nss-pem needs additional headers, static libs to build
Bug #1751140 reported by
Timo Aaltonen
This bug affects 2 people
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| nss (Debian) |
New
|
Unknown
|
|||
| nss (Ubuntu) |
Won't Fix
|
Undecided
|
Timo Aaltonen | ||
Bug Description
nss-pem is needed for apps linked with libnss3 to read certificates in PEM format. This is required when setting up a freeipa server with ipa-server-setup, and also certmonger to be able to refresh certificates on a freeipa client.
To be able to build, nss-pem needs some headers and static libs provided by nss. They are marked private though, and upstream refuses to make them public and Debian maintainer refuses to include them in the packaging because of this.
The required files are blapi.h, alghmac.h, nssckfw.a, nssb.a, freebl.a and they could be shipped in a separate libnss3-pkcs11-dev package, because they're not meant for generic consumption via libnss-dev.
| summary: |
- nss-pem needs blapi.h, alghmac.h, nssckfw.a, nssb.a, freebl.a + nss-pem needs additional headers, static libs to build |
Revision history for this message
| Timo Aaltonen (tjaalton) wrote | #1 |
Revision history for this message
| Timo Aaltonen (tjaalton) wrote | #2 |
| Changed in nss (Ubuntu): | |
| assignee: | nobody → Timo Aaltonen (tjaalton) |
| status: | New → Triaged |
| tags: | added: patch |
| Changed in nss (Debian): | |
| status: | Unknown → New |
Revision history for this message
| Timo Aaltonen (tjaalton) wrote | #3 |
| Changed in nss (Ubuntu): | |
| status: | Triaged → Won't Fix |
To post a comment you must log in.
further discussion in
https:/
https:/
https:/
https:/
long story short; NSS upstream wouldn't merge nss-pem, so it was forked as a separate project which uses APIs that will not be made public, nor libs dynamically loadable
nss-pem Debian ITP is
https:/
and I've verified that with nss-pem (and some other, unrelated fixes) freeipa server setup and autopkgtest passes fine.