commit: 5e9264914fdbafdb3ef58359b0d29778f485e3af
Author: Ian Stakenvicius <axs <AT> gentoo <DOT> org>
AuthorDate: Thu Feb 16 18:35:54 2017 +0000
Commit: Ian Stakenvicius <axs <AT> gentoo <DOT> org>
CommitDate: Thu Feb 16 18:35:57 2017 +0000
URL: https://gitweb.gentoo.org/proj/mozilla.git/commit/?id=5e926491
Adjust thunderbird to use external enigmail
This patch adjusts thunderbird-52 and adds thunderbird-45.7.0-r1 that
depends on x11-plugins/enigmail when the crypt use flag is enabled.
This method allows for testing of either enigmail provision:
- enigmail[thunderbird] can be installed with thunderbird[-crypt], in which
case enigmail installs a copy of its code directly into tbird's extensions/
- thunderbird[crypt] can leverage enigmail[-thunderbird], in which case
the thunderbird ebuild installs a symlink in extensions/ pointing to
the installation location of enigmail.
We can choose the preferred solution prior to rollout on the gentoo repo.
...0_beta2.ebuild => thunderbird-45.7.0-r1.ebuild} | 70 +++++++++++++---------
.../thunderbird/thunderbird-52.0_beta2.ebuild | 17 ++++--
2 files changed, 56 insertions(+), 31 deletions(-)
diff --git a/mail-client/thunderbird/thunderbird-52.0_beta2.ebuild
b/mail-client/thunderbird/thunderbird-45.7.0-r1.ebuild
similarity index 84%
copy from mail-client/thunderbird/thunderbird-52.0_beta2.ebuild
copy to mail-client/thunderbird/thunderbird-45.7.0-r1.ebuild
index f3edb7e..3bc4194 100644
--- a/mail-client/thunderbird/thunderbird-52.0_beta2.ebuild
+++ b/mail-client/thunderbird/thunderbird-45.7.0-r1.ebuild
@@ -18,7 +18,8 @@ uk vi zh-CN zh-TW )
MOZ_PV="${PV/_beta/b}"
# Patches
-PATCHFF="firefox-52.0-patches-05"
+PATCH="thunderbird-38.0-patches-0.1"
+PATCHFF="firefox-45.0-patches-11"
MOZ_HTTP_URI="https://archive.mozilla.org/pub/${PN}/releases";
@@ -28,10 +29,8 @@ if [[ ${MOZ_ESR} == 1 ]]; then
fi
MOZ_P="${PN}-${MOZ_PV}"
-MOZCONFIG_OPTIONAL_GTK2ONLY=1
-MOZCONFIG_OPTIONAL_WIFI=1
-
-inherit flag-o-matic toolchain-funcs mozconfig-v6.52 makeedit autotools
pax-utils check-reqs nsplugins mozlinguas-v2 fdo-mime gnome2-utils
+MOZCONFIG_OPTIONAL_JIT="enabled"
+inherit flag-o-matic toolchain-funcs mozconfig-v6.45 makeedit autotools
pax-utils check-reqs nsplugins mozlinguas-v2 fdo-mime gnome2-utils
DESCRIPTION="Thunderbird Mail Client"
HOMEPAGE="http://www.mozilla.com/en-US/thunderbird/";
@@ -39,10 +38,10 @@ HOMEPAGE="http://www.mozilla.com/en-US/thunderbird/";
KEYWORDS="~alpha amd64 ~arm ppc ppc64 x86 ~x86-fbsd ~amd64-linux ~x86-linux"
SLOT="0"
LICENSE="MPL-2.0 GPL-2 LGPL-2.1"
-IUSE="bindist hardened ldap lightning +minimal mozdom rust selinux"
+IUSE="bindist crypt hardened ldap lightning +minimal mozdom selinux"
RESTRICT="!bindist? ( bindist )"
-PATCH_URIS=(
https://dev.gentoo.org/~{anarchy,axs,polynomial-c}/mozilla/patchsets/${PATCHFF}.tar.xz
)
+PATCH_URIS=(
https://dev.gentoo.org/~{anarchy,axs,polynomial-c}/mozilla/patchsets/{${PATCH},${PATCHFF}}.tar.xz
)
SRC_URI="${SRC_URI}
${MOZ_HTTP_URI}/${MOZ_PV}/source/${MOZ_P}.source.tar.xz
https://dev.gentoo.org/~axs/distfiles/lightning-${MOZ_LIGHTNING_VER}.tar.xz
@@ -51,15 +50,19 @@ SRC_URI="${SRC_URI}
ASM_DEPEND=">=dev-lang/yasm-1.1"
-DEPEND="rust? ( dev-lang/rust )
+CDEPEND="
+ >=dev-libs/nss-3.21.1
+ >=dev-libs/nspr-4.12
+ crypt? ( x11-plugins/enigmail[-thunderbird(-)] )
+ "
+
+DEPEND="${CDEPEND}
amd64? ( ${ASM_DEPEND}
virtual/opengl )
x86? ( ${ASM_DEPEND}
virtual/opengl )"
-RDEPEND="${DEPEND}
- >=dev-libs/nss-3.28.1
- >=dev-libs/nspr-4.13.1
+RDEPEND="${CDEPEND}
selinux? ( sec-policy/selinux-thunderbird )
"
@@ -85,6 +88,13 @@ pkg_pretend() {
# Ensure we have enough disk space to compile
CHECKREQS_DISK_BUILD="4G"
check-reqs_pkg_setup
+
+ if use jit && [[ -n ${PROFILE_IS_HARDENED} ]]; then
+ ewarn "You are emerging this package on a hardened profile with
USE=jit enabled."
+ ewarn "This is horribly insecure as it disables all PAGEEXEC
restrictions."
+ ewarn "Please ensure you know what you are doing. If you
don't, please consider"
+ ewarn "emerging the package with USE=-jit"
+ fi
}
src_unpack() {
@@ -102,7 +112,8 @@ src_unpack() {
src_prepare() {
# Apply our Thunderbird patchset
- epatch "${FILESDIR}"/1000_fix_gentoo_preferences.patch
+ rm -f "${WORKDIR}"/thunderbird/2001_ldap_respect_cflags.patch
+ eapply "${WORKDIR}/thunderbird"
# Apply our patchset from firefox to thunderbird as well
pushd "${S}"/mozilla &>/dev/null || die
@@ -170,13 +181,13 @@ src_configure() {
use hardened && append-ldflags "-Wl,-z,relro,-z,now"
mozconfig_annotate '' --enable-extensions="${MEXTENSIONS}"
+ mozconfig_annotate '' --disable-mailnews
mozconfig_annotate '' --enable-calendar
# Other tb-specific settings
mozconfig_annotate '' --with-user-appdir=.thunderbird
mozconfig_use_enable ldap
- mozconfig_use_enable rust
mozlinguas_mozconfig
@@ -187,7 +198,6 @@ src_configure() {
# Use an objdir to keep things organized.
echo "mk_add_options MOZ_OBJDIR=${BUILD_OBJ_DIR}" >> "${S}"/.mozconfig
- echo "mk_add_options XARGS=/usr/bin/xargs" >> "${S}"/.mozconfig
# Finalize and report settings
mozconfig_final
@@ -204,24 +214,20 @@ src_configure() {
if [[ $(gcc-major-version) -lt 4 ]]; then
append-cxxflags -fno-stack-protector
fi
-
- # workaround for funky/broken upstream configure...
- SHELL="${SHELL:-${EPREFIX%/}/bin/bash}" \
- emake V=1 -f client.mk configure
}
src_compile() {
- MOZ_MAKE_FLAGS="${MAKEOPTS}" SHELL="${SHELL}" \
- emake V=1 -f client.mk
+ mkdir -p "${BUILD_OBJ_DIR}" && cd "${BUILD_OBJ_DIR}" || die
+
+ CC="$(tc-getCC)" CXX="$(tc-getCXX)" LD="$(tc-getLD)" \
+ MOZ_MAKE_FLAGS="${MAKEOPTS}" SHELL="${SHELL:-${EPREFIX%/}/bin/bash}" \
+ emake -f "${S}"/client.mk
}
src_install() {
declare emid
cd "${BUILD_OBJ_DIR}" || die
- # Pax mark xpcshell for hardened support, only used for startupcache
creation.
- pax-mark m "${BUILD_OBJ_DIR}"/dist/bin/xpcshell
-
# Copy our preference before omnijar is created.
cp "${FILESDIR}"/thunderbird-gentoo-default-prefs-1.js-1 \
"${BUILD_OBJ_DIR}/dist/bin/defaults/pref/all-gentoo.js" \
@@ -237,6 +243,9 @@ src_install() {
>>"${BUILD_OBJ_DIR}/dist/bin/defaults/pref/all-gentoo.js" || die
fi
+ # Pax mark xpcshell for hardened support, only used for startupcache
creation.
+ pax-mark m "${BUILD_OBJ_DIR}"/dist/bin/xpcshell
+
MOZ_MAKE_FLAGS="${MAKEOPTS}" \
emake DESTDIR="${D}" install
@@ -293,8 +302,17 @@ src_install() {
doins -r "${T}/${emid}"
fi
- # Required in order to use plugins and even run thunderbird on hardened.
- pax-mark pm
"${ED}"${MOZILLA_FIVE_HOME}/{thunderbird,thunderbird-bin,plugin-container}
+ if use crypt ; then
+ emid=$(sed -n '/<em:id>/!d; s/.*\({.*}\).*/\1/; p; q'
/usr/share/enigmail/install.rdf)
+ dosym /usr/share/enigmail
${MOZILLA_FIVE_HOME}/extensions/${emid}
+ fi
+
+ # Required in order for jit to work on hardened, for mozilla-31 and
above
+ use jit && pax-mark pm
"${ED}"${MOZILLA_FIVE_HOME}/{thunderbird,thunderbird-bin}
+
+ # Plugin-container needs to be pax-marked for hardened to ensure
plugins such as flash
+ # continue to work as expected.
+ pax-mark m "${ED}"${MOZILLA_FIVE_HOME}/plugin-container
if use minimal; then
rm -r "${ED}"/usr/include
"${ED}"${MOZILLA_FIVE_HOME}/{idl,include,lib,sdk} || \
@@ -310,11 +328,9 @@ pkg_postinst() {
fdo-mime_desktop_database_update
gnome2_icon_cache_update
- elog
elog "If you experience problems with plugins please issue the"
elog "following command : rm \${HOME}/.thunderbird/*/extensions.sqlite
,"
elog "then restart thunderbird"
-
if ! use lightning; then
elog
elog "If calendar fails to show up in extensions please open
config editor"
diff --git a/mail-client/thunderbird/thunderbird-52.0_beta2.ebuild
b/mail-client/thunderbird/thunderbird-52.0_beta2.ebuild
index f3edb7e..4366b9d 100644
--- a/mail-client/thunderbird/thunderbird-52.0_beta2.ebuild
+++ b/mail-client/thunderbird/thunderbird-52.0_beta2.ebuild
@@ -39,7 +39,7 @@ HOMEPAGE="http://www.mozilla.com/en-US/thunderbird/";
KEYWORDS="~alpha amd64 ~arm ppc ppc64 x86 ~x86-fbsd ~amd64-linux ~x86-linux"
SLOT="0"
LICENSE="MPL-2.0 GPL-2 LGPL-2.1"
-IUSE="bindist hardened ldap lightning +minimal mozdom rust selinux"
+IUSE="bindist crypt hardened ldap lightning +minimal mozdom rust selinux"
RESTRICT="!bindist? ( bindist )"
PATCH_URIS=(
https://dev.gentoo.org/~{anarchy,axs,polynomial-c}/mozilla/patchsets/${PATCHFF}.tar.xz
)
@@ -51,15 +51,19 @@ SRC_URI="${SRC_URI}
ASM_DEPEND=">=dev-lang/yasm-1.1"
+CDEPEND="
+ >=dev-libs/nss-3.28.1
+ >=dev-libs/nspr-4.13.1
+ crypt? ( x11-plugins/enigmail[-thunderbird(-)] )
+ "
+
DEPEND="rust? ( dev-lang/rust )
amd64? ( ${ASM_DEPEND}
virtual/opengl )
x86? ( ${ASM_DEPEND}
virtual/opengl )"
-RDEPEND="${DEPEND}
- >=dev-libs/nss-3.28.1
- >=dev-libs/nspr-4.13.1
+RDEPEND="${CDEPEND}
selinux? ( sec-policy/selinux-thunderbird )
"
@@ -293,6 +297,11 @@ src_install() {
doins -r "${T}/${emid}"
fi
+ if use crypt; then
+ emid=$(sed -n '/<em:id>/!d; s/.*\({.*}\).*/\1/; p; q'
/usr/share/enigmail/install.rdf)
+ dosym /usr/share/enigmail
${MOZILLA_FIVE_HOME}/extensions/${emid}
+ fi
+
# Required in order to use plugins and even run thunderbird on hardened.
pax-mark pm
"${ED}"${MOZILLA_FIVE_HOME}/{thunderbird,thunderbird-bin,plugin-container}
