1 |
commit: 09b804516320eee06930303870cd68008aac8a8a |
2 |
Author: Gregory M. Turner <gmt <AT> be-evil <DOT> net> |
3 |
AuthorDate: Tue May 8 19:27:31 2018 +0000 |
4 |
Commit: Mike Gilbert <floppym <AT> gentoo <DOT> org> |
5 |
CommitDate: Wed May 9 16:56:57 2018 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=09b80451 |
7 |
|
8 |
www-client/chromium: widevine rehabilitation |
9 |
|
10 |
>chromium-66 ebuilds dropped the widevine useflag because upstream |
11 |
decided (again! but only "for now") to add code to induce build |
12 |
failure when linux builds request widevine. |
13 |
|
14 |
However, it seems that if we just add linux to the whitelist, |
15 |
everything works as before (but buckle up, there may be |
16 |
turbulent skies ahead). |
17 |
|
18 |
nb: ninja no longer copies the widevine .so to out/ (so we needn't |
19 |
remove it anymore in src_install). |
20 |
|
21 |
Signed-off-by: Gregory M. Turner <gmt <AT> be-evil.net> |
22 |
Closes: https://github.com/gentoo/gentoo/pull/8323 |
23 |
|
24 |
www-client/chromium/chromium-67.0.3396.18.ebuild | 5 ++- |
25 |
www-client/chromium/chromium-67.0.3396.30.ebuild | 5 ++- |
26 |
www-client/chromium/chromium-68.0.3409.2.ebuild | 5 ++- |
27 |
.../chromium/files/chromium-widevine-r2.patch | 39 ++++++++++++++++++++++ |
28 |
4 files changed, 51 insertions(+), 3 deletions(-) |
29 |
|
30 |
diff --git a/www-client/chromium/chromium-67.0.3396.18.ebuild b/www-client/chromium/chromium-67.0.3396.18.ebuild |
31 |
index ececa654c8c..fe48e8dc8ec 100644 |
32 |
--- a/www-client/chromium/chromium-67.0.3396.18.ebuild |
33 |
+++ b/www-client/chromium/chromium-67.0.3396.18.ebuild |
34 |
@@ -17,7 +17,7 @@ SRC_URI="https://commondatastorage.googleapis.com/chromium-browser-official/${P} |
35 |
LICENSE="BSD" |
36 |
SLOT="0" |
37 |
KEYWORDS="~amd64 ~arm64 ~x86" |
38 |
-IUSE="component-build cups gnome-keyring +hangouts jumbo-build kerberos neon pic +proprietary-codecs pulseaudio selinux +suid +system-ffmpeg +system-icu +system-libvpx +tcmalloc" |
39 |
+IUSE="component-build cups gnome-keyring +hangouts jumbo-build kerberos neon pic +proprietary-codecs pulseaudio selinux +suid +system-ffmpeg +system-icu +system-libvpx +tcmalloc widevine" |
40 |
RESTRICT="!system-ffmpeg? ( proprietary-codecs? ( bindist ) )" |
41 |
|
42 |
COMMON_DEPEND=" |
43 |
@@ -85,6 +85,7 @@ RDEPEND="${COMMON_DEPEND} |
44 |
virtual/ttf-fonts |
45 |
selinux? ( sec-policy/selinux-chromium ) |
46 |
tcmalloc? ( !<x11-drivers/nvidia-drivers-331.20 ) |
47 |
+ widevine? ( www-plugins/chrome-binary-plugins[widevine(-)] ) |
48 |
" |
49 |
# dev-vcs/git - https://bugs.gentoo.org/593476 |
50 |
# sys-apps/sandbox - https://crbug.com/586444 |
51 |
@@ -144,6 +145,7 @@ GTK+ icon theme. |
52 |
" |
53 |
|
54 |
PATCHES=( |
55 |
+ "${FILESDIR}/chromium-widevine-r2.patch" |
56 |
"${FILESDIR}/chromium-compiler-r0.patch" |
57 |
"${FILESDIR}/chromium-webrtc-r0.patch" |
58 |
"${FILESDIR}/chromium-memcpy-r0.patch" |
59 |
@@ -467,6 +469,7 @@ src_configure() { |
60 |
|
61 |
# Optional dependencies. |
62 |
myconf_gn+=" enable_hangout_services_extension=$(usex hangouts true false)" |
63 |
+ myconf_gn+=" enable_widevine=$(usex widevine true false)" |
64 |
myconf_gn+=" use_cups=$(usex cups true false)" |
65 |
myconf_gn+=" use_gnome_keyring=$(usex gnome-keyring true false)" |
66 |
myconf_gn+=" use_kerberos=$(usex kerberos true false)" |
67 |
|
68 |
diff --git a/www-client/chromium/chromium-67.0.3396.30.ebuild b/www-client/chromium/chromium-67.0.3396.30.ebuild |
69 |
index ececa654c8c..fe48e8dc8ec 100644 |
70 |
--- a/www-client/chromium/chromium-67.0.3396.30.ebuild |
71 |
+++ b/www-client/chromium/chromium-67.0.3396.30.ebuild |
72 |
@@ -17,7 +17,7 @@ SRC_URI="https://commondatastorage.googleapis.com/chromium-browser-official/${P} |
73 |
LICENSE="BSD" |
74 |
SLOT="0" |
75 |
KEYWORDS="~amd64 ~arm64 ~x86" |
76 |
-IUSE="component-build cups gnome-keyring +hangouts jumbo-build kerberos neon pic +proprietary-codecs pulseaudio selinux +suid +system-ffmpeg +system-icu +system-libvpx +tcmalloc" |
77 |
+IUSE="component-build cups gnome-keyring +hangouts jumbo-build kerberos neon pic +proprietary-codecs pulseaudio selinux +suid +system-ffmpeg +system-icu +system-libvpx +tcmalloc widevine" |
78 |
RESTRICT="!system-ffmpeg? ( proprietary-codecs? ( bindist ) )" |
79 |
|
80 |
COMMON_DEPEND=" |
81 |
@@ -85,6 +85,7 @@ RDEPEND="${COMMON_DEPEND} |
82 |
virtual/ttf-fonts |
83 |
selinux? ( sec-policy/selinux-chromium ) |
84 |
tcmalloc? ( !<x11-drivers/nvidia-drivers-331.20 ) |
85 |
+ widevine? ( www-plugins/chrome-binary-plugins[widevine(-)] ) |
86 |
" |
87 |
# dev-vcs/git - https://bugs.gentoo.org/593476 |
88 |
# sys-apps/sandbox - https://crbug.com/586444 |
89 |
@@ -144,6 +145,7 @@ GTK+ icon theme. |
90 |
" |
91 |
|
92 |
PATCHES=( |
93 |
+ "${FILESDIR}/chromium-widevine-r2.patch" |
94 |
"${FILESDIR}/chromium-compiler-r0.patch" |
95 |
"${FILESDIR}/chromium-webrtc-r0.patch" |
96 |
"${FILESDIR}/chromium-memcpy-r0.patch" |
97 |
@@ -467,6 +469,7 @@ src_configure() { |
98 |
|
99 |
# Optional dependencies. |
100 |
myconf_gn+=" enable_hangout_services_extension=$(usex hangouts true false)" |
101 |
+ myconf_gn+=" enable_widevine=$(usex widevine true false)" |
102 |
myconf_gn+=" use_cups=$(usex cups true false)" |
103 |
myconf_gn+=" use_gnome_keyring=$(usex gnome-keyring true false)" |
104 |
myconf_gn+=" use_kerberos=$(usex kerberos true false)" |
105 |
|
106 |
diff --git a/www-client/chromium/chromium-68.0.3409.2.ebuild b/www-client/chromium/chromium-68.0.3409.2.ebuild |
107 |
index 86da01dec68..956659ce7cf 100644 |
108 |
--- a/www-client/chromium/chromium-68.0.3409.2.ebuild |
109 |
+++ b/www-client/chromium/chromium-68.0.3409.2.ebuild |
110 |
@@ -17,7 +17,7 @@ SRC_URI="https://commondatastorage.googleapis.com/chromium-browser-official/${P} |
111 |
LICENSE="BSD" |
112 |
SLOT="0" |
113 |
KEYWORDS="~amd64 ~arm64 ~x86" |
114 |
-IUSE="component-build cups gnome-keyring +hangouts jumbo-build kerberos neon pic +proprietary-codecs pulseaudio selinux +suid +system-ffmpeg +system-icu +system-libvpx +tcmalloc" |
115 |
+IUSE="component-build cups gnome-keyring +hangouts jumbo-build kerberos neon pic +proprietary-codecs pulseaudio selinux +suid +system-ffmpeg +system-icu +system-libvpx +tcmalloc widevine" |
116 |
RESTRICT="!system-ffmpeg? ( proprietary-codecs? ( bindist ) )" |
117 |
|
118 |
COMMON_DEPEND=" |
119 |
@@ -85,6 +85,7 @@ RDEPEND="${COMMON_DEPEND} |
120 |
virtual/ttf-fonts |
121 |
selinux? ( sec-policy/selinux-chromium ) |
122 |
tcmalloc? ( !<x11-drivers/nvidia-drivers-331.20 ) |
123 |
+ widevine? ( www-plugins/chrome-binary-plugins[widevine(-)] ) |
124 |
" |
125 |
# dev-vcs/git - https://bugs.gentoo.org/593476 |
126 |
# sys-apps/sandbox - https://crbug.com/586444 |
127 |
@@ -144,6 +145,7 @@ GTK+ icon theme. |
128 |
" |
129 |
|
130 |
PATCHES=( |
131 |
+ "${FILESDIR}/chromium-widevine-r2.patch" |
132 |
"${FILESDIR}/chromium-compiler-r1.patch" |
133 |
"${FILESDIR}/chromium-ffmpeg-build-r0.patch" |
134 |
"${FILESDIR}/chromium-webrtc-r0.patch" |
135 |
@@ -472,6 +474,7 @@ src_configure() { |
136 |
|
137 |
# Optional dependencies. |
138 |
myconf_gn+=" enable_hangout_services_extension=$(usex hangouts true false)" |
139 |
+ myconf_gn+=" enable_widevine=$(usex widevine true false)" |
140 |
myconf_gn+=" use_cups=$(usex cups true false)" |
141 |
myconf_gn+=" use_gnome_keyring=$(usex gnome-keyring true false)" |
142 |
myconf_gn+=" use_kerberos=$(usex kerberos true false)" |
143 |
|
144 |
diff --git a/www-client/chromium/files/chromium-widevine-r2.patch b/www-client/chromium/files/chromium-widevine-r2.patch |
145 |
new file mode 100644 |
146 |
index 00000000000..5527f7f293c |
147 |
--- /dev/null |
148 |
+++ b/www-client/chromium/files/chromium-widevine-r2.patch |
149 |
@@ -0,0 +1,39 @@ |
150 |
+Minimal patch to get chromium to compile with widevine support. |
151 |
+ |
152 |
+Exactly the same as -r1, but we now need to patch |
153 |
+ninja to pretty please not terminate our build. |
154 |
+ |
155 |
+caveat emptor: it's in no way clear that building chromium this |
156 |
+way is safer, from a security perspective, than whatever Google |
157 |
+Chrome does. |
158 |
+ |
159 |
+Upstream appears to be cooking up a code-signing trust-chain |
160 |
+which may protect users against malicious cdm blobs; I doubt |
161 |
+we benefit from these using this kludge. Ideally, someone |
162 |
+would look into this more carefully than I have ... tbh as |
163 |
+soon as I got my "stories" back, I pretty much lost interest :) |
164 |
+ |
165 |
+-gmt |
166 |
+ |
167 |
+-- |
168 |
+--- a/third_party/widevine/cdm/stub/widevine_cdm_version.h |
169 |
++++ b/third_party/widevine/cdm/stub/widevine_cdm_version.h |
170 |
+@@ -10,6 +10,7 @@ |
171 |
+ |
172 |
+ #include "third_party/widevine/cdm/widevine_cdm_common.h" |
173 |
+ |
174 |
++#define WIDEVINE_CDM_VERSION_STRING "unknown" |
175 |
+ #define WIDEVINE_CDM_AVAILABLE |
176 |
+ |
177 |
+ #endif // WIDEVINE_CDM_VERSION_H_ |
178 |
+--- a/third_party/widevine/cdm/BUILD.gn |
179 |
++++ b/third_party/widevine/cdm/BUILD.gn |
180 |
+@@ -11,7 +11,7 @@ import("//third_party/widevine/cdm/widev |
181 |
+ # Internal Cast builds set enable_widevine=true to bring in Widevine support. |
182 |
+ # TODO(xhwang): Support component updated CDM on other platforms and remove this |
183 |
+ # assert. |
184 |
+-assert(!enable_widevine || is_win || is_mac || is_chromecast, |
185 |
++assert(!enable_widevine || is_win || is_mac || is_chromecast || is_linux, |
186 |
+ "Component updated CDM only supported on Windows and Mac for now.") |
187 |
+ |
188 |
+ widevine_arch = current_cpu |