| 1 |
commit: 09b804516320eee06930303870cd68008aac8a8a |
| 2 |
Author: Gregory M. Turner <gmt <AT> be-evil <DOT> net> |
| 3 |
AuthorDate: Tue May 8 19:27:31 2018 +0000 |
| 4 |
Commit: Mike Gilbert <floppym <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Wed May 9 16:56:57 2018 +0000 |
| 6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=09b80451 |
| 7 |
|
| 8 |
www-client/chromium: widevine rehabilitation |
| 9 |
|
| 10 |
>chromium-66 ebuilds dropped the widevine useflag because upstream |
| 11 |
decided (again! but only "for now") to add code to induce build |
| 12 |
failure when linux builds request widevine. |
| 13 |
|
| 14 |
However, it seems that if we just add linux to the whitelist, |
| 15 |
everything works as before (but buckle up, there may be |
| 16 |
turbulent skies ahead). |
| 17 |
|
| 18 |
nb: ninja no longer copies the widevine .so to out/ (so we needn't |
| 19 |
remove it anymore in src_install). |
| 20 |
|
| 21 |
Signed-off-by: Gregory M. Turner <gmt <AT> be-evil.net> |
| 22 |
Closes: https://github.com/gentoo/gentoo/pull/8323 |
| 23 |
|
| 24 |
www-client/chromium/chromium-67.0.3396.18.ebuild | 5 ++- |
| 25 |
www-client/chromium/chromium-67.0.3396.30.ebuild | 5 ++- |
| 26 |
www-client/chromium/chromium-68.0.3409.2.ebuild | 5 ++- |
| 27 |
.../chromium/files/chromium-widevine-r2.patch | 39 ++++++++++++++++++++++ |
| 28 |
4 files changed, 51 insertions(+), 3 deletions(-) |
| 29 |
|
| 30 |
diff --git a/www-client/chromium/chromium-67.0.3396.18.ebuild b/www-client/chromium/chromium-67.0.3396.18.ebuild |
| 31 |
index ececa654c8c..fe48e8dc8ec 100644 |
| 32 |
--- a/www-client/chromium/chromium-67.0.3396.18.ebuild |
| 33 |
+++ b/www-client/chromium/chromium-67.0.3396.18.ebuild |
| 34 |
@@ -17,7 +17,7 @@ SRC_URI="https://commondatastorage.googleapis.com/chromium-browser-official/${P} |
| 35 |
LICENSE="BSD" |
| 36 |
SLOT="0" |
| 37 |
KEYWORDS="~amd64 ~arm64 ~x86" |
| 38 |
-IUSE="component-build cups gnome-keyring +hangouts jumbo-build kerberos neon pic +proprietary-codecs pulseaudio selinux +suid +system-ffmpeg +system-icu +system-libvpx +tcmalloc" |
| 39 |
+IUSE="component-build cups gnome-keyring +hangouts jumbo-build kerberos neon pic +proprietary-codecs pulseaudio selinux +suid +system-ffmpeg +system-icu +system-libvpx +tcmalloc widevine" |
| 40 |
RESTRICT="!system-ffmpeg? ( proprietary-codecs? ( bindist ) )" |
| 41 |
|
| 42 |
COMMON_DEPEND=" |
| 43 |
@@ -85,6 +85,7 @@ RDEPEND="${COMMON_DEPEND} |
| 44 |
virtual/ttf-fonts |
| 45 |
selinux? ( sec-policy/selinux-chromium ) |
| 46 |
tcmalloc? ( !<x11-drivers/nvidia-drivers-331.20 ) |
| 47 |
+ widevine? ( www-plugins/chrome-binary-plugins[widevine(-)] ) |
| 48 |
" |
| 49 |
# dev-vcs/git - https://bugs.gentoo.org/593476 |
| 50 |
# sys-apps/sandbox - https://crbug.com/586444 |
| 51 |
@@ -144,6 +145,7 @@ GTK+ icon theme. |
| 52 |
" |
| 53 |
|
| 54 |
PATCHES=( |
| 55 |
+ "${FILESDIR}/chromium-widevine-r2.patch" |
| 56 |
"${FILESDIR}/chromium-compiler-r0.patch" |
| 57 |
"${FILESDIR}/chromium-webrtc-r0.patch" |
| 58 |
"${FILESDIR}/chromium-memcpy-r0.patch" |
| 59 |
@@ -467,6 +469,7 @@ src_configure() { |
| 60 |
|
| 61 |
# Optional dependencies. |
| 62 |
myconf_gn+=" enable_hangout_services_extension=$(usex hangouts true false)" |
| 63 |
+ myconf_gn+=" enable_widevine=$(usex widevine true false)" |
| 64 |
myconf_gn+=" use_cups=$(usex cups true false)" |
| 65 |
myconf_gn+=" use_gnome_keyring=$(usex gnome-keyring true false)" |
| 66 |
myconf_gn+=" use_kerberos=$(usex kerberos true false)" |
| 67 |
|
| 68 |
diff --git a/www-client/chromium/chromium-67.0.3396.30.ebuild b/www-client/chromium/chromium-67.0.3396.30.ebuild |
| 69 |
index ececa654c8c..fe48e8dc8ec 100644 |
| 70 |
--- a/www-client/chromium/chromium-67.0.3396.30.ebuild |
| 71 |
+++ b/www-client/chromium/chromium-67.0.3396.30.ebuild |
| 72 |
@@ -17,7 +17,7 @@ SRC_URI="https://commondatastorage.googleapis.com/chromium-browser-official/${P} |
| 73 |
LICENSE="BSD" |
| 74 |
SLOT="0" |
| 75 |
KEYWORDS="~amd64 ~arm64 ~x86" |
| 76 |
-IUSE="component-build cups gnome-keyring +hangouts jumbo-build kerberos neon pic +proprietary-codecs pulseaudio selinux +suid +system-ffmpeg +system-icu +system-libvpx +tcmalloc" |
| 77 |
+IUSE="component-build cups gnome-keyring +hangouts jumbo-build kerberos neon pic +proprietary-codecs pulseaudio selinux +suid +system-ffmpeg +system-icu +system-libvpx +tcmalloc widevine" |
| 78 |
RESTRICT="!system-ffmpeg? ( proprietary-codecs? ( bindist ) )" |
| 79 |
|
| 80 |
COMMON_DEPEND=" |
| 81 |
@@ -85,6 +85,7 @@ RDEPEND="${COMMON_DEPEND} |
| 82 |
virtual/ttf-fonts |
| 83 |
selinux? ( sec-policy/selinux-chromium ) |
| 84 |
tcmalloc? ( !<x11-drivers/nvidia-drivers-331.20 ) |
| 85 |
+ widevine? ( www-plugins/chrome-binary-plugins[widevine(-)] ) |
| 86 |
" |
| 87 |
# dev-vcs/git - https://bugs.gentoo.org/593476 |
| 88 |
# sys-apps/sandbox - https://crbug.com/586444 |
| 89 |
@@ -144,6 +145,7 @@ GTK+ icon theme. |
| 90 |
" |
| 91 |
|
| 92 |
PATCHES=( |
| 93 |
+ "${FILESDIR}/chromium-widevine-r2.patch" |
| 94 |
"${FILESDIR}/chromium-compiler-r0.patch" |
| 95 |
"${FILESDIR}/chromium-webrtc-r0.patch" |
| 96 |
"${FILESDIR}/chromium-memcpy-r0.patch" |
| 97 |
@@ -467,6 +469,7 @@ src_configure() { |
| 98 |
|
| 99 |
# Optional dependencies. |
| 100 |
myconf_gn+=" enable_hangout_services_extension=$(usex hangouts true false)" |
| 101 |
+ myconf_gn+=" enable_widevine=$(usex widevine true false)" |
| 102 |
myconf_gn+=" use_cups=$(usex cups true false)" |
| 103 |
myconf_gn+=" use_gnome_keyring=$(usex gnome-keyring true false)" |
| 104 |
myconf_gn+=" use_kerberos=$(usex kerberos true false)" |
| 105 |
|
| 106 |
diff --git a/www-client/chromium/chromium-68.0.3409.2.ebuild b/www-client/chromium/chromium-68.0.3409.2.ebuild |
| 107 |
index 86da01dec68..956659ce7cf 100644 |
| 108 |
--- a/www-client/chromium/chromium-68.0.3409.2.ebuild |
| 109 |
+++ b/www-client/chromium/chromium-68.0.3409.2.ebuild |
| 110 |
@@ -17,7 +17,7 @@ SRC_URI="https://commondatastorage.googleapis.com/chromium-browser-official/${P} |
| 111 |
LICENSE="BSD" |
| 112 |
SLOT="0" |
| 113 |
KEYWORDS="~amd64 ~arm64 ~x86" |
| 114 |
-IUSE="component-build cups gnome-keyring +hangouts jumbo-build kerberos neon pic +proprietary-codecs pulseaudio selinux +suid +system-ffmpeg +system-icu +system-libvpx +tcmalloc" |
| 115 |
+IUSE="component-build cups gnome-keyring +hangouts jumbo-build kerberos neon pic +proprietary-codecs pulseaudio selinux +suid +system-ffmpeg +system-icu +system-libvpx +tcmalloc widevine" |
| 116 |
RESTRICT="!system-ffmpeg? ( proprietary-codecs? ( bindist ) )" |
| 117 |
|
| 118 |
COMMON_DEPEND=" |
| 119 |
@@ -85,6 +85,7 @@ RDEPEND="${COMMON_DEPEND} |
| 120 |
virtual/ttf-fonts |
| 121 |
selinux? ( sec-policy/selinux-chromium ) |
| 122 |
tcmalloc? ( !<x11-drivers/nvidia-drivers-331.20 ) |
| 123 |
+ widevine? ( www-plugins/chrome-binary-plugins[widevine(-)] ) |
| 124 |
" |
| 125 |
# dev-vcs/git - https://bugs.gentoo.org/593476 |
| 126 |
# sys-apps/sandbox - https://crbug.com/586444 |
| 127 |
@@ -144,6 +145,7 @@ GTK+ icon theme. |
| 128 |
" |
| 129 |
|
| 130 |
PATCHES=( |
| 131 |
+ "${FILESDIR}/chromium-widevine-r2.patch" |
| 132 |
"${FILESDIR}/chromium-compiler-r1.patch" |
| 133 |
"${FILESDIR}/chromium-ffmpeg-build-r0.patch" |
| 134 |
"${FILESDIR}/chromium-webrtc-r0.patch" |
| 135 |
@@ -472,6 +474,7 @@ src_configure() { |
| 136 |
|
| 137 |
# Optional dependencies. |
| 138 |
myconf_gn+=" enable_hangout_services_extension=$(usex hangouts true false)" |
| 139 |
+ myconf_gn+=" enable_widevine=$(usex widevine true false)" |
| 140 |
myconf_gn+=" use_cups=$(usex cups true false)" |
| 141 |
myconf_gn+=" use_gnome_keyring=$(usex gnome-keyring true false)" |
| 142 |
myconf_gn+=" use_kerberos=$(usex kerberos true false)" |
| 143 |
|
| 144 |
diff --git a/www-client/chromium/files/chromium-widevine-r2.patch b/www-client/chromium/files/chromium-widevine-r2.patch |
| 145 |
new file mode 100644 |
| 146 |
index 00000000000..5527f7f293c |
| 147 |
--- /dev/null |
| 148 |
+++ b/www-client/chromium/files/chromium-widevine-r2.patch |
| 149 |
@@ -0,0 +1,39 @@ |
| 150 |
+Minimal patch to get chromium to compile with widevine support. |
| 151 |
+ |
| 152 |
+Exactly the same as -r1, but we now need to patch |
| 153 |
+ninja to pretty please not terminate our build. |
| 154 |
+ |
| 155 |
+caveat emptor: it's in no way clear that building chromium this |
| 156 |
+way is safer, from a security perspective, than whatever Google |
| 157 |
+Chrome does. |
| 158 |
+ |
| 159 |
+Upstream appears to be cooking up a code-signing trust-chain |
| 160 |
+which may protect users against malicious cdm blobs; I doubt |
| 161 |
+we benefit from these using this kludge. Ideally, someone |
| 162 |
+would look into this more carefully than I have ... tbh as |
| 163 |
+soon as I got my "stories" back, I pretty much lost interest :) |
| 164 |
+ |
| 165 |
+-gmt |
| 166 |
+ |
| 167 |
+-- |
| 168 |
+--- a/third_party/widevine/cdm/stub/widevine_cdm_version.h |
| 169 |
++++ b/third_party/widevine/cdm/stub/widevine_cdm_version.h |
| 170 |
+@@ -10,6 +10,7 @@ |
| 171 |
+ |
| 172 |
+ #include "third_party/widevine/cdm/widevine_cdm_common.h" |
| 173 |
+ |
| 174 |
++#define WIDEVINE_CDM_VERSION_STRING "unknown" |
| 175 |
+ #define WIDEVINE_CDM_AVAILABLE |
| 176 |
+ |
| 177 |
+ #endif // WIDEVINE_CDM_VERSION_H_ |
| 178 |
+--- a/third_party/widevine/cdm/BUILD.gn |
| 179 |
++++ b/third_party/widevine/cdm/BUILD.gn |
| 180 |
+@@ -11,7 +11,7 @@ import("//third_party/widevine/cdm/widev |
| 181 |
+ # Internal Cast builds set enable_widevine=true to bring in Widevine support. |
| 182 |
+ # TODO(xhwang): Support component updated CDM on other platforms and remove this |
| 183 |
+ # assert. |
| 184 |
+-assert(!enable_widevine || is_win || is_mac || is_chromecast, |
| 185 |
++assert(!enable_widevine || is_win || is_mac || is_chromecast || is_linux, |
| 186 |
+ "Component updated CDM only supported on Windows and Mac for now.") |
| 187 |
+ |
| 188 |
+ widevine_arch = current_cpu |
Archives