Age | Commit message (Collapse) | Author | Files | Lines |
|
Now that we can generate build files, we can actually maintain a Bazel
build in HEAD, without synthesizing a separate "-with-bazel" branch.
(Though we'll still need both for a transition, and until all the other
build modes have migrated.) Note this has a slightly different directory
structure than the old -with-bazel branch. But the targets are the same
and #include <openssl/whatever.h> still works, so hopefully it's
compatible.
For now, I'm only setting this up with the new bzlmod scheme. Also since
pulling in googletest is much less tedious with bzlmod, I've wired up
tests and everything.
https://bazel.build/external/overview#bzlmod
To build, run commands like:
bazelisk build ...
bazelisk test ...
bazelisk run :bssl
The thinking is we can also go add this to CI and whatnot.
This is also intended to replace the boringssl module in the
bazel-central-registry which someone else set up already. To ease the
transition, I've seeded the compatibility_level value with theirs. (I
think we want to never bump it. Although we don't do SemVer, I think
bzlmod's MVS version selection scheme is generally reasonable. Bumping
it just introduces hiccups into the update process where projects need
to coordinate updates, and we do not want that.)
I wasn't clear on what to put in the version field in the tree, so I
just went with 0.0.0-dev so we don't have to change it, but it's still
vaguely analogous to the versions already in there.
As part of this, I've added support for Bazel's runfiles mechanism in
crypto/test/test_data.cc. This is completely undocumented and I had to
figure out how it works by guessing, but I believe this is the
officially supported way to make cc_test(data = ...) work? The official
documentation says to use devtools_build::GetDataDependencyFilepath, but
that API does not exist in the first place. I've also made it build with
C++17 for now, so we can build libpki, but C++14 consumers should still
be able to use this module, just not build libpki.
To that end, one difference between this and the old module is that we
no longer specify the C++ version in the build. From what I can tell,
Bazel does *not* want libraries to set the C/C++ version and prefers it
only come from the root. Unfortunately, they provide zero tools to
effectively manage this. I've followed this pattern for C++ versions, as
we can assume that Bazel projects are very aware of their C++ version,
but I've explicitly ignored it for the C version. Projects tend not to
change ABIs by C version, so it should be fine to set it internally.
For context when reviewing, the unreadable MODULE.bazel.lock is
automatically generated. I think the idea is that subsequent diffs will
be more readable??
Bug: 542
Change-Id: I88f68b2602a75f58cc6d18832a956f01dc054f58
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67301
Auto-Submit: David Benjamin <davidben@google.com>
Commit-Queue: Bob Beck <bbe@google.com>
Reviewed-by: Bob Beck <bbe@google.com>
|
|
Combined with https://crrev.com/c/5346536, this should, I believe, avoid
needing to re-download the toolchains over and over on every CI run once
the caches all fill.
Change-Id: I4991cf61dd164d7d39da91184ba7051ac59ce3f1
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67347
Auto-Submit: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Bob Beck <bbe@google.com>
|
|
We now have (some of) our test sources in an easily parseable form.
run_android_tests.go no longer needs to crawl the source tree.
Note this required fixing the .gitignore rules. If a .gitignore line
doesn't have a slash at the start or middle, it applies to
subdirectories as well. This is confusing, so I just stuck a leading
slash in front of all of them.
Bug: 681
Change-Id: I389c2a0560594fbd23c60b5b614b0ccfedf28926
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67293
Reviewed-by: Bob Beck <bbe@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
|
|
Add Cargo.lock to .gitignore for rust/bssl-crypto and remove generated file
Clean up cargo deny warnings and set reasonable starting point in deny.toml
Change-Id: I0b925408ab6b7947b1b01282bac803feb769421a
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/57985
Reviewed-by: Nabil Wadih <nwadih@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: Bob Beck <bbe@google.com>
|
|
- update rust folder to split into `bssl` and `bssl-sys`
- add initial bindings for hmac and a subset of sha2
Change-Id: I09e0e778c1590de6818a49e19529ceb011e4d9f6
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/57285
Reviewed-by: Bob Beck <bbe@google.com>
Commit-Queue: Bob Beck <bbe@google.com>
Reviewed-by: Adam Langley <agl@google.com>
|
|
Follow-up to
https://chromium-review.googlesource.com/c/chromium/tools/build/+/4296194/
But mostly I've since added a lot more configurations to CI and want to
make sure I haven't broken anything.
Change-Id: I627711356004bf2244bd729b6055e9e0e619724e
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/57691
Commit-Queue: Bob Beck <bbe@google.com>
Auto-Submit: David Benjamin <davidben@google.com>
Reviewed-by: Bob Beck <bbe@google.com>
|
|
This was added in https://crbug.com/1414198. Extracting
it to the same place as before to avoid needing to
update the recipe.
Change-Id: I02dd8bc2a9c0fc54236e10e13a43e716f1a34247
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/57647
Reviewed-by: Bob Beck <bbe@google.com>
Auto-Submit: David Benjamin <davidben@google.com>
Commit-Queue: Bob Beck <bbe@google.com>
|
|
Interestingly, the Chromium version is a bit behind the default. I've
set it to match the Chromium version.
Bug: chromium:1340825
Change-Id: Ia956e42897add5849dfe09ec8e3a19f704ed9641
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/55425
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
|
|
Bug: chromium:1205638
Change-Id: Iee6d4cbdff513f248e747fc497c4bda3efb995e5
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/52645
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
|
|
When a rust crate uses the boringssl rust bindings like:
```Cargo.toml
[dependencies]
bssl-sys = { path = "./third_party/boringssl/build/rust" }
```
The working directory of `build.rs` is set to the the crate's
working directory so "." and ".." aren't relative to the bindings'
directory. Use CARGO_MANIFEST_DIR to specify link search paths.
Change-Id: Ieb49f4ab479f47390388dc5ace70561f593dc238
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/51645
Reviewed-by: David Drysdale <drysdale@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
|
|
Change-Id: Iabbcc9096d2c9eea4ad13aed82fb7b1997c02e24
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/51545
Reviewed-by: Adam Langley <agl@google.com>
|
|
This is designed to be the minimal infrastructure required to support
using BoringSSL in the Rust ecosystem without fear of ABI drift. Bindgen
is used to generate Rust bindings in lockstep with the rest of the
build. `rust-openssl` can consume these generated bindings with minimal
changes.
Change-Id: I1dacd36a4131e22a930ebb01da00407e8465ad7e
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/49645
Reviewed-by: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
|
|
The gclient-managed files usually go in .gitignore. I think without it,
we have to redownload it all the time on the bots? Though this also
makes my git status cleaner.
Change-Id: Ic9bac6796bd3dcdea5039bcac39e853d9f12906b
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/46824
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
|
|
Newer versions of CMake have some fix for default libraries on
Windows/ARM64. (Not sure exactly what version, but the latest CMake does
seem to work.)
While trying to update the others, it turns out my workstation no longer
makes CMake builds compatible with the builders. It's also tedious that
updating CMake requires making builds myself. Fortunately, Chrome infra
is maintains some packages of third-party software in CIPD.
However, they don't make Windows CMake builds (filed
https://crbug.com/1180257 to request them), and they're stuck on 3.13.x
(blocked on https://crbug.com/1176531).
So, this CL switches to CIPD for Mac/Linux, with the latest version they
have available. It sticks with the old method (uploading copies of
upstream's packages) for Windows and grabs the latest version. When both
of the bugs above are fixed, hopefully things will be more uniform.
Change-Id: I710091fc60594165738a893b2be73cdcef54dfe2
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/45764
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
|
|
As of
https://chromium-review.googlesource.com/c/chromium/tools/build/+/2586225,
we no longer test on Yasm. Yasm hasn't seen a release for over six years
now and is missing support for newer x86 instructions.
This removes the remnants of support for Yasm on the CI. It also removes
the Yasm support we patched into x86nasm.pl, which removes a now
unnecessary divergence from upstream.
Update-Note: If a x86 Windows asm build breaks, switch from Yasm to
NASM. We're also no longer testing NASM on x86_64 Windows, but there
wasn't any patch to revert.
Change-Id: I016bad8757fcc13240db9f56dd622be518e649d7
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/44564
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
|
|
Chromium's VS toolchains now maintain JSON files with the expected
environment, so we don't need to pull in gyp to figure out the batch
file to run. This drops a long obsolete dependency and will make it
possible to handle other VS architectures. (gyp internally only handled
x86 and x64.)
Also trim away the logic in vs_toolchain.py to account for
non-depot_tools toolchains. Unlike Chromium, we don't use these scripts
outside of CI/CQ.
Change-Id: I2c9fddac52eef7b4895731d78c637fdcf9c85033
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/43504
Reviewed-by: Adam Langley <agl@google.com>
|
|
Used for Conscrypt local builds:
https://github.com/google/conscrypt/blob/master/BUILDING.md
Change-Id: I7eaa225cdc3c79cb5ac4902d222d408169f7ded0
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/37724
Commit-Queue: Pete Bentley <prb@google.com>
Reviewed-by: Adam Langley <agl@google.com>
|
|
Remove it when recipe change https://chromium-review.googlesource.com/c/chromium/tools/build/+/1685789
checked in and works as expected.
Bug: chromium:428426
Change-Id: I649ba7f4bd003101c71d07faad2a0d1e957cb97e
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/36626
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
|
|
Bug: chromium:428426
Change-Id: I12c2969fe8b37a604b14300433f3e3f09aeb24e6
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/36584
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
|
|
Change-Id: If5d88d88bd1ea8189cc715cc38e70bd3b11c4b67
Reviewed-on: https://boringssl-review.googlesource.com/c/34950
Commit-Queue: Steven Valdez <svaldez@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
|
|
Windows is sufficiently different from Linux that running tests under
SDE for Windows, particularly with the new ABI tests, is worthwhile.
Change-Id: I32c4f6de06b2e732ebb2c1492eb1766cae73c0e0
Reviewed-on: https://boringssl-review.googlesource.com/c/34064
Reviewed-by: Steven Valdez <svaldez@google.com>
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
|
|
In particular, pull Go 1.11 to get module support. Also we don't need to
pull in libfuzzer anymore.
Change-Id: I8098f64cef59422d9d43f7eca5bf3ced69eb70c4
Reviewed-on: https://boringssl-review.googlesource.com/31864
Reviewed-by: Adam Langley <agl@google.com>
|
|
MSan and TSan both require instrumenting everything. Add some machinery so we
can do this on the bots.
Change-Id: I7d2106bc852ee976455d18787d3a20a35373a9e7
Reviewed-on: https://boringssl-review.googlesource.com/30644
Reviewed-by: Adam Langley <agl@google.com>
|
|
It's 2018. I'm not sure why I added the 32-bit ones; even the 32-bit
bots build and run on 64-bit Windows. ninja.exe in depot_tools is also a
64-bit binary. I suspect this is because some of the depot_tools bits
use --platform=win32, but that's just the sys.platform string.
Alas, I stupidly named these "win32" way back. Dealing with the rename
is probably more trouble than worth it right now since the build recipes
refer to the name. Something to deal with later. (Regardless we'll want
"win32" to point to 64-bit binaries so that try jobs can test it.)
Also add the missing nasm-win32.exe to .gitignore.
For some reason the 64-bit Yasm binary does not work on the vs2017 CQ
bots, so I've left it alone. Hopefully it should be replaced by NASM
later anyway.
Change-Id: If65ececddbc6526ceebaafbef56eddea8ece58ba
Reviewed-on: https://boringssl-review.googlesource.com/29384
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
|
|
Because the android sdk managed by CIPD (see go/use-adjective-apis),
its deps repo ndk needs to be relocated, as well as hooked by the root
DEPS instead of recursedeps. This CL addes android ndk deps in
util/bot/DEPS.
Bug: chromium:659808
Change-Id: I270053ae56ba1caaf9c67f2240855eafd499b782
Reviewed-on: https://boringssl-review.googlesource.com/24864
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
|
|
Once the ACL issue is sorted out, this will mean we don't need to
re-download it each run.
BUG=180
Change-Id: I589d3944f8b6ab93d8fd279966484621ab825daa
Reviewed-on: https://boringssl-review.googlesource.com/16248
Commit-Queue: Steven Valdez <svaldez@google.com>
Reviewed-by: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
|
|
This reverts commit fee8559162e8e89af45d2719770eccd76bc920c5.
Oops. Didn't mean to push that one without review.
|
|
Once the ACL issue is sorted out, this will mean we don't need to
re-download it each run.
BUG=180
Change-Id: Iddcceafa3b359f8d5c7875887ecbaf21671c93f9
|
|
The bots will need to get libFuzzer externally. As usual, borrow
Chromium's copy.
Change-Id: I5ed879bbc76188838adcf9d51855e76c481ace5b
Reviewed-on: https://boringssl-review.googlesource.com/16146
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
|
|
I missed this one.
Change-Id: I642fb5878568870743727579126f63246ff179c5
Reviewed-on: https://boringssl-review.googlesource.com/12580
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
|
|
bot_update does a git clean -dff before each run, so we were
redownloading all the utilities on each run. This should make the bots
only download them when the change. (Chromium's setup is similar.)
Change-Id: I7eb83217761ceabe58b5480242a7df93d9bfaa52
Reviewed-on: https://boringssl-review.googlesource.com/12561
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
|
|
Previously doc/doc.css was a symlink to util/doc.css, but symlinks
don't work well on Windows. Now util/doc.css is copied to the output
directory when the documentation is generated.
Change-Id: I2c9f4fee4f4307cc3dd70c4be380b4551d5e9ab5
Reviewed-on: https://boringssl-review.googlesource.com/5677
Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
|
|
Change-Id: I5175ba1b316e381949c820211769fbd636fe645e
Reviewed-on: https://boringssl-review.googlesource.com/3024
Reviewed-by: Adam Langley <agl@google.com>
|
|
Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta).
(This change contains substantial changes from the original and
effectively starts a new history.)
|