Compile a library from specified repo and revision

scripts/lib-compile.sh

@@ -0,0 +1,159 @@
+#/bin/bash
+
+# Simple script, which contains 'recipes' for compilation of supported
+# libraries.
+# This script is called before the testing itself if a 'configuration' file,
+# with library name, repository and branch, is present. If so, the desired
+# library is compiled and 'installed' (by replacing an existing installation).
+# The main disadvantage is that the compilation is perfomed in EACH job, which
+# is time consuming and unnecessary. Possible future solution could be an
+# external system, which would create RPMs for each supported OS and these
+# RPMs could be then simply downloaded and installed by a package manager.
+
+# TODO: following recipes contain a simple, working way of compiling each
+# library and could be definitely improved.
+
+# Arguments:
+# $1: Library name (gnutls, nss or openssl)
+# $2: Library repo address (git for gnutls and openssl, mercurial for nss)
+# $3: Repository branch/tag name
+
+if [[ $# -ne 3 ]]; then
+    echo >&2 "$0: Invalid arguments"
+    exit 1
+fi
+
+LIB_NAME="$1"
+LIB_REPO="$2"
+LIB_BRANCH="$3"
+
+set -e
+
+if [[ $LIB_NAME == "nss" ]]; then
+    export USE_64=1
+
+    # Install dependencies
+    # Compiled library must be installed here, so it won't be overwritten later
+    # when installed in some test-dependency chain
+    REQS="nss mercurial zlib-devel gcc gcc-c++"
+    $PKG_MAN -y install $REQS
+    rpm -q $REQS
+
+    if [ $USE_64 -eq 1 ]; then
+        LIB_DIR="/usr/lib64"
+    else
+        LIB_DIR="/usr/lib"
+    fi
+
+    if [ ! -d nss ]; then
+        hg clone "$LIB_REPO" nss
+    fi
+
+    if [ ! -d nspr ]; then
+        hg clone https://hg.mozilla.org/projects/nspr nspr
+    fi
+
+    rm -fr dist
+    cd nss
+    hg update "$LIB_BRANCH"
+    make nss_clean_all
+    make nss_build_all &> build.log
+    head -n 100 build.log
+    cd ..
+    # There must be a better way
+    cd dist/*.OBJ
+    cp -Hfrv --remove-destination lib/* ${LIB_DIR}/
+    cp -Hfrv --remove-destination include/* /usr/include/
+    cp -Hfrv --remove-destination bin/* ${LIB_DIR}/nss/unsupported-tools/
+    cd ../..
+
+    if [ ! -f version ]; then
+        echo "
+    #include <stdio.h>
+    #include <dlfcn.h>
+
+    int main() {
+            void* lib = dlopen(\"${LIB_DIR}/libnss3.so\", RTLD_NOW);
+            const char* (*func)() = dlsym(lib, \"NSS_GetVersion\");
+            printf(\"%s\n\", func());
+
+            dlclose(lib);
+            return 0;
+    }
+    " > version.c
+        gcc -o version version.c -ldl
+        chmod +x version
+    fi
+
+    ./version
+elif [[ $LIB_NAME == "openssl" ]]; then
+    # Install dependencies
+    # Compiled library must be installed here, so it won't be overwritten later
+    # when installed in some test-dependency chain
+    REQS="openssl zlib-devel git gcc lksctp-tools-devel"
+    $PKG_MAN -y install $REQS
+    rpm -q $REQS
+
+    git clone "$LIB_REPO" openssl
+    cd openssl
+    git checkout "$LIB_BRANCH"
+    # TODO: custom config options like no-ssl2, etc. (?)
+    FLAGS="enable-ec_nistp_64_gcc_128 zlib sctp enable-camellia enable-seed"
+    FLAGS+=" enable-rfc3779 enable-cms enable-md2 enable-rc5"
+    FLAGS+=" no-mdc2 no-ec2m no-gost no-srp shared"
+    ./config --prefix=/usr --openssldir=/etc/pki/tls $FLAGS
+    echo "Compiling..."
+    make depend &> build.log
+    make all &>> build.log
+    head -n 100 build.log
+    # TODO: Is this necessary? (these tests take some time)
+    # Requires: perl-Test-Harness perl-Test-Simple
+    #make test
+    echo "Installing..."
+    make install &> build.log
+    head -n 100 build.log
+    openssl version
+    cd ..
+elif [[ $LIB_NAME == "gnutls" ]]; then
+    # Install dependencies
+    # Compiled library must be installed here, so it won't be overwritten later
+    # when installed in some test-dependency chain
+    REQS="gnutls zlib-devel git gcc p11-kit-devel gettext readline-devel"
+    REQS+=" libtool automake autoconf texinfo nettle-devel autogen gettext-devel"
+    REQS+=" libtasn1 libtasn1-devel gtk-doc libunistring-devel gperf bison"
+    $PKG_MAN -y install $REQS
+    # Workaround for RHEL 6 which does not have autogen it its repositories
+    if ! rpm -q autogen; then
+        $PKG_MAN -y --enablerepo epel-testing install autogen
+    fi
+
+    rpm -q $REQS
+
+    git clone "$LIB_REPO" gnutls
+    cd gnutls
+    git checkout "$LIB_BRANCH"
+    git submodule update --init
+    make bootstrap &> build.log
+    # TODO: RHEL/Fedora spec files use several switches, which (probably)
+    # should be used here as well
+    echo "Configuring..."
+    ./configure --prefix=/usr --disable-non-suiteb-curves --disable-doc &>> build.log
+    head -n 100 build.log
+    echo "Compiling..."
+    make &> build.log
+    head -n 100 build.log
+    # TODO: dist-hook is (probably) necessary to make gnutls-* --version
+    # show correct version instead of @VERSION@ placeholder, which (probably)
+    # needs a working dane support
+    echo "Installing..."
+    make install &> build.log
+    head -n 100 build.log
+    # FIXME: wrong version number because of the previous TODO
+    gnutls-cli --version
+    cd ..
+else
+    echo >&2 "$0: Invalid library name ($LIB_NAME)"
+    exit 1
+fi
+
+exit 0

scripts/test-runner.sh

@@ -41,6 +41,51 @@ function test_name_relevancy() {
     return $RES
 }
 
+# Compile a supported SSL/TLS library from sources
+# If the 'library-repo' file exists in the root of the repository, this
+# function parses it and compiles the SSL/TLS library according that
+# configuration.
+#
+# Format of library-repo file:
+# export DEV_LIBRARY_NAME="name" # where name could be gnutls, nss or openssl
+# export DEV_LIBRARY_REPO="repo_address" # Repository address
+# export DEV_LIBRARY_BRANCH="branch_name" # Repository branch
+#
+# Example:
+# export DEV_LIBRARY_NAME="gnutls"
+# export DEV_LIBRARY_REPO="https://gitlab.com/gnutls/gnutls.git"
+# export DEV_LIBRARY_BRANCH="gnutls_3_5_11"
+#
+function compile_library() {
+    local LIBRARY_FILE="/workspace/library-repo"
+    local COMPILE_SCRIPT="/workspace/scripts/lib-compile.sh"
+
+    if [[ ! -f $LIBRARY_FILE ]]; then
+        echo "No 'library-repo' file found, continuing without compilation..."
+        return 0
+    fi
+
+    source "${LIBRARY_FILE}"
+
+    for var in REPO BRANCH NAME; do
+        exp="DEV_LIBRARY_${var}"
+        if [[ -z ${exp} ]]; then
+            echo >&2 "Missing '${exp}'"
+            return 1
+        fi
+    done
+
+    chmod +x "$COMPILE_SCRIPT"
+    $COMPILE_SCRIPT "$DEV_LIBRARY_NAME" "$DEV_LIBRARY_REPO" "$DEV_LIBRARY_BRANCH"
+    EC=$?
+
+    if [[ $EC -ne 0 ]]; then
+        cat "${DEV_LIBRARY_NAME}/build.log"
+    fi
+
+    return $EC
+}
+
 set +x
 
 if [[ $# < 3 ]]; then
@@ -65,9 +110,9 @@ if [[ $OS_VERSION == "latest" ]]; then
 fi
 
 if [[ $OS_TYPE == "fedora" ]]; then
-    PKG_MAN="dnf"
+    export PKG_MAN="dnf"
 else
-    PKG_MAN="yum"
+    export PKG_MAN="yum"
 fi
 
 fold_start "machine-setup"
@@ -95,6 +140,12 @@ if [[ $OS_TYPE == "centos" ]]; then
     echo 'rlIsRHEL() { rlIsCentOS "$@"; }' >> /usr/share/beakerlib/testing.sh
 fi
 
+# Library compilation
+if ! compile_library; then
+    echo >&2 "Library compilation failed"
+    exit 1
+fi
+
 EC=0
 SKIP=0
 INDEX=0