blob: 5352383258dc7ed1dc4d4d2ae71a4207d6fc4480 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
|
# Maintainer: bill-auger <bill-auger@programmer.net>
# FIXME: https://labs.parabola.nu/issues/3115
# Binary packages are generally not acceptable.
# Icedove has been unable to build for a long time though.
# libre/icedove still works; but is quite out-of-date.
# Ideally, let's fix libre/icedove and delete this package.
# NOTE: Trisquel packages are not signed; but the repo databases are.
# The database contains checksums of per-repo manifests;
# and the manifests contain checksums of the packaged files.
# The check() function verifies the signature of the database,
# then verifies the manifest against its checksum in the database,
# then verifies all package files against their checksums in the manifest.
# That is why the makepkg integrity checks are used only for the signing key.
pkgname=icedove-bin
pkgver=115.8.1
pkgrel=trisquel21
pkgdesc="Email, RSS and newsgroup client with integrated spam filter (Trisquel binaries)"
arch=(x86_64)
url=http://www.trisquel.info
# license=('MPL-2.0' 'GPL-2.0-only' 'LGPL-2.1-only') # TODO:
license=(MPL2 GPL2 LGPL2.1)
options=('!strip' '!emptydirs')
# The 'depends' array is from the arch package.
# The Trisquel binaries do not not link to most of these system sodeps.
depends=(
glibc
gtk3 libgdk-3.so libgtk-3.so
mime-types
dbus # libdbus-1.so
dbus-glib
alsa-lib
nss
hunspell
sqlite
ttf-font
libvpx # libvpx.so
zlib
bzip2 # libbz2.so
botan2
libwebp # libwebp.so libwebpdemux.so
libevent
libjpeg-turbo
libffi # libffi.so
nspr
gcc-libs
libx11
libxrender
libxfixes
libxext
libxcomposite
libxdamage
pango libpango-1.0.so
cairo
gdk-pixbuf2
freetype2 # libfreetype.so
fontconfig # libfontconfig.so
glib2 libglib-2.0.so
pixman # libpixman-1.so
gnupg
json-c
libcanberra
ffmpeg
icu # libicui18n.so libicuuc.so
)
optdepends=(
'hunspell-en_us: Spell checking, American English'
'libotr: OTR support for active one-to-one chats'
'libnotify: Notification integration'
)
_upstream_name=icedove
_deb_pkg=${_upstream_name}_${pkgver}+build1-0ubuntu0.22.04.1+11.0${pkgrel}_amd64.deb
source=(http://us.archive.trisquel.info/trisquel/dists/aramo-updates/Release{,.gpg}
http://us.archive.trisquel.info/trisquel/dists/aramo-updates/main/binary-amd64/Packages
http://us.archive.trisquel.info/trisquel/pool/main/t/thunderbird/${_deb_pkg}
trisquel-archive-signkey.gpg)
sha256sums=(SKIP SKIP SKIP SKIP a69f9e3c192d4805c37f2975c59339a5a048057cef3c9bf156d1663305f589ca)
validpgpkeys=('60364C9869F92450421F0C22B138CA450C05112F') # Trisquel GNU/Linux <trisquel-devel@trisquel.info>
build()
{
mkdir pkg/
ar x ${_deb_pkg}
tar xf data.tar.zst --directory=pkg/
}
check()
{
readonly MANIFEST_RX="^ [0-9a-f]{64} [0-9]+ main/binary-amd64/Packages$"
readonly PACKAGES_AWK="BEGIN { RS = \"Package:\" ; FS = \"\n\" } ( \$1 ~ /^ ${_upstream_name}$/ && \$3 ~ /${pkgver}.*${pkgrel}$/) { split(\$17 , a , \" \") ; split(\$18 , b , \" \") ; print a[2]\" \" b[2] }"
readonly PKGS_SIZE_ERR="Packages: filesize mismatch"
readonly PKGS_SUM_ERR="Packages: checksum mismatch"
readonly DEB_SIZE_ERR=".deb: filesize mismatch"
readonly DEB_SUM_ERR=".deb: checksum mismatch"
readonly SUMS_ERR="checksums: not found"
readonly FILES_SUM_ERR="files: checksum mismatch"
local sum n_bytes filepath
# validate repo manifest
echo -e "\n== validating repo manifest =="
gpg --import trisquel-archive-signkey.gpg
gpg --verify Release.gpg Release
read -r sum n_bytes _ < <(grep -E "${MANIFEST_RX}" Release | tail -n 1)
sum+=" Packages"
[[ "${n_bytes}" == "$(stat -c %s -L Packages)" ]] || ! echo "${PKGS_SIZE_ERR}" || return 1
sha256sum --strict --check <(echo ${sum} ) || ! echo "${PKGS_SUM_ERR}" || return 1
# validate binary package
echo -e "\n== validating binary package =="
read -r n_bytes sum < <(awk "${PACKAGES_AWK}" Packages)
sum+=" ${_deb_pkg}"
[[ "${n_bytes}" == "$(stat -c %s -L ${_deb_pkg})" ]] || ! echo "${DEB_SIZE_ERR}" || return 1
sha256sum --strict --check <(echo ${sum}) || ! echo "${DEB_SUM_ERR}" || return 1
# validate binary package contents
echo -e "\n== validating binary package contents =="
tar xf control.tar.zst ./md5sums
cat md5sums
(( $(stat -c %s -L md5sums) )) || ! echo "${SUMS_ERR}" || return 1
while read sum filepath
do sum+=" pkg/${filepath}"
md5sum --strict --check <(echo ${sum}) || ! echo "${FILES_SUM_ERR}" || return 1
done < md5sums
}
package()
{
cp -a pkg/* "${pkgdir}"/
}
|