slackware-current/patches/source/seamonkey/seamonkey.SlackBuild
Patrick J Volkerding 39f697baee Fri Mar 31 18:01:09 UTC 2023
patches/packages/ruby-3.0.6-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes security issues:
  ReDoS vulnerability in URI.
  ReDoS vulnerability in Time.
  For more information, see:
    https://www.ruby-lang.org/en/news/2023/03/28/redos-in-uri-cve-2023-28755/
    https://www.ruby-lang.org/en/news/2023/03/30/redos-in-time-cve-2023-28756/
    https://www.cve.org/CVERecord?id=CVE-2023-28755
    https://www.cve.org/CVERecord?id=CVE-2023-28756
  (* Security fix *)
patches/packages/seamonkey-2.53.16-x86_64-1_slack15.0.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.seamonkey-project.org/releases/seamonkey2.53.16
  (* Security fix *)
2023-04-01 13:30:36 +02:00

272 lines
9 KiB
Bash
Executable file

#!/bin/bash
# Copyright 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2020, 2021 Patrick J. Volkerding, Sebeka, MN, USA
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
# permitted provided that the following conditions are met:
#
# 1. Redistributions of this script must retain the above copyright
# notice, this list of conditions and the following disclaimer.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=seamonkey
TARBALLVER=${VERSION:-$(basename $(ls seamonkey-*.tar.* | cut -d - -f 2 | rev | cut -f 3- -d . | rev) .source)}
# Strip the end from beta versions:
VERSION=$(echo $TARBALLVER | cut -f 1 -d b)
BUILD=${BUILD:-1_slack15.0}
# Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then
case "$( uname -m )" in
i?86) export ARCH=i686 ;;
arm*) export ARCH=arm ;;
# Unless $ARCH is already set, use uname -m for all other archs:
*) export ARCH=$( uname -m ) ;;
esac
fi
# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
# the name of the created package would be, and then exit. This information
# could be useful to other scripts.
if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
echo "$PKGNAM-$TARBALLVER-$ARCH-$BUILD.txz"
exit 0
fi
# Seamonkey has been requiring more and more memory, especially while linking
# libxul. If it fails to build natively on x86 32-bit, it can be useful to
# attempt the build using an x86_64 kernel and a 32-bit userspace. Detect this
# situation and set the ARCH to i686. Later in the script we'll add some
# options to the .mozconfig so that the compile will do the right thing.
if [ "$(uname -m)" = "x86_64" -a "$(file -L /usr/bin/gcc | grep 80386 | grep 32-bit)" != "" ]; then
COMPILE_X86_UNDER_X86_64=true
ARCH=i686
fi
if [ "$ARCH" = "i686" ]; then
LIBDIRSUFFIX=""
OPTIMIZE_FLAG=${OPTIMIZE_FLAG:-"-O1 -g0"}
# The elf hack has been causing failures on 32-bit x86:
ELFHACK="--disable-elf-hack"
elif [ "$ARCH" = "x86_64" ]; then
LIBDIRSUFFIX="64"
OPTIMIZE_FLAG=${OPTIMIZE_FLAG:-"-O1 -g0"}
ELFHACK="--enable-elf-hack"
else
LIBDIRSUFFIX=""
OPTIMIZE_FLAG=${OPTIMIZE_FLAG:-"-O1 -g0"}
ELFHACK="--enable-elf-hack"
fi
# Choose a compiler (gcc/g++ or clang/clang++):
export CC=${CC:-gcc}
export CXX=${CXX:-g++}
# -Wformat is needed for -Werror=format-security
# -fno-delete-null-pointer-checks disables gcc6 optimization that leads to instability
export CFLAGS="-Wformat -fno-delete-null-pointer-checks"
export CXXFLAGS="-Wformat -fno-delete-null-pointer-checks -fpermissive"
# Keep memory usage as low as possible when linking:
SLKLDFLAGS=" -Wl,--as-needed -Wl,--no-keep-memory -Wl,--stats -Wl,--reduce-memory-overheads"
export LDFLAGS="$SLKLDFLAGS"
export MOZ_LINK_FLAGS="$SLKLDFLAGS"
# Don't use icecream with clang:
if [ "$CC" = "clang" ]; then
PATH=$(echo $PATH | sed "s|/usr/libexec/icecc/bin||g" | tr -s : | sed "s/^://g" | sed "s/:$//g")
fi
# Set linker to use:
LINKER=bfd
NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "}
TMP=${TMP:-/tmp}
PKG=$TMP/package-seamonkey
# If there is a private Google API key available at compile time, use
# it to enable support for Google Safe Browsing. For Slackware builds,
# we use a private key issued for the Slackware project. If you are
# rebuilding and need this support, or you are producing your own
# distribution, you may obtain your own Google API key at no charge by
# following these instructions:
# https://bugzilla.mozilla.org/show_bug.cgi?id=1377987#c0
if [ -r /root/google-api-key ]; then
GOOGLE_API_KEY="--with-google-safebrowsing-api-keyfile=/root/google-api-key"
fi
rm -rf $PKG
mkdir -p $TMP $PKG/usr
# We need to use the incredibly ancient autoconf-2.13 for this :/
( cd $CWD/autoconf ; ./autoconf.build )
PATH=$TMP/autoconf-tmp/usr/bin:$PATH
cd $TMP
rm -rf seamonkey-${TARBALLVER}
# Unpack this in a subdirectory to prevent changing permissions on /tmp:
rm -rf seamonkey-unpack
mkdir seamonkey-unpack
cd seamonkey-unpack
tar xvf $CWD/seamonkey-${TARBALLVER}.source.tar.?z* || exit 1
mv * ..
cd ..
rm -rf seamonkey-unpack
cd seamonkey-${TARBALLVER} || exit 1
# Retain GTK+ v2 scrolling behavior:
zcat $CWD/sm.ui.scrollToClick.diff.gz | patch -p2 --verbose || exit 1
# It says this is still based on Firefox 68 ESR, so I'm unable to take this
# requirement seriously:
zcat $CWD/seamonkey.minimum_rust_version.diff.gz | patch -p1 --verbose || exit 1
# Make sure the perms/ownerships are sane:
chown -R root:root .
find . \
\( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
-exec chmod 755 {} \+ -o \
\( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
-exec chmod 644 {} \+
# Our building options, in a configure-like display ;)
OPTIONS="\
--prefix=/usr \
--libdir=/usr/lib${LIBDIRSUFFIX} \
--enable-cpp-rtti \
--enable-default-toolkit=cairo-gtk3 \
--enable-startup-notification \
--enable-alsa \
--disable-debug \
--enable-linker=$LINKER \
--disable-strip \
--disable-install-strip \
--disable-tests \
--disable-crashreporter \
--disable-rust-simd \
--enable-accessibility \
$GOOGLE_API_KEY \
--disable-updater \
--enable-chrome-format=omni \
--disable-necko-wifi \
--enable-js-shell \
$ELFHACK \
--enable-release \
--enable-calendar \
--with-system-nss \
--with-system-nspr \
--with-system-zlib \
--with-unsigned-addon-scopes=app,system \
--enable-application=comm/suite \
--host=$ARCH-slackware-linux \
--target=$ARCH-slackware-linux"
export BUILD_OFFICIAL=1
export MOZILLA_OFFICIAL=1
export MOZ_MAKE_FLAGS="$NUMJOBS"
# Clear some variables that could break the build
unset DBUS_SESSION_BUS_ADDRESS ORBIT_SOCKETDIR SESSION_MANAGER \
XDG_SESSION_COOKIE XAUTHORITY MAKEFLAGS
# Assemble our .mozconfig:
echo > .mozconfig
# Tell .mozconfig about the selected compiler:
echo "export CC=\"${CC}\"" >> .mozconfig
echo "export CXX=\"${CXX}\"" >> .mozconfig
# Mozilla devs enforce using an objdir for building
# https://developer.mozilla.org/en/Configuring_Build_Options#Building_with_an_objdir
mkdir obj
echo "mk_add_options MOZ_OBJDIR=$(pwd)/obj" >> .mozconfig
# This directory is also needed or the build will fail:
mkdir -p obj
# Set options for $OPTIMIZE_FLAG:
echo "ac_add_options --enable-optimize=\"${OPTIMIZE_FLAG}\"" >> .mozconfig
if [ "$COMPILE_X86_UNDER_X86_64" = "true" ]; then
# Compile for i686 under an x86_64 kernel:
echo "ac_add_options --host=i686-pc-linux-gnu" >> .mozconfig
echo "ac_add_options --target=i686-pc-linux-gnu" >> .mozconfig
fi
# Add the $OPTIONS above to .mozconfig:
for option in $OPTIONS; do echo "ac_add_options $option" >> .mozconfig; done
# Build and install:
./mach build || exit 1
DESTDIR=$PKG ./mach install || exit 1
# Compress and if needed symlink the man pages:
if [ -d $PKG/usr/man ]; then
( cd $PKG/usr/man
for manpagedir in $(find . -type d -name "man*") ; do
( cd $manpagedir
for eachpage in $( find . -type l -maxdepth 1) ; do
ln -s $( readlink $eachpage ).gz $eachpage.gz
rm $eachpage
done
gzip -9 *.?
)
done
)
fi
# Strip files:
find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \
| cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
# This remains the standard plugin directory for all browsers.
mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/mozilla/plugins
# This is traditional.
( cd $PKG/usr/lib${LIBDIRSUFFIX}
if [ ! -e seamonkey ]; then
ln -sf seamonkey-${VERSION} seamonkey
fi
)
mkdir -p $PKG/usr/share/applications
cp -a $CWD/*.desktop $PKG/usr/share/applications
chown -R root:root $PKG/usr/share/applications
chmod 644 $PKG/usr/share/applications/*
mkdir -p $PKG/usr/share/pixmaps
cp -a $CWD/*.png $PKG/usr/share/pixmaps
chown -R root:root $PKG/usr/share/pixmaps
chmod 644 $PKG/usr/share/pixmaps/*
mkdir -p $PKG/usr/doc/seamonkey-$VERSION
cp -a \
AUTHORS LEGAL LICENSE README.txt \
$PKG/usr/doc/seamonkey-$VERSION
# Fix duplicate binary, https://bugzilla.mozilla.org/show_bug.cgi?id=658850
( cd $PKG/usr/lib$LIBDIRSUFFIX/seamonkey
if cmp seamonkey seamonkey-bin ; then
ln -sf seamonkey-bin seamonkey
fi
)
mkdir -p $PKG/install
cat $CWD/slack-desc > $PKG/install/slack-desc
zcat $CWD/doinst.sh.gz | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \
> $PKG/install/doinst.sh
cd $TMP/package-seamonkey
/sbin/makepkg -l y -c n -p $TMP/seamonkey-$TARBALLVER-$ARCH-$BUILD.txz