From f4a12fc67689a830e9da1c87fd11afe5bc09deb3 Mon Sep 17 00:00:00 2001 From: wolfbeast Date: Thu, 2 Jan 2020 21:06:40 +0100 Subject: Issue #1338 - Part 2: Update NSS to 3.48-RTM --- .../nss/automation/taskcluster/scripts/build.sh | 6 ++++++ .../nss/automation/taskcluster/scripts/build_gyp.sh | 8 +++++++- .../automation/taskcluster/scripts/build_nspr.sh | 6 ++++++ .../taskcluster/scripts/build_softoken.sh | 5 +++-- .../nss/automation/taskcluster/scripts/check_abi.sh | 7 +++++++ .../taskcluster/scripts/gen_coverage_report.sh | 6 ++++++ .../automation/taskcluster/scripts/run_coverity.sh | 21 +++++++++++++++++++++ .../taskcluster/scripts/run_scan_build.sh | 6 ++++++ .../nss/automation/taskcluster/scripts/tools.sh | 6 +++++- 9 files changed, 67 insertions(+), 4 deletions(-) create mode 100644 security/nss/automation/taskcluster/scripts/run_coverity.sh (limited to 'security/nss/automation/taskcluster/scripts') diff --git a/security/nss/automation/taskcluster/scripts/build.sh b/security/nss/automation/taskcluster/scripts/build.sh index 649fdaa1b..42ac822f2 100755 --- a/security/nss/automation/taskcluster/scripts/build.sh +++ b/security/nss/automation/taskcluster/scripts/build.sh @@ -13,6 +13,12 @@ fi # Clone NSPR if needed. hg_clone https://hg.mozilla.org/projects/nspr ./nspr default +if [[ -f nss/nspr.patch && "$ALLOW_NSPR_PATCH" == "1" ]]; then + pushd nspr + cat ../nss/nspr.patch | patch -p1 + popd +fi + # Build. make -C nss nss_build_all diff --git a/security/nss/automation/taskcluster/scripts/build_gyp.sh b/security/nss/automation/taskcluster/scripts/build_gyp.sh index fb3a33a52..e19a6362f 100755 --- a/security/nss/automation/taskcluster/scripts/build_gyp.sh +++ b/security/nss/automation/taskcluster/scripts/build_gyp.sh @@ -5,8 +5,14 @@ source $(dirname "$0")/tools.sh # Clone NSPR if needed. hg_clone https://hg.mozilla.org/projects/nspr ./nspr default +if [[ -f nss/nspr.patch && "$ALLOW_NSPR_PATCH" == "1" ]]; then + pushd nspr + cat ../nss/nspr.patch | patch -p1 + popd +fi + # Build. -nss/build.sh -g -v "$@" +nss/build.sh -g -v --enable-libpkix "$@" # Package. if [[ $(uname) = "Darwin" ]]; then diff --git a/security/nss/automation/taskcluster/scripts/build_nspr.sh b/security/nss/automation/taskcluster/scripts/build_nspr.sh index 4d1903460..b104e430a 100644 --- a/security/nss/automation/taskcluster/scripts/build_nspr.sh +++ b/security/nss/automation/taskcluster/scripts/build_nspr.sh @@ -7,6 +7,12 @@ source $(dirname $0)/tools.sh # Clone NSPR if needed. hg_clone https://hg.mozilla.org/projects/nspr nspr default +if [[ -f nss/nspr.patch && "$ALLOW_NSPR_PATCH" == "1" ]]; then + pushd nspr + cat ../nss/nspr.patch | patch -p1 + popd +fi + # Build. rm -rf dist make -C nss build_nspr diff --git a/security/nss/automation/taskcluster/scripts/build_softoken.sh b/security/nss/automation/taskcluster/scripts/build_softoken.sh index e5aaecccf..5f6045602 100644 --- a/security/nss/automation/taskcluster/scripts/build_softoken.sh +++ b/security/nss/automation/taskcluster/scripts/build_softoken.sh @@ -20,8 +20,9 @@ export NSS_BUILD_SOFTOKEN_ONLY=1 rm -rf dist make -C nss-softoken nss_build_all -mv dist/private/nss/blapi.h dist/public/nss -mv dist/private/nss/alghmac.h dist/public/nss +for i in blapi alghmac cmac; do + mv "dist/private/nss/${i}.h" dist/public/nss +done # Package. test -d artifacts || mkdir artifacts diff --git a/security/nss/automation/taskcluster/scripts/check_abi.sh b/security/nss/automation/taskcluster/scripts/check_abi.sh index dbc1a476f..5cd587a6b 100644 --- a/security/nss/automation/taskcluster/scripts/check_abi.sh +++ b/security/nss/automation/taskcluster/scripts/check_abi.sh @@ -20,6 +20,12 @@ set_env() done fi + if [[ -f nss/nspr.patch && "$ALLOW_NSPR_PATCH" == "1" ]]; then + pushd nspr + cat ../nss/nspr.patch | patch -p1 + popd + fi + cd nss ./build.sh -v -c cd .. @@ -103,6 +109,7 @@ abi_diff() cat ${HGDIR}/nss/automation/abi-check/new-report-temp$SO.txt \ | grep -v "^Functions changes summary:" \ | grep -v "^Variables changes summary:" \ + | sed -e 's/__anonymous_enum__[0-9]*/__anonymous_enum__/g' \ > ${HGDIR}/nss/automation/abi-check/new-report-$SO.txt rm -f ${HGDIR}/nss/automation/abi-check/new-report-temp$SO.txt diff --git a/security/nss/automation/taskcluster/scripts/gen_coverage_report.sh b/security/nss/automation/taskcluster/scripts/gen_coverage_report.sh index 3907c72e8..dc7d77d6c 100644 --- a/security/nss/automation/taskcluster/scripts/gen_coverage_report.sh +++ b/security/nss/automation/taskcluster/scripts/gen_coverage_report.sh @@ -5,6 +5,12 @@ source $(dirname "$0")/tools.sh # Clone NSPR. hg_clone https://hg.mozilla.org/projects/nspr ./nspr default +if [[ -f nss/nspr.patch && "$ALLOW_NSPR_PATCH" == "1" ]]; then + pushd nspr + cat ../nss/nspr.patch | patch -p1 + popd +fi + out=/home/worker/artifacts mkdir -p $out diff --git a/security/nss/automation/taskcluster/scripts/run_coverity.sh b/security/nss/automation/taskcluster/scripts/run_coverity.sh new file mode 100644 index 000000000..4b09f5398 --- /dev/null +++ b/security/nss/automation/taskcluster/scripts/run_coverity.sh @@ -0,0 +1,21 @@ +#!/usr/bin/env bash + +source $(dirname "$0")/tools.sh + +# Clone NSPR if needed. +if [ ! -d "nspr" ]; then + hg_clone https://hg.mozilla.org/projects/nspr ./nspr default + + if [[ -f nss/nspr.patch && "$ALLOW_NSPR_PATCH" == "1" ]]; then + pushd nspr + cat ../nss/nspr.patch | patch -p1 + popd + fi +fi + +# Build and run Coverity +cd nss +./mach static-analysis + +# Return the exit code of the Coverity Analysis +exit $? diff --git a/security/nss/automation/taskcluster/scripts/run_scan_build.sh b/security/nss/automation/taskcluster/scripts/run_scan_build.sh index 014530b42..0e4fcbdf0 100755 --- a/security/nss/automation/taskcluster/scripts/run_scan_build.sh +++ b/security/nss/automation/taskcluster/scripts/run_scan_build.sh @@ -5,6 +5,12 @@ source $(dirname "$0")/tools.sh # Clone NSPR if needed. if [ ! -d "nspr" ]; then hg_clone https://hg.mozilla.org/projects/nspr ./nspr default + + if [[ -f nss/nspr.patch && "$ALLOW_NSPR_PATCH" == "1" ]]; then + pushd nspr + cat ../nss/nspr.patch | patch -p1 + popd + fi fi # Build. diff --git a/security/nss/automation/taskcluster/scripts/tools.sh b/security/nss/automation/taskcluster/scripts/tools.sh index 63a6ee8de..81563f506 100644 --- a/security/nss/automation/taskcluster/scripts/tools.sh +++ b/security/nss/automation/taskcluster/scripts/tools.sh @@ -30,7 +30,11 @@ hg_clone() { } fetch_dist() { - url=https://queue.taskcluster.net/v1/task/$TC_PARENT_TASK_ID/artifacts/public/dist.tar.bz2 + if [ "$TASKCLUSTER_ROOT_URL" = "https://taskcluster.net" ] || [ -z "$TASKCLUSTER_ROOT_URL" ]; then + url=https://queue.taskcluster.net/v1/task/$TC_PARENT_TASK_ID/artifacts/public/dist.tar.bz2 + else + url=$TASKCLUSTER_ROOT_URL/api/queue/v1/task/$TC_PARENT_TASK_ID/artifacts/public/dist.tar.bz2 + fi if [ ! -d "dist" ]; then for i in 0 2 5; do sleep $i -- cgit v1.2.3