pcr/icedove-bin/PKGBUILD


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138

# Maintainer: bill-auger <bill-auger@programmer.net>


# FIXME: https://labs.parabola.nu/issues/3115
#        Binary packages are generally not acceptable.
#        Icedove has been unable to build for a long time though.
#        libre/icedove still works; but is quite out-of-date.
#        Ideally, let's fix libre/icedove and delete this package.


# NOTE: Trisquel packages are not signed; but the repo databases are.
#       The database contains checksums of per-repo manifests;
#       and the manifests contain checksums of the packaged files.
#       The check() function verifies the signature of the database,
#       then verifies the manifest against its checksum in the database,
#       then verifies all package files against their checksums in the manifest.
#       That is why the makepkg integrity checks are used only for the signing key.


pkgname=icedove-bin
pkgver=115.8.1
pkgrel=trisquel21
pkgdesc="Email, RSS and newsgroup client with integrated spam filter (Trisquel binaries)"
arch=(x86_64)
url=http://www.trisquel.info
# license=('MPL-2.0' 'GPL-2.0-only' 'LGPL-2.1-only') # TODO:
license=(MPL2 GPL2 LGPL2.1)
options=('!strip' '!emptydirs')

# The 'depends' array is from the arch package.
# The Trisquel binaries do not not link to most of these system sodeps.
depends=(
  glibc
  gtk3 libgdk-3.so libgtk-3.so
  mime-types
  dbus # libdbus-1.so
  dbus-glib
  alsa-lib
  nss
  hunspell
  sqlite
  ttf-font
  libvpx # libvpx.so
  zlib
  bzip2 # libbz2.so
  botan2
  libwebp # libwebp.so libwebpdemux.so
  libevent
  libjpeg-turbo
  libffi # libffi.so
  nspr
  gcc-libs
  libx11
  libxrender
  libxfixes
  libxext
  libxcomposite
  libxdamage
  pango libpango-1.0.so
  cairo
  gdk-pixbuf2
  freetype2 # libfreetype.so
  fontconfig # libfontconfig.so
  glib2 libglib-2.0.so
  pixman # libpixman-1.so
  gnupg
  json-c
  libcanberra
  ffmpeg
  icu # libicui18n.so libicuuc.so
)
optdepends=(
  'hunspell-en_us: Spell checking, American English'
  'libotr: OTR support for active one-to-one chats'
  'libnotify: Notification integration'
)

_upstream_name=icedove
_deb_pkg=${_upstream_name}_${pkgver}+build1-0ubuntu0.22.04.1+11.0${pkgrel}_amd64.deb
source=(http://us.archive.trisquel.info/trisquel/dists/aramo-updates/Release{,.gpg}
        http://us.archive.trisquel.info/trisquel/dists/aramo-updates/main/binary-amd64/Packages
        http://us.archive.trisquel.info/trisquel/pool/main/t/thunderbird/${_deb_pkg}
        trisquel-archive-signkey.gpg)
sha256sums=(SKIP SKIP SKIP SKIP a69f9e3c192d4805c37f2975c59339a5a048057cef3c9bf156d1663305f589ca)
validpgpkeys=('60364C9869F92450421F0C22B138CA450C05112F') # Trisquel GNU/Linux <trisquel-devel@trisquel.info>


build()
{
  mkdir pkg/

  ar x ${_deb_pkg}
  tar xf data.tar.zst --directory=pkg/
}

check()
{
  readonly MANIFEST_RX="^ [0-9a-f]{64} [0-9]+ main/binary-amd64/Packages$"
  readonly PACKAGES_AWK="BEGIN { RS = \"Package:\" ; FS = \"\n\" } ( \$1 ~ /^ ${_upstream_name}$/ && \$3 ~ /${pkgver}.*${pkgrel}$/) { split(\$17 , a , \" \") ; split(\$18 , b , \" \") ; print a[2]\" \" b[2] }"
  readonly PKGS_SIZE_ERR="Packages: filesize mismatch"
  readonly PKGS_SUM_ERR="Packages: checksum mismatch"
  readonly DEB_SIZE_ERR=".deb: filesize mismatch"
  readonly DEB_SUM_ERR=".deb: checksum mismatch"
  readonly SUMS_ERR="checksums: not found"
  readonly FILES_SUM_ERR="files: checksum mismatch"
  local sum n_bytes filepath

  # validate repo manifest
  echo -e "\n== validating repo manifest =="
  gpg --import trisquel-archive-signkey.gpg
  gpg --verify Release.gpg Release
  read -r sum n_bytes _ < <(grep -E "${MANIFEST_RX}" Release | tail -n 1)
  sum+="  Packages"
  [[ "${n_bytes}" == "$(stat -c %s -L Packages)" ]]    || ! echo "${PKGS_SIZE_ERR}" || return 1
  sha256sum --strict --check <(echo ${sum}   )         || ! echo "${PKGS_SUM_ERR}"  || return 1

  # validate binary package
  echo -e "\n== validating binary package =="
  read -r n_bytes sum < <(awk "${PACKAGES_AWK}" Packages)
  sum+="  ${_deb_pkg}"
  [[ "${n_bytes}" == "$(stat -c %s -L ${_deb_pkg})" ]] || ! echo "${DEB_SIZE_ERR}" || return 1
  sha256sum --strict --check <(echo ${sum})            || ! echo "${DEB_SUM_ERR}" || return 1

  # validate binary package contents
  echo -e "\n== validating binary package contents =="
  tar xf control.tar.zst ./md5sums
  cat md5sums
  (( $(stat -c %s -L md5sums) ))                       || ! echo "${SUMS_ERR}" || return 1
  while read sum filepath
  do    sum+="  pkg/${filepath}"
        md5sum --strict --check <(echo ${sum})         || ! echo "${FILES_SUM_ERR}" || return 1
  done < md5sums
}

package()
{
  cp -a pkg/* "${pkgdir}"/
}