-
Georg Koppen authoredWhich should have been "bug_28618_v3", but the changes are okay at least...
Georg Koppen authoredWhich should have been "bug_28618_v3", but the changes are okay at least...
build 11.97 KiB
#!/bin/bash
[% c("var/setarch") -%]
[% c("var/set_default_env") -%]
[% IF c("var/windows") -%]
[% pc('gcc', 'var/setup', { compiler_tarfile => c('input_files_by_name/gcc') }) %]
# We need a link to our GCC, otherwise the system cc gets used which points to
# /usr/bin/gcc.
ln -s gcc /var/tmp/dist/gcc/bin/cc
[% END -%]
[% pc(c('var/compiler'), 'var/setup', { compiler_tarfile => c('input_files_by_name/' _ c('var/compiler')) }) %]
distdir=/var/tmp/dist/[% project %]
mkdir -p /var/tmp/build
mkdir -p [% dest_dir _ '/' _ c('filename') %]
[% IF c("var/windows") -%]
mingwdir=/var/tmp/dist/mingw-w64
mkdir -p $mingwdir/helpers
cat > $mingwdir/helpers/[% c("arch") %]-w64-mingw32-g++ << 'EOF'
#!/bin/sh
/var/tmp/dist/mingw-w64/bin/[% c("arch") %]-w64-mingw32-g++ [% c("var/LDFLAGS") %] [% c("var/CFLAGS") %] "$@"
EOF
cat > $mingwdir/helpers/[% c("arch") %]-w64-mingw32-gcc << 'EOF'
#!/bin/sh
/var/tmp/dist/mingw-w64/bin/[% c("arch") %]-w64-mingw32-gcc [% c("var/LDFLAGS") %] [% c("var/CFLAGS") %] "$@"
EOF
cat > $mingwdir/helpers/[% c("arch") %]-w64-mingw32-ld << 'EOF'
#!/bin/sh
/var/tmp/dist/mingw-w64/bin/[% c("arch") %]-w64-mingw32-ld [% c("var/LDFLAGS") %] "$@"
EOF
chmod +x $mingwdir/helpers/*
export PATH="$mingwdir/helpers:$PATH"
[% END -%]
[% IF c("var/windows") %]
# Unpack fxc2.
mkdir -p /var/tmp/dist
tar -C /var/tmp/dist -xf [% c('input_files_by_name/fxc2') %]
fxcdir=/var/tmp/dist/fxc2/bin
cp $mingwdir/[% c("arch") %]-w64-mingw32/bin/libwinpthread-1.dll $fxcdir
export PATH="$fxcdir:$PATH"
# fxc2 requires Wine.
[% IF c("var/windows-x86_64") %]
export WINEARCH=win64
[% END %]
export HOME=/var/tmp/home
mkdir -p $HOME
WINEROOT=$HOME/.wine/drive_c
wine wineboot -i
[% END -%]
[% IF c("var/linux") %]
mkdir -p /var/tmp/dist
tar -C /var/tmp/dist -xf $rootdir/[% c('input_files_by_name/binutils') %]
export PATH="/var/tmp/dist/binutils/bin:$PATH"
[% END -%]
[% IF c("var/selfrando") -%]
tar -C /var/tmp/dist -xf $rootdir/[% c('input_files_by_name/selfrando') %]
# Selfrando wrapper
export PATH="/var/tmp/dist/selfrando/Tools/TorBrowser/tc-wrapper/:$PATH"
# We need to avoid the shuffling while building as this breaks compilation
export SELFRANDO_skip_shuffle=
[% END -%]
mkdir -p /var/tmp/dist
tar -C /var/tmp/dist -xf [% c('input_files_by_name/rust') %]
export PATH="/var/tmp/dist/rust/bin:$PATH"
[% IF c("var/linux") %]
# Add llvm so stylo can build
tar -C /var/tmp/dist -xf [% c('input_files_by_name/llvm') %]
export LLVM_CONFIG="/var/tmp/dist/llvm/bin/llvm-config"
[% END -%]
tar -C /var/tmp/build -xf [% project %]-[% c('version') %].tar.gz
[% IF c("var/osx") %]
mkdir -p "$distdir/Tor Browser.app/Contents/MacOS"
[% ELSE %]
mkdir -p $distdir/Browser
[% END %]
[% IF c("var/linux") %]
mkdir -p $distdir/Debug/Browser/
[% END %]
cd /var/tmp/build/[% project %]-[% c("version") %]
mv -f $rootdir/[% c('input_files_by_name/mozconfig') %] .mozconfig
[% IF c("var/asan") -%]
mv -f .mozconfig-asan .mozconfig
# Without disabling LSan our build is blowing up:
# https://bugs.torproject.org/10599#comment:52
export ASAN_OPTIONS="detect_leaks=0"
[% END -%]
[% IF c("var/android") %]
export GRADLE_MAVEN_REPOSITORIES="file:///var/tmp/gradle-dependencies"
gradle_repo=/var/tmp/gradle-dependencies
# Move Gradle Repo to hard-coded location. This location is embedded in the file
# chrome/toolkit/content/global/buildconfig.html so needs to be standard for reproducibility
mv $rootdir/[% c('input_files_by_name/gradle-dependencies') %] $gradle_repo
# The download script assumes the artifact package name is the complete URL path.
# In some cases this is incorrect, so copy those artifacts to the correct location
cp -r $gradle_repo/guardianproject/gpmaven/master/* $gradle_repo
# Move orbot files so they will be included in the apk during the build
cp $rootdir/[% c('input_files_by_name/orbot') %]/* mobile/android/app
# Prepare building the multi-locale .apk
mkdir -p /var/tmp/dist/locales
tar -C /var/tmp/dist/locales -xf $rootdir/[% c('input_files_by_name/firefox-locale-bundle') %]
[% END %]
eval $(perl $rootdir/get-moz-build-date [% c("var/copyright_year") %] $(cat browser/config/version.txt))
if [ -z $MOZ_BUILD_DATE ]
then
echo "MOZ_BUILD_DATE is not set"
exit 1
fi
[% IF c("var/windows") %]
# FIXME
# Ideally, using LDFLAGS (and e.g. DLLFLAGS for NSS) would be enough to get
# all Firefox libraries linked against msvcr100. Alas, this does not hold for
# NSPR. Without patching it we get a "missing entry points for _strcmpi in
# msvcr100.dll". Now, this should be fixed in rev>=6179 as the def file there
# contains a proper patch according to the mingw-w64 developers.
# However, even with this patch the _strcmpi issue is still popping up,
# probably due to a bug in our current linking setup. The small patch below
# is therefore just a workaround which should get fixed but is at least
# justified as the signature of _strcmpi and _stricmp is the same, see:
# http://msdn.microsoft.com/en-us/library/k59z8dwe.aspx.
sed 's/strcmpi/stricmp/' -i nsprpub/pr/src/linking/prlink.c
export HOST_LDFLAGS=" "
export LDFLAGS="-specs=/var/tmp/dist/mingw-w64/msvcr100.spec"
# Our flags don't get passed to NSS. We need to do that manually using an
# obscure one.
export DLLFLAGS="-specs=/var/tmp/dist/mingw-w64/msvcr100.spec"
# Make sure widl is not inserting random timestamps, see #21837.
export WIDL_TIME_OVERRIDE="0"
[% END %]
[% IF c("var/osname") == "linux-i686" -%]
export LDFLAGS=-m32
export CFLAGS=-m32
export CC='gcc -m32'
[% END -%]
[% IF c("var/windows") %]
patch -p1 < $rootdir/nsis-uninstall.patch
[% END -%]
rm -f configure
rm -f js/src/configure
./mach configure --with-tor-browser-version=[% c("var/torbrowser_version") %] --with-distribution-id=org.torproject --enable-update-channel=[% c("var/torbrowser_update_channel") %] --enable-bundled-fonts --with-branding=[% c("var/branding_directory") %]
./mach build --verbose
[% IF c("var/android") %]
# Building a multi-locale .apk
[% FOREACH lang = c('var/locales') %]
[% SET lang = tmpl(lang) %]
./mach build chrome-[% lang %];
[% END %]
export MOZ_CHROME_MULTILOCALE='[% tmpl(c('var/locales').join(' ')) %]'
AB_CD=multi ./mach package
# Copy the result over and return. There is nothing more to do for mobile.
cp obj-*/dist/*unsigned-unaligned.apk [% dest_dir _ '/' _ c('filename') %]/tor-browser-unsigned-unaligned.apk
[% RETURN %]
[% END %]
./mach build stage-package
[% IF c("var/osx") %]
cp -a obj-macos/dist/firefox/* $distdir
# Remove firefox-bin (we don't use it, see ticket #10126)
rm -f "$distdir/Tor Browser.app/Contents/MacOS/firefox-bin"
# Adjust the Info.plist file
INFO_PLIST="$distdir/Tor Browser.app/Contents/Info.plist"
mv "$INFO_PLIST" tmp.plist
python $rootdir/fix-info-plist.py '[% c("var/torbrowser_version") %]' '[% c("var/copyright_year") %]' < tmp.plist > "$INFO_PLIST"
rm -f tmp.plist
[% END %]
[% IF c("var/linux") %]
cp -a obj-*/dist/firefox/* $distdir/Browser/
# Remove firefox-bin (we don't use it, see ticket #10126)
rm -f $distdir/Browser/firefox-bin
# TODO: There goes FIPS-140.. We could upload these somewhere unique and
# subsequent builds could test to see if they've been uploaded before...
# But let's find out if it actually matters first..
rm -f $distdir/Browser/*.chk
# Replace firefox by a wrapper script (#25485)
mv $distdir/Browser/firefox $distdir/Browser/firefox.real
mv $rootdir/start-firefox $distdir/Browser/firefox
chmod 755 $distdir/Browser/firefox
[% END %]
[% IF c("var/windows-x86_64") -%]
mv $rootdir/msvcr100-x86_64.dll $rootdir/msvcr100.dll
[% END -%]
[% IF c("var/windows") %]
cp -a obj-*/dist/firefox/* $distdir/Browser/
cp -a $rootdir/msvcr100.dll $distdir/Browser
cp -a $gcclibs/libssp-0.dll $distdir/Browser
cp -a $fxcdir/d3dcompiler_47.dll $distdir/Browser
[% END %]
# Make MAR-based update tools available for use during the bundle phase.
# Note that mar and mbsdiff are standalone tools, compiled for the build
# host's architecture. We also include signmar, certutil, and the libraries
# they require; these utilities and libraries are built for the target
# architecture.
MARTOOLS=$distdir/mar-tools
mkdir -p $MARTOOLS
cp -p config/createprecomplete.py $MARTOOLS/
cp -p tools/update-packaging/*.sh $MARTOOLS/
cp -p obj-*/dist/host/bin/mar $MARTOOLS/
cp -p obj-*/dist/host/bin/mbsdiff $MARTOOLS/
[% IF c("var/linux") %]
cp -p obj-*/modules/libmar/tool/signmar $MARTOOLS/
cp -p obj-*/security/nss/cmd/certutil/certutil_certutil/certutil $MARTOOLS/
cp -p obj-*/security/nss/cmd/modutil/modutil_modutil/modutil $MARTOOLS/
cp -p obj-*/security/nss/cmd/pk12util/pk12util_pk12util/pk12util $MARTOOLS/
cp -p obj-*/security/nss/cmd/shlibsign/shlibsign_shlibsign/shlibsign $MARTOOLS/
NSS_LIBS="libfreeblpriv3.so libmozsqlite3.so libnss3.so libnssckbi.so libnssdbm3.so libnssutil3.so libsmime3.so libsoftokn3.so libssl3.so"
NSPR_LIBS="libnspr4.so libplc4.so libplds4.so"
for LIB in $NSS_LIBS $NSPR_LIBS; do
cp -p obj-*/dist/bin/$LIB $MARTOOLS/
done
[% END %]
[% IF c("var/osx") %]
cp -p obj-*/modules/libmar/tool/signmar $MARTOOLS/
cp -p obj-*/security/nss/cmd/certutil/certutil_certutil/certutil $MARTOOLS/
cp -p obj-*/security/nss/cmd/modutil/modutil_modutil/modutil $MARTOOLS/
cp -p obj-*/security/nss/cmd/pk12util/pk12util_pk12util/pk12util $MARTOOLS/
cp -p obj-*/security/nss/cmd/shlibsign/shlibsign_shlibsign/shlibsign $MARTOOLS/
NSS_LIBS="libfreebl3.dylib libmozglue.dylib libnss3.dylib libnssckbi.dylib libnssdbm3.dylib libsoftokn3.dylib"
for LIB in $NSS_LIBS; do
cp -p obj-*/dist/bin/$LIB $MARTOOLS/
done
[% END %]
[% IF c("var/windows") %]
cp -p obj-*/modules/libmar/tool/signmar.exe $MARTOOLS/
cp -p obj-*/security/nss/cmd/certutil/certutil_certutil/certutil.exe $MARTOOLS/
cp -p obj-*/security/nss/cmd/modutil/modutil_modutil/modutil.exe $MARTOOLS/
cp -p obj-*/security/nss/cmd/pk12util/pk12util_pk12util/pk12util.exe $MARTOOLS/
cp -p obj-*/security/nss/cmd/shlibsign/shlibsign_shlibsign/shlibsign.exe $MARTOOLS/
NSS_LIBS="freebl3.dll mozglue.dll nss3.dll nssckbi.dll nssdbm3.dll softokn3.dll"
for LIB in $NSS_LIBS; do
cp -p obj-*/dist/bin/$LIB $MARTOOLS/
done
cp -a $rootdir/msvcr100.dll $MARTOOLS/
[% END %]
cd $distdir
[% IF c("var/linux-x86_64") %]
# Strip and generate debuginfo for the firefox binary that we keep, all *.so
# files, the plugin-container, and the updater (see ticket #10126)
for LIB in Browser/*.so Browser/firefox.real Browser/plugin-container Browser/updater
do
objcopy --only-keep-debug $LIB Debug/$LIB
strip $LIB
objcopy --add-gnu-debuglink=./Debug/$LIB $LIB
[% IF c("var/selfrando") -%]
# remove RUNPATH added by selfrando (see #22242)
chrpath -d $LIB
[% END -%]
done
[% END %]
# Re-zipping the omni.ja files is not needed to make them reproductible,
# however if we don't re-zip them, the files become corrupt when we
# update them using 'zip' and firefox will silently fail to load some
# parts.
[% IF c("var/windows") || c("var/linux") %]
[% c("var/rezip", { rezip_file => 'Browser/omni.ja' }) %]
[% c("var/rezip", { rezip_file => 'Browser/browser/omni.ja' }) %]
[% ELSIF c("var/osx") %]
[% c("var/rezip", { rezip_file => '"Tor Browser.app/Contents/Resources/omni.ja"' }) %]
[% c("var/rezip", { rezip_file => '"Tor Browser.app/Contents/Resources/browser/omni.ja"' }) %]
[% END %]
[%
IF c("var/osx");
SET browserdir='"Tor Browser.app/Contents"';
ELSE;
SET browserdir='Browser';
END;
%]
[% IF c("var/linux") %]
/var/tmp/dist/gcc/bin/g++ $rootdir/abicheck.cc -o Browser/abicheck
[% END %]
[% c('tar', {
tar_src => [ browserdir ],
tar_args => '-czf ' _ dest_dir _ '/' _ c('filename') _ '/tor-browser.tar.gz',
}) %]
[% IF c("var/linux-x86_64") %]
[% c('tar', {
tar_src => [ 'Debug' ],
tar_args => '-cJf ' _ dest_dir _ '/' _ c('filename') _ '/tor-browser-debug.tar.xz',
}) %]
[% END %]
[% c('zip', {
zip_src => [ 'mar-tools' ],
zip_args => dest_dir _ '/' _ c('filename') _ '/' _ c('var/martools_filename'),
}) %]