diff options
author | Martin Weinelt <hexa@darmstadt.ccc.de> | 2022-04-06 15:56:32 +0200 |
---|---|---|
committer | Martin Weinelt <hexa@darmstadt.ccc.de> | 2022-04-06 18:09:45 +0200 |
commit | 79a5b548cc48770c062a6a60503628017ea0855e (patch) | |
tree | 128080e20ced6056aac282c6bccc32833fc5375a /pkgs/development/libraries/nss | |
parent | 433a32e039c9017b363bdf8058144a33ea014226 (diff) |
Revert "nss_latest: 3.76.1 -> 3.77"
This reverts commit eb9c616c79596c9ff43ec9e7ced46c4739a16047. Breaks the Firefox build and needs further investigation. In file included from Unified_cpp_certverifier0.cpp:47: /build/firefox-99.0/security/certverifier/OCSPVerificationTrustDomain.cpp:63:11: error: unknown type name 'SignedDigest' const SignedDigest& aSignedDigest, Input aSubjectPublicKeyInfo) { ^ /build/firefox-99.0/security/certverifier/OCSPVerificationTrustDomain.cpp:74:11: error: unknown type name 'SignedDigest' const SignedDigest& aSignedDigest, Input aSubjectPublicKeyInfo) { ^ https://github.com/NixOS/nixpkgs/pull/164511#issuecomment-1089496003
Diffstat (limited to 'pkgs/development/libraries/nss')
-rw-r--r-- | pkgs/development/libraries/nss/85_security_load_3.77+.patch | 76 | ||||
-rw-r--r-- | pkgs/development/libraries/nss/generic.nix | 6 | ||||
-rw-r--r-- | pkgs/development/libraries/nss/latest.nix | 4 |
3 files changed, 3 insertions, 83 deletions
diff --git a/pkgs/development/libraries/nss/85_security_load_3.77+.patch b/pkgs/development/libraries/nss/85_security_load_3.77+.patch deleted file mode 100644 index bae86c9d26ade..0000000000000 --- a/pkgs/development/libraries/nss/85_security_load_3.77+.patch +++ /dev/null @@ -1,76 +0,0 @@ -diff --git nss/cmd/shlibsign/shlibsign.c nss/cmd/shlibsign/shlibsign.c -index ad8f3b84e..74676d039 100644 ---- nss/cmd/shlibsign/shlibsign.c -+++ nss/cmd/shlibsign/shlibsign.c -@@ -875,6 +875,8 @@ main(int argc, char **argv) - goto cleanup; - } - lib = PR_LoadLibrary(libname); -+ if (!lib) -+ lib = PR_LoadLibrary(NIX_NSS_LIBDIR"libsoftokn3.so"); - assert(lib != NULL); - if (!lib) { - PR_fprintf(PR_STDERR, "loading softokn3 failed"); -diff --git nss/lib/pk11wrap/pk11load.c nss/lib/pk11wrap/pk11load.c -index 119c8c512..720d39ccc 100644 ---- nss/lib/pk11wrap/pk11load.c -+++ nss/lib/pk11wrap/pk11load.c -@@ -486,6 +486,15 @@ secmod_LoadPKCS11Module(SECMODModule *mod, SECMODModule **oldModule) - #else - library = PR_LoadLibrary(mod->dllName); - #endif // defined(_WIN32) -+#ifndef NSS_STATIC_SOFTOKEN -+ if ((library == NULL) && -+ !rindex(mod->dllName, PR_GetDirectorySeparator())) { -+ library = PORT_LoadLibraryFromOrigin(my_shlib_name, -+ (PRFuncPtr) &softoken_LoadDSO, -+ mod->dllName); -+ } -+#endif -+ - mod->library = (void *)library; - - if (library == NULL) { -diff --git nss/lib/util/secload.c nss/lib/util/secload.c -index 12efd2f75..8b74478f6 100644 ---- nss/lib/util/secload.c -+++ nss/lib/util/secload.c -@@ -70,9 +70,14 @@ loader_LoadLibInReferenceDir(const char* referencePath, const char* name) - - /* Remove the trailing filename from referencePath and add the new one */ - c = strrchr(referencePath, PR_GetDirectorySeparator()); -+ if (!c) { /* referencePath doesn't contain a / means that dladdr gave us argv[0] -+ * and program was called from $PATH. Hack to get libs from NIX_NSS_LIBDIR */ -+ referencePath = NIX_NSS_LIBDIR; -+ c = (char*) &referencePath[sizeof(NIX_NSS_LIBDIR) - 1]; /* last / */ -+ } - if (c) { - size_t referencePathSize = 1 + c - referencePath; -- fullName = (char*)PORT_Alloc(strlen(name) + referencePathSize + 1); -+ fullName = (char*) PORT_Alloc(strlen(name) + referencePathSize + 5); - if (fullName) { - memcpy(fullName, referencePath, referencePathSize); - strcpy(fullName + referencePathSize, name); -@@ -82,6 +87,11 @@ loader_LoadLibInReferenceDir(const char* referencePath, const char* name) - #endif - libSpec.type = PR_LibSpec_Pathname; - libSpec.value.pathname = fullName; -+ if ((referencePathSize >= 4) && -+ (strncmp(fullName + referencePathSize - 4, "bin", 3) == 0)) { -+ memcpy(fullName + referencePathSize -4, "lib", 3); -+ } -+ strcpy(fullName + referencePathSize, name); - dlh = PR_LoadLibraryWithFlags(libSpec, PR_LD_NOW | PR_LD_LOCAL - #ifdef PR_LD_ALT_SEARCH_PATH - /* allow library's dependencies to be found in the same directory -@@ -89,6 +99,10 @@ loader_LoadLibInReferenceDir(const char* referencePath, const char* name) - | PR_LD_ALT_SEARCH_PATH - #endif - ); -+ if (! dlh) { -+ strcpy(fullName + referencePathSize, name); -+ dlh = PR_LoadLibraryWithFlags(libSpec, PR_LD_NOW | PR_LD_LOCAL); -+ } - PORT_Free(fullName); - } - } diff --git a/pkgs/development/libraries/nss/generic.nix b/pkgs/development/libraries/nss/generic.nix index 39683503a5be5..3d109b9679053 100644 --- a/pkgs/development/libraries/nss/generic.nix +++ b/pkgs/development/libraries/nss/generic.nix @@ -62,13 +62,9 @@ stdenv.mkDerivation rec { patches = [ # Based on http://patch-tracker.debian.org/patch/series/dl/nss/2:3.15.4-1/85_security_load.patch + ./85_security_load.patch ./ckpem.patch ./fix-cross-compilation.patch - (if (lib.versionOlder version "3.77") then - ./85_security_load.patch - else - ./85_security_load_3.77+.patch - ) ]; patchFlags = [ "-p0" ]; diff --git a/pkgs/development/libraries/nss/latest.nix b/pkgs/development/libraries/nss/latest.nix index 7d57e6d3680f4..db8d0179add5f 100644 --- a/pkgs/development/libraries/nss/latest.nix +++ b/pkgs/development/libraries/nss/latest.nix @@ -5,6 +5,6 @@ # Example: nix-shell ./maintainers/scripts/update.nix --argstr package cacert import ./generic.nix { - version = "3.77"; - sha256 = "1pfy33b51914sivqyaxdwfd930hzb77gm07z4f57hnyk5xddypl2"; + version = "3.76.1"; + sha256 = "0ai37ncg50n4s5243bfvsip8isqq1y6w2swg1n4xgqg2fk1h8cg1"; } |