diff options
Diffstat (limited to 'security/nss/build.sh')
| -rwxr-xr-x | security/nss/build.sh | 115 |
1 files changed, 75 insertions, 40 deletions
diff --git a/security/nss/build.sh b/security/nss/build.sh index 4c6d513cd..7595d76f4 100755 --- a/security/nss/build.sh +++ b/security/nss/build.sh @@ -13,14 +13,16 @@ set -e cwd=$(cd $(dirname $0); pwd -P) -source "$cwd"/coreconf/nspr.sh -source "$cwd"/coreconf/sanitizers.sh +dist_dir="$cwd/../dist" +argsfile="$dist_dir/build_args" +source "$cwd/coreconf/nspr.sh" +source "$cwd/coreconf/sanitizers.sh" GYP=${GYP:-gyp} # Usage info show_help() { - cat "$cwd"/help.txt + cat "$cwd/help.txt" } run_verbose() @@ -35,6 +37,14 @@ run_verbose() exec 3>&- } +# The prehistoric bash on Mac doesn't support @Q quoting. +# The consequences aren't that serious, unless there are odd arrangements of spaces. +if /usr/bin/env bash -c 'x=1;echo "${x@Q}"' >/dev/null 2>&1; then + Q() { echo "${@@Q}"; } +else + Q() { echo "$@"; } +fi + if [ -n "$CCC" ] && [ -z "$CXX" ]; then export CXX="$CCC" fi @@ -44,18 +54,22 @@ build_64=0 clean=0 rebuild_gyp=0 rebuild_nspr=0 +build_nspr_tests=0 +run_nspr_tests=0 +exit_after_nspr=0 target=Debug verbose=0 fuzz=0 fuzz_tls=0 fuzz_oss=0 no_local_nspr=0 +sslkeylogfile=1 gyp_params=(--depth="$cwd" --generator-output=".") ninja_params=() # Assume that the target architecture is the same as the host by default. -host_arch=$(python "$cwd"/coreconf/detect_host_arch.py) +host_arch=$(python "$cwd/coreconf/detect_host_arch.py") target_arch=$host_arch # Assume that MSVC is wanted if this is running on windows. @@ -65,8 +79,17 @@ if [ "${platform%-*}" = "MINGW32_NT" -o "${platform%-*}" = "MINGW64_NT" ]; then fi # Parse command line arguments. +all_args=("$@") while [ $# -gt 0 ]; do case "$1" in + --rebuild) + if [[ ! -e "$argsfile" ]]; then + echo "Unable to rebuild" 1>&2 + exit 2 + fi + IFS=$'\r\n' GLOBIGNORE='*' command eval 'previous_args=($(<"$argsfile"))' + exec /usr/bin/env bash -c "$(Q "$0")"' "$@"' "$0" "${previous_args[@]}" + ;; -c) clean=1 ;; -cc) clean_only=1 ;; -v) ninja_params+=(-v); verbose=1 ;; @@ -94,15 +117,20 @@ while [ $# -gt 0 ]; do --sancov=?*) enable_sancov "${1#*=}" ;; --emit-llvm) gyp_params+=(-Demit_llvm=1 -Dsign_libs=0) ;; --no-zdefs) gyp_params+=(-Dno_zdefs=1) ;; - --test) gyp_params+=(-Dtest_build=1) ;; + --static) gyp_params+=(-Dstatic_libs=1) ;; --ct-verif) gyp_params+=(-Dct_verif=1) ;; --nspr) nspr_clean; rebuild_nspr=1 ;; + --nspr-test-build) build_nspr_tests=1 ;; + --nspr-test-run) run_nspr_tests=1 ;; + --nspr-only) exit_after_nspr=1 ;; --with-nspr=?*) set_nspr_path "${1#*=}"; no_local_nspr=1 ;; --system-nspr) set_nspr_path "/usr/include/nspr/:"; no_local_nspr=1 ;; --system-sqlite) gyp_params+=(-Duse_system_sqlite=1) ;; --enable-fips) gyp_params+=(-Ddisable_fips=0) ;; --enable-libpkix) gyp_params+=(-Ddisable_libpkix=0) ;; --mozpkix-only) gyp_params+=(-Dmozpkix_only=1 -Ddisable_tests=1 -Dsign_libs=0) ;; + --disable-keylog) sslkeylogfile=0 ;; + -D*) gyp_params+=("$1") ;; *) show_help; exit 2 ;; esac shift @@ -116,9 +144,11 @@ else target=Debug fi +gyp_params+=(-Denable_sslkeylogfile="$sslkeylogfile") + # Do special setup. if [ "$fuzz" = 1 ]; then - source "$cwd"/coreconf/fuzz.sh + source "$cwd/coreconf/fuzz.sh" fi nspr_set_flags $sanitizer_flags if [ ! -z "$sanitizer_flags" ]; then @@ -126,20 +156,13 @@ if [ ! -z "$sanitizer_flags" ]; then fi if [ "$msvc" = 1 ]; then - source "$cwd"/coreconf/msvc.sh + source "$cwd/coreconf/msvc.sh" fi -# Setup build paths. -target_dir="$cwd"/out/$target -mkdir -p "$target_dir" -dist_dir="$cwd"/../dist -dist_dir=$(mkdir -p "$dist_dir"; cd "$dist_dir"; pwd -P) -gyp_params+=(-Dnss_dist_dir="$dist_dir") - # -c = clean first if [ "$clean" = 1 -o "$clean_only" = 1 ]; then nspr_clean - rm -rf "$cwd"/out + rm -rf "$cwd/out" rm -rf "$dist_dir" # -cc = only clean, don't build if [ "$clean_only" = 1 ]; then @@ -148,6 +171,12 @@ if [ "$clean" = 1 -o "$clean_only" = 1 ]; then fi fi +# Setup build paths. +target_dir="$cwd/out/$target" +mkdir -p "$target_dir" +dist_dir=$(mkdir -p "$dist_dir"; cd "$dist_dir"; pwd -P) +gyp_params+=(-Dnss_dist_dir="$dist_dir") + # This saves a canonical representation of arguments that we are passing to gyp # or the NSPR build so that we can work out if a rebuild is needed. # Caveat: This can fail for arguments that are position-dependent. @@ -157,66 +186,72 @@ check_config() local newconf="$1".new oldconf="$1" shift mkdir -p $(dirname "$newconf") - echo CC="$CC" >"$newconf" - echo CCC="$CCC" >>"$newconf" - echo CXX="$CXX" >>"$newconf" - echo target_arch="$target_arch" >>"$newconf" - for i in "$@"; do echo $i; done | sort >>"$newconf" + echo CC="$(Q "$CC")" >"$newconf" + echo CCC="$(Q "$CCC")" >>"$newconf" + echo CXX="$(Q "$CXX")" >>"$newconf" + echo target_arch="$(Q "$target_arch")" >>"$newconf" + for i in "$@"; do echo "$i"; done | sort >>"$newconf" # Note: The following diff fails if $oldconf isn't there as well, which # happens if we don't have a previous successful build. ! diff -q "$newconf" "$oldconf" >/dev/null 2>&1 } -gyp_config="$cwd"/out/gyp_config -nspr_config="$cwd"/out/$target/nspr_config +gyp_config="$cwd/out/gyp_config" +nspr_config="$cwd/out/$target/nspr_config" # Now check what needs to be rebuilt. # If we don't have a build directory make sure that we rebuild. if [ ! -d "$target_dir" ]; then rebuild_nspr=1 rebuild_gyp=1 -elif [ ! -d "$dist_dir"/$target ]; then +elif [ ! -d "$dist_dir/$target" ]; then rebuild_nspr=1 fi if check_config "$nspr_config" \ - nspr_cflags="$nspr_cflags" \ - nspr_cxxflags="$nspr_cxxflags" \ - nspr_ldflags="$nspr_ldflags"; then + nspr_cflags="$(Q "$nspr_cflags")" \ + nspr_cxxflags="$(Q "$nspr_cxxflags")" \ + nspr_ldflags="$(Q "$nspr_ldflags")"; then rebuild_nspr=1 fi -if check_config "$gyp_config" "${gyp_params[@]}"; then +if check_config "$gyp_config" "$(Q "${gyp_params[@]}")"; then rebuild_gyp=1 fi # Save the chosen target. -mkdir -p "$dist_dir" -echo $target > "$dist_dir"/latest +echo "$target" > "$dist_dir/latest" +for i in "${all_args[@]}"; do echo "$i"; done > "$argsfile" # Build. # NSPR. if [[ "$rebuild_nspr" = 1 && "$no_local_nspr" = 0 ]]; then + nspr_clean nspr_build - mv -f "$nspr_config".new "$nspr_config" + mv -f "$nspr_config.new" "$nspr_config" +fi + +if [ "$exit_after_nspr" = 1 ]; then + exit 0 fi + # gyp. if [ "$rebuild_gyp" = 1 ]; then - if ! hash ${GYP} 2> /dev/null; then - echo "Please install gyp" 1>&2 - exit 1 + if ! hash "$GYP" 2> /dev/null; then + echo "Building NSS requires an installation of gyp: https://gyp.gsrc.io/" 1>&2 + exit 3 fi # These extra arguments aren't used in determining whether to rebuild. - obj_dir="$dist_dir"/$target - gyp_params+=(-Dnss_dist_obj_dir=$obj_dir) + obj_dir="$dist_dir/$target" + gyp_params+=(-Dnss_dist_obj_dir="$obj_dir") if [ "$no_local_nspr" = 0 ]; then set_nspr_path "$obj_dir/include/nspr:$obj_dir/lib" fi - run_verbose run_scanbuild ${GYP} -f ninja "${gyp_params[@]}" "$cwd"/nss.gyp + run_verbose run_scanbuild ${GYP} -f ninja "${gyp_params[@]}" "$cwd/nss.gyp" - mv -f "$gyp_config".new "$gyp_config" + mv -f "$gyp_config.new" "$gyp_config" fi # ninja. @@ -225,7 +260,7 @@ if hash ninja-build 2>/dev/null; then elif hash ninja 2>/dev/null; then ninja=ninja else - echo "Please install ninja" 1>&2 - exit 1 + echo "Building NSS requires an installation of ninja: https://ninja-build.org/" 1>&2 + exit 3 fi -run_scanbuild $ninja -C "$target_dir" "${ninja_params[@]}" +run_scanbuild "$ninja" -C "$target_dir" "${ninja_params[@]}" |