The Network Security Services (NSS) package is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards. This is useful for implementing SSL and S/MIME or other Internet security standards into an application.
This package is known to build and work properly using an LFS-7.0 platform.
Download (HTTP): http://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_13_1_RTM/src/nss-3.13.1.tar.gz
Download (FTP): ftp://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_13_1_RTM/src/nss-3.13.1.tar.gz
Download MD5 sum: c500f96d33ba1390c8a35c667e05e542
Download size: 5.7 MB
Estimated disk space required: 44 MB (more than double this to run the test suite)
Estimated build time: 0.7 SBU (at least an additional 3.5 SBU to run the test suite)
SQLite-3.7.8 (internal sqlite is incompatable with existing or future installations)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/nss
Install NSS by running the following commands:
bash [ $(arch) = x86_64 ] && export USE_64=1 export BUILD_OPT=1 && cat /usr/include/sqlite3.h &> /dev/null && export NSS_USE_SYSTEM_SQLITE=1 export NSPR_INCLUDE_DIR=/usr/include/nspr && export USE_SYSTEM_ZLIB=1 && export ZLIB_LIBS=-lz && patch -Np1 -i ../nss-3.13.1-standalone-1.patch && make -C mozilla/security/nss nss_build_all
If you wish to test the results, you'll need to set the domain name
of your system in the DOMSUF
environment
variable. Most of the tests will fail if you don't provide the
correct domain name. The voluminous output will report how many of
the several thousand tests passed, and if any failed. To review the
details of any failures, you may wish to capture stdout and stderr
in a file.
To run the tests, ensure you change the export DOMSUF command below to an
appropriate value, e.g., mydomain.com
or, if you do not have
any domain in your /etc/hosts
replace
this with the developers' recommendation of "export HOST=localhost
DOMSUF=localdomain" and issue the following
commands:
bash
export NSS_LINUXDIR=$(basename `ls -d $PWD/mozilla/dist/Linux*`) &&
export DOMSUF=<validdomain.name>
&&
export PATH=$PATH:$PWD/mozilla/dist/$NSS_LINUXDIR/bin &&
export TEST_RESULTSDIR=$PWD/mozilla/tests_results/security &&
cd mozilla/security/nss/tests &&
sed -i 's/gmake/make/' common/init.sh &&
./all.sh &&
grep Passed $TEST_RESULTSDIR/$(hostname).1/results.html | wc -l &&
exit
Now, as the root
user:
export NSS_LINUXDIR=$(basename `ls -d $PWD/mozilla/dist/Linux*`) && cd mozilla/dist && install -v -m755 $NSS_LINUXDIR/lib/*.so /usr/lib && install -v -m644 $NSS_LINUXDIR/lib/{*.chk,libcrmf.a} /usr/lib && install -v -m755 -d /usr/include/nss && install -v -m755 $NSS_LINUXDIR/bin/{certutil,nss-config,pk12util} /usr/bin && install -v -m644 $NSS_LINUXDIR/lib/pkgconfig/nss.pc /usr/lib/pkgconfig && cp -v -RL {public,private}/nss/* /usr/include/nss && chmod 644 /usr/include/nss/*
Now as the unprivileged user, exit the bash shell started at the beginning of the installation to restore the environment to the original state.
exit
bash: Shells are started as many environment variables are created during the installation process. Exiting the shells serves the purpose of restoring the environment and returning back to the original directory when the installation is complete.
[ $(arch) = x86_64 ] && export USE_64=1: This command is required on x86_64, otherwise the build will attempt to create 32-bit objects and fail in a non-multilib system. The [ $(arch) = x86_64 ] test ensures it has no effect on a 32 bit system.
cat /usr/include/sqlite3.h
... : tests if sqlite is installed and if so it sets the
environment variable NSS_USE_SYSTEM_SQLITE=1 so that libsoftokn3.so
will link against the system
version of sqlite.
export BUILD_OPT=1: This variable is set so that the build is performed with no debugging symbols built into the binaries and that the default compiler optimizations are used.
export NSPR_INCLUDE_DIR=/usr/include/nspr: This command sets the location of the nspr headers.
export USE_SYSTEM_ZLIB=1: This command ensures that the system installed library is used instead of the in-tree version.
export ZLIB_LIBS=-lz: This command provides the needed linker flags to link to the system zlib.
export NSS_LINUXDIR=...: This variable is set so that the exact name of the architecture specific directories where the binaries are stored in the source tree can be determined.
make -C mozilla/security/nss
nss_build_all: This command builds the NSS libraries and creates a dist
directory which houses all the programs,
libraries and interface headers. None of the programs created by
this process are installed onto the system using the default
instructions (except for nss-config). If you need any of these programs
installed, you can find them in the mozilla/*.OBJ/dist/bin
directory of the source
tree.
sed -i 's/gmake/make/' common/init.sh: This command changes the command used to compile some test programs.
Last updated on 2011-11-29 01:44:50 +0000