aboutsummaryrefslogtreecommitdiffstats
path: root/community/firefox-esr/APKBUILD
blob: 9a8c484dacd1a57dbad55ce5a19e2eda4d7f2832 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
# Contributor: William Pitcock <nenolod@dereferenced.org>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=firefox-esr
pkgver=52.9.0
_pkgver=$pkgver
_xulver=$pkgver
pkgrel=1
pkgdesc="Firefox web browser -  Extended Support Release"
url="https://www.mozilla.org/en-US/firefox/organizations/faq/"
arch="all"
license="GPL LGPL MPL"
depends=""
depends_dev="
	alsa-lib-dev
	bzip2-dev
	dbus-glib-dev
	gconf-dev
	gtk+2.0-dev
	gtk+3.0-dev
	hunspell-dev
	icu-dev
	libevent-dev
	libidl-dev
	libjpeg-turbo-dev
	libnotify-dev
	libogg-dev
	libtheora-dev
	libvorbis-dev
	libvpx-dev
	libxt-dev
	libxcomposite-dev
	mesa-dev
	nspr-dev
	nss-dev
	sqlite-dev
	startup-notification-dev
	wireless-tools-dev
	"
makedepends="$depends_dev
	autoconf2.13
	automake
	bsd-compat-headers
	libtool
	nss-static
	paxmark
	python2
	sed
	yasm
	zip
	"

install=""
subpackages="$pkgname-dev"
source="https://ftp.mozilla.org/pub/firefox/releases/${pkgver}esr/source/firefox-${pkgver}esr.source.tar.xz
	stab.h

	0002-Use-C99-math-isfinite.patch
	fix-fortify-inline.patch
	disable-hunspell_hooks.patch
	fix-seccomp-bpf.patch
	fix-toolkit.patch
	fix-tools.patch
	mallinfo.patch
	musl-pthread-setname.patch

	fix-fortify-system-wrappers.patch
	fix-arm-atomics-grsec.patch
	fix-arm-version-detect.patch
	mozilla-build-arm.patch
	disable-moz-stackwalk.patch
	missing-header-s390x.patch
	discard-x86-precision-musl.patch

	firefox.desktop
	firefox-safe.desktop"

builddir="${srcdir}/firefox-${pkgver}esr"/objdir
_mozappdir=/usr/lib/firefox-${pkgver}
_mozappdirdev=/usr/lib/firefox-devel-${pkgver}

# help our shared-object scanner to find the libs
ldpath="$_mozappdir"

# secfixes:
#   52.6.0-r0:
#     - CVE-2018-5089
#     - CVE-2018-5091
#     - CVE-2018-5095
#     - CVE-2018-5096
#     - CVE-2018-5097
#     - CVE-2018-5098
#     - CVE-2018-5099
#     - CVE-2018-5102
#     - CVE-2018-5103
#     - CVE-2018-5104
#     - CVE-2018-5117
#   52.5.2-r0:
#     - CVE-2017-7843
#     - CVE-2017-7843

prepare() {
	local i
	mkdir -p "$builddir"
	cd "$builddir"/..

	for i in $source; do
		case $i in
		*.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
		esac
	done
	cp "$srcdir"/stab.h toolkit/crashreporter/google-breakpad/src/
}

build() {
	cd "$builddir"

	export SHELL=/bin/sh
	export BUILD_OFFICIAL=1
	export MOZILLA_OFFICIAL=1
	export USE_SHORT_LIBNAME=1
	# gcc 6
	export CXXFLAGS="-fno-delete-null-pointer-checks -fno-schedule-insns2"

	# set rpath so linker finds the libs
	export LDFLAGS="$LDFLAGS -Wl,-rpath,${_mozappdir}"

	local extra_flags=""
	[ "$CARCH" = "s390x" ] && extra_flags="--disable-startupcache"

	../configure \
		--prefix=/usr \
		\
		--disable-crashreporter \
		--disable-elf-hack \
		--disable-install-strip \
		--disable-jemalloc \
		--disable-profiling \
		--disable-pulseaudio \
		--disable-strip \
		--disable-tests \
		--disable-updater \
		\
		--enable-alsa \
		--enable-default-toolkit=cairo-gtk3 \
		--enable-gio \
		--enable-gold=no \
		--enable-official-branding \
		--enable-optimize="$CFLAGS" \
		--enable-pie \
		--enable-startup-notification \
		--enable-system-ffi \
		--enable-system-hunspell \
		--enable-system-sqlite \
		\
		--with-pthreads \
		--with-system-bz2 \
		--with-system-icu \
		--with-system-jpeg \
		--with-system-libevent \
		--with-system-libvpx \
		--with-system-nspr \
		--with-system-nss \
		--with-system-pixman \
		--with-system-png \
		--with-system-zlib \
		$extra_flags
	make || return 1

	# paxmark outside fakeroot
	paxmark -msp dist/bin/xpcshell || return 1

}

package() {
	cd "$builddir"

	# only used for startupcache creation.
	local paxflags="-msp"
	paxmark "$paxflags" dist/bin/xpcshell || return 1

	make install \
		DESTDIR="$pkgdir" \
		MOZ_MAKE_FLAGS="$MAKEOPTS" \
		|| return 1

	install -m755 -d ${pkgdir}/usr/share/applications
	install -m755 -d ${pkgdir}/usr/share/pixmaps

	local png
	for png in ../browser/branding/official/default*.png; do
		local i=${_png%.png}
		i=${i##*/default}
		install -D -m644 "$png" "$pkgdir"/usr/share/icons/hicolor/${i}x${i}/apps/firefox.png || return 1
	done

	install -m644 "$builddir"/../browser/branding/official/default48.png \
		${pkgdir}/usr/share/pixmaps/firefox.png || return 1
	install -m644 ${srcdir}/firefox.desktop ${pkgdir}/usr/share/applications/firefox.desktop
	install -m644 ${srcdir}/firefox-safe.desktop ${pkgdir}/usr/share/applications/firefox-safe.desktop

	# firefox currently does not work with mprotect. disable it for now
	local paxflags="-mp"
	[ "$CARCH" = "x86" ] && paxflags="-msp"

	paxmark "$paxflags" "$pkgdir"/$_mozappdir/firefox || return 1
	paxmark "$paxflags" "$pkgdir"/$_mozappdir/plugin-container || return 1

	# xulrunner stub launcher has changed to using a symlink overlay...
	# go figure
	ln -sf /usr/lib/xulrunner-${_xulver} ${pkgdir}/$_mozappdir/xulrunner

	# launcher as symlink is broken from firefox-7.0
	rm "$pkgdir"/usr/bin/firefox || return 1
	libgl=$(scanelf -qF '#F%S' /usr/lib/libGL.so)
	cat > "$pkgdir"/usr/bin/firefox << __EOF__
#!/bin/sh

exec $_mozappdir/firefox "\$@"
__EOF__
	chmod 755 "$pkgdir"/usr/bin/firefox

	# install our vendor prefs
	install -d "$pkgdir"/$_mozappdir/browser/defaults/preferences

	cat >> "$pkgdir"/$_mozappdir/browser/defaults/preferences/firefox-branding.js <<- EOF
	// Use LANG environment variable to choose locale
	pref("intl.locale.matchOS", true);

	// Disable default browser checking.
	pref("browser.shell.checkDefaultBrowser", false);

	// Don't disable our bundled extensions in the application directory
	pref("extensions.autoDisableScopes", 11);
	pref("extensions.shownSelectionUI", true);
	EOF

	# remove copied, huge, libraries
	rm -f "$pkgdir"/${_mozappdirdev}/sdk/lib/libmozjs.so
	rm -f "$pkgdir"/${_mozappdirdev}/sdk/lib/libmozalloc.so
	rm -f "$pkgdir"/${_mozappdirdev}/sdk/lib/libxul.so
}

dev() {
	mkdir -p "$subpkgdir"/${_mozappdirdev%/*}
	mv "$pkgdir"/${_mozappdirdev} "$subpkgdir"/${_mozappdirdev%/*} \
		|| return 1
	default_dev
}

sha512sums="bfca42668ca78a12a9fb56368f4aae5334b1f7a71966fbba4c32b9c5e6597aac79a6e340ac3966779d2d5563eb47c054ab33cc40bfb7306172138ccbd3adb2b9  firefox-52.9.0esr.source.tar.xz
0b3f1e4b9fdc868e4738b5c81fd6c6128ce8885b260affcb9a65ff9d164d7232626ce1291aaea70132b3e3124f5e13fef4d39326b8e7173e362a823722a85127  stab.h
7e123144bc2b1efed149dfb41b255c447d43ea93a63ebe114d01945e6a6d69edc2f2a3c36980a93279106c1842355851b8b6c1d96679ee6be7b9b30513e0b1a8  0002-Use-C99-math-isfinite.patch
09bc32cf9ee81b9cc6bb58ddbc66e6cc5c344badff8de3435cde5848e5a451e0172153231db85c2385ff05b5d9c20760cb18e4138dfc99060a9e960de2befbd5  fix-fortify-inline.patch
0fcc647af53a3ce21c2bc36e5631eb0935e7243ebb3ab59b5719542cc54a6ac023a4a857b43b75756efb9ed80c0aecaa94dc5679a3b3792f82e87bf2c1af82e1  disable-hunspell_hooks.patch
70863b985427b9653ce5e28d6064f078fb6d4ccf43dd1b68e72f97f44868fc0ce063161c39a4e77a0a1a207b7365d5dc7a7ca5e68c726825eba814f2b93e2f5d  fix-seccomp-bpf.patch
a2925045154f4fd34e5fc056656f4f9da100341529e5d4104d249154db0c7863384083f421ce6e47e0f20566a8b20787fa35444c7933c03cd03f96f06dcd4532  fix-toolkit.patch
7d7531a0dbb1b3c2f4cbf155168e750f274dbf19cd767d6395d479ef1626a651e714b41e353465d9d58239dc15256d83eeb1bf06c6adf47c521a0db5ee88bb50  fix-tools.patch
bdcd1b402d2ec94957ba5d08cbad7b1a7f59c251c311be9095208491a05abb05a956c79f27908e1f26b54a3679387b2f33a51e945b650671ad85c0a2d59a5a29  mallinfo.patch
3f535b1e4e9a5a0506ef6f6d9427a84fae1efa3c8e8d6b25b21046d2d04c132bde1a7a98e415067e5c542f699d89249b8cc3d925e0be4e96db498037429691ef  musl-pthread-setname.patch
2a967e4619fd89a046bd40be7fdcef646fcb1eba5e47afc96aa1d59c25bcc8747cb07baee6c11f3b803db0981aced181534b806778e4d21e74958f5f4d74c784  fix-fortify-system-wrappers.patch
ed0d344c66fc8e1cc83a11e9858b32c42e841cbeedd9eb9438811e9fcc3593dc824a8336d00058d55836cedc970aeadd6a82c6dcd7bc0fb746e564d8b478cc6c  fix-arm-atomics-grsec.patch
015e1ff6dbf920033982b5df95d869a0b7bf56c6964e45e50649ddf46d1ce09563458e45240c3ecb92808662b1300b67507f7af272ba184835d91068a9e7d5b0  fix-arm-version-detect.patch
e61664bc93eadce5016a06a4d0684b34a05074f1815e88ef2613380d7b369c6fd305fb34f83b5eb18b9e3138273ea8ddcfdcb1084fdcaa922a1e5b30146a3b18  mozilla-build-arm.patch
4797d2d89ac63a57abb826b8ea9f751314ce66946194033deb9d78c2ff377b88106fd2c7bc5034dc13ad03dd5085b1893c3ccae1a9e63fde35655bb0921f7188  disable-moz-stackwalk.patch
6beba471b6a7fc229a9c105d58137f80cec07219e52bb9a666c787b37ca88635d6ec2eba651eccb5096429c2965709c9475c89839c255c3545f8c96c5d40f403  missing-header-s390x.patch
fc3fd5a3ad4b83feb9dbe9ecc91d5ae51ce5cd13af481b79910e1e13a79ac6c9b77cf025c14516327391a55172bc13a6f02d9bc7a51eef08fcbbcaaa37845818  discard-x86-precision-musl.patch
f3b7c3e804ce04731012a46cb9e9a6b0769e3772aef9c0a4a8c7520b030fdf6cd703d5e9ff49275f14b7d738fe82a0a4fde3bc3219dff7225d5db0e274987454  firefox.desktop
5dcb6288d0444a8a471d669bbaf61cdb1433663eff38b72ee5e980843f5fc07d0d60c91627a2c1159215d0ad77ae3f115dcc5fdfe87e64ca704b641aceaa44ed  firefox-safe.desktop"