dev-libs/nss: Removed old

Package-Manager: Portage-3.0.12, Repoman-3.0.2
Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>

3 files changed, 0 insertions, 454 deletions

diff --git a/dev-libs/nss/Manifest b/dev-libs/nss/Manifest
index d5daaa19eb3f..7b74a4a17fd6 100644
--- a/dev-libs/nss/Manifest
+++ b/dev-libs/nss/Manifest
@@ -1,5 +1,4 @@
 DIST nss-3.58.tar.gz 81846254 BLAKE2B f8e7d0b231916b197ad21706a057d055f8377059d76d4f09aff523cc4cd071a3184f02dc488259df22109b70be7b8a5d5fa7ea2273a830de825cc9a8c95dcca9 SHA512 03d2ab1517ac07620ea3f02dcf680cf019e0129006ff2559b2d0a047036340c20b98c9679b17a594e5502aa30e158caf309f046901b9ec7c7adeeaa13ec50b80
-DIST nss-3.59.tar.gz 82141516 BLAKE2B 74959b14ec42b4628dfc3365af00420cdbd41d202541e9379f6a4448c4496b76307af48c9ec405b370f8770327ce56742b4382f8cd49724b42732ce5cc5b0779 SHA512 8963e846f2ff7222457ae59f042672cf4e44f7752807226f46c215a772fd1cbd65d0ce634da4afb698eabd4eb1c1e78146cc2a089339ada11da03d259c609a38
 DIST nss-3.60.1.tar.gz 82036869 BLAKE2B 71f4ab4ee41a05b05493bb43bd0ebaa6258122ddf6bc82af565121ec32f72ae0f187ac2383501ed8e228b32b796f75a89538c76f737530215b3c6448ef1242a3 SHA512 ba398ddad6f90f3562a041b7fd5fc7b72eb20961cc5c1f4890c3b0d95d438404b26ae6feb54cb8c650707134479a915e1f522f0e9257bc2ede053dd0811156d5
 DIST nss-3.60.tar.gz 82035831 BLAKE2B fffc0e26d58d4625be1b8b0123f248a0c7994b18868ece534ba4d60131dd4897d075d7b2dba672c31ccd333e0c18ea384e2aa2f495c23b5430d6d10b91922873 SHA512 6463b2da28b5d9f1f20d45f77a3179e2b93c874af5742c7fc51eb7c44cef93270acacf79174dc63905f227256cbcee23a36f98f1cfed10dd5c56ffc0a76e2695
 DIST nss-cacert-class1-class3.patch 22950 BLAKE2B 9d5e60df5f161a3c27c41e5a9419440a54f888eda454e3cde5ebe626d4075b65cf9938b5144d0fb022377f4bd415bff5e5c67d104409860aa9391b3eb8872c68 SHA512 a5aa740bf110a3f0262e3f1ef2fc739ac2b44f042e220039d48aee8e97cd764d5c10718220364f4098aba955882bd02cadb5481512388971a8290312f88a7df0
diff --git a/dev-libs/nss/files/nss-3.59-dont-hold-slot-lock-when-taking-session-lock.patch b/dev-libs/nss/files/nss-3.59-dont-hold-slot-lock-when-taking-session-lock.patch
deleted file mode 100644
index be4ebfe47961..000000000000
--- a/dev-libs/nss/files/nss-3.59-dont-hold-slot-lock-when-taking-session-lock.patch
+++ /dev/null
@@ -1,93 +0,0 @@
-
-# HG changeset patch
-# User Kevin Jacobs <kjacobs@mozilla.com>
-# Date 1606813429 0
-# Node ID 19585ccc7a1f0f4e9a8d2b9c5ceeb408ea90acb9
-# Parent  f1e48fbead3d9e69500d7aedc1ef6e4bf334f41e
-Bug 1679290 - Don't hold slot lock when taking session lock r=bbeurdouche
-
-[[ https://hg.mozilla.org/projects/nss/rev/0ed11a5835ac1556ff978362cd61069d48f4c5db | 0ed11a5835ac1556ff978362cd61069d48f4c5db ]] fixed a number of race conditions related to NSSSlot member accesses. Unfortunately the locking order that was imposed by that patch has been found to cause problems for at least one PKCS11 module, libnsspem.
-
-This patch drops nested locking in favor of unlocking/re-locking. While this isn't perfect, the original problem in bug 1663661 was that `slot->token` could become NULL, which we can easily check after reacquiring.
-
-Differential Revision: https://phabricator.services.mozilla.com/D98247
-
-diff --git a/lib/dev/devslot.c b/lib/dev/devslot.c
---- a/lib/dev/devslot.c
-+++ b/lib/dev/devslot.c
-@@ -183,25 +183,32 @@ nssSlot_IsTokenPresent(
-     if ((slot->ckFlags & CKF_TOKEN_PRESENT) == 0) {
-         if (!slot->token) {
-             /* token was never present */
-             isPresent = PR_FALSE;
-             goto done; /* slot lock held */
-         }
-         session = nssToken_GetDefaultSession(slot->token);
-         if (session) {
-+            nssSlot_ExitMonitor(slot);
-             nssSession_EnterMonitor(session);
-             /* token is not present */
-             if (session->handle != CK_INVALID_HANDLE) {
-                 /* session is valid, close and invalidate it */
-                 CKAPI(epv)
-                     ->C_CloseSession(session->handle);
-                 session->handle = CK_INVALID_HANDLE;
-             }
-             nssSession_ExitMonitor(session);
-+            nssSlot_EnterMonitor(slot);
-+            if (!slot->token) {
-+                /* Check token presence after re-acquiring lock */
-+                isPresent = PR_FALSE;
-+                goto done; /* slot lock held */
-+            }
-         }
-         if (slot->token->base.name[0] != 0) {
-             /* notify the high-level cache that the token is removed */
-             slot->token->base.name[0] = 0; /* XXX */
-             nssToken_NotifyCertsNotVisible(slot->token);
-         }
-         slot->token->base.name[0] = 0; /* XXX */
-         /* clear the token cache */
-@@ -218,34 +225,41 @@ nssSlot_IsTokenPresent(
-     }
- 
-     /* token is present, use the session info to determine if the card
-      * has been removed and reinserted.
-      */
-     session = nssToken_GetDefaultSession(slot->token);
-     if (session) {
-         PRBool tokenRemoved;
-+        nssSlot_ExitMonitor(slot);
-         nssSession_EnterMonitor(session);
-         if (session->handle != CK_INVALID_HANDLE) {
-             CK_SESSION_INFO sessionInfo;
-             ckrv = CKAPI(epv)->C_GetSessionInfo(session->handle, &sessionInfo);
-             if (ckrv != CKR_OK) {
-                 /* session is screwy, close and invalidate it */
-                 CKAPI(epv)
-                     ->C_CloseSession(session->handle);
-                 session->handle = CK_INVALID_HANDLE;
-             }
-         }
-         tokenRemoved = (session->handle == CK_INVALID_HANDLE);
-         nssSession_ExitMonitor(session);
-+        nssSlot_EnterMonitor(slot);
-         /* token not removed, finished */
-         if (!tokenRemoved) {
-             isPresent = PR_TRUE;
-             goto done; /* slot lock held */
-         }
-+        if (!slot->token) {
-+            /* Check token presence after re-acquiring lock */
-+            isPresent = PR_FALSE;
-+            goto done; /* slot lock held */
-+        }
-     }
-     /* the token has been removed, and reinserted, or the slot contains
-      * a token it doesn't recognize. invalidate all the old
-      * information we had on this token, if we can't refresh, clear
-      * the present flag */
-     nssToken_NotifyCertsNotVisible(slot->token);
-     nssToken_Remove(slot->token);
-     /* token has been removed, need to refresh with new session */
-
diff --git a/dev-libs/nss/nss-3.59-r1.ebuild b/dev-libs/nss/nss-3.59-r1.ebuild
deleted file mode 100644
index 5342986caa41..000000000000
--- a/dev-libs/nss/nss-3.59-r1.ebuild
+++ /dev/null
@@ -1,360 +0,0 @@
-# Copyright 1999-2021 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-inherit flag-o-matic multilib toolchain-funcs multilib-minimal
-
-NSPR_VER="4.29"
-RTM_NAME="NSS_${PV//./_}_RTM"
-
-DESCRIPTION="Mozilla's Network Security Services library that implements PKI support"
-HOMEPAGE="https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS"
-SRC_URI="https://archive.mozilla.org/pub/security/nss/releases/${RTM_NAME}/src/${P}.tar.gz
-	cacert? ( https://dev.gentoo.org/~axs/distfiles/${PN}-cacert-class1-class3.patch )"
-
-LICENSE="|| ( MPL-2.0 GPL-2 LGPL-2.1 )"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~sparc-solaris ~x64-solaris ~x86-solaris"
-IUSE="cacert utils"
-# pkg-config called by nss-config -> virtual/pkgconfig in RDEPEND
-RDEPEND="
-	>=dev-libs/nspr-${NSPR_VER}[${MULTILIB_USEDEP}]
-	>=dev-db/sqlite-3.8.2[${MULTILIB_USEDEP}]
-	>=sys-libs/zlib-1.2.8-r1[${MULTILIB_USEDEP}]
-	virtual/pkgconfig
-"
-DEPEND="${RDEPEND}"
-
-RESTRICT="test"
-
-S="${WORKDIR}/${P}/${PN}"
-
-MULTILIB_CHOST_TOOLS=(
-	/usr/bin/nss-config
-)
-
-PATCHES=(
-	# Custom changes for gentoo
-	"${FILESDIR}/${PN}-3.53-gentoo-fixups.patch"
-	"${FILESDIR}/${PN}-3.21-gentoo-fixup-warnings.patch"
-	"${FILESDIR}/${PN}-3.23-hppa-byte_order.patch"
-	"${FILESDIR}/${PN}-3.53-fix-building-on-ppc.patch"
-	"${FILESDIR}/${PN}-3.59-dont-hold-slot-lock-when-taking-session-lock.patch"
-)
-
-src_prepare() {
-	if use cacert ; then #521462
-		PATCHES+=(
-			"${DISTDIR}/${PN}-cacert-class1-class3.patch"
-		)
-	fi
-
-	default
-
-	pushd coreconf >/dev/null || die
-	# hack nspr paths
-	echo 'INCLUDES += -I$(DIST)/include/dbm' \
-		>> headers.mk || die "failed to append include"
-
-	# modify install path
-	sed -e '/CORE_DEPTH/s:SOURCE_PREFIX.*$:SOURCE_PREFIX = $(CORE_DEPTH)/dist:' \
-		-i source.mk || die
-
-	# Respect LDFLAGS
-	sed -i -e 's/\$(MKSHLIB) -o/\$(MKSHLIB) \$(LDFLAGS) -o/g' rules.mk
-	popd >/dev/null || die
-
-	# Fix pkgconfig file for Prefix
-	sed -i -e "/^PREFIX =/s:= /usr:= ${EPREFIX}/usr:" \
-		config/Makefile || die
-
-	# use host shlibsign if need be #436216
-	if tc-is-cross-compiler ; then
-		sed -i \
-			-e 's:"${2}"/shlibsign:shlibsign:' \
-			cmd/shlibsign/sign.sh || die
-	fi
-
-	# dirty hack
-	sed -i -e "/CRYPTOLIB/s:\$(SOFTOKEN_LIB_DIR):../freebl/\$(OBJDIR):" \
-		lib/ssl/config.mk || die
-	sed -i -e "/CRYPTOLIB/s:\$(SOFTOKEN_LIB_DIR):../../lib/freebl/\$(OBJDIR):" \
-		cmd/platlibs.mk || die
-
-	multilib_copy_sources
-
-	strip-flags
-}
-
-multilib_src_configure() {
-	# Ensure we stay multilib aware
-	sed -i -e "/@libdir@/ s:lib64:$(get_libdir):" config/Makefile || die
-}
-
-nssarch() {
-	# Most of the arches are the same as $ARCH
-	local t=${1:-${CHOST}}
-	case ${t} in
-		aarch64*)echo "aarch64";;
-		hppa*)   echo "parisc";;
-		i?86*)   echo "i686";;
-		x86_64*) echo "x86_64";;
-		*)       tc-arch ${t};;
-	esac
-}
-
-nssbits() {
-	local cc cppflags="${1}CPPFLAGS" cflags="${1}CFLAGS"
-	if [[ ${1} == BUILD_ ]]; then
-		cc=$(tc-getBUILD_CC)
-	else
-		cc=$(tc-getCC)
-	fi
-	echo > "${T}"/test.c || die
-	${cc} ${!cppflags} ${!cflags} -c "${T}"/test.c -o "${T}/${1}test.o" || die
-	case $(file "${T}/${1}test.o") in
-		*32-bit*x86-64*) echo USE_X32=1;;
-		*64-bit*|*ppc64*|*x86_64*) echo USE_64=1;;
-		*32-bit*|*ppc*|*i386*) ;;
-		*) die "Failed to detect whether ${cc} builds 64bits or 32bits, disable distcc if you're using it, please";;
-	esac
-}
-
-multilib_src_compile() {
-	# use ABI to determine bit'ness, or fallback if unset
-	local buildbits mybits
-	case "${ABI}" in
-		n32) mybits="USE_N32=1";;
-		x32) mybits="USE_X32=1";;
-		s390x|*64) mybits="USE_64=1";;
-		${DEFAULT_ABI})
-			einfo "Running compilation test to determine bit'ness"
-			mybits=$(nssbits)
-			;;
-	esac
-	# bitness of host may differ from target
-	if tc-is-cross-compiler; then
-		buildbits=$(nssbits BUILD_)
-	fi
-
-	local makeargs=(
-		CC="$(tc-getCC)"
-		CCC="$(tc-getCXX)"
-		AR="$(tc-getAR) rc \$@"
-		RANLIB="$(tc-getRANLIB)"
-		OPTIMIZER=
-		${mybits}
-	)
-
-	# Take care of nspr settings #436216
-	local myCPPFLAGS="${CPPFLAGS} $($(tc-getPKG_CONFIG) nspr --cflags)"
-	unset NSPR_INCLUDE_DIR
-
-	export NSS_ALLOW_SSLKEYLOGFILE=1
-	export NSS_ENABLE_WERROR=0 #567158
-	export BUILD_OPT=1
-	export NSS_USE_SYSTEM_SQLITE=1
-	export NSDISTMODE=copy
-	export FREEBL_NO_DEPEND=1
-	export FREEBL_LOWHASH=1
-	export NSS_SEED_ONLY_DEV_URANDOM=1
-	export USE_SYSTEM_ZLIB=1
-	export ZLIB_LIBS=-lz
-	export ASFLAGS=""
-	# Fix build failure on arm64
-	export NS_USE_GCC=1
-	# Detect compiler type and set proper environment value
-	if tc-is-gcc; then
-		export CC_IS_GCC=1
-	elif tc-is-clang; then
-		export CC_IS_CLANG=1
-	fi
-
-	local d
-
-	# Build the host tools first.
-	LDFLAGS="${BUILD_LDFLAGS}" \
-	XCFLAGS="${BUILD_CFLAGS}" \
-	NSPR_LIB_DIR="${T}/fakedir" \
-	emake -j1 -C coreconf \
-		CC="$(tc-getBUILD_CC)" \
-		${buildbits-${mybits}}
-	makeargs+=( NSINSTALL="${PWD}/$(find -type f -name nsinstall)" )
-
-	# Then build the target tools.
-	for d in . lib/dbm ; do
-		CPPFLAGS="${myCPPFLAGS}" \
-		XCFLAGS="${CFLAGS} ${CPPFLAGS}" \
-		NSPR_LIB_DIR="${T}/fakedir" \
-		emake -j1 "${makeargs[@]}" -C ${d} OS_TEST="$(nssarch)"
-	done
-}
-
-# Altering these 3 libraries breaks the CHK verification.
-# All of the following cause it to break:
-# - stripping
-# - prelink
-# - ELF signing
-# http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn6.html
-# Either we have to NOT strip them, or we have to forcibly resign after
-# stripping.
-#local_libdir="$(get_libdir)"
-#export STRIP_MASK="
-#	*/${local_libdir}/libfreebl3.so*
-#	*/${local_libdir}/libnssdbm3.so*
-#	*/${local_libdir}/libsoftokn3.so*"
-
-export NSS_CHK_SIGN_LIBS="freebl3 nssdbm3 softokn3"
-
-generate_chk() {
-	local shlibsign="$1"
-	local libdir="$2"
-	einfo "Resigning core NSS libraries for FIPS validation"
-	shift 2
-	local i
-	for i in ${NSS_CHK_SIGN_LIBS} ; do
-		local libname=lib${i}.so
-		local chkname=lib${i}.chk
-		"${shlibsign}" \
-			-i "${libdir}"/${libname} \
-			-o "${libdir}"/${chkname}.tmp \
-		&& mv -f \
-			"${libdir}"/${chkname}.tmp \
-			"${libdir}"/${chkname} \
-		|| die "Failed to sign ${libname}"
-	done
-}
-
-cleanup_chk() {
-	local libdir="$1"
-	shift 1
-	local i
-	for i in ${NSS_CHK_SIGN_LIBS} ; do
-		local libfname="${libdir}/lib${i}.so"
-		# If the major version has changed, then we have old chk files.
-		[ ! -f "${libfname}" -a -f "${libfname}.chk" ] \
-			&& rm -f "${libfname}.chk"
-	done
-}
-
-multilib_src_install() {
-	pushd dist >/dev/null || die
-
-	dodir /usr/$(get_libdir)
-	cp -L */lib/*$(get_libname) "${ED}"/usr/$(get_libdir) || die "copying shared libs failed"
-	local i
-	for i in crmf freebl nssb nssckfw ; do
-		cp -L */lib/lib${i}.a "${ED}"/usr/$(get_libdir) || die "copying libs failed"
-	done
-
-	# Install nss-config and pkgconfig file
-	dodir /usr/bin
-	cp -L */bin/nss-config "${ED}"/usr/bin || die
-	dodir /usr/$(get_libdir)/pkgconfig
-	cp -L */lib/pkgconfig/nss.pc "${ED}"/usr/$(get_libdir)/pkgconfig || die
-
-	# create an nss-softokn.pc from nss.pc for libfreebl and some private headers
-	# bug 517266
-	sed 	-e 's#Libs:#Libs: -lfreebl#' \
-		-e 's#Cflags:#Cflags: -I${includedir}/private#' \
-		*/lib/pkgconfig/nss.pc >"${ED}"/usr/$(get_libdir)/pkgconfig/nss-softokn.pc \
-		|| die "could not create nss-softokn.pc"
-
-	# all the include files
-	insinto /usr/include/nss
-	doins public/nss/*.{h,api}
-	insinto /usr/include/nss/private
-	doins private/nss/{blapi,alghmac,cmac}.h
-
-	popd >/dev/null || die
-
-	local f nssutils
-	# Always enabled because we need it for chk generation.
-	nssutils=( shlibsign )
-
-	if multilib_is_native_abi ; then
-		if use utils; then
-			# The tests we do not need to install.
-			#nssutils_test="bltest crmftest dbtest dertimetest
-			#fipstest remtest sdrtest"
-			# checkcert utils has been removed in nss-3.22:
-			# https://bugzilla.mozilla.org/show_bug.cgi?id=1187545
-			# https://hg.mozilla.org/projects/nss/rev/df1729d37870
-			# certcgi has been removed in nss-3.36:
-			# https://bugzilla.mozilla.org/show_bug.cgi?id=1426602
-			nssutils+=(
-				addbuiltin
-				atob
-				baddbdir
-				btoa
-				certutil
-				cmsutil
-				conflict
-				crlutil
-				derdump
-				digest
-				makepqg
-				mangle
-				modutil
-				multinit
-				nonspr10
-				ocspclnt
-				oidcalc
-				p7content
-				p7env
-				p7sign
-				p7verify
-				pk11mode
-				pk12util
-				pp
-				rsaperf
-				selfserv
-				signtool
-				signver
-				ssltap
-				strsclnt
-				symkeyutil
-				tstclnt
-				vfychain
-				vfyserv
-			)
-			# install man-pages for utils (bug #516810)
-			doman doc/nroff/*.1
-		fi
-		pushd dist/*/bin >/dev/null || die
-		for f in ${nssutils[@]}; do
-			dobin ${f}
-		done
-		popd >/dev/null || die
-	fi
-
-	# Prelink breaks the CHK files. We don't have any reliable way to run
-	# shlibsign after prelink.
-	dodir /etc/prelink.conf.d
-	printf -- "-b ${EPREFIX}/usr/$(get_libdir)/lib%s.so\n" ${NSS_CHK_SIGN_LIBS} \
-		> "${ED}"/etc/prelink.conf.d/nss.conf
-}
-
-pkg_postinst() {
-	multilib_pkg_postinst() {
-		# We must re-sign the libraries AFTER they are stripped.
-		local shlibsign="${EROOT}/usr/bin/shlibsign"
-		# See if we can execute it (cross-compiling & such). #436216
-		"${shlibsign}" -h >&/dev/null
-		if [[ $? -gt 1 ]] ; then
-			shlibsign="shlibsign"
-		fi
-		generate_chk "${shlibsign}" "${EROOT}"/usr/$(get_libdir)
-	}
-
-	multilib_foreach_abi multilib_pkg_postinst
-}
-
-pkg_postrm() {
-	multilib_pkg_postrm() {
-		cleanup_chk "${EROOT}"/usr/$(get_libdir)
-	}
-
-	multilib_foreach_abi multilib_pkg_postrm
-}