summaryrefslogtreecommitdiff
path: root/nonprism/icedove-hardened/PKGBUILD
blob: 66631204394421ddd0265af30e5c80cc254a08fd (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
# Maintainer: André Silva <emulatorman@parabola.nu>
# Contributor: Márcio Silva <coadde@parabola.nu>
# Contributor: Luke R. <g4jc@openmailbox.org>
# Contributor: Isaac David <isacdaavid@isacdaavid.info>

# We're getting this from Debian Sid
_debname=icedove
_debver=45.4.0
_debrel=deb1
_debrepo=http://ftp.debian.org/debian/pool/main/
debfile() { echo $@|sed -r 's@(.).*@\1/&/&@'; }

_pkgname=thunderbird
pkgname=icedove-hardened
epoch=1
pkgver=$_debver.$_debrel
pkgrel=1

pkgdesc="A libre version of Debian Icedove, the standalone mail and news reader based on Mozilla Thunderbird, with several patches that were introduced to strengthen and protect the end user from security threats and without support for unsafe and dangerous for privacy protocols"
arch=(i686 x86_64 armv7h)
license=(MPL GPL LGPL)
depends=(alsa-lib dbus-glib gtk2 hunspell icu=57.1 libevent libvpx=1.6.0 libxt mime-types mozilla-common nss sqlite startup-notification ttf-font)
makedepends=(autoconf2.13 diffutils gconf imake inetutils libpulse mesa mozilla-searchplugins pkg-config python2 quilt unzip yasm zip)
options=(!emptydirs !makeflags)
optdepends=('libcanberra: for sound support')
url="https://wiki.parabola.nu/${pkgname%-*}"
replaces=("${pkgname%-*}-libre" "${_pkgname}-hardening"  "$_pkgname")
conflicts=("${pkgname%-*}-libre" "$_pkgname" "${pkgname%-*}")
provides=("$_pkgname" "${pkgname%-*}")
install=${pkgname%-*}.install
source=("$_debrepo/`debfile $_debname`_$_debver.orig.tar.xz"
        "$_debrepo/`debfile $_debname`_$_debver-${_debrel#deb}.debian.tar.xz"
        mozconfig
        ${pkgname%-*}.desktop
        changing-the-default-search-engine.patch
        firefox-gcc-6.0.patch mozilla-1228540.patch mozilla-1228540-1.patch
        vendor.js
        fix-missing-files.patch
        no-neon.patch
        mozilla-1253216.patch)
sha256sums=('00ff0dcd4bddd053b5285c78cd687876cfab9455c2eb1e670746eb4bedaac38f'
            'b4d1b193aee7481249ef5e638bf583b69c1785dd530a9ecd098a84f42dfdf09d'
            'aaca37bcca176d1b8ebe7c18d3fb0c61e3d21769fbf8e994a189eb3263257d3d'
            '0b0d25067c64c6b829c84e5259ffca978e3971f85acc8483f47bdbed5b0b5b6a'
            'e1f72c44e31f191271207fc874dcfbf3d504b6b42dc1bb063ba8c7c9ee032130'
            '4d1e1ddabc9e975ed39f49e134559a29e01cd49439e358233f1ede43bf5a52bf'
            '3a3e84c702ee31450a3e84698441aceb11cf44e64c9fedcaddb8cb50db759417'
            'd1ccbaf0973615c57f7893355e5cd3a89efb4e91071d0ec376e429b50cf6ed19'
            '173c929176262c0ad27984d68d61918d51d27bbc538ccbe9e6d19727d1f9de4d'
            '294a2cc7b0477ad285af10ac2a04b767cabec07f03b23da23014bda71caea510'
            '59f40d8b2480aa67bf76f4f119826b6828a6a59cc040caf1ab5a6e19eef44c6e'
            '1e7ef08acd46aeacc8cd8b2c89012983fb2c8c18648e0f3e9371b0c76caedbde')

prepare() {
  cd "$srcdir/$_pkgname-$_debver"
  mv "$srcdir/debian" .

  export QUILT_PATCHES=debian/patches
  export QUILT_REFRESH_ARGS='-p ab --no-timestamps --no-index'
  export QUILT_DIFF_ARGS='--no-timestamps'

  # Prepare branding for the Icedove packages
  mkdir -v mail/branding/${pkgname%-*}

  # Copy needed icons
  cp -va debian/${pkgname%-*}-branding/* mail/branding/${pkgname%-*}
  for i in 16 22 24 32 48 256; do
    install -Dm644 debian/app-icons/${pkgname%-*}$i.png \
      mail/branding/${pkgname%-*}/mailicon$i.png
  done
  for i in 48 64; do
    install -Dm644 debian/app-icons/${pkgname%-*}$i.png \
      mail/branding/${pkgname%-*}/content/icon$i.png
  done
  cp -av debian/preview.png mail/themes/linux/mail/preview.png

  # Useless since we are doing it ourselves
  rm -rv debian/patches/icedove-l10n || true
  rm -rv debian/patches/iceowl-l10n || true
  rm -v debian/patches/debian-hacks/changing-the-default-search-engine.patch || true

  quilt push -av

  # Fix missing files
  patch -Np1 -i "$srcdir/fix-missing-files.patch"

  # Remove url-classifier from package-manifest.in to build and disable Phishing Protection
  sed -i '\|Phishing Protection|d
          \|UrlClassifier|d
          \|URLClassifier|d
          \|url-classifier|d
         ' mail/installer/package-manifest.in

  # Fix branding
  sed -i 's|Icedove Mail/News|Icedove|
         ' mail/branding/icedove/locales/en-US/brand.{dtd,properties}

  # Replace common URLs
  sed -i '\|extensions[.]getAddons[.]get[.]url| s|https://services[.]addons[.]mozilla[.]org.\+["][)][;]|https://directory.fsf.org/wiki/Icedove");|g;
          \|extensions[.]getAddons[.]search[.]browseURL| s|https://addons[.]mozilla[.]org.\+["][)][;]|https://directory.fsf.org/wiki/Icedove");|g;
          \|extensions[.]getAddons[.]search[.]url| s|https://services[.]addons[.]mozilla[.]org.\+["][)][;]|https://directory.fsf.org/wiki/Icedove");|g;
          \|extensions[.]webservice[.]discoverURL| s|https://services[.]addons[.]mozilla[.]org.\+["][)][;]|https://directory.fsf.org/wiki/Icedove");|g;
         ' mail/app/profile/all-thunderbird.js

  # Remove support for unsafe and dangerous for privacy protocols
  sed -i '\|facebook|d
          \|gtalk|d
          \|odnoklassniki|d
          \|twitter|d
          \|yahoo|d
         ' chat/moz.build
  sed -i '\|facebook[.]js|d
          \|facebook[.]manifest|d
          \|gtalk[.]js|d
          \|gtalk[.]manifest|d
          \|twitter[.]js|d
          \|twitter[.]manifest|d
          \|yahoo[.]js|d
          \|yahoo[.]manifest|d
         ' mail/installer/package-manifest.in
  rm -rv chat/protocols/{facebook,gtalk,twitter,yahoo}

  # Required for GCC 6
  patch -d mozilla -Np1 < ../firefox-gcc-6.0.patch
  patch -d mozilla -Np1 < ../mozilla-1228540.patch
  patch -d mozilla -Np1 < ../mozilla-1228540-1.patch

  cp -v "$srcdir/mozconfig" .mozconfig

  mkdir "$srcdir/path"
  ln -s /usr/bin/python2 "$srcdir/path/python"

  # Change the default search engine using our system-provided searchplugins
  patch -Np1 -i "$srcdir/changing-the-default-search-engine.patch"

  # Load our searchplugins
  rm -rv mail/locales/en-US/searchplugins
  cp -av /usr/lib/mozilla/searchplugins mail/locales/en-US

  # ARM-specific changes:
  if [[ "$CARCH" == arm* ]]; then
    patch -Np0 -i ../no-neon.patch
    patch -p2 -d mozilla < ../mozilla-1253216.patch
    sed -i '/ac_add_options --enable-gold/d' .mozconfig
    cat >> .mozconfig <<- EOF
	ac_add_options --disable-elf-hack
	ac_add_options --disable-neon
	ac_add_options --disable-ion
	ac_add_options --disable-webrtc
	ac_add_options --disable-debug
	ac_add_options --disable-debug-symbols
	EOF
  fi
}

build() {
  cd "$srcdir/$_pkgname-$_debver"

  # _FORTIFY_SOURCE causes configure failures
  CPPFLAGS+=" -O2"

  # Hardening
  LDFLAGS+=" -Wl,-z,now"

  # GCC 6
  CFLAGS+=" -fno-delete-null-pointer-checks -fno-lifetime-dse -fno-schedule-insns2"
  CXXFLAGS+=" -fno-delete-null-pointer-checks -fno-lifetime-dse -fno-schedule-insns2"

  export PATH="$srcdir/path:$PATH"

  make -f client.mk build
}

package() {
  cd "$srcdir/$_pkgname-$_debver"
  make -f client.mk DESTDIR="$pkgdir" INSTALL_SDK= install

  install -Dm644 ../vendor.js "$pkgdir/usr/lib/${pkgname%-*}/defaults/preferences/vendor.js"

  # Install Icedove menu icon
  install -Dm644 debian/${pkgname%-*}.xpm "$pkgdir/usr/share/pixmaps/${pkgname%-*}.xpm"

  # Install Icedove icons
  brandingdir=debian/app-icons
  icondir="$pkgdir/usr/share/icons/hicolor"
  for i in 16 22 24 32 48 64 128 256; do
    install -Dm644 "$brandingdir/${pkgname%-*}$i.png" \
      "$icondir/${i}x${i}/apps/${pkgname%-*}.png"
  done
  install -Dm644 "$brandingdir/${pkgname%-*}big.svg" \
    "$icondir/scalable/apps/${pkgname%-*}.svg"

  # Install Icedove desktop
  install -d "$pkgdir/usr/share/applications"
  install -m644 "$srcdir/${pkgname%-*}.desktop" \
    "$pkgdir/usr/share/applications"

  # Use system-provided dictionaries
  rm -rf "$pkgdir/usr/lib/${pkgname%-*}/"{dictionaries,hyphenation}
  ln -s /usr/share/hunspell "$pkgdir/usr/lib/${pkgname%-*}/dictionaries"
  ln -s /usr/share/hyphen   "$pkgdir/usr/lib/${pkgname%-*}/hyphenation"

  # Replace duplicate binary with symlink
  # https://bugzilla.mozilla.org/show_bug.cgi?id=658850
  ln -sf ${pkgname%-*} "$pkgdir/usr/lib/${pkgname%-*}/${pkgname%-*}-bin"
}