; Conflicts:
; pkgs/development/libraries/nss/generic.nix
- bb53634671 removed the conditionals since firefox-esr-91 and nss <3.69 has been dropped a while ago.
- cb3762857d updated the conditionals to always partition the tests based on the nss_latest version. Chosen that since it will remain future proof.
; Conflicts:
; pkgs/development/libraries/nss/generic.nix
fa93045a5b adds `< 3.91` conjunct for the `remove-c25519-support.patch` condition
bb53634671 removes the ≥ 3.90 condition for the `remove-c25519-support.patch` since nss < 3.90 is no longer provided
Without the change `nss` build on `gcc-13 `fails as:
../../cpputil/databuffer.h:20:20: error: 'uint8_t' does not name a type
20 | DataBuffer(const uint8_t* d, size_t l) : data_(nullptr), len_(0) {
| ^~~~~~~
../../cpputil/databuffer.h:14:1: note: 'uint8_t' is defined in header '<cstdint>'; did you forget to '#include <cstdint>'?
13 | #include <iostream>
+++ |+#include <cstdint>
14 |
with structuredAttrs lists will be bash arrays which cannot be exported
which will be a issue with some patches and some wrappers like cc-wrapper
this makes it clearer that NIX_CFLAGS_COMPILE must be a string as lists
in env cause a eval failure
Nss has a lot of dependers, so subtle whitespace changes can cause
mass rebuilds, like I did here:
https://github.com/NixOS/nixpkgs/pull/208698#issuecomment-1368600990
Let's use a list instead of concatenating individual strings in
order to be more robust. This will cause a lot of rebuilds, but
will prevent rebuilds in the future. Sending it this cleanup to
staging because of that.
A comment in RNG_RandomUpdate() (drdbg.c) says to add the
-DNS_PTR_LE_32=1 flag on ILP32 platforms.
Without this PR, pkgsCross.mips64el-linux-gnuabin32.nss fails to
build. With this PR, it succeeds.
This reverts commit 1c76a270d2.
This breaks the Firefox 91esr build, which is apparently not compatible
with this NSS version.
/build/firefox-91.10.0/security/certverifier/OCSPVerificationTrustDomain.cpp:63:11: error: unknown type name 'SignedDigest'
Will revisit this upgrade, when we drop 91esr in favor of 102esr soon.
This reverts commit eb9c616c79.
Breaks the Firefox build and needs further investigation.
In file included from Unified_cpp_certverifier0.cpp:47:
/build/firefox-99.0/security/certverifier/OCSPVerificationTrustDomain.cpp:63:11: error: unknown type name 'SignedDigest'
const SignedDigest& aSignedDigest, Input aSubjectPublicKeyInfo) {
^
/build/firefox-99.0/security/certverifier/OCSPVerificationTrustDomain.cpp:74:11: error: unknown type name 'SignedDigest'
const SignedDigest& aSignedDigest, Input aSubjectPublicKeyInfo) {
^
https://github.com/NixOS/nixpkgs/pull/164511#issuecomment-1089496003
