rpms/mod_nss/devel mod_nss-conf.patch, NONE, 1.1 mod_nss-gencert.patch, NONE, 1.1 mod_nss.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
Robert Crittenden (rcritten)
fedora-extras-commits at redhat.com
Tue Jul 18 18:05:12 UTC 2006
Author: rcritten
Update of /cvs/extras/rpms/mod_nss/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv7613/devel
Modified Files:
.cvsignore sources
Added Files:
mod_nss-conf.patch mod_nss-gencert.patch mod_nss.spec
Log Message:
auto-import mod_nss-1.0.3-1 on branch devel from mod_nss-1.0.3-1.src.rpm
mod_nss-conf.patch:
--- NEW FILE mod_nss-conf.patch ---
--- mod_nss-1.0.2/nss.conf.in.orig 2006-06-20 23:09:14.000000000 -0400
+++ mod_nss-1.0.2/nss.conf.in 2006-06-20 23:10:23.000000000 -0400
@@ -8,14 +8,16 @@
# consult the online docs. You have been warned.
#
+LoadModule nss_module modules/libmodnss.so
+
#
# When we also provide SSL we have to listen to the
# standard HTTP port (see above) and to the HTTPS port
#
# Note: Configurations that use IPv6 but not IPv4-mapped addresses need two
-# Listen directives: "Listen [::]:443" and "Listen 0.0.0.0:443"
+# Listen directives: "Listen [::]:8443" and "Listen 0.0.0.0:443"
#
-Listen 443
+Listen 8443
##
## SSL Global Context
@@ -40,7 +42,7 @@
# Pass Phrase Helper:
# This helper program stores the token password pins between
# restarts of Apache.
-NSSPassPhraseHelper @apache_bin@/nss_pcache
+NSSPassPhraseHelper /usr/sbin/nss_pcache
# Configure the SSL Session Cache.
# NSSSessionCacheSize is the number of entries in the cache.
@@ -68,11 +70,11 @@
## SSL Virtual Host Context
##
-<VirtualHost _default_:443>
+<VirtualHost _default_:8443>
# General setup for the virtual host
#DocumentRoot "@apache_prefix@/htdocs"
-#ServerName www.example.com:443
+#ServerName www.example.com:8443
#ServerAdmin you at example.com
# mod_nss can log to separate log files, you can choose to do that if you'd like
@@ -111,7 +113,7 @@
# The NSS security database directory that holds the certificates and
# keys. The database consists of 3 files: cert8.db, key3.db and secmod.db.
# Provide the directory that these files exist.
-NSSCertificateDatabase @apache_conf@
+NSSCertificateDatabase /etc/httpd/alias
# Database Prefix:
# In order to be able to store multiple NSS databases in one directory
@@ -175,7 +177,7 @@
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
NSSOptions +StdEnvVars
</Files>
-<Directory "@apache_prefix@/cgi-bin">
+<Directory "/var/www/cgi-bin">
NSSOptions +StdEnvVars
</Directory>
mod_nss-gencert.patch:
--- NEW FILE mod_nss-gencert.patch ---
--- mod_nss-1.0/gencert.in 2006-06-20 22:43:33.000000000 -0400
+++ mod_nss-1.0/gencert.in.orig 2006-06-20 22:57:08.000000000 -0400
@@ -82,12 +82,11 @@
DEST=$1
-echo "httptest" > $DEST/pw.txt
+echo -e "\n" > $DEST/pw.txt
echo ""
echo "#####################################################################"
-echo "Generating new server certificate and key database. The password"
-echo "is httptest"
+echo "Generating new server certificate and key database."
echo "#####################################################################"
$CERTUTIL -N -d $DEST -f $DEST/pw.txt
@@ -183,8 +182,4 @@
rm $DEST/pw.txt
rm $DEST/noise
-echo ""
-echo "The database password is httptest"
-echo ""
-
exit 0
--- NEW FILE mod_nss.spec ---
Name: mod_nss
Version: 1.0.3
Release: 1%{?dist}
Summary: SSL/TLS module for the Apache HTTP server
Group: System Environment/Daemons
License: Apache Software License
URL: http://directory.fedora.redhat.com/wiki/Mod_nss
Source: http://directory.fedora.redhat.com/sources/%{name}-%{version}.tar.gz
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: nspr-devel >= 4.6, nss-devel >= 3.11
BuildRequires: httpd-devel >= 0:2.0.52, apr-devel, apr-util-devel
BuildRequires: pkgconfig
Requires: httpd >= 0:2.0.52
Requires: nspr >= 4.6
Requires: nss >= 3.11, nss-tools >= 3.11
Patch1: mod_nss-conf.patch
Patch2: mod_nss-gencert.patch
%description
The mod_nss module provides strong cryptography for the Apache Web
server via the Secure Sockets Layer (SSL) and Transport Layer
Security (TLS) protocols using the Network Security Services (NSS)
security library.
%prep
%setup -q
%patch1 -p1 -b .conf
%patch2 -p1 -b .gencert
# Touch expression parser sources to prevent regenerating it
touch nss_expr_*.[chyl]
%build
CFLAGS="$RPM_OPT_FLAGS"
export CFLAGS
NSPR_INCLUDE_DIR=`/usr/bin/pkg-config --variable=includedir nspr`
NSPR_LIB_DIR=`/usr/bin/pkg-config --variable=libdir nspr`
NSS_INCLUDE_DIR=`/usr/bin/pkg-config --variable=includedir nss`
NSS_LIB_DIR=`/usr/bin/pkg-config --variable=libdir nss`
NSS_BIN=`/usr/bin/pkg-config --variable=exec_prefix nss`
%configure \
--with-nss-lib=$NSS_LIB_DIR \
--with-nss-inc=$NSS_INCLUDE_DIR \
--with-nspr-lib=$NSPR_LIB_DIR \
--with-nspr-inc=$NSPR_INCLUDE_DIR \
--with-apr-config --enable-ecc
make %{?_smp_mflags} all
%install
# The install target of the Makefile isn't used because that uses apxs
# which tries to enable the module in the build host httpd instead of in
# the build root.
# The "temporary file" text in secmod.db, cert8.db and key3.db is done so
# the RPM "owns" these 3 files. We don't want any orphans.
rm -rf $RPM_BUILD_ROOT
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d
mkdir -p $RPM_BUILD_ROOT%{_libdir}/httpd/modules
mkdir -p $RPM_BUILD_ROOT%{_sbindir}
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/httpd/alias
install -m 644 nss.conf $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/
install -m 755 .libs/libmodnss.so $RPM_BUILD_ROOT%{_libdir}/httpd/modules/
install -m 755 nss_pcache $RPM_BUILD_ROOT%{_sbindir}/
install -m 755 gencert $RPM_BUILD_ROOT%{_sbindir}/
ln -s ../../..%{_libdir}/libnssckbi.so $RPM_BUILD_ROOT%{_sysconfdir}/httpd/alias/
echo "temporary file" > $RPM_BUILD_ROOT%{_sysconfdir}/httpd/alias/secmod.db
echo "temporary file" > $RPM_BUILD_ROOT%{_sysconfdir}/httpd/alias/cert8.db
echo "temporary file" > $RPM_BUILD_ROOT%{_sysconfdir}/httpd/alias/key3.db
perl -pi -e "s:$NSS_LIB_DIR:$NSS_BIN:" $RPM_BUILD_ROOT%{_sbindir}/gencert
%clean
rm -rf $RPM_BUILD_ROOT
%post
umask 077
if [ "$1" -eq 1 ] ; then
if [ `grep -c "temporary file" %{_sysconfdir}/httpd/alias/key3.db` -eq 1 ]; then
rm -f %{_sysconfdir}/httpd/alias/{secmod,cert8,key3}.db
%{_sbindir}/gencert %{_sysconfdir}/httpd/alias > %{_sysconfdir}/httpd/alias/install.log 2>&1
echo ""
echo "%{name} certificate database generated."
echo ""
fi
fi
%files
%defattr(-,root,root,-)
%doc README LICENSE docs/mod_nss.html
%config(noreplace) %{_sysconfdir}/httpd/conf.d/nss.conf
%{_libdir}/httpd/modules/libmodnss.so
%dir %{_sysconfdir}/httpd/alias/
%config(noreplace) %{_sysconfdir}/httpd/alias/secmod.db
%config(noreplace) %{_sysconfdir}/httpd/alias/cert8.db
%config(noreplace) %{_sysconfdir}/httpd/alias/key3.db
%{_sysconfdir}/httpd/alias/libnssckbi.so
%{_sbindir}/nss_pcache
%{_sbindir}/gencert
%changelog
* Tue Jun 20 2006 Rob Crittenden <rcritten at redhat.com> 1.0.3-1
- Initial build
Index: .cvsignore
===================================================================
RCS file: /cvs/extras/rpms/mod_nss/devel/.cvsignore,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- .cvsignore 18 Jul 2006 18:04:26 -0000 1.1
+++ .cvsignore 18 Jul 2006 18:05:12 -0000 1.2
@@ -0,0 +1 @@
+mod_nss-1.0.3.tar.gz
Index: sources
===================================================================
RCS file: /cvs/extras/rpms/mod_nss/devel/sources,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- sources 18 Jul 2006 18:04:26 -0000 1.1
+++ sources 18 Jul 2006 18:05:12 -0000 1.2
@@ -0,0 +1 @@
+feb2d314983a72318cc08e0650501fac mod_nss-1.0.3.tar.gz
More information about the fedora-extras-commits
mailing list