gnu: nss, nss-certs: Update to 3.57.

* gnu/packages/patches/nss-pkgconfig.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/certs.scm (nss-certs): Update to 3.57.
* gnu/packages/nss.scm (nss): Likewise.
[source](patches): Replace nss-pkgconfig.patch with nss-3.56-pkgconfig.patch.
(nss-3.57): Remove variable.
* gnu/packages/gnuzilla.scm (icedove)[inputs]: Change from NSS-3.57 to NSS.

gnu/local.mk

@@ -1364,7 +1364,6 @@ dist_patch_DATA =						\
   %D%/packages/patches/network-manager-plugin-path.patch	\
   %D%/packages/patches/nsis-env-passthru.patch			\
   %D%/packages/patches/nss-increase-test-timeout.patch		\
-  %D%/packages/patches/nss-pkgconfig.patch			\
   %D%/packages/patches/nss-3.56-pkgconfig.patch			\
   %D%/packages/patches/ntfs-3g-CVE-2019-9755.patch		\
   %D%/packages/patches/nvi-assume-preserve-path.patch		\

gnu/packages/certs.scm

@@ -76,7 +76,7 @@
 (define-public nss-certs
   (package
     (name "nss-certs")
-    (version "3.55")
+    (version "3.57")
     (source (origin
               (method url-fetch)
               (uri (let ((version-with-underscores
@@ -87,7 +87,7 @@
                       "nss-" version ".tar.gz")))
               (sha256
                (base32
-                "0100hm7n1xrp144xy665z46s0wf1jpkqkncc6bk2w22snhyjwsgw"))))
+                "10n3pncg6k81ikjz12la147rppwqn57bkrdl9gb820w6pq0nra2m"))))
     (build-system gnu-build-system)
     (outputs '("out"))
     (native-inputs

gnu/packages/gnuzilla.scm

@@ -1426,7 +1426,7 @@ standards of the IceCat project.")
        ("mesa" ,mesa)
        ("mit-krb5" ,mit-krb5)
        ("nspr" ,nspr)
-       ("nss" ,nss-3.57)
+       ("nss" ,nss)
        ("pango" ,pango)
        ("pixman" ,pixman)
        ("pulseaudio" ,pulseaudio)

gnu/packages/nss.scm

@@ -73,7 +73,7 @@ in the Mozilla clients.")
 (define-public nss
   (package
     (name "nss")
-    (version "3.55")
+    (version "3.57")
     (source (origin
               (method url-fetch)
               (uri (let ((version-with-underscores
@@ -84,9 +84,9 @@ in the Mozilla clients.")
                       "nss-" version ".tar.gz")))
               (sha256
                (base32
-                "0100hm7n1xrp144xy665z46s0wf1jpkqkncc6bk2w22snhyjwsgw"))
+                "10n3pncg6k81ikjz12la147rppwqn57bkrdl9gb820w6pq0nra2m"))
               ;; Create nss.pc and nss-config.
-              (patches (search-patches "nss-pkgconfig.patch"
+              (patches (search-patches "nss-3.56-pkgconfig.patch"
                                        "nss-increase-test-timeout.patch"))
               (modules '((guix build utils)))
               (snippet
@@ -109,8 +109,7 @@ in the Mozilla clients.")
                (string-append "NSPR_INCLUDE_DIR=" nspr "/include/nspr")
                ;; Add $out/lib/nss to RPATH.
                (string-append "RPATH=" rpath)
-               (string-append "LDFLAGS=" rpath)
+               (string-append "LDFLAGS=" rpath)))
-               "all"))
        #:modules ((guix build gnu-build-system)
                   (guix build utils)
                   (ice-9 ftw)
@@ -140,7 +139,7 @@ in the Mozilla clients.")
              ;; leading to test failures:
              ;; <https://bugzilla.mozilla.org/show_bug.cgi?id=609734>.  To
              ;; work around that, set the time to roughly the release date.
-             (invoke "faketime" "2020-07-01" "./nss/tests/all.sh")))
+             (invoke "faketime" "2020-10-01" "./nss/tests/all.sh")))
          (replace 'install
            (lambda* (#:key outputs #:allow-other-keys)
              (let* ((out (assoc-ref outputs "out"))
@@ -184,94 +183,3 @@ applications.  Applications built with NSS can support SSL v2 and v3, TLS,
 PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other
 security standards.")
     (license license:mpl2.0)))
-
-(define-public nss-3.57
-  (package
-    (inherit nss)
-    (version "3.57")
-    (source (origin
-              (method url-fetch)
-              (uri (let ((version-with-underscores
-                          (string-join (string-split version #\.) "_")))
-                     (string-append
-                      "https://ftp.mozilla.org/pub/mozilla.org/security/nss/"
-                      "releases/NSS_" version-with-underscores "_RTM/src/"
-                      "nss-" version ".tar.gz")))
-              (sha256
-               (base32
-                "10n3pncg6k81ikjz12la147rppwqn57bkrdl9gb820w6pq0nra2m"))
-              ;; Create nss.pc and nss-config.
-              (patches (search-patches "nss-3.56-pkgconfig.patch"
-                                       "nss-increase-test-timeout.patch"))
-              (modules '((guix build utils)))
-              (snippet
-               '(begin
-                  ;; Delete the bundled copy of these libraries.
-                  (delete-file-recursively "nss/lib/zlib")
-                  (delete-file-recursively "nss/lib/sqlite")
-                  #t))))
-    (arguments
-     `(#:parallel-build? #f ; not supported
-       #:make-flags
-       (let* ((out (assoc-ref %outputs "out"))
-              (nspr (string-append (assoc-ref %build-inputs "nspr")))
-              (rpath (string-append "-Wl,-rpath=" out "/lib/nss")))
-         (list "-C" "nss" (string-append "PREFIX=" out)
-               "NSDISTMODE=copy"
-               "NSS_USE_SYSTEM_SQLITE=1"
-               (string-append "NSPR_INCLUDE_DIR=" nspr "/include/nspr")
-               ;; Add $out/lib/nss to RPATH.
-               (string-append "RPATH=" rpath)
-               (string-append "LDFLAGS=" rpath)))
-       #:modules ((guix build gnu-build-system)
-                  (guix build utils)
-                  (ice-9 ftw)
-                  (ice-9 match)
-                  (srfi srfi-26))
-       #:phases
-       (modify-phases %standard-phases
-         (replace 'configure
-           (lambda _
-             (setenv "CC" "gcc")
-             ;; Tells NSS to build for the 64-bit ABI if we are 64-bit system.
-             ,@(match (%current-system)
-                 ((or "x86_64-linux" "aarch64-linux")
-                  `((setenv "USE_64" "1")))
-                 (_
-                  '()))
-             #t))
-         (replace 'check
-           (lambda _
-             ;; Use 127.0.0.1 instead of $HOST.$DOMSUF as HOSTADDR for testing.
-             ;; The later requires a working DNS or /etc/hosts.
-             (setenv "DOMSUF" "localdomain")
-             (setenv "USE_IP" "TRUE")
-             (setenv "IP_ADDRESS" "127.0.0.1")
-
-             ;; The "PayPalEE.cert" certificate expires every six months,
-             ;; leading to test failures:
-             ;; <https://bugzilla.mozilla.org/show_bug.cgi?id=609734>.  To
-             ;; work around that, set the time to roughly the release date.
-             (invoke "faketime" "2020-02-01" "./nss/tests/all.sh")))
-         (replace 'install
-           (lambda* (#:key outputs #:allow-other-keys)
-             (let* ((out (assoc-ref outputs "out"))
-                    (bin (string-append (assoc-ref outputs "bin") "/bin"))
-                    (inc (string-append out "/include/nss"))
-                    (lib (string-append out "/lib/nss"))
-                    (obj (match (scandir "dist" (cut string-suffix? "OBJ" <>))
-                           ((obj) (string-append "dist/" obj)))))
-               ;; Install nss-config to $out/bin.
-               (install-file (string-append obj "/bin/nss-config")
-                             (string-append out "/bin"))
-               (delete-file (string-append obj "/bin/nss-config"))
-               ;; Install nss.pc to $out/lib/pkgconfig.
-               (install-file (string-append obj "/lib/pkgconfig/nss.pc")
-                             (string-append out "/lib/pkgconfig"))
-               (delete-file (string-append obj "/lib/pkgconfig/nss.pc"))
-               (rmdir (string-append obj "/lib/pkgconfig"))
-               ;; Install other files.
-               (copy-recursively "dist/public/nss" inc)
-               (copy-recursively (string-append obj "/bin") bin)
-               (copy-recursively (string-append obj "/lib") lib)
-               #t))))))))

gnu/packages/patches/nss-pkgconfig.patch

@@ -1,228 +0,0 @@
-Description: Create nss.pc and nss-config
-Author: Lars Wendler <polynomial-c@gentoo.org>
-Source: http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/dev-libs/nss/files/nss-3.17.1-gentoo-fixups.patch
-
-Modifications:
-  Change libdir from ${prefix}/lib64 to ${prefix}/lib/nss.
-  Remove optional patching in nss/Makefile.
-  Include -L$libdir in output from "nss-config --libs".
-
-Later adapted to apply cleanly to nss-3.21.
-
---- nss-3.21/nss/config/Makefile
-+++ nss-3.21/nss/config/Makefile
-@@ -0,0 +1,40 @@
-+CORE_DEPTH = ..
-+DEPTH      = ..
-+
-+include $(CORE_DEPTH)/coreconf/config.mk
-+
-+NSS_MAJOR_VERSION = `grep "NSS_VMAJOR" ../lib/nss/nss.h | awk '{print $$3}'`
-+NSS_MINOR_VERSION = `grep "NSS_VMINOR" ../lib/nss/nss.h | awk '{print $$3}'`
-+NSS_PATCH_VERSION = `grep "NSS_VPATCH" ../lib/nss/nss.h | awk '{print $$3}'`
-+PREFIX = /usr
-+
-+all: export libs
-+
-+export:
-+	# Create the nss.pc file
-+	mkdir -p $(DIST)/lib/pkgconfig
-+	sed -e "s,@prefix@,$(PREFIX)," \
-+	    -e "s,@exec_prefix@,\$${prefix}," \
-+	    -e "s,@libdir@,\$${prefix}/lib/nss," \
-+	    -e "s,@includedir@,\$${prefix}/include/nss," \
-+	    -e "s,@NSS_MAJOR_VERSION@,$(NSS_MAJOR_VERSION),g" \
-+	    -e "s,@NSS_MINOR_VERSION@,$(NSS_MINOR_VERSION)," \
-+	    -e "s,@NSS_PATCH_VERSION@,$(NSS_PATCH_VERSION)," \
-+	    nss.pc.in > nss.pc
-+	chmod 0644 nss.pc
-+	cp nss.pc $(DIST)/lib/pkgconfig
-+
-+	# Create the nss-config script
-+	mkdir -p $(DIST)/bin
-+	sed -e "s,@prefix@,$(PREFIX)," \
-+	    -e "s,@NSS_MAJOR_VERSION@,$(NSS_MAJOR_VERSION)," \
-+	    -e "s,@NSS_MINOR_VERSION@,$(NSS_MINOR_VERSION)," \
-+	    -e "s,@NSS_PATCH_VERSION@,$(NSS_PATCH_VERSION)," \
-+	    nss-config.in > nss-config
-+	chmod 0755 nss-config
-+	cp nss-config $(DIST)/bin
-+
-+libs:
-+
-+dummy: all export libs
-+
---- nss-3.21/nss/config/nss-config.in
-+++ nss-3.21/nss/config/nss-config.in
-@@ -0,0 +1,145 @@
-+#!/bin/sh
-+
-+prefix=@prefix@
-+
-+major_version=@NSS_MAJOR_VERSION@
-+minor_version=@NSS_MINOR_VERSION@
-+patch_version=@NSS_PATCH_VERSION@
-+
-+usage()
-+{
-+	cat <<EOF
-+Usage: nss-config [OPTIONS] [LIBRARIES]
-+Options:
-+	[--prefix[=DIR]]
-+	[--exec-prefix[=DIR]]
-+	[--includedir[=DIR]]
-+	[--libdir[=DIR]]
-+	[--version]
-+	[--libs]
-+	[--cflags]
-+Dynamic Libraries:
-+	nss
-+	ssl
-+	smime
-+	nssutil
-+EOF
-+	exit $1
-+}
-+
-+if test $# -eq 0; then
-+	usage 1 1>&2
-+fi
-+
-+lib_ssl=yes
-+lib_smime=yes
-+lib_nss=yes
-+lib_nssutil=yes
-+
-+while test $# -gt 0; do
-+  case "$1" in
-+  -*=*) optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'` ;;
-+  *) optarg= ;;
-+  esac
-+
-+  case $1 in
-+    --prefix=*)
-+      prefix=$optarg
-+      ;;
-+    --prefix)
-+      echo_prefix=yes
-+      ;;
-+    --exec-prefix=*)
-+      exec_prefix=$optarg
-+      ;;
-+    --exec-prefix)
-+      echo_exec_prefix=yes
-+      ;;
-+    --includedir=*)
-+      includedir=$optarg
-+      ;;
-+    --includedir)
-+      echo_includedir=yes
-+      ;;
-+    --libdir=*)
-+      libdir=$optarg
-+      ;;
-+    --libdir)
-+      echo_libdir=yes
-+      ;;
-+    --version)
-+      echo ${major_version}.${minor_version}.${patch_version}
-+      ;;
-+    --cflags)
-+      echo_cflags=yes
-+      ;;
-+    --libs)
-+      echo_libs=yes
-+      ;;
-+    ssl)
-+      lib_ssl=yes
-+      ;;
-+    smime)
-+      lib_smime=yes
-+      ;;
-+    nss)
-+      lib_nss=yes
-+      ;;
-+    nssutil)
-+      lib_nssutil=yes
-+      ;;
-+    *)
-+      usage 1 1>&2
-+      ;;
-+  esac
-+  shift
-+done
-+
-+# Set variables that may be dependent upon other variables
-+if test -z "$exec_prefix"; then
-+    exec_prefix=`pkg-config --variable=exec_prefix nss`
-+fi
-+if test -z "$includedir"; then
-+    includedir=`pkg-config --variable=includedir nss`
-+fi
-+if test -z "$libdir"; then
-+    libdir=`pkg-config --variable=libdir nss`
-+fi
-+
-+if test "$echo_prefix" = "yes"; then
-+    echo $prefix
-+fi
-+
-+if test "$echo_exec_prefix" = "yes"; then
-+    echo $exec_prefix
-+fi
-+
-+if test "$echo_includedir" = "yes"; then
-+    echo $includedir
-+fi
-+
-+if test "$echo_libdir" = "yes"; then
-+    echo $libdir
-+fi
-+
-+if test "$echo_cflags" = "yes"; then
-+    echo -I$includedir
-+fi
-+
-+if test "$echo_libs" = "yes"; then
-+      libdirs=-L$libdir
-+      if test -n "$lib_ssl"; then
-+	libdirs="$libdirs -lssl${major_version}"
-+      fi
-+      if test -n "$lib_smime"; then
-+	libdirs="$libdirs -lsmime${major_version}"
-+      fi
-+      if test -n "$lib_nss"; then
-+	libdirs="$libdirs -lnss${major_version}"
-+      fi
-+      if test -n "$lib_nssutil"; then
-+       libdirs="$libdirs -lnssutil${major_version}"
-+      fi
-+      echo $libdirs
-+fi
-+
---- nss-3.21/nss/config/nss.pc.in
-+++ nss-3.21/nss/config/nss.pc.in
-@@ -0,0 +1,12 @@
-+prefix=@prefix@
-+exec_prefix=@exec_prefix@
-+libdir=@libdir@
-+includedir=@includedir@
-+
-+Name: NSS
-+Description: Network Security Services
-+Version: @NSS_MAJOR_VERSION@.@NSS_MINOR_VERSION@.@NSS_PATCH_VERSION@
-+Requires: nspr >= 4.8
-+Libs: -L${libdir} -lssl3 -lsmime3 -lnss3 -lnssutil3
-+Cflags: -I${includedir}
-+
---- nss-3.21/nss/manifest.mn
-+++ nss-3.21/nss/manifest.mn
-@@ -10,7 +10,7 @@
- 
- RELEASE = nss
- 
--DIRS = coreconf lib cmd cpputil gtests
-+DIRS = coreconf lib cmd cpputil gtests config
- 
- lib: coreconf
- cmd: lib