[OE-core] [PATCH 1/3] nss :improve reproducibility

[Hongxu Jia]

- Explicitly requests the newer database `sql:' rather than
  retrieved from NSS_DEFAULT_DB_TYPE

- Removes build path prefix from pkcs11.txt

Refers certutil manual:
[certutil manual]
-d [prefix]directory
 Specify the database directory containing the certificate and key database files.
 certutil supports two types of databases: the legacy security databases (cert8.db,
  key3.db, and secmod.db) and new SQLite databases (cert9.db, key4.db, and pkcs11.txt).

 NSS recognizes the following prefixes:
  sql: requests the newer database
  dbm: requests the legacy database
 If no prefix is specified the default type is retrieved from NSS_DEFAULT_DB_TYPE.
 If NSS_DEFAULT_DB_TYPE is not set then dbm: is the default.
[certutil manual]

Signed-off-by: Hongxu Jia <hongxu.jia at windriver.com>
---
 meta/recipes-support/nss/nss_3.38.bb | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/meta/recipes-support/nss/nss_3.38.bb b/meta/recipes-support/nss/nss_3.38.bb
index f3e5170..904b621 100644
--- a/meta/recipes-support/nss/nss_3.38.bb
+++ b/meta/recipes-support/nss/nss_3.38.bb
@@ -215,9 +215,11 @@ do_install_append_class-target() {
     # Create a blank certificate
     mkdir -p ${D}${sysconfdir}/pki/nssdb/
     touch ./empty_password
-    certutil -N -d ${D}${sysconfdir}/pki/nssdb/ -f ./empty_password
+    certutil -N -d sql:${D}${sysconfdir}/pki/nssdb/ -f ./empty_password
     chmod 644 ${D}${sysconfdir}/pki/nssdb/*.db
     rm ./empty_password
+    # Remove build path prefix
+    sed -i "s:${D}::g"  ${D}${sysconfdir}/pki/nssdb/pkcs11.txt
 }
 
 PACKAGE_WRITE_DEPS += "nss-native"
-- 
2.7.4