- }
- }
-}
-
-print "## Untrusted certificates omitted from this bundle: $untrusted\n\n";
-
-my $certcount = 0;
-foreach my $it (keys %certs) {
- if (!exists($trusts{$it})) {
- die "Found certificate without trust block,\naborting";
- }
- printcert("", $certs{$it});
- print "\n\n\n";
- $certcount++;
-}
-
-print "## Number of certificates: $certcount\n";
-print "## End of file.\n";
Copied and modified: trunk/security/ca_root_nss/files/MAca-bundle.pl.in (from r1154, trunk/security/ca_root_nss/files/MAca-bundle.pl)
==============================================================================
Modified: trunk/security/nss/Makefile
==============================================================================
--- trunk/security/nss/Makefile Sat Feb 2 13:13:02 2013 (r1154)
+++ trunk/security/nss/Makefile Sat Feb 2 13:13:11 2013 (r1155)
@@ -2,7 +2,7 @@
# $FreeBSD: head/security/nss/Makefile 310165 2013-01-09 23:28:19Z flo $
PORTNAME= nss
-PORTVERSION= ${_MAJOR}.${_MINOR}.${_PATCH}
+PORTVERSION= 3.14.1
DISTVERSIONSUFFIX= .with.ckbi.1.93
CATEGORIES= security
MASTER_SITES= ${MASTER_SITE_MOZILLA}
@@ -16,10 +16,6 @@
LIB_DEPENDS= nspr4.1:${PORTSDIR}/devel/nspr \
sqlite3.8:${PORTSDIR}/databases/sqlite3
-_MAJOR= 3
-_MINOR= 14
-_PATCH= 1
-
WRKSRC= ${WRKDIR}/${PORTNAME}-${PORTVERSION}/mozilla/security/nss
MAKE_JOBS_UNSAFE= yes
@@ -32,6 +28,10 @@
ALL_TARGET= nss_build_all
CFLAGS+= -I${LOCALBASE}/include/nspr -L${LOCALBASE}/lib
+SUB_FILES= nss-config nss.pc
+SUB_LIST= MAJOR_VERSION=${PORTVERSION:C/\..*//} \
+ PORTVERSION=${PORTVERSION}
+
DIST= ${WRKSRC:H:H}/dist
EXTERNALS= CVS dbm security/nss/lib/zlib nsprpub security/dbm
@@ -67,16 +67,6 @@
post-patch:
@${REINPLACE_CMD} -e "s|-pthread|${PTHREAD_LIBS}|g" \
${WRKSRC:H:H}/security/coreconf/FreeBSD.mk
- @${SED} -e 's|@exec_prefix@|${PREFIX}|; \
- s|@includedir@|${PREFIX}/include/nss|; \
- s|@libdir@|${PREFIX}/lib/nss|; \
- s|@prefix@|${PREFIX}|' \
- ${FILESDIR}/nss-config.in >${WRKDIR}/nss-config
- @${SED} -e 's|@PREFIX@|${PREFIX}|; s|@PORTVERSION@|${PORTVERSION}|' \
- ${FILESDIR}/nss.pc.in >${WRKDIR}/nss.pc
-.for i in MAJOR MINOR PATCH
- @${SED} -i.${i} -e 's|@${i}@|${_${i}}|' ${WRKDIR}/nss-config
-.endfor
@${REINPLACE_CMD} '/NSS_DEFAULT_SYSTEM/s,/etc,${PREFIX}&,' \
${WRKSRC}/lib/sysinit/nsssysinit.c
@cd ${WRKSRC} && \
Modified: trunk/security/nss/files/nss-config.in
==============================================================================
--- trunk/security/nss/files/nss-config.in Sat Feb 2 13:13:02 2013 (r1154)
+++ trunk/security/nss/files/nss-config.in Sat Feb 2 13:13:11 2013 (r1155)
@@ -1,10 +1,6 @@
#!/bin/sh
-prefix=@prefix@
-
-major_version=@MAJOR@
-minor_version=@MINOR@
-patch_version=@PATCH@
+prefix=%%PREFIX%%
usage()
{
@@ -68,7 +64,7 @@
echo_libdir=yes
;;
--version)
- echo ${major_version}.${minor_version}.${patch_version}
+ echo %%PORTVERSION%%
;;
--cflags)
echo_cflags=yes
@@ -97,13 +93,13 @@
# Set variables that may be dependent upon other variables
if test -z "$exec_prefix"; then
- exec_prefix=@exec_prefix@
+ exec_prefix=$prefix
fi
if test -z "$includedir"; then
- includedir=@includedir@
+ includedir=$prefix/include/nss
fi
if test -z "$libdir"; then
- libdir=@libdir@
+ libdir=$prefix/lib/nss
fi
if test "$echo_prefix" = "yes"; then
@@ -129,16 +125,16 @@
if test "$echo_libs" = "yes"; then
libdirs="-L$libdir"
if test -n "$lib_ssl"; then
- libdirs="$libdirs -lssl${major_version}"
+ libdirs="$libdirs -lssl%%MAJOR_VERSION%%"
fi
if test -n "$lib_smime"; then
- libdirs="$libdirs -lsmime${major_version}"
+ libdirs="$libdirs -lsmime%%MAJOR_VERSION%%"
fi
if test -n "$lib_nss"; then
- libdirs="$libdirs -lnss${major_version}"
+ libdirs="$libdirs -lnss%%MAJOR_VERSION%%"
fi
if test -n "$lib_nssutil"; then
- libdirs="$libdirs -lnssutil${major_version}"
+ libdirs="$libdirs -lnssutil%%MAJOR_VERSION%%"
fi
echo $libdirs
fi
Modified: trunk/security/nss/files/nss.pc.in
==============================================================================
--- trunk/security/nss/files/nss.pc.in Sat Feb 2 13:13:02 2013 (r1154)
+++ trunk/security/nss/files/nss.pc.in Sat Feb 2 13:13:11 2013 (r1155)
@@ -1,11 +1,11 @@
-prefix=@PREFIX@
-exec_prefix=@PREFIX@
-libdir=@PREFIX@/lib/nss
-includedir=@PREFIX@/include
+prefix=%%PREFIX%%
+exec_prefix=%%PREFIX%%
+libdir=%%PREFIX%%/lib/nss
+includedir=%%PREFIX%%/include
Name: NSS
Description: Mozilla Network Security Services
-Version: @PORTVERSION@
+Version: %%PORTVERSION%%
Requires: nspr
Libs: -L${libdir} -lnss3 -lsmime3 -lssl3 -lnssutil3
Cflags: -I${includedir}/nss -I${includedir}/nss/nss
More information about the freebsd-gecko
mailing list