blob: fa9d658c5d610540ba82026df5ce558e9e8349b3 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
|
# Contributor: William Pitcock <nenolod@dereferenced.org>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=firefox-esr
pkgver=60.4.0
pkgrel=2
pkgdesc="Firefox web browser - Extended Support Release"
url="https://www.mozilla.org/en-US/firefox/organizations/"
# limited by rust and cargo
arch="x86_64"
license="GPL LGPL MPL"
makedepends="
alsa-lib-dev
autoconf2.13
automake
bsd-compat-headers
bzip2-dev
cargo
clang-dev
dbus-glib-dev
ffmpeg-dev
gconf-dev
gtk+2.0-dev
gtk+3.0-dev
hunspell-dev
icu-dev
libevent-dev
libidl-dev
libjpeg-turbo-dev
libnotify-dev
libogg-dev
libtheora-dev
libtool
libvorbis-dev
libvpx-dev
libxt-dev
libxcomposite-dev
llvm5-dev
mesa-dev
nspr-dev
nss-dev
nss-static
paxmark
python2
sqlite-dev
sed
startup-notification-dev
wireless-tools-dev
yasm
zip
"
source="https://ftp.mozilla.org/pub/firefox/releases/${pkgver}esr/source/firefox-"$pkgver"esr.source.tar.xz
stab.h
fix-fortify-system-wrappers.patch
fix-fortify-inline.patch
disable-hunspell_hooks.patch
fix-seccomp-bpf.patch
fix-toolkit.patch
fix-tools.patch
mallinfo.patch
fix-arm-atomics-grsec.patch
fix-arm-version-detect.patch
mozilla-build-arm.patch
disable-moz-stackwalk.patch
fix-rust-target.patch
fix-bug-1261392.patch
rust-unitialized-field.patch
fix-webrtc-glibcisms.patch
firefox.desktop
firefox-safe.desktop"
builddir="${srcdir}/firefox-$pkgver"
_mozappdir=/usr/lib/firefox
# help our shared-object scanner to find the libs
ldpath="$_mozappdir"
# secfixes:
# 52.6.0-r0:
# - CVE-2018-5089
# - CVE-2018-5091
# - CVE-2018-5095
# - CVE-2018-5096
# - CVE-2018-5097
# - CVE-2018-5098
# - CVE-2018-5099
# - CVE-2018-5102
# - CVE-2018-5103
# - CVE-2018-5104
# - CVE-2018-5117
# 52.5.2-r0:
# - CVE-2017-7843
# - CVE-2017-7843
prepare() {
default_prepare
cp "$srcdir"/stab.h toolkit/crashreporter/google-breakpad/src/
}
build() {
mkdir -p "$builddir"/objdir
cd "$builddir"/objdir
export SHELL=/bin/sh
export BUILD_OFFICIAL=1
export MOZILLA_OFFICIAL=1
export USE_SHORT_LIBNAME=1
# gcc 6
export CXXFLAGS="-fno-delete-null-pointer-checks -fno-schedule-insns2"
# set rpath so linker finds the libs
export LDFLAGS="$LDFLAGS -Wl,-rpath,${_mozappdir}"
../configure \
--prefix=/usr \
\
--disable-crashreporter \
--disable-elf-hack \
--disable-gold \
--disable-install-strip \
--disable-jemalloc \
--disable-profiling \
--disable-pulseaudio \
--disable-strip \
--disable-tests \
--disable-updater \
\
--enable-alsa \
--enable-default-toolkit=cairo-gtk3 \
--enable-official-branding \
--enable-optimize="$CFLAGS" \
--enable-pie \
--enable-startup-notification \
--enable-system-ffi \
--enable-system-hunspell \
--enable-system-sqlite \
--enable-ffmpeg \
\
--with-pthreads \
--with-system-bz2 \
--with-system-icu \
--with-system-jpeg \
--with-system-libevent \
--with-system-libvpx \
--with-system-nspr \
--with-system-nss \
--with-system-pixman \
--with-system-png \
--with-system-zlib \
--with-clang-path=/usr/bin/clang \
--with-libclang-path=/usr/lib
make
# paxmark outside fakeroot
paxmark -msp dist/bin/xpcshell
}
package() {
cd "$builddir"/objdir
# only used for startupcache creation.
local paxflags="-msp"
paxmark "$paxflags" dist/bin/xpcshell
make install \
DESTDIR="$pkgdir" \
MOZ_MAKE_FLAGS="$MAKEOPTS"
install -m755 -d ${pkgdir}/usr/share/applications
install -m755 -d ${pkgdir}/usr/share/pixmaps
local png
for png in ../browser/branding/official/default*.png; do
local i=${_png%.png}
i=${i##*/default}
install -D -m644 "$png" "$pkgdir"/usr/share/icons/hicolor/${i}x${i}/apps/firefox.png
done
install -m644 "$builddir"/browser/branding/official/default48.png \
${pkgdir}/usr/share/pixmaps/firefox.png
install -m644 ${srcdir}/firefox.desktop ${pkgdir}/usr/share/applications/firefox.desktop
install -m644 ${srcdir}/firefox-safe.desktop ${pkgdir}/usr/share/applications/firefox-safe.desktop
# firefox currently does not work with mprotect. disable it for now
local paxflags="-mp"
[ "$CARCH" = "x86" ] && paxflags="-msp"
paxmark "$paxflags" "$pkgdir"/$_mozappdir/firefox
paxmark "$paxflags" "$pkgdir"/$_mozappdir/plugin-container
# launcher as symlink is broken from firefox-7.0
rm "$pkgdir"/usr/bin/firefox
libgl=$(scanelf -qF '#F%S' /usr/lib/libGL.so)
cat > "$pkgdir"/usr/bin/firefox << __EOF__
#!/bin/sh
exec $_mozappdir/firefox "\$@"
__EOF__
chmod 755 "$pkgdir"/usr/bin/firefox
# install our vendor prefs
install -d "$pkgdir"/$_mozappdir/browser/defaults/preferences
cat >> "$pkgdir"/$_mozappdir/browser/defaults/preferences/firefox-branding.js <<- EOF
// Use LANG environment variable to choose locale
pref("intl.locale.matchOS", true);
// Disable default browser checking.
pref("browser.shell.checkDefaultBrowser", false);
// Don't disable our bundled extensions in the application directory
pref("extensions.autoDisableScopes", 11);
pref("extensions.shownSelectionUI", true);
EOF
# remove copied, huge, libraries
rm -f "$pkgdir"/${_mozappdirdev}/sdk/lib/libmozjs.so
rm -f "$pkgdir"/${_mozappdirdev}/sdk/lib/libmozalloc.so
rm -f "$pkgdir"/${_mozappdirdev}/sdk/lib/libxul.so
}
sha512sums="8119f52b2fc06f76868bf0781fec9d46c8551f0a3ca832ac9bdef6aa6d77c1d785e50d35059f0df5e3586f3396b912af06e448d65e7f5d1f468338eebe8b2cd4 firefox-60.4.0esr.source.tar.xz
0b3f1e4b9fdc868e4738b5c81fd6c6128ce8885b260affcb9a65ff9d164d7232626ce1291aaea70132b3e3124f5e13fef4d39326b8e7173e362a823722a85127 stab.h
2f4f15974d52de4bb273b62a332d13620945d284bbc6fe6bd0a1f58ff7388443bc1d3bf9c82cc31a8527aad92b0cd3a1bc41d0af5e1800e0dcbd7033e58ffd71 fix-fortify-system-wrappers.patch
09bc32cf9ee81b9cc6bb58ddbc66e6cc5c344badff8de3435cde5848e5a451e0172153231db85c2385ff05b5d9c20760cb18e4138dfc99060a9e960de2befbd5 fix-fortify-inline.patch
0fcc647af53a3ce21c2bc36e5631eb0935e7243ebb3ab59b5719542cc54a6ac023a4a857b43b75756efb9ed80c0aecaa94dc5679a3b3792f82e87bf2c1af82e1 disable-hunspell_hooks.patch
2f713a270f7d1588ec4a0b9c21e5a0d20823954e6a64293ee1a391f80d38af6c0a80b3d35c3ada59b605f6032fb2af3040cd8ca7f424b0e620cc53fd12674fd9 fix-seccomp-bpf.patch
a2925045154f4fd34e5fc056656f4f9da100341529e5d4104d249154db0c7863384083f421ce6e47e0f20566a8b20787fa35444c7933c03cd03f96f06dcd4532 fix-toolkit.patch
b46cb90d4fdd1a925a61e2c6c545489cd542f5d82980c529361c02042eed31d5c26972b5e237c1a020f87ffcfd12736d1f4f6e33eaa83ae156d523c808c718cb fix-tools.patch
bdcd1b402d2ec94957ba5d08cbad7b1a7f59c251c311be9095208491a05abb05a956c79f27908e1f26b54a3679387b2f33a51e945b650671ad85c0a2d59a5a29 mallinfo.patch
ed0d344c66fc8e1cc83a11e9858b32c42e841cbeedd9eb9438811e9fcc3593dc824a8336d00058d55836cedc970aeadd6a82c6dcd7bc0fb746e564d8b478cc6c fix-arm-atomics-grsec.patch
015e1ff6dbf920033982b5df95d869a0b7bf56c6964e45e50649ddf46d1ce09563458e45240c3ecb92808662b1300b67507f7af272ba184835d91068a9e7d5b0 fix-arm-version-detect.patch
e61664bc93eadce5016a06a4d0684b34a05074f1815e88ef2613380d7b369c6fd305fb34f83b5eb18b9e3138273ea8ddcfdcb1084fdcaa922a1e5b30146a3b18 mozilla-build-arm.patch
4797d2d89ac63a57abb826b8ea9f751314ce66946194033deb9d78c2ff377b88106fd2c7bc5034dc13ad03dd5085b1893c3ccae1a9e63fde35655bb0921f7188 disable-moz-stackwalk.patch
42cc44fda4b05259b38f055d6f51461746aa89a474cedc5e92fb9d20879da0d12b1b515b273a549e7302cda9c7eddde20d5fdba09853e5c658784ad6d0b20078 fix-rust-target.patch
a50b412edf9573a0bd04a43578b1c927967a616b73a5995eefb15bfa78fd2bd14e36ec05315a0703f6370ecd524e6bcb012e7285beb1245e9add9b8553acb79e fix-bug-1261392.patch
01b48a708cc6bc6e3cd7cc7b16f5137ec344566ac891d699b65e322bc992726072fa14a54cef1a7775799fcbbcf90a6c170107c8524caba3bc311b42d93b7581 rust-unitialized-field.patch
75b97d59e81e5f1debe6a459b535da704d5a2ac4a57c446d16058fd18db81e22317fcc3ec11b89f569f4de87e8e80ced027c0e72e7f1dd16f6fd0feb6b263919 fix-webrtc-glibcisms.patch
f3b7c3e804ce04731012a46cb9e9a6b0769e3772aef9c0a4a8c7520b030fdf6cd703d5e9ff49275f14b7d738fe82a0a4fde3bc3219dff7225d5db0e274987454 firefox.desktop
5dcb6288d0444a8a471d669bbaf61cdb1433663eff38b72ee5e980843f5fc07d0d60c91627a2c1159215d0ad77ae3f115dcc5fdfe87e64ca704b641aceaa44ed firefox-safe.desktop"
|
