gecko-dev/security/moz.build
Franziskus Kiefer a52a8495f9 Bug 1479787 - use NSS mozpkix in Firefox, r=mt,keeler,glandium
Differential Revision: https://phabricator.services.mozilla.com/D2725
Differential Revision: https://phabricator.services.mozilla.com/D2860

--HG--
extra : rebase_source : 189c13c2a3104c106fcabad5998af6cb2e20d4a5
2018-10-02 14:59:34 +02:00

156 lines
5.2 KiB
Python

# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*-
# vim: set filetype=python:
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
with Files("**"):
BUG_COMPONENT = ("Core", "Security: PSM")
with Files("generate*.py"):
BUG_COMPONENT = ("Firefox Build System", "General")
with Files("nss/**"):
BUG_COMPONENT = ("NSS", "Libraries")
with Files("nss.symbols"):
BUG_COMPONENT = ("NSS", "Libraries")
if CONFIG['MOZ_SYSTEM_NSS']:
Library('nss')
OS_LIBS += CONFIG['NSS_LIBS']
include('/build/gyp_base.mozbuild')
if CONFIG['MOZ_FOLD_LIBS']:
GeckoSharedLibrary('nss', linkage=None)
# TODO: The library name can be changed when bug 845217 is fixed.
SHARED_LIBRARY_NAME = 'nss3'
USE_LIBS += [
'nspr4',
'nss3_static',
'nssutil',
'plc4',
'plds4',
'smime3_static',
'ssl',
]
OS_LIBS += CONFIG['REALTIME_LIBS']
SYMBOLS_FILE = 'nss.symbols'
# This changes the default targets in the NSS build, among
# other things.
gyp_vars['moz_fold_libs'] = 1
# Some things in NSS need to link against nssutil, which
# gets folded, so this tells them what to link against.
gyp_vars['moz_folded_library_name'] = 'nss'
# Force things in NSS that want to link against NSPR to link
# against the folded library.
gyp_vars['nspr_libs'] = 'nss'
elif not CONFIG['MOZ_SYSTEM_NSS']:
Library('nss')
USE_LIBS += [
'nss3',
'nssutil3',
'smime3',
'sqlite',
'ssl3',
]
gyp_vars['nspr_libs'] = 'nspr'
else:
# Build mozpkix and mozpkix-test only
gyp_vars['nspr_libs'] = 'nspr'
gyp_vars['mozpkix_only'] = 1
# This disables building some NSS tools.
gyp_vars['mozilla_client'] = 1
# We run shlibsign as part of packaging, not build.
gyp_vars['sign_libs'] = 0
gyp_vars['python'] = CONFIG['PYTHON']
# The NSS gyp files do not have a default for this.
gyp_vars['nss_dist_dir'] = '$PRODUCT_DIR/dist'
# NSS wants to put public headers in $nss_dist_dir/public/nss by default,
# which would wind up being mapped to dist/include/public/nss (by
# gyp_reader's `handle_copies`).
# This forces it to put them in dist/include/nss.
gyp_vars['nss_public_dist_dir'] = '$PRODUCT_DIR/dist'
gyp_vars['nss_dist_obj_dir'] = '$PRODUCT_DIR/dist/bin'
# We don't currently build NSS tests.
gyp_vars['disable_tests'] = 1
if CONFIG['NSS_DISABLE_DBM']:
gyp_vars['disable_dbm'] = 1
gyp_vars['disable_libpkix'] = 1
# pkg-config won't reliably find zlib on our builders, so just force it.
# System zlib is only used for modutil and signtool unless
# SSL zlib is enabled, which we are disabling immediately below this.
gyp_vars['zlib_libs'] = '-lz'
gyp_vars['ssl_enable_zlib'] = 0
# System sqlite here is the in-tree mozsqlite.
gyp_vars['use_system_sqlite'] = 1
gyp_vars['sqlite_libs'] = 'sqlite'
if CONFIG['MOZ_SYSTEM_NSPR']:
gyp_vars['nspr_include_dir'] = '%' + CONFIG['NSPR_INCLUDE_DIR']
gyp_vars['nspr_lib_dir'] = '%' + CONFIG['NSPR_LIB_DIR']
else:
gyp_vars['nspr_include_dir'] = '!/dist/include/nspr'
gyp_vars['nspr_lib_dir'] = '' # gyp wants a value, but we don't need
# it to be valid.
# The Python scripts that detect clang need it to be set as CC
# in the environment, which isn't true here. I don't know that
# setting that would be harmful, but we already have this information
# anyway.
if CONFIG['CC_TYPE'] in ('clang', 'clang-cl'):
gyp_vars['cc_is_clang'] = 1
if CONFIG['GCC_USE_GNU_LD']:
gyp_vars['cc_use_gnu_ld'] = 1
GYP_DIRS += ['nss']
GYP_DIRS['nss'].input = 'nss/nss.gyp'
GYP_DIRS['nss'].variables = gyp_vars
sandbox_vars = {
# NSS explicitly exports its public symbols
# with linker scripts.
'COMPILE_FLAGS': {
'VISIBILITY': [],
# XXX: We should fix these warnings.
'WARNINGS_AS_ERRORS': [],
},
# NSS' build system doesn't currently build NSS with PGO.
# We could probably do so, but not without a lot of
# careful consideration.
'NO_PGO': True,
}
if CONFIG['OS_TARGET'] == 'WINNT':
if CONFIG['CPU_ARCH'] == 'x86':
# This should really be the default.
sandbox_vars['ASFLAGS'] = ['-safeseh']
if CONFIG['MOZ_FOLD_LIBS_FLAGS']:
sandbox_vars['CFLAGS'] = CONFIG['MOZ_FOLD_LIBS_FLAGS']
if CONFIG['OS_TARGET'] == 'Android':
sandbox_vars['CFLAGS'] = [
'-include', TOPSRCDIR + '/security/manager/android_stub.h',
# Setting sandbox_vars['DEFINES'] is broken currently.
'-DCHECK_FORK_GETPID',
]
if CONFIG['ANDROID_VERSION']:
sandbox_vars['CFLAGS'] += ['-DANDROID_VERSION=' + CONFIG['ANDROID_VERSION']]
if CONFIG['MOZ_SYSTEM_NSS']:
sandbox_vars['CXXFLAGS'] = CONFIG['NSS_CFLAGS']
GYP_DIRS['nss'].sandbox_vars = sandbox_vars
GYP_DIRS['nss'].no_chromium = True
GYP_DIRS['nss'].no_unified = True
# This maps action names from gyp files to
# Python scripts that can be used in moz.build GENERATED_FILES.
GYP_DIRS['nss'].action_overrides = {
'generate_certdata_c': 'generate_certdata.py',
'generate_mapfile': 'generate_mapfile.py',
}
if CONFIG['NSS_EXTRA_SYMBOLS_FILE']:
DEFINES['NSS_EXTRA_SYMBOLS_FILE'] = CONFIG['NSS_EXTRA_SYMBOLS_FILE']