forked from rosa/hakurei
137 lines
3.1 KiB
Go
137 lines
3.1 KiB
Go
package rosa
|
|
|
|
import (
|
|
"strings"
|
|
|
|
"hakurei.app/internal/pkg"
|
|
)
|
|
|
|
func (t Toolchain) newNSS() (pkg.Artifact, string) {
|
|
const (
|
|
version = "3.122.1"
|
|
checksum = "DyKZJj-Dkkx874rY8vNE59fXpwQfeJt7M1XcCinnNJIAK856FTFvuFYA0TwdMVCK"
|
|
|
|
version0 = "4_38_2"
|
|
checksum0 = "25x2uJeQnOHIiq_zj17b4sYqKgeoU8-IsySUptoPcdHZ52PohFZfGuIisBreWzx0"
|
|
)
|
|
return t.NewPackage("nss", version, newFromGitHub(
|
|
"nss-dev/nss",
|
|
"NSS_"+strings.Join(strings.SplitN(version, ".", 3), "_")+"_RTM",
|
|
checksum,
|
|
), &PackageAttr{
|
|
Paths: []pkg.ExecPath{
|
|
pkg.Path(AbsUsrSrc.Append("nspr.zip"), false, pkg.NewHTTPGet(
|
|
nil, "https://hg-edge.mozilla.org/projects/nspr/archive/"+
|
|
"NSPR_"+version0+"_RTM.zip",
|
|
mustDecode(checksum0),
|
|
)),
|
|
},
|
|
|
|
// uses source tree as scratch space
|
|
Writable: true,
|
|
Chmod: true,
|
|
|
|
ScriptEarly: `
|
|
unzip /usr/src/nspr.zip -d /usr/src
|
|
mv '/usr/src/nspr-NSPR_` + version0 + `_RTM' /usr/src/nspr
|
|
`,
|
|
}, &MakeHelper{
|
|
OmitDefaults: true,
|
|
SkipConfigure: true,
|
|
InPlace: true,
|
|
|
|
SkipCheck: true,
|
|
Make: []string{
|
|
"CCC=clang++",
|
|
"NSDISTMODE=copy",
|
|
"BUILD_OPT=1",
|
|
"USE_64=1",
|
|
"nss_build_all",
|
|
},
|
|
Install: `
|
|
mkdir -p /work/system/nss
|
|
cp -r \
|
|
/usr/src/dist/. \
|
|
lib/ckfw/builtins/certdata.txt \
|
|
/work/system/nss
|
|
`,
|
|
},
|
|
Perl,
|
|
Python,
|
|
Unzip,
|
|
Gawk,
|
|
Coreutils,
|
|
|
|
Zlib,
|
|
KernelHeaders,
|
|
), version
|
|
}
|
|
func init() {
|
|
artifactsM[NSS] = Metadata{
|
|
f: Toolchain.newNSS,
|
|
|
|
Name: "nss",
|
|
Description: "Network Security Services",
|
|
Website: "https://firefox-source-docs.mozilla.org/security/nss/index.html",
|
|
|
|
Dependencies: P{
|
|
Zlib,
|
|
},
|
|
|
|
ID: 2503,
|
|
}
|
|
}
|
|
|
|
func (t Toolchain) newBuildCATrust() (pkg.Artifact, string) {
|
|
const (
|
|
version = "0.5.1"
|
|
checksum = "g9AqIksz-hvCUceSR7ZKwfqf8Y_UsJU_3_zLUIdc4IkxFVkgdv9kKVvhFjE4s1-7"
|
|
)
|
|
return t.newViaPip("buildcatrust", version,
|
|
"https://github.com/nix-community/buildcatrust/releases/"+
|
|
"download/v"+version+"/buildcatrust-"+version+"-py3-none-any.whl",
|
|
checksum), version
|
|
}
|
|
func init() {
|
|
artifactsM[buildcatrust] = Metadata{
|
|
f: Toolchain.newBuildCATrust,
|
|
|
|
Name: "buildcatrust",
|
|
Description: "transform certificate stores between formats",
|
|
Website: "https://github.com/nix-community/buildcatrust",
|
|
|
|
Dependencies: P{
|
|
Python,
|
|
},
|
|
|
|
ID: 233988,
|
|
}
|
|
}
|
|
|
|
func (t Toolchain) newNSSCACert() (pkg.Artifact, string) {
|
|
return t.New("nss-cacert", 0, t.AppendPresets(nil,
|
|
Bash,
|
|
|
|
NSS,
|
|
buildcatrust,
|
|
), nil, nil, `
|
|
mkdir -p /work/system/etc/ssl/{certs/unbundled,certs/hashed,trust-source}
|
|
buildcatrust \
|
|
--certdata_input /system/nss/certdata.txt \
|
|
--ca_bundle_output /work/system/etc/ssl/certs/ca-bundle.crt \
|
|
--ca_standard_bundle_output /work/system/etc/ssl/certs/ca-no-trust-rules-bundle.crt \
|
|
--ca_unpacked_output /work/system/etc/ssl/certs/unbundled \
|
|
--ca_hashed_unpacked_output /work/system/etc/ssl/certs/hashed \
|
|
--p11kit_output /work/system/etc/ssl/trust-source/ca-bundle.trust.p11-kit
|
|
`), Unversioned
|
|
}
|
|
func init() {
|
|
artifactsM[NSSCACert] = Metadata{
|
|
f: Toolchain.newNSSCACert,
|
|
|
|
Name: "nss-cacert",
|
|
Description: "bundle of X.509 certificates of public Certificate Authorities",
|
|
Website: "https://curl.se/docs/caextract.html",
|
|
}
|
|
}
|