Ophestra
7315e64a8a
All checks were successful
Test / Create distribution (push) Successful in 54s
Test / Sandbox (push) Successful in 2m45s
Test / ShareFS (push) Successful in 4m21s
Test / Hakurei (push) Successful in 4m32s
Test / Sandbox (race detector) (push) Successful in 5m22s
Test / Hakurei (race detector) (push) Successful in 6m19s
Test / Flake checks (push) Successful in 1m32s
Signed-off-by: Ophestra <cat@gensokyo.uk>
121 lines
2.9 KiB
Go
121 lines
2.9 KiB
Go
package rosa
|
|
|
|
import (
|
|
"strings"
|
|
|
|
"hakurei.app/internal/pkg"
|
|
)
|
|
|
|
func (t Toolchain) newNSS() (pkg.Artifact, string) {
|
|
const (
|
|
version = "3.121"
|
|
checksum = "MTS4Eg-1vBN3T7gdUAdNO0y_e9x9BE3f_k_DHdM_BIovc7y57vhsZTfB5f6BeQfi"
|
|
|
|
version0 = "4_38_2"
|
|
checksum0 = "25x2uJeQnOHIiq_zj17b4sYqKgeoU8-IsySUptoPcdHZ52PohFZfGuIisBreWzx0"
|
|
)
|
|
return t.NewPackage("nss", version, pkg.NewHTTPGetTar(
|
|
nil, "https://github.com/nss-dev/nss/archive/refs/tags/"+
|
|
"NSS_"+strings.Join(strings.SplitN(version, ".", 2), "_")+"_RTM.tar.gz",
|
|
mustDecode(checksum),
|
|
pkg.TarGzip,
|
|
), &PackageAttr{
|
|
Paths: []pkg.ExecPath{
|
|
pkg.Path(AbsUsrSrc.Append("nspr.zip"), false, pkg.NewHTTPGet(
|
|
nil, "https://hg-edge.mozilla.org/projects/nspr/archive/"+
|
|
"NSPR_"+version0+"_RTM.zip",
|
|
mustDecode(checksum0),
|
|
)),
|
|
},
|
|
|
|
// uses source tree as scratch space
|
|
Writable: true,
|
|
Chmod: true,
|
|
|
|
ScriptEarly: `
|
|
unzip /usr/src/nspr.zip -d /usr/src
|
|
mv '/usr/src/nspr-NSPR_` + version0 + `_RTM' /usr/src/nspr
|
|
`,
|
|
}, &MakeHelper{
|
|
OmitDefaults: true,
|
|
SkipConfigure: true,
|
|
InPlace: true,
|
|
|
|
SkipCheck: true,
|
|
Make: []string{
|
|
"CCC=clang++",
|
|
"NSDISTMODE=copy",
|
|
"BUILD_OPT=1",
|
|
"USE_64=1",
|
|
"nss_build_all",
|
|
},
|
|
Install: `
|
|
mkdir -p /work/system/nss
|
|
cp -r \
|
|
/usr/src/dist/. \
|
|
lib/ckfw/builtins/certdata.txt \
|
|
/work/system/nss
|
|
`,
|
|
},
|
|
Perl,
|
|
Python,
|
|
Unzip,
|
|
Gawk,
|
|
Coreutils,
|
|
|
|
Zlib,
|
|
KernelHeaders,
|
|
), version
|
|
}
|
|
func init() {
|
|
artifactsM[NSS] = Metadata{
|
|
f: Toolchain.newNSS,
|
|
|
|
Name: "nss",
|
|
Description: "Network Security Services",
|
|
Website: "https://firefox-source-docs.mozilla.org/security/nss/index.html",
|
|
|
|
ID: 2503,
|
|
}
|
|
}
|
|
|
|
func init() {
|
|
const version = "0.4.0"
|
|
artifactsM[buildcatrust] = newViaPip(
|
|
"buildcatrust",
|
|
"transform certificate stores between formats",
|
|
version, "none", "any",
|
|
"k_FGzkRCLjbTWBkuBLzQJ1S8FPAz19neJZlMHm0t10F2Y0hElmvVwdSBRc03Rjo1",
|
|
"https://github.com/nix-community/buildcatrust/"+
|
|
"releases/download/v"+version+"/",
|
|
)
|
|
}
|
|
|
|
func (t Toolchain) newNSSCACert() (pkg.Artifact, string) {
|
|
return t.New("nss-cacert", 0, []pkg.Artifact{
|
|
t.Load(Bash),
|
|
t.Load(Python),
|
|
|
|
t.Load(NSS),
|
|
t.Load(buildcatrust),
|
|
}, nil, nil, `
|
|
mkdir -p /work/system/etc/ssl/{certs/unbundled,certs/hashed,trust-source}
|
|
buildcatrust \
|
|
--certdata_input /system/nss/certdata.txt \
|
|
--ca_bundle_output /work/system/etc/ssl/certs/ca-bundle.crt \
|
|
--ca_standard_bundle_output /work/system/etc/ssl/certs/ca-no-trust-rules-bundle.crt \
|
|
--ca_unpacked_output /work/system/etc/ssl/certs/unbundled \
|
|
--ca_hashed_unpacked_output /work/system/etc/ssl/certs/hashed \
|
|
--p11kit_output /work/system/etc/ssl/trust-source/ca-bundle.trust.p11-kit
|
|
`), Unversioned
|
|
}
|
|
func init() {
|
|
artifactsM[NSSCACert] = Metadata{
|
|
f: Toolchain.newNSSCACert,
|
|
|
|
Name: "nss-cacert",
|
|
Description: "bundle of X.509 certificates of public Certificate Authorities",
|
|
Website: "https://curl.se/docs/caextract.html",
|
|
}
|
|
}
|