mirror of
https://github.com/beard7n/bsdports.git
synced 2026-04-10 02:21:15 +02:00
added firefox78, openjdk17, llvm13; updated libnss, libnspr, rustc
This commit is contained in:
@@ -2,7 +2,7 @@
|
||||
# $FreeBSD: head/security/nss/Makefile 439231 2017-04-23 16:11:22Z jbeich $
|
||||
|
||||
PORTNAME= nss
|
||||
PORTVERSION= 3.47.1
|
||||
PORTVERSION= 3.78
|
||||
CATEGORIES= security
|
||||
MASTER_SITES= MOZILLA/security/${PORTNAME}/releases/${DISTNAME:tu:C/[-.]/_/g}_RTM/src
|
||||
PKGNAMEPREFIX= lib
|
||||
@@ -69,10 +69,16 @@ INSTALL_BINS+= vfyserv
|
||||
MAKE_ENV+= BUILD_OPT=1
|
||||
BINS= ${DIST}/${OPSYS}${OSREL}_OPT.OBJ
|
||||
|
||||
#.if ${OPSYS} == FreeBSD && ${ARCH} == amd64
|
||||
#CC+= -B${LOCALBASE}/bin
|
||||
#.endif
|
||||
|
||||
.if ${OPSYS} == FreeBSD && ${ARCH} == amd64
|
||||
USE_BINUTILS= # intel-gcm.s
|
||||
CC+= -B${LOCALBASE}/bin
|
||||
.endif
|
||||
|
||||
|
||||
check regression-test test:
|
||||
cd ${WRKSRC}/tests; \
|
||||
${SETENV} PATH="${BINS}/bin:${PATH}" \
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
TIMESTAMP = 1579179550
|
||||
SHA256 (nss-3.47.1.tar.gz) = 1ae3d1cb1de345b258788f2ef6b10a460068034c3fd64f42427a183d8342a6fb
|
||||
SIZE (nss-3.47.1.tar.gz) = 76462846
|
||||
TIMESTAMP = 1653236453
|
||||
SHA256 (nss-3.78.tar.gz) = f455f341e787c1167328e80a84f77b9a557d595066dda6486a1874d72da68800
|
||||
SIZE (nss-3.78.tar.gz) = 84815720
|
||||
|
||||
@@ -1,111 +0,0 @@
|
||||
Detect ARM CPU features on FreeBSD.
|
||||
|
||||
elf_aux_info is similar to getauxval but is nop on aarch64.
|
||||
|
||||
--- lib/freebl/blinit.c.orig 2019-08-30 15:46:32 UTC
|
||||
+++ lib/freebl/blinit.c
|
||||
@@ -96,8 +96,8 @@ CheckX86CPUSupport()
|
||||
#ifndef __has_include
|
||||
#define __has_include(x) 0
|
||||
#endif
|
||||
-#if (__has_include(<sys/auxv.h>) || defined(__linux__)) && \
|
||||
- defined(__GNUC__) && __GNUC__ >= 2 && defined(__ELF__)
|
||||
+#if defined(__linux__)
|
||||
+#if defined(__GNUC__) && __GNUC__ >= 2 && defined(__ELF__)
|
||||
/* This might be conflict with host compiler */
|
||||
#if !defined(__ANDROID__)
|
||||
#include <sys/auxv.h>
|
||||
@@ -106,6 +106,10 @@ extern unsigned long getauxval(unsigned long type) __a
|
||||
#else
|
||||
static unsigned long (*getauxval)(unsigned long) = NULL;
|
||||
#endif /* defined(__GNUC__) && __GNUC__ >= 2 && defined(__ELF__)*/
|
||||
+#elif defined(__FreeBSD__) && __has_include(<sys/auxv.h>)
|
||||
+#include <sys/auxv.h>
|
||||
+#define HAVE_ELF_AUX_INFO
|
||||
+#endif /* defined(__linux__) */
|
||||
|
||||
#ifndef AT_HWCAP2
|
||||
#define AT_HWCAP2 26
|
||||
@@ -118,6 +122,9 @@ static unsigned long (*getauxval)(unsigned long) = NUL
|
||||
/* clang-format on */
|
||||
|
||||
#if defined(__aarch64__)
|
||||
+#if defined(__FreeBSD__)
|
||||
+#include <machine/armreg.h>
|
||||
+#endif
|
||||
// Defines from hwcap.h in Linux kernel - ARM64
|
||||
#ifndef HWCAP_AES
|
||||
#define HWCAP_AES (1 << 3)
|
||||
@@ -138,6 +145,7 @@ CheckARMSupport()
|
||||
char *disable_arm_neon = PR_GetEnvSecure("NSS_DISABLE_ARM_NEON");
|
||||
char *disable_hw_aes = PR_GetEnvSecure("NSS_DISABLE_HW_AES");
|
||||
char *disable_pmull = PR_GetEnvSecure("NSS_DISABLE_PMULL");
|
||||
+#if defined(__linux__)
|
||||
if (getauxval) {
|
||||
long hwcaps = getauxval(AT_HWCAP);
|
||||
arm_aes_support_ = hwcaps & HWCAP_AES && disable_hw_aes == NULL;
|
||||
@@ -145,6 +153,14 @@ CheckARMSupport()
|
||||
arm_sha1_support_ = hwcaps & HWCAP_SHA1;
|
||||
arm_sha2_support_ = hwcaps & HWCAP_SHA2;
|
||||
}
|
||||
+#elif defined(__FreeBSD__)
|
||||
+ uint64_t id_aa64isar0;
|
||||
+ id_aa64isar0 = READ_SPECIALREG(ID_AA64ISAR0_EL1);
|
||||
+ arm_aes_support_ = ID_AA64ISAR0_AES(id_aa64isar0) >= ID_AA64ISAR0_AES_BASE && disable_hw_aes == NULL;
|
||||
+ arm_pmull_support_ = ID_AA64ISAR0_AES(id_aa64isar0) == ID_AA64ISAR0_AES_PMULL && disable_pmull == NULL;
|
||||
+ arm_sha1_support_ = ID_AA64ISAR0_SHA1(id_aa64isar0) == ID_AA64ISAR0_SHA1_BASE;
|
||||
+ arm_sha2_support_ = ID_AA64ISAR0_SHA2(id_aa64isar0) >= ID_AA64ISAR0_SHA2_BASE;
|
||||
+#endif /* defined(__linux__) */
|
||||
/* aarch64 must support NEON. */
|
||||
arm_neon_support_ = disable_arm_neon == NULL;
|
||||
}
|
||||
@@ -187,7 +203,7 @@ GetNeonSupport()
|
||||
// If no getauxval, compiler generate NEON instruction by default,
|
||||
// we should allow NOEN support.
|
||||
return PR_TRUE;
|
||||
-#elif !defined(__ANDROID__)
|
||||
+#elif defined(__linux__) && !defined(__ANDROID__)
|
||||
// Android's cpu-features.c detects features by the following logic
|
||||
//
|
||||
// - Call getauxval(AT_HWCAP)
|
||||
@@ -201,6 +217,10 @@ GetNeonSupport()
|
||||
if (getauxval) {
|
||||
return (getauxval(AT_HWCAP) & HWCAP_NEON);
|
||||
}
|
||||
+#elif defined(__FreeBSD__) && defined(HAVE_ELF_AUX_INFO)
|
||||
+ unsigned long hwcap = 0;
|
||||
+ elf_aux_info(AT_HWCAP, &hwcap, sizeof(hwcap));
|
||||
+ return (hwcap & HWCAP_NEON);
|
||||
#endif /* defined(__ARM_NEON) || defined(__ARM_NEON__) */
|
||||
return PR_FALSE;
|
||||
}
|
||||
@@ -249,6 +269,7 @@ void
|
||||
CheckARMSupport()
|
||||
{
|
||||
char *disable_hw_aes = PR_GetEnvSecure("NSS_DISABLE_HW_AES");
|
||||
+#if defined(__linux__)
|
||||
if (getauxval) {
|
||||
// Android's cpu-features.c uses AT_HWCAP2 for newer features.
|
||||
// AT_HWCAP2 is implemented on newer devices / kernel, so we can trust
|
||||
@@ -257,13 +278,19 @@ CheckARMSupport()
|
||||
// AT_HWCAP2 isn't supported by glibc or Linux kernel, getauxval will
|
||||
// returns 0.
|
||||
long hwcaps = getauxval(AT_HWCAP2);
|
||||
-#ifdef __linux__
|
||||
if (!hwcaps) {
|
||||
// Some ARMv8 devices may not implement AT_HWCAP2. So we also
|
||||
// read /proc/cpuinfo if AT_HWCAP2 is 0.
|
||||
hwcaps = ReadCPUInfoForHWCAP2();
|
||||
}
|
||||
-#endif
|
||||
+#elif defined(__FreeBSD__) && defined(HAVE_ELF_AUX_INFO)
|
||||
+ unsigned long hwcaps = 0;
|
||||
+ elf_aux_info(AT_HWCAP2, &hwcaps, sizeof(hwcaps));
|
||||
+ {
|
||||
+#else
|
||||
+ if (0) {
|
||||
+ unsigned long hwcaps = 0;
|
||||
+#endif /* defined(__linux__) */
|
||||
arm_aes_support_ = hwcaps & HWCAP2_AES && disable_hw_aes == NULL;
|
||||
arm_pmull_support_ = hwcaps & HWCAP2_PMULL;
|
||||
arm_sha1_support_ = hwcaps & HWCAP2_SHA1;
|
||||
@@ -24,7 +24,7 @@
|
||||
+CPU_ARCH = ppc
|
||||
+endif
|
||||
|
||||
+ifneq (,$(filter %64, $(OS_TEST)))
|
||||
+ifneq (,$(findstring 64,$(OS_TEST)))
|
||||
+USE_64 = 1
|
||||
+endif
|
||||
+
|
||||
|
||||
@@ -1,11 +1,26 @@
|
||||
--- lib/freebl/Makefile.orig 2018-08-31 12:55:53 UTC
|
||||
--- lib/freebl/Makefile.orig 2021-05-14 10:01:03 UTC
|
||||
+++ lib/freebl/Makefile
|
||||
@@ -215,7 +215,7 @@ ifeq ($(CPU_ARCH),x86)
|
||||
@@ -263,7 +263,7 @@ else ifeq ($(CPU_ARCH),x86)
|
||||
endif
|
||||
endif # Darwin
|
||||
|
||||
-ifeq ($(OS_TARGET),Linux)
|
||||
+ifeq (,$(filter-out Linux FreeBSD, $(OS_TARGET)))
|
||||
ifeq ($(CPU_ARCH),x86_64)
|
||||
ASFILES = arcfour-amd64-gas.s mpi_amd64_gas.s
|
||||
ASFLAGS += -fPIC -Wa,--noexecstack
|
||||
# Lower case s on mpi_amd64_common due to make implicit rules.
|
||||
ASFILES = arcfour-amd64-gas.s mpi_amd64_common.s
|
||||
@@ -298,11 +298,12 @@ ifdef USE_64
|
||||
PPC_ABI := $(shell $(CC) -dM -E - < /dev/null | awk '$$2 == "_CALL_ELF" {print $$3}')
|
||||
ifeq ($(PPC_ABI),2)
|
||||
ASFILES += sha512-p8.s
|
||||
- ifeq ($(OS_TEST),ppc64le)
|
||||
+ ifeq (,$(filter-out powerpc64le ppc64le, $(OS_TEST)))
|
||||
DEFINES += -DPPC_GCM
|
||||
EXTRA_SRCS += chacha20poly1305-ppc.c ppc-gcm-wrap.c
|
||||
ASFILES += chacha20-ppc64le.s ppc-gcm.s
|
||||
- endif # ppc64le
|
||||
+ ASFLAGS += -fno-integrated-as
|
||||
+ endif # powerpc64le
|
||||
endif
|
||||
endif # USE_64
|
||||
endif # ppc
|
||||
|
||||
@@ -1,27 +0,0 @@
|
||||
qemu:handle_cpu_signal received signal outside vCPU context
|
||||
|
||||
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=240037
|
||||
|
||||
--- lib/freebl/blinit.c.orig 2019-08-30 15:46:32 UTC
|
||||
+++ lib/freebl/blinit.c
|
||||
@@ -154,12 +154,14 @@ CheckARMSupport()
|
||||
arm_sha2_support_ = hwcaps & HWCAP_SHA2;
|
||||
}
|
||||
#elif defined(__FreeBSD__)
|
||||
- uint64_t id_aa64isar0;
|
||||
- id_aa64isar0 = READ_SPECIALREG(ID_AA64ISAR0_EL1);
|
||||
- arm_aes_support_ = ID_AA64ISAR0_AES(id_aa64isar0) >= ID_AA64ISAR0_AES_BASE && disable_hw_aes == NULL;
|
||||
- arm_pmull_support_ = ID_AA64ISAR0_AES(id_aa64isar0) == ID_AA64ISAR0_AES_PMULL && disable_pmull == NULL;
|
||||
- arm_sha1_support_ = ID_AA64ISAR0_SHA1(id_aa64isar0) == ID_AA64ISAR0_SHA1_BASE;
|
||||
- arm_sha2_support_ = ID_AA64ISAR0_SHA2(id_aa64isar0) >= ID_AA64ISAR0_SHA2_BASE;
|
||||
+ if (!PR_GetEnvSecure("QEMU_EMULATING")) {
|
||||
+ uint64_t id_aa64isar0;
|
||||
+ id_aa64isar0 = READ_SPECIALREG(ID_AA64ISAR0_EL1);
|
||||
+ arm_aes_support_ = ID_AA64ISAR0_AES(id_aa64isar0) >= ID_AA64ISAR0_AES_BASE && disable_hw_aes == NULL;
|
||||
+ arm_pmull_support_ = ID_AA64ISAR0_AES(id_aa64isar0) == ID_AA64ISAR0_AES_PMULL && disable_pmull == NULL;
|
||||
+ arm_sha1_support_ = ID_AA64ISAR0_SHA1(id_aa64isar0) == ID_AA64ISAR0_SHA1_BASE;
|
||||
+ arm_sha2_support_ = ID_AA64ISAR0_SHA2(id_aa64isar0) >= ID_AA64ISAR0_SHA2_BASE;
|
||||
+ }
|
||||
#endif /* defined(__linux__) */
|
||||
/* aarch64 must support NEON. */
|
||||
arm_neon_support_ = disable_arm_neon == NULL;
|
||||
@@ -1,20 +1,20 @@
|
||||
--- lib/softoken/pkcs11c.c.orig 2018-08-31 12:55:53 UTC
|
||||
--- lib/softoken/pkcs11c.c.orig 2020-05-01 21:08:55 UTC
|
||||
+++ lib/softoken/pkcs11c.c
|
||||
@@ -5772,9 +5772,6 @@ sftk_unwrapPrivateKey(SFTKObject *key, SECItem *bpki)
|
||||
@@ -6106,9 +6106,6 @@ sftk_unwrapPrivateKey(SFTKObject *key, SECItem *bpki)
|
||||
break;
|
||||
case NSSLOWKEYDSAKey:
|
||||
keyType = CKK_DSA;
|
||||
- crv = (sftk_hasAttribute(key, CKA_NETSCAPE_DB)) ? CKR_OK : CKR_KEY_TYPE_INCONSISTENT;
|
||||
- crv = (sftk_hasAttribute(key, CKA_NSS_DB)) ? CKR_OK : CKR_KEY_TYPE_INCONSISTENT;
|
||||
- if (crv != CKR_OK)
|
||||
- break;
|
||||
crv = sftk_AddAttributeType(key, CKA_KEY_TYPE, &keyType,
|
||||
sizeof(keyType));
|
||||
if (crv != CKR_OK)
|
||||
@@ -5814,9 +5811,6 @@ sftk_unwrapPrivateKey(SFTKObject *key, SECItem *bpki)
|
||||
@@ -6148,9 +6145,6 @@ sftk_unwrapPrivateKey(SFTKObject *key, SECItem *bpki)
|
||||
/* what about fortezza??? */
|
||||
case NSSLOWKEYECKey:
|
||||
keyType = CKK_EC;
|
||||
- crv = (sftk_hasAttribute(key, CKA_NETSCAPE_DB)) ? CKR_OK : CKR_KEY_TYPE_INCONSISTENT;
|
||||
- crv = (sftk_hasAttribute(key, CKA_NSS_DB)) ? CKR_OK : CKR_KEY_TYPE_INCONSISTENT;
|
||||
- if (crv != CKR_OK)
|
||||
- break;
|
||||
crv = sftk_AddAttributeType(key, CKA_KEY_TYPE, &keyType,
|
||||
|
||||
@@ -53,17 +53,17 @@
|
||||
|
||||
NSS_EXTERN_DATA NSSCKMDInstance nss_dbm_mdInstance;
|
||||
|
||||
--- lib/manifest.mn.orig 2018-08-31 12:55:53 UTC
|
||||
+++ lib/manifest.mn
|
||||
@@ -20,7 +20,7 @@ ifndef NSS_BUILD_UTIL_ONLY
|
||||
SOFTOKEN_SRCDIRS = \
|
||||
$(FREEBL_SRCDIR) \
|
||||
$(SQLITE_SRCDIR) \
|
||||
- $(DBM_SRCDIR) \
|
||||
+ $(NULL) \
|
||||
$(SOFTOKEN_SRCDIR) \
|
||||
$(NULL)
|
||||
ifndef NSS_BUILD_SOFTOKEN_ONLY
|
||||
--- lib/Makefile.orig 2020-05-29 20:34:42 UTC
|
||||
+++ lib/Makefile
|
||||
@@ -49,7 +49,7 @@ endif
|
||||
endif # MOZILLA_CLIENT
|
||||
|
||||
ifndef NSS_DISABLE_DBM
|
||||
-DBM_SRCDIR = dbm
|
||||
+DBM_SRCDIR = $(NULL)
|
||||
endif
|
||||
|
||||
ifndef NSS_DISABLE_LIBPKIX
|
||||
--- lib/softoken/legacydb/cdbhdl.h.orig 2018-08-31 12:55:53 UTC
|
||||
+++ lib/softoken/legacydb/cdbhdl.h
|
||||
@@ -9,7 +9,8 @@
|
||||
|
||||
@@ -77,6 +77,7 @@ include/nss/nss/p12.h
|
||||
include/nss/nss/p12plcy.h
|
||||
include/nss/nss/p12t.h
|
||||
include/nss/nss/pk11func.h
|
||||
include/nss/nss/pk11hpke.h
|
||||
include/nss/nss/pk11pqg.h
|
||||
include/nss/nss/pk11priv.h
|
||||
include/nss/nss/pk11pub.h
|
||||
|
||||
Reference in New Issue
Block a user