Bug 1479787 - build mozpkix as part of NSS, r=mt,keeler

Differential Revision: https://phabricator.services.mozilla.com/D2719 Differential Revision: https://phabricator.services.mozilla.com/D2720 Differential Revision: https://phabricator.services.mozilla.com/D2861 --HG-- rename : cpputil/scoped_ptrs.h => cpputil/nss_scoped_ptrs.h rename : lib/mozpkix/test/gtest/README.txt => gtests/mozpkix_gtest/README.txt rename : lib/mozpkix/test/gtest/pkixbuild_tests.cpp => gtests/mozpkix_gtest/pkixbuild_tests.cpp rename : lib/mozpkix/test/gtest/pkixcert_extension_tests.cpp => gtests/mozpkix_gtest/pkixcert_extension_tests.cpp rename : lib/mozpkix/test/gtest/pkixcert_signature_algorithm_tests.cpp => gtests/mozpkix_gtest/pkixcert_signature_algorithm_tests.cpp rename : lib/mozpkix/test/gtest/pkixcheck_CheckExtendedKeyUsage_tests.cpp => gtests/mozpkix_gtest/pkixcheck_CheckExtendedKeyUsage_tests.cpp rename : lib/mozpkix/test/gtest/pkixcheck_CheckIssuer_tests.cpp => gtests/mozpkix_gtest/pkixcheck_CheckIssuer_tests.cpp rename : lib/mozpkix/test/gtest/pkixcheck_CheckKeyUsage_tests.cpp => gtests/mozpkix_gtest/pkixcheck_CheckKeyUsage_tests.cpp rename : lib/mozpkix/test/gtest/pkixcheck_CheckSignatureAlgorithm_tests.cpp => gtests/mozpkix_gtest/pkixcheck_CheckSignatureAlgorithm_tests.cpp rename : lib/mozpkix/test/gtest/pkixcheck_CheckValidity_tests.cpp => gtests/mozpkix_gtest/pkixcheck_CheckValidity_tests.cpp rename : lib/mozpkix/test/gtest/pkixcheck_ParseValidity_tests.cpp => gtests/mozpkix_gtest/pkixcheck_ParseValidity_tests.cpp rename : lib/mozpkix/test/gtest/pkixcheck_TLSFeaturesSatisfiedInternal_tests.cpp => gtests/mozpkix_gtest/pkixcheck_TLSFeaturesSatisfiedInternal_tests.cpp rename : lib/mozpkix/test/gtest/pkixder_input_tests.cpp => gtests/mozpkix_gtest/pkixder_input_tests.cpp rename : lib/mozpkix/test/gtest/pkixder_pki_types_tests.cpp => gtests/mozpkix_gtest/pkixder_pki_types_tests.cpp rename : lib/mozpkix/test/gtest/pkixder_universal_types_tests.cpp => gtests/mozpkix_gtest/pkixder_universal_types_tests.cpp rename : lib/mozpkix/test/gtest/pkixgtest.cpp => gtests/mozpkix_gtest/pkixgtest.cpp rename : lib/mozpkix/test/gtest/pkixgtest.h => gtests/mozpkix_gtest/pkixgtest.h rename : lib/mozpkix/test/gtest/pkixnames_tests.cpp => gtests/mozpkix_gtest/pkixnames_tests.cpp rename : lib/mozpkix/test/gtest/pkixocsp_CreateEncodedOCSPRequest_tests.cpp => gtests/mozpkix_gtest/pkixocsp_CreateEncodedOCSPRequest_tests.cpp rename : lib/mozpkix/test/gtest/pkixocsp_VerifyEncodedOCSPResponse.cpp => gtests/mozpkix_gtest/pkixocsp_VerifyEncodedOCSPResponse.cpp rename : lib/mozpkix/test/lib/pkixtestnss.h => lib/mozpkix/include/pkix-test/pkixtestnss.h rename : lib/mozpkix/test/lib/pkixtestutil.h => lib/mozpkix/include/pkix-test/pkixtestutil.h rename : lib/mozpkix/lib/pkixcheck.h => lib/mozpkix/include/pkix/pkixcheck.h rename : lib/mozpkix/lib/pkixder.h => lib/mozpkix/include/pkix/pkixder.h rename : lib/mozpkix/lib/pkixutil.h => lib/mozpkix/include/pkix/pkixutil.h rename : lib/mozpkix/test/lib/pkixtestalg.cpp => lib/mozpkix/test-lib/pkixtestalg.cpp rename : lib/mozpkix/test/lib/pkixtestnss.cpp => lib/mozpkix/test-lib/pkixtestnss.cpp rename : lib/mozpkix/test/lib/pkixtestutil.cpp => lib/mozpkix/test-lib/pkixtestutil.cpp extra : rebase_source : 7b1375fef0c8e0c361f44d16f69c31d0bd6d0b41
sailfishos-mirror · Aug 3, 2018 · 53850b9 · 53850b9
1 parent bac4358
commit 53850b9
Show file tree

Hide file tree

Showing 105 changed files with 456 additions and 472 deletions.
diff --git a/build.sh b/build.sh
@@ -99,6 +99,7 @@ while [ $# -gt 0 ]; do
         --system-nspr) set_nspr_path "/usr/include/nspr/:"; no_local_nspr=1 ;;
         --enable-libpkix) gyp_params+=(-Ddisable_libpkix=0) ;;
         --enable-fips) gyp_params+=(-Ddisable_fips=0) ;;
+        --mozpkix-only) gyp_params+=(-Dmozpkix_only=1 -Ddisable_tests=1 -Dsign_libs=0) ;;
         *) show_help; exit 2 ;;
     esac
     shift

diff --git a/coreconf/config.gypi b/coreconf/config.gypi
@@ -108,8 +108,12 @@
     'emit_llvm%': 0,
     'nss_public_dist_dir%': '<(nss_dist_dir)/public',
     'nss_private_dist_dir%': '<(nss_dist_dir)/private',
+    # This is only needed when building with --mozpkix-only and might not work
+    # on all machines.
+    'nss_include_dir%': '/usr/include/nss',
     'only_dev_random%': 1,
     'disable_fips%': 1,
+    'mozpkix_only%': 0,
   },
   'target_defaults': {
     # Settings specific to targets should go here.
@@ -126,6 +130,11 @@
       '<(nss_dist_dir)/private/<(module)',
     ],
     'conditions': [
+      [ 'mozpkix_only==1 and OS=="linux"', {
+        'include_dirs': [
+          '<(nss_include_dir)',
+        ],
+      }],
       [ 'disable_fips==1', {
         'defines': [
           'NSS_FIPS_DISABLED',

diff --git a/cpputil/dummy_io.h b/cpputil/dummy_io.h
@@ -8,7 +8,7 @@
 #include "prerror.h"
 #include "prio.h"
 
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
 
 class DummyIOLayerMethods {
  public:

diff --git a/cpputil/scoped_ptrs.h → cpputil/nss_scoped_ptrs.h b/cpputil/scoped_ptrs.h → cpputil/nss_scoped_ptrs.h
@@ -4,16 +4,15 @@
  * License, v. 2.0. If a copy of the MPL was not distributed with this file,
  * You can obtain one at http://mozilla.org/MPL/2.0/. */
 
-#ifndef scoped_ptrs_h__
-#define scoped_ptrs_h__
+#ifndef nss_scoped_ptrs_h__
+#define nss_scoped_ptrs_h__
 
 #include <memory>
 #include "cert.h"
 #include "keyhi.h"
 #include "p12.h"
 #include "pk11pub.h"
 #include "pkcs11uri.h"
-#include "sslexp.h"
 
 struct ScopedDelete {
   void operator()(CERTCertificate* cert) { CERT_DestroyCertificate(cert); }
@@ -29,6 +28,9 @@ struct ScopedDelete {
   void operator()(PK11SymKey* key) { PK11_FreeSymKey(key); }
   void operator()(PRFileDesc* fd) { PR_Close(fd); }
   void operator()(SECAlgorithmID* id) { SECOID_DestroyAlgorithmID(id, true); }
+  void operator()(SECKEYEncryptedPrivateKeyInfo* e) {
+    SECKEY_DestroyEncryptedPrivateKeyInfo(e, true);
+  }
   void operator()(SECItem* item) { SECITEM_FreeItem(item, true); }
   void operator()(SECKEYPublicKey* key) { SECKEY_DestroyPublicKey(key); }
   void operator()(SECKEYPrivateKey* key) { SECKEY_DestroyPrivateKey(key); }
@@ -39,9 +41,6 @@ struct ScopedDelete {
   void operator()(PLArenaPool* arena) { PORT_FreeArena(arena, PR_FALSE); }
   void operator()(PK11Context* context) { PK11_DestroyContext(context, true); }
   void operator()(PK11GenericObject* obj) { PK11_DestroyGenericObject(obj); }
-  void operator()(SSLResumptionTokenInfo* token) {
-    SSL_DestroyResumptionTokenInfo(token);
-  }
   void operator()(SEC_PKCS12DecoderContext* dcx) {
     SEC_PKCS12DecoderFinish(dcx);
   }
@@ -69,6 +68,7 @@ SCOPED(PK11SlotInfo);
 SCOPED(PK11SymKey);
 SCOPED(PRFileDesc);
 SCOPED(SECAlgorithmID);
+SCOPED(SECKEYEncryptedPrivateKeyInfo);
 SCOPED(SECItem);
 SCOPED(SECKEYPublicKey);
 SCOPED(SECKEYPrivateKey);
@@ -77,10 +77,9 @@ SCOPED(PK11URI);
 SCOPED(PLArenaPool);
 SCOPED(PK11Context);
 SCOPED(PK11GenericObject);
-SCOPED(SSLResumptionTokenInfo);
 SCOPED(SEC_PKCS12DecoderContext);
 SCOPED(CERTDistNames);
 
 #undef SCOPED
 
-#endif  // scoped_ptrs_h__
+#endif  // nss_scoped_ptrs_h__
diff --git a/cpputil/scoped_ptrs_ssl.h b/cpputil/scoped_ptrs_ssl.h
@@ -0,0 +1,35 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef scoped_ptrs_ssl_h__
+#define scoped_ptrs_ssl_h__
+
+#include <memory>
+#include "sslexp.h"
+
+struct ScopedDeleteSSL {
+  void operator()(SSLResumptionTokenInfo* token) {
+    SSL_DestroyResumptionTokenInfo(token);
+  }
+};
+
+template <class T>
+struct ScopedMaybeDeleteSSL {
+  void operator()(T* ptr) {
+    if (ptr) {
+      ScopedDeleteSSL del;
+      del(ptr);
+    }
+  }
+};
+
+#define SCOPED(x) typedef std::unique_ptr<x, ScopedMaybeDeleteSSL<x> > Scoped##x
+
+SCOPED(SSLResumptionTokenInfo);
+
+#undef SCOPED
+
+#endif  // scoped_ptrs_ssl_h__
diff --git a/exports.gyp b/exports.gyp
@@ -5,13 +5,15 @@
   'includes': [
     'coreconf/config.gypi'
   ],
+  'conditions': [
+    [ 'mozpkix_only==0', {
       'targets': [
         {
           'target_name': 'nss_exports',
           'type': 'none',
           'direct_dependent_settings': {
             'include_dirs': [
-          '<(nss_public_dist_dir)/nss'
+              '<(nss_public_dist_dir)/nss',
             ]
           },
           'dependencies': [
@@ -36,7 +38,7 @@
             'lib/sqlite/exports.gyp:lib_sqlite_exports',
             'lib/ssl/exports.gyp:lib_ssl_exports',
             'lib/util/exports.gyp:lib_util_exports',
-        'lib/zlib/exports.gyp:lib_zlib_exports'
+            'lib/zlib/exports.gyp:lib_zlib_exports',
           ],
           'conditions': [
             [ 'disable_libpkix==0', {
@@ -73,5 +75,22 @@
             }],
           ],
         }
+      ],
+    }],
+  ],
+  'targets': [
+    {
+      'target_name': 'nss_mozpkix_exports',
+      'type': 'none',
+      'direct_dependent_settings': {
+        'include_dirs': [
+          '<(nss_public_dist_dir)/nss'
         ]
+      },
+      'dependencies': [
+        'lib/mozpkix/exports.gyp:lib_mozpkix_exports',
+        'lib/mozpkix/exports.gyp:lib_mozpkix_test_exports',
+      ],
+    },
+  ],
 }
diff --git a/fuzz/tls_server_certs.cc b/fuzz/tls_server_certs.cc
@@ -8,7 +8,7 @@
 #include "ssl.h"
 
 #include "cpputil.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
 #include "tls_server_certs.h"
 
 const uint8_t kP256ServerCert[] = {

diff --git a/gtests/certdb_gtest/alg1485_unittest.cc b/gtests/certdb_gtest/alg1485_unittest.cc
@@ -9,7 +9,7 @@
 #include "gtest/gtest.h"
 
 #include "nss.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
 #include "prprf.h"
 
 namespace nss_test {

diff --git a/gtests/cryptohi_gtest/cryptohi_unittest.cc b/gtests/cryptohi_gtest/cryptohi_unittest.cc
@@ -8,7 +8,7 @@
 
 #include "gtest/gtest.h"
 
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
 #include "cryptohi.h"
 #include "secitem.h"
 #include "secerr.h"

diff --git a/gtests/der_gtest/der_private_key_import_unittest.cc b/gtests/der_gtest/der_private_key_import_unittest.cc
@@ -11,7 +11,7 @@
 #include "secutil.h"
 
 #include "gtest/gtest.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
 
 namespace nss_test {
 

diff --git a/gtests/der_gtest/p12_import_unittest.cc b/gtests/der_gtest/p12_import_unittest.cc
@@ -8,7 +8,7 @@
 #include "p12.h"
 
 #include "gtest/gtest.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
 
 namespace nss_test {
 

diff --git a/gtests/freebl_gtest/ecl_unittest.cc b/gtests/freebl_gtest/ecl_unittest.cc
@@ -7,7 +7,7 @@
 #include <stdint.h>
 
 #include "blapi.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
 #include "secerr.h"
 
 namespace nss_test {

diff --git a/lib/mozpkix/test/gtest/README.txt → gtests/mozpkix_gtest/README.txt b/lib/mozpkix/test/gtest/README.txt → gtests/mozpkix_gtest/README.txt
diff --git a/gtests/mozpkix_gtest/mozpkix_gtest.gyp b/gtests/mozpkix_gtest/mozpkix_gtest.gyp
@@ -0,0 +1,71 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+  'includes': [
+    '../../coreconf/config.gypi',
+    '../common/gtest.gypi',
+  ],
+  'targets': [
+    {
+      'target_name': 'mozpkix_gtest',
+      'type': 'executable',
+      'sources': [
+        '<(DEPTH)/gtests/common/gtests.cc',
+        'pkixbuild_tests.cpp',
+        'pkixcert_extension_tests.cpp',
+        'pkixcert_signature_algorithm_tests.cpp',
+        'pkixcheck_CheckExtendedKeyUsage_tests.cpp',
+        'pkixcheck_CheckIssuer_tests.cpp',
+        'pkixcheck_CheckKeyUsage_tests.cpp',
+        'pkixcheck_CheckSignatureAlgorithm_tests.cpp',
+        'pkixcheck_CheckValidity_tests.cpp',
+        'pkixcheck_ParseValidity_tests.cpp',
+        'pkixcheck_TLSFeaturesSatisfiedInternal_tests.cpp',
+        'pkixder_input_tests.cpp',
+        'pkixder_pki_types_tests.cpp',
+        'pkixder_universal_types_tests.cpp',
+        'pkixgtest.cpp',
+        'pkixnames_tests.cpp',
+        'pkixocsp_CreateEncodedOCSPRequest_tests.cpp',
+        'pkixocsp_VerifyEncodedOCSPResponse.cpp',
+      ],
+      'dependencies': [
+        '<(DEPTH)/exports.gyp:nss_exports',
+        '<(DEPTH)/gtests/google_test/google_test.gyp:gtest',
+        '<(DEPTH)/lib/util/util.gyp:nssutil',
+        '<(DEPTH)/lib/ssl/ssl.gyp:ssl',
+        '<(DEPTH)/lib/nss/nss.gyp:nss_static',
+        '<(DEPTH)/lib/pk11wrap/pk11wrap.gyp:pk11wrap_static',
+        '<(DEPTH)/lib/cryptohi/cryptohi.gyp:cryptohi',
+        '<(DEPTH)/lib/certhigh/certhigh.gyp:certhi',
+        '<(DEPTH)/lib/certdb/certdb.gyp:certdb',
+        '<(DEPTH)/lib/base/base.gyp:nssb',
+        '<(DEPTH)/lib/dev/dev.gyp:nssdev',
+        '<(DEPTH)/lib/pki/pki.gyp:nsspki',
+        '<(DEPTH)/lib/mozpkix/mozpkix.gyp:mozpkix',
+        '<(DEPTH)/lib/mozpkix/mozpkix.gyp:mozpkix-testlib',
+      ],
+      'include_dirs': [
+        '<(DEPTH)/lib/mozpkix/',
+        '<(DEPTH)/lib/mozpkix/lib',
+        '<(DEPTH)/lib/mozpkix/include/',
+        '<(DEPTH)/lib/mozpkix/include/pkix-test/',
+      ],
+      'conditions': [
+        [ 'OS=="win"', {
+          'libraries': [
+            'advapi32.lib',
+          ],
+        }],
+      ],
+      'defines': [
+        'NSS_USE_STATIC_LIBS'
+      ],
+    }
+  ],
+  'variables': {
+    'module': 'nss',
+    'use_static_libs': 1,
+  }
+}