Changeset 9333a525
- Timestamp:
- 03/04/2012 11:27:16 PM (12 years ago)
- Branches:
- 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal
- Children:
- c2d890f4
- Parents:
- 7753fc6
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
general.ent
r7753fc6 r9333a525 122 122 <!ENTITY mitkrb-version "1.6"> 123 123 <!ENTITY nettle-version "2.4"> 124 <!ENTITY nss-version "3.13. 1">124 <!ENTITY nss-version "3.13.3"> 125 125 <!ENTITY openssh-version "5.9p1"> 126 126 <!ENTITY openssl-version "1.0.0g"> -
introduction/welcome/changelog.xml
r7753fc6 r9333a525 55 55 <para>[abenton] - NSPR 4.9.</para> 56 56 </listitem> 57 <listitem> 58 <para>[abenton] - NSS 3.13.3.</para> 59 </listitem> 57 60 </itemizedlist> 58 61 </listitem> -
postlfs/security/nss.xml
r7753fc6 r9333a525 5 5 %general-entities; 6 6 7 <!ENTITY nss-download-http "http://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_13_1_RTM/src/nss-&nss-version;.tar.gz"> 8 <!ENTITY nss-download-ftp "ftp://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_13_1_RTM/src/nss-&nss-version;.tar.gz"> 9 <!ENTITY nss-md5sum "c500f96d33ba1390c8a35c667e05e542"> 10 <!ENTITY nss-size "5.7 MB"> 11 <!ENTITY nss-buildsize "44 MB (more than double this to run the test suite)"> 12 <!ENTITY nss-time "0.7 SBU (at least an additional 3.5 SBU to run the test suite)"> 7 <!ENTITY nss-download-http 8 "http://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_13_3_RTM/src/nss-&nss-version;.tar.gz"> 9 <!ENTITY nss-download-ftp 10 "ftp://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_13_3_RTM/src/nss-&nss-version;.tar.gz"> 11 <!ENTITY nss-md5sum "006cb82fa900e9e664b4b14a9b7810ca"> 12 <!ENTITY nss-size "5.8 MB"> 13 <!ENTITY nss-buildsize "70 MB (more than double this to run the test suite)"> 14 <!ENTITY nss-time "1.0 SBU (at least an additional 3.5 SBU to run the test suite)"> 13 15 ]> 14 16 … … 30 32 <title>Introduction to NSS</title> 31 33 32 <para>The Network Security Services (<application>NSS</application>) 33 package is a set of libraries designed to support cross-platform 34 development of security-enabled client and server applications. 35 Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, 36 PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other 37 security standards. This is useful for implementing SSL and S/MIME or 38 other Internet security standards into an application.</para> 34 <para> 35 The Network Security Services (<application>NSS</application>) package is 36 a set of libraries designed to support cross-platform development of 37 security-enabled client and server applications. Applications built with 38 NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, 39 S/MIME, X.509 v3 certificates, and other security standards. This is 40 useful for implementing SSL and S/MIME or other Internet security 41 standards into an application. 42 </para> 39 43 40 44 &lfs70_checked; … … 43 47 <itemizedlist spacing="compact"> 44 48 <listitem> 45 <para>Download (HTTP): <ulink url="&nss-download-http;"/></para> 46 </listitem> 47 <listitem> 48 <para>Download (FTP): <ulink url="&nss-download-ftp;"/></para> 49 </listitem> 50 <listitem> 51 <para>Download MD5 sum: &nss-md5sum;</para> 52 </listitem> 53 <listitem> 54 <para>Download size: &nss-size;</para> 55 </listitem> 56 <listitem> 57 <para>Estimated disk space required: &nss-buildsize;</para> 58 </listitem> 59 <listitem> 60 <para>Estimated build time: &nss-time;</para> 49 <para> 50 Download (HTTP): <ulink url="&nss-download-http;"/> 51 </para> 52 </listitem> 53 <listitem> 54 <para> 55 Download (FTP): <ulink url="&nss-download-ftp;"/> 56 </para> 57 </listitem> 58 <listitem> 59 <para> 60 Download MD5 sum: &nss-md5sum; 61 </para> 62 </listitem> 63 <listitem> 64 <para> 65 Download size: &nss-size; 66 </para> 67 </listitem> 68 <listitem> 69 <para> 70 Estimated disk space required: &nss-buildsize; 71 </para> 72 </listitem> 73 <listitem> 74 <para> 75 Estimated build time: &nss-time; 76 </para> 61 77 </listitem> 62 78 </itemizedlist> … … 65 81 <itemizedlist spacing="compact"> 66 82 <listitem> 67 <para>Required patch: <ulink 68 url="&patch-root;/nss-&nss-version;-standalone-1.patch"/></para> 83 <para> 84 Required patch: 85 <ulink url="&patch-root;/nss-&nss-version;-standalone-1.patch"/> 86 </para> 69 87 </listitem> 70 88 </itemizedlist> … … 73 91 74 92 <bridgehead renderas="sect4">Required</bridgehead> 75 <para role="required"><xref linkend="nspr"/></para> 93 <para role="required"> 94 <xref linkend="nspr"/> 95 </para> 76 96 77 97 <bridgehead renderas="sect4">Recommended</bridgehead> 78 <para role="recommended"><xref linkend="sqlite"/> (internal sqlite is 79 incompatable with existing or future installations)</para> 80 81 82 <para condition="html" role="usernotes">User Notes: 83 <ulink url="&blfs-wiki;/nss"/></para> 84 98 <para role="recommended"> 99 <xref linkend="sqlite"/> (internal <application>sqlite</application> is 100 incompatable with existing or future installations) 101 </para> 102 103 104 <para condition="html" role="usernotes"> 105 User Notes: <ulink url="&blfs-wiki;/nss"/> 106 </para> 85 107 </sect2> 86 108 … … 88 110 <title>Installation of NSS</title> 89 111 90 <para>Install <application>NSS</application> by running the following 91 commands:</para> 92 93 <screen><userinput>bash 94 [ $(arch) = x86_64 ] && export USE_64=1 95 export BUILD_OPT=1 && 96 cat /usr/include/sqlite3.h &> /dev/null && 97 export NSS_USE_SYSTEM_SQLITE=1 98 export NSPR_INCLUDE_DIR=/usr/include/nspr && 99 export USE_SYSTEM_ZLIB=1 && 100 export ZLIB_LIBS=-lz && 101 patch -Np1 -i ../nss-&nss-version;-standalone-1.patch && 102 make -C mozilla/security/nss nss_build_all</userinput></screen> 103 104 <para>If you wish to test the results, you'll need to set the domain name of 105 your system in the <envar>DOMSUF</envar> environment variable. Most of the 106 tests will fail if you don't provide the correct domain name. The voluminous 107 output will report how many of the several thousand tests passed, and if any 108 failed. To review the details of any failures, you may wish to capture 109 stdout and stderr in a file.</para> 110 111 <para>To run the tests, ensure you change the 112 <command>export DOMSUF</command> command below to an appropriate value, 113 e.g., <parameter>mydomain.com</parameter> or, if you do not have any domain 114 in your <filename>/etc/hosts</filename> replace this with the developers' 115 recommendation of 116 <command>"export HOST=localhost DOMSUF=localdomain"</command> and issue the 117 following commands:</para> 112 <para> 113 Install <application>NSS</application> by running the following commands: 114 </para> 115 116 <screen><userinput>patch -Np1 -i ../nss-&nss-version;-standalone-1.patch && 117 cd mozilla/security/nss && 118 make nss_build_all $([ $(arch) = x86_64 ] && echo USE_64=1) BUILD_OPT=1 \ 119 NSPR_INCLUDE_DIR=/usr/include/nspr USE_SYSTEM_ZLIB=1 ZLIB_LIBS=-lz \ 120 $(cat /usr/include/sqlite3.h &> /dev/null && echo NSS_USE_SYSTEM_SQLITE=1)</userinput></screen> 121 122 <para>This package does not come with a test suite.</para> 123 <!-- 124 <para> 125 If you wish to test the results, you'll need to set the domain name of 126 your system in the <envar>DOMSUF</envar> environment variable. Most of the 127 tests will fail if you don't provide the correct domain name. The 128 voluminous output will report how many of the several thousand tests 129 passed, and if any failed. To review the details of any failures, you may 130 wish to capture stdout and stderr in a file. 131 </para> 132 133 <para> 134 To run the tests, ensure you change the <command>export DOMSUF</command> 135 command below to an appropriate value, e.g., 136 <parameter>mydomain.com</parameter> or, if you do not have any domain in 137 your <filename>/etc/hosts</filename> replace this with the developers' 138 recommendation of 139 <command>"export HOST=localhost DOMSUF=localdomain"</command> and issue 140 the following commands: 141 </para> 118 142 119 143 <screen><userinput>bash … … 131 155 132 156 exit</userinput></screen> 133 134 <para>Now, as the <systemitem class="username">root</systemitem> user:</para> 135 136 <screen role="root"><userinput>export NSS_LINUXDIR=$(basename `ls -d $PWD/mozilla/dist/Linux*`) && 137 cd mozilla/dist && 138 install -v -m755 $NSS_LINUXDIR/lib/*.so /usr/lib && 139 install -v -m644 $NSS_LINUXDIR/lib/{*.chk,libcrmf.a} /usr/lib && 157 --> 158 <para> 159 Now, as the <systemitem class="username">root</systemitem> user: 160 </para> 161 162 <screen role="root"><userinput>cd ../../dist && 163 install -v -m755 Linux*/lib/*.so /usr/lib && 164 install -v -m644 Linux*/lib/{*.chk,libcrmf.a} /usr/lib && 140 165 install -v -m755 -d /usr/include/nss && 141 install -v -m755 $NSS_LINUXDIR/bin/{certutil,nss-config,pk12util} /usr/bin &&142 install -v -m644 $NSS_LINUXDIR/lib/pkgconfig/nss.pc /usr/lib/pkgconfig &&166 install -v -m755 Linux*/bin/{certutil,nss-config,pk12util} /usr/bin && 167 install -v -m644 Linux*/lib/pkgconfig/nss.pc /usr/lib/pkgconfig && 143 168 cp -v -RL {public,private}/nss/* /usr/include/nss && 144 169 chmod 644 /usr/include/nss/*</userinput></screen> 145 146 <para>Now as the unprivileged user, exit the <command>bash</command>147 shell started at the beginning of the installation to restore the148 environment to the original state.</para>149 150 <screen><userinput>exit</userinput></screen>151 152 170 </sect2> 153 171 … … 155 173 <title>Command Explanations</title> 156 174 157 <para><command>bash</command>: Shells are started as many environment 158 variables are created during the installation process. Exiting the shells 159 serves the purpose of restoring the environment and returning back to the 160 original directory when the installation is complete.</para> 161 162 <para><command>[ $(arch) = x86_64 ] && export USE_64=1</command>: 163 This command is <emphasis>required on x86_64</emphasis>, otherwise the 164 build will attempt to create 32-bit objects and fail in a non-multilib 165 system. The [ $(arch) = x86_64 ] test ensures it has no effect on a 32 bit 166 system.</para> 167 168 <para><command>cat /usr/include/sqlite3.h ... </command>: tests if 169 <application>sqlite</application> is installed and if so it sets the 170 environment variable NSS_USE_SYSTEM_SQLITE=1 so that 171 <filename class="libraryfile">libsoftokn3.so</filename> will link against 172 the system version of sqlite.</para> 173 174 <para><command>export BUILD_OPT=1</command>: This variable is set so that 175 the build is performed with no debugging symbols built into the binaries 176 and that the default compiler optimizations are used.</para> 177 178 <para><command>export NSPR_INCLUDE_DIR=/usr/include/nspr</command>: This 179 command sets the location of the nspr headers.</para> 180 181 <para><command>export USE_SYSTEM_ZLIB=1</command>: This command ensures that 182 the system installed library is used instead of the in-tree version.</para> 183 184 <para><command>export ZLIB_LIBS=-lz</command>: This command provides the 185 needed linker flags to link to the system zlib.</para> 186 187 <para><command>export NSS_LINUXDIR=...</command>: This variable is set so 188 that the exact name of the architecture specific directories where the 189 binaries are stored in the source tree can be determined.</para> 190 191 <para><command>make -C mozilla/security/nss nss_build_all</command>: This 192 command builds the <application>NSS</application> libraries and creates a 193 <filename class='directory'>dist</filename> directory which houses all the 194 programs, libraries and interface headers. None of the programs created by 195 this process are installed onto the system using the default instructions 196 (except for <application>nss-config</application>). If you need any of 197 these programs installed, you can find them in the 198 <filename class='directory'>mozilla/*.OBJ/dist/bin</filename> directory of 199 the source tree.</para> 200 201 <para><command>sed -i 's/gmake/make/' common/init.sh</command>: This 202 command changes the command used to compile some test programs.</para> 203 175 <para> 176 <parameter>[ $(arch) = x86_64 ] && echo USE_64=1</parameter>: 177 This option is <emphasis>required on x86_64</emphasis>, otherwise the 178 <command>make</command> will attempt to create 32-bit objects and in a 179 non-multilib system it will fail. The [ $(arch) = x86_64 ] test ensures it 180 has no effect on a 32 bit system. 181 </para> 182 183 <para> 184 <command>cat /usr/include/sqlite3.h ... </command>: This tests if 185 <application>sqlite</application> is installed and if so it 186 <command>echo</command>s the option NSS_USE_SYSTEM_SQLITE=1 to 187 <command>make</command> so that 188 <filename class="libraryfile">libsoftokn3.so</filename> will link against 189 the system version of sqlite. 190 </para> 191 192 <para> 193 <parameter>BUILD_OPT=1</parameter>: This option is passed to 194 <command>make</command> so that the build is performed with no debugging 195 symbols built into the binaries and the default compiler optimizations are 196 used. 197 </para> 198 199 <para> 200 <parameter>NSPR_INCLUDE_DIR=/usr/include/nspr</parameter>: This option 201 sets the location of the nspr headers. 202 </para> 203 204 <para> 205 <parameter>USE_SYSTEM_ZLIB=1</parameter>: This option is passed to 206 <command>make</command> to ensure that the 207 <filename class="libraryfile">libssl3.so</filename> library is linked to 208 the system installed <application>zlib</application> instead of the 209 in-tree version. 210 </para> 211 212 <para> 213 <parameter>ZLIB_LIBS=-lz</parameter>: This option provides the 214 linker flags needed to link to the system <application>zlib</application>. 215 </para> 204 216 </sect2> 205 217 … … 213 225 214 226 <seglistitem> 215 <seg>nss-config</seg> 216 <seg>libcrmf.a, libfreebl3.so, libnss3.so, libnssckbi.so, 217 libnssdbm3.so, libnssutil3.so, libsmime3.so, libsoftokn3.so 218 and libssl3.so</seg> 227 <seg>certutil, nss-config and pk12util</seg> 228 <seg> 229 libcrmf.a, libfreebl3.so, libnss3.so, libnssckbi.so, libnssdbm3.so, 230 libnssutil3.so, libsmime3.so, libsoftokn3.so and libssl3.so 231 </seg> 219 232 <seg>/usr/include/nss</seg> 220 233 </seglistitem> … … 226 239 <?dbhtml list-presentation="table"?> 227 240 241 <varlistentry id="certutil"> 242 <term><command>certutil</command></term> 243 <listitem> 244 <para> 245 is the Mozilla Certificate Database Tool. It is a command-line 246 utility that can create and modify the Netscape Communicator 247 cert8.db and key3.db database files. It can also list, generate, 248 modify, or delete certificates within the cert8.db file and create 249 or change the password, generate new public and private key pairs, 250 display the contents of the key database, or delete key pairs within 251 the key3.db file. 252 </para> 253 <indexterm zone="nss certutil"> 254 <primary sortas="b-certutil">certutil</primary> 255 </indexterm> 256 </listitem> 257 </varlistentry> 258 228 259 <varlistentry id="nss-config"> 229 260 <term><command>nss-config</command></term> 230 261 <listitem> 231 <para>is used to determine the NSS library settings 232 of the installed NSS libraries.</para> 262 <para> 263 is used to determine the NSS library settings of the installed NSS 264 libraries. 265 </para> 233 266 <indexterm zone="nss nss-config"> 234 267 <primary sortas="b-nss-config">nss-config</primary> … … 236 269 </listitem> 237 270 </varlistentry> 271 272 <varlistentry id="pk12util"> 273 <term><command>pk12util</command></term> 274 <listitem> 275 <para> 276 is a tool for importing certificates and keys from pkcs #12 files 277 into NSS or exporting them. It can also list certificates and keys 278 in such files. 279 </para> 280 <indexterm zone="nss pk12util"> 281 <primary sortas="b-pk12util">pk12util</primary> 282 </indexterm> 283 </listitem> 284 </varlistentry> 238 285 </variablelist> 239 240 </sect2> 241 286 </sect2> 242 287 </sect1>
Note:
See TracChangeset
for help on using the changeset viewer.