subject:"Re\: New NSS feature in Glibc's libcrypt"

Re: New NSS feature in Glibc's libcrypt

2010-01-10 Thread Robert Connolly

Before installing Glibc, NSS can be installed like this first.

I don't really like this idea of installing a minimal NSS and linking libcrypt 
to it, but there isn't much choice. I would be happier if Glibc's libcrypt 
was retested after NSS is completely reinstalled. There is also a problem 
with the linking to libgcc.so, which should be a static link so we remove the 
dependency on /usr/lib.

Install to /tools if you prefer. It should also work. Do this from a native 
toolchain, in the chroot.

tar xf nss-3.12.5.tar.gz
cd nss-3.12.5/
tar xf ../nspr-4.8.2.tar.gz
mv -v nspr-4.8.2/mozilla/nsprpub/ mozilla/
rmdir -v nspr-4.8.2/mozilla/
rmdir -v nspr-4.8.2/

# Remove --enable-64bit for 32bit:
cd mozilla/nsprpub/
./configure --disable-debug --disable-ipv6 --enable-64bit
make

# Remove USE_64=1 for 32bit:
cd ../security/
for dir in {coreconf,dbm,nss}; do
make -C $dir BUILD_OPT=1 FREEBL_NO_DEPEND=1 \
  NSPR_INCLUDE_DIR=$(pwd)/../nsprpub/dist/include/nspr/ \
  NSPR_LIB_DIR=$(pwd)/../nsprpub/dist/lib/ USE_64=1 || break
done

# The Glibc test suite expects $includedir/nss3:
install -v -m755 -d /usr/include/nss3/
install -v -m644 ./nss/lib/freebl/{hasht.h,nsslowhash.h} /usr/include/nss3

install -v -m755 ./nss/lib/freebl/*.OBJ/Linux_SINGLE_SHLIB/libfreebl3.so /lib
# We need this file, or else segfault:
install -v -m644 ./nss/lib/freebl/*.OBJ/Linux_SINGLE_SHLIB/libfreebl3.chk /lib
# GCC is linking to /tools/lib, so we need this symlink for ./configure:
ln -vs /lib/libfreebl3.so /tools/lib/libfreebl3.so

# Glibc:
sed -i.orig \
's...@nss_includes=.*@nss_includes=-I/usr/include/nss3@' configure{,.in}
sed -i.orig \
's...@-i$(shell nss-config --includedir)@-I/usr/include/nss3@' 
crypt/Makefile

Add --enable-nss-crypt

# GCC:

# libfreebl3.so depends on libgcc_s.so.1, so it should be installed to /lib.
# I haven't figured out where NSS links to libgcc_s.so, to use the static
# library instead.

robert


pgp52fQHxPE9K.pgp
Description: PGP signature
-- 
http://linuxfromscratch.org/mailman/listinfo/hlfs-dev
FAQ: http://www.linuxfromscratch.org/faq/
Unsubscribe: See the above information page

Re: New NSS feature in Glibc's libcrypt

2010-01-08 Thread Robert Connolly

Fedora people are making some effort to use NSS exclusively, and stop using 
OpenSSL:
http://rcritten.fedorapeople.org/nss_compat_ossl.html

Fedora itself is not doing this yet.

Curl already supports NSS.

I tried twice to get NSS support in Glibc. The first time succeeded, but I 
installed much of the final system first, for NSS dependencies, and then 
reinstalled Glibc. The second time, I installed NSS to /tools, and 
symbolically linked the libraries and headers to /usr, and I ended up with 
segmentation faults from libcrypt.

robert


pgprRaYlad38V.pgp
Description: PGP signature
-- 
http://linuxfromscratch.org/mailman/listinfo/hlfs-dev
FAQ: http://www.linuxfromscratch.org/faq/
Unsubscribe: See the above information page

Re: New NSS feature in Glibc's libcrypt

Re: New NSS feature in Glibc's libcrypt

2 matches

Site Navigation

Mail list logo

Footer information