diff --git a/rbm.conf b/rbm.conf index c4f73e5..e3878b5 100644 --- a/rbm.conf +++ b/rbm.conf @@ -24,7 +24,13 @@ buildconf: git_signtag_opt: '-s' var: + ncdns_version: '10.5a5' + ncdns_build: 'build2' + ncdns_incremental_from: + - 10.5a3 project_name: tor-browser + multi_lingual: 0 + build_mar: 1 # By default, we sort the list of installed packages. This allows sharing # containers with identical list of packages, even if they are not listed # in the same order. In the cases where the installation order is @@ -40,7 +46,8 @@ var: [% END -%] input_files: [% c("input_files_id") %] build: - [% c("build", { filename => 'f', output_dir => '/out', norec => {} }) %] + [% SET step = c("step") -%] + [% c(step, { filename => 'f', output_dir => '/out', norec => {} }) %] container: dir: '[% c("rbm_tmp_dir") %]/rbm-containers/[% sha256(c("build_id")) %]' user: rbm @@ -55,6 +62,76 @@ var: faketime: "faketime -f \"[% USE date; GET date.format(c('timestamp'), format = '%Y-%m-%d %H:%M:%S') %]\"" touch: "[% USE date %]touch -m -t [% date.format(c('timestamp'), format = '%Y%m%d%H%M') %]" + locale_ja: ja + locales: + - ar + - ca + - cs + - da + - de + - el + - es-AR + - es-ES + - fa + - fr + - ga-IE + - he + - hu + - id + - is + - it + - '[% c("var/locale_ja") %]' + - ka + - ko + - lt + - mk + - ms + - nb-NO + - nl + - pl + - pt-BR + - ro + - ru + - sv-SE + - th + - tr + - vi + - zh-CN + - zh-TW + locales_mobile: + - ar + - ca + - cs + - da + - de + - el + - es-rAR + - es-rES + - fa + - fr + - ga-rIE + - hu + - in + - is + - it + - iw + - ja + - ka + - ko + - lt + - nb-rNO + - nl + - pl + - pt-rBR + - ro + - ru + - sv-rSE + - th + - tr + - vi + - zh-rCN + - zh-rTW + sign_build: '[% ENV.RBM_SIGN_BUILD %]' sign_build_gpg_opts: '[% ENV.RBM_GPG_OPTS %]' @@ -84,6 +161,11 @@ var: rm -Rf /var/tmp/build /var/tmp/dist [% END -%] + DOCSDIR_project: '[% project %]' + set_PTDIR_DOCSDIR: | + PTDIR="$distdir/TorBrowser/Tor/PluggableTransports" + DOCSDIR="$distdir/TorBrowser/Docs/[% c("var/DOCSDIR_project") %]" + targets: notarget: linux-x86_64 noint: @@ -93,14 +175,50 @@ targets: var: release: 1 channel: release + alpha: + var: + alpha: 1 + channel: alpha + nightly: + fetch: 1 + var: + nightly: 1 + channel: nightly + ncdns_version: | + [% + IF ENV.TORBROWSER_NIGHTLY_VERSION; + GET ENV.TORBROWSER_NIGHTLY_VERSION; + ELSIF c("var/testbuild"); + GET "testbuild"; + ELSE; + GET c("var_p/nightly_ncdns_version"); + END; + -%] + # For nightly builds, we support updates for a limited set of locales + mar_locales: + - de + - es-ES + - fr + - ru + max_ncdns_incremental_from: 2 + build_infos_json: 1 - # The common-stretch target is used to build components that are common to all - # platforms, using Debian stretch. - common-stretch: + ncdns-testbuild: + - testbuild + - alpha + testbuild: + var: + testbuild: 1 + # Don't create mar files to save time + build_mar: 0 + + # The common-buster target is used to build components that are common to all + # platforms, using Debian Buster. + common-buster: var: common: 1 container: - suite: stretch + suite: buster arch: amd64 pre_pkginst: '' deps: @@ -120,6 +238,8 @@ targets: android-armv7: 1 osname: android-armv7 toolchain_arch: arm + abi: armeabi-v7a + cross_prefix: armv7a-linux-androideabi ncdns-android-x86: - android-x86 - android @@ -129,6 +249,8 @@ targets: android-x86: 1 osname: android-x86 toolchain_arch: x86 + abi: x86 + cross_prefix: i686-linux-android ncdns-android-x86_64: - android-x86_64 - android @@ -138,6 +260,8 @@ targets: android-x86_64: 1 osname: android-x86_64 toolchain_arch: x86_64 + abi: x86_64 + cross_prefix: x86_64-linux-android ncdns-android-aarch64: - android-aarch64 - android @@ -147,22 +271,32 @@ targets: android-aarch64: 1 osname: android-aarch64 toolchain_arch: arm64 + abi: arm64-v8a + cross_prefix: aarch64-linux-android android: var: android: 1 compiler: android-toolchain - # API 16 is the minimum we currently support for Tor Browser on Android android_min_api: '[% GET c("var/android_min_api_" _ c("arch")) %]' - # API 21 is the minimum we currently support for arm64 on Android - android_min_api_aarch64: 21 + CC: '[% c("var/cross_prefix") %][% c("var/android_min_api") %]-clang' + CXX: '[% c("var/cross_prefix") %][% c("var/android_min_api") %]-clang' + # API 16 is the minimum we currently support for 32 bit on Android android_min_api_armv7: 16 android_min_api_x86: 16 + # API 21 is the minimum we currently support for 64 bit on Android android_min_api_x86_64: 21 - CC: '$ANDROID_NDK_HOME/[% c("var/toolchain_arch") %]/bin/clang' - CXX: '$ANDROID_NDK_HOME/[% c("var/toolchain_arch") %]/bin/clang++' + android_min_api_aarch64: 21 + # This is needed to get the offline build part for Glean right. + glean_parser: 1.28.6 + # We only build snowflake on the alpha and nightly + # channels for now. + snowflake: '[% c("var/alpha") || c("var/nightly") %]' container: - suite: stretch + suite: buster arch: amd64 + disable_network: + # Disable network in the script for merging GeckoView .aar files + merge_aars: 1 deps: - build-essential - python @@ -170,10 +304,26 @@ targets: - libtool - zip - unzip + - libtinfo5 + configure_opt: '--host=[% c("var/cross_prefix") %] CC=[% c("var/CC") %] [% c("var/configure_opt_project") %]' + pre_pkginst: | + SNAPSHOT_VERSION=20191201T212855Z + OPENJDK_URL=https://snapshot.debian.org/archive/debian/$SNAPSHOT_VERSION/pool/main/o/openjdk-8 + JDK_VERSION=8u232-b09-1~deb9u1_amd64 + apt-get install -y -q wget ca-certificates-java + wget $OPENJDK_URL/openjdk-8-jdk-headless_$JDK_VERSION.deb + wget $OPENJDK_URL/openjdk-8-jre-headless_$JDK_VERSION.deb + echo 92b4f8fb77d793a86e0b03b3b0750592b40a26a5d75956d10dd984a7b3aad4c9 openjdk-8-jdk-headless_$JDK_VERSION.deb | sha256sum -c + echo 84bf52b6cce20ead08b0d5b9fd9b81b4aa3da385ca951b313fe11d5cb1aa4d17 openjdk-8-jre-headless_$JDK_VERSION.deb | sha256sum -c + dpkg -i ./openjdk-8-jre-headless_$JDK_VERSION.deb ./openjdk-8-jdk-headless_$JDK_VERSION.deb ncdns-linux-x86_64: - linux-x86_64 - linux + ncdns-linux-x86_64-asan: + - linux-asan + - linux-x86_64 + - linux ncdns-linux-i686: - linux-i686 - linux @@ -182,19 +332,26 @@ targets: var: linux-x86_64: 1 osname: linux-x86_64 + # We only support RLBox on the nightly channel and x86_64 for now + rlbox: '[% c("var/nightly") %]' linux-i686: arch: i686 var: linux-i686: 1 osname: linux-i686 - configure_opt_i686: '--host=i686-linux-gnu CFLAGS=-m32 CXXFLAGS=-m32 LDFLAGS=-m32' - configure_opt: '[% c("var/configure_opt_i686") %]' + configure_opt: '--host=i686-linux-gnu CFLAGS=-m32 CXXFLAGS=-m32 LDFLAGS=-m32 [% c("var/configure_opt_project") %]' linux: var: linux: 1 compiler: gcc + configure_opt: '[% c("var/configure_opt_project") %]' + # We only build snowflake on the alpha and nightly + # channels for now. + snowflake: '[% c("var/alpha") || c("var/nightly") %]' + # Only build Namecoin for linux on nightly + namecoin: '[% c("var/nightly") %]' container: - suite: wheezy + suite: jessie arch: amd64 pre_pkginst: dpkg --add-architecture i386 deps: @@ -208,6 +365,13 @@ targets: - libtool - zip - unzip + linux-asan: + var: + asan: 1 + # RLBox needs clang to create .wasm files but we use mostly GCC for our + # ASan builds. Thus, the compilation currently breaks with RLBox enabled. + # See: tor-browser-build#40063. + rlbox: 0 ncdns-windows-i686: - windows-i686 @@ -219,6 +383,7 @@ targets: arch: x86_64 var: windows-x86_64: 1 + windows-i686: 0 osname: windows-x86_64 # HEASLR is 64 bit only (see bug 12968) flag_HEASLR: '-Wl,--high-entropy-va' @@ -226,19 +391,25 @@ targets: arch: i686 var: windows-i686: 1 + windows-x86_64: 0 osname: windows-i686 + # mingw-w64 does not support SEH on 32bit systems. Be explicit about that. + flag_noSEH: '-Wl,--no-seh' windows: var: windows: 1 container: - suite: stretch + suite: buster arch: amd64 - configure_opt: '--host=[% c("arch") %]-w64-mingw32 CFLAGS="[% c("var/CFLAGS") %]" LDFLAGS="[% c("var/LDFLAGS") %]"' + configure_opt: '--host=[% c("arch") %]-w64-mingw32 CFLAGS="[% c("var/CFLAGS") %]" LDFLAGS="[% c("var/LDFLAGS") %]" [% c("var/configure_opt_project") %]' CFLAGS: '-fstack-protector-strong -fno-strict-overflow -Wno-missing-field-initializers -Wformat -Wformat-security [% c("var/flag_mwindows") %]' - LDFLAGS: '-Wl,--dynamicbase -Wl,--nxcompat -Wl,--enable-reloc-section -Wl,--no-insert-timestamp -lssp -L$gcclibs [% c("var/flag_HEASLR") %] [% c("var/flag_mwindows") %]' + LDFLAGS: '-Wl,--dynamicbase -Wl,--nxcompat -Wl,--enable-reloc-section -Wl,--no-insert-timestamp -lssp -L$gcclibs [% c("var/flag_HEASLR") %] [% c("var/flag_noSEH") %] [% c("var/flag_mwindows") %]' flag_mwindows: '-mwindows' compiler: mingw-w64 faketime_path: /usr/lib/x86_64-linux-gnu/faketime/libfaketime.so.1 + # We only build snowflake on the alpha and nightly + # channels for now. + snowflake: '[% c("var/alpha") || c("var/nightly") %]' deps: - build-essential - python @@ -256,13 +427,19 @@ targets: osx: 1 osname: osx-x86_64 container: - suite: stretch + suite: buster arch: amd64 compiler: 'macosx-toolchain' - configure_opt: '--host=x86_64-apple-darwin11 CC="x86_64-apple-darwin11-clang [% c("var/FLAGS") %]" CXX="x86_64-apple-darwin11-clang++ [% c("var/FLAGS") %]"' - FLAGS: "-target x86_64-apple-darwin11 -B $cctoolsdir -isysroot $sysrootdir" + configure_opt: '--host=x86_64-apple-darwin CC="x86_64-apple-darwin-clang [% c("var/FLAGS") %]" CXX="x86_64-apple-darwin-clang++ [% c("var/FLAGS") %]" [% c("var/configure_opt_project") %]' + FLAGS: "-target x86_64-apple-darwin -B $cctoolsdir -isysroot $sysrootdir" LDFLAGS: "-Wl,-syslibroot,$sysrootdir -Wl,-dead_strip -Wl,-pie" macosx_deployment_target: '10.9' + locale_ja: ja-JP-mac + # We only support RLBox on the nightly channel for now + rlbox: '[% c("var/nightly") %]' + # We only build snowflake on the alpha and nightly + # channels for now. + snowflake: '[% c("var/alpha") || c("var/nightly") %]' deps: - build-essential - python @@ -271,6 +448,9 @@ targets: - zip - unzip faketime_path: /usr/lib/x86_64-linux-gnu/faketime/libfaketime.so.1 + set_PTDIR_DOCSDIR: | + PTDIR="$distdir/Contents/MacOS/Tor/PluggableTransports" + DOCSDIR="$distdir/Contents/Resources/TorBrowser/Docs/[% c("var/DOCSDIR_project") %]" # The no_build_id target can be useful if you want to quickly display # a build template or other option but don't want to spend time to @@ -423,5 +603,30 @@ ENV: my ($out) = capture_exec('sudo', 'runc', '--version'); return $out =~ m/^.*spec: 1\.[0-9]+\.[0-9]+(?:-dev)?$/m; }, + nightly_ncdns_version => sub { + state $version = ''; + return $version if $version; + my (undef, undef, undef, $day, $mon, $year) = gmtime; + $version = sprintf("tbb-nightly.%u.%02u.%02u", $year + 1900, $mon + 1, $day); + return $version; + }, + nightly_ncdns_incremental_from => sub { + my ($project, $options) = @_; + my $nightly_dir = project_config($project, 'basedir', $options) . '/nightly'; + my $current_version = project_config($project, 'var/ncdns_version', $options); + use Path::Tiny; + return [] unless -d $nightly_dir; + my @dirs = sort map { $_->basename } path($nightly_dir)->children(qr/^tbb-nightly\./); + my $nb_incr = project_config($project, ['var', 'max_ncdns_incremental_from'], $options); + my @res; + while ($nb_incr > 0) { + my $dir = pop @dirs; + last unless $dir; + next if $dir eq $current_version; + $nb_incr--; + push @res, $dir; + } + return [@res]; + }, }, ) diff --git a/tools/patch-tor-to-namecoin.sh b/tools/patch-tor-to-namecoin.sh new file mode 100755 index 0000000..7035fe4 --- /dev/null +++ b/tools/patch-tor-to-namecoin.sh @@ -0,0 +1,6 @@ +#!/usr/bin/env bash + +set -euxo pipefail +shopt -s nullglob globstar + +cat tor-browser-build/rbm.conf | sed "s/torbrowser/ncdns/g" > rbm.conf