1 |
commit: d9aaff9f75c2d90539b4891c3de7619f8f3891a0 |
2 |
Author: Mart Raudsepp <leio <AT> gentoo <DOT> org> |
3 |
AuthorDate: Thu Aug 16 21:15:32 2018 +0000 |
4 |
Commit: Mart Raudsepp <leio <AT> gentoo <DOT> org> |
5 |
CommitDate: Thu Aug 16 21:32:30 2018 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d9aaff9f |
7 |
|
8 |
net-libs/webkit-gtk: security cleanup |
9 |
|
10 |
Bug: https://bugs.gentoo.org/658168 |
11 |
Package-Manager: Portage-2.3.46, Repoman-2.3.10 |
12 |
|
13 |
net-libs/webkit-gtk/Manifest | 1 - |
14 |
.../webkit-gtk/files/2.20.3-jsc-build-fixes.patch | 14 - |
15 |
.../files/webkit-gtk-2.8.5-fix-ia64-build.patch | 21 -- |
16 |
net-libs/webkit-gtk/webkit-gtk-2.18.6.ebuild | 284 --------------------- |
17 |
4 files changed, 320 deletions(-) |
18 |
|
19 |
diff --git a/net-libs/webkit-gtk/Manifest b/net-libs/webkit-gtk/Manifest |
20 |
index 23ab85c6a44..c83bb09b3e1 100644 |
21 |
--- a/net-libs/webkit-gtk/Manifest |
22 |
+++ b/net-libs/webkit-gtk/Manifest |
23 |
@@ -1,3 +1,2 @@ |
24 |
-DIST webkitgtk-2.18.6.tar.xz 14829316 BLAKE2B 4c0140c17d513f064efe09aaefff434e3cbf2a88691c7916ed393bf9bd25a3cb5a1d4ea8699eb7e0d678d807293b66c4629e46df9088df9b4d122c554b280ead SHA512 375907d4c84e27aaa4b5df9a71424488c1b2ba0cf1d63e107d678c0f55f677996a80e9d9a9d4a412b40d1d0dde77b88464c54246cbafe70751042ec8a7bbe029 |
25 |
DIST webkitgtk-2.20.4.tar.xz 16625400 BLAKE2B e2a07bbf38f059424738c69ecab7a1eee205cede2bbed4dedd0899e3d38c4b0b6b8f4fc52f5af6d65c0a0c8111c6c73d8765e55452a89022c476e90fb2ff8275 SHA512 3e6a370823d9a3521862fea0e7ae9f2455101afee247fda7b6d23ea609a0d1db3aeb86c41f903a89776550c190a2cf0baa903883671eca7222249849adc49090 |
26 |
DIST webkitgtk-2.20.5.tar.xz 16625200 BLAKE2B 1fd803d81df1659fd87a93821413326eb798fe9c21af86deeb92f16b3f8eab14350851db499e79745457b708305d013032769416877660db3d5bc7c6058b13cc SHA512 d92fd079ec2826b2880ae5b2d90795ee3071a331bd7a576230b77b9f67a829ab27f09a9b0241a780f612f4f78ea5cc849e4b3d09285d4903eb600a7a7729c1e7 |
27 |
|
28 |
diff --git a/net-libs/webkit-gtk/files/2.20.3-jsc-build-fixes.patch b/net-libs/webkit-gtk/files/2.20.3-jsc-build-fixes.patch |
29 |
deleted file mode 100644 |
30 |
index 32ff3a52844..00000000000 |
31 |
--- a/net-libs/webkit-gtk/files/2.20.3-jsc-build-fixes.patch |
32 |
+++ /dev/null |
33 |
@@ -1,14 +0,0 @@ |
34 |
-https://bugs.gentoo.org/662002 |
35 |
-https://bugs.webkit.org/show_bug.cgi?id=183788 |
36 |
-https://trac.webkit.org/changeset/229282/webkit |
37 |
- |
38 |
-Index: /trunk/Source/JavaScriptCore/CMakeLists.txt |
39 |
-=================================================================== |
40 |
---- a/Source/JavaScriptCore/CMakeLists.txt (revision 229281) |
41 |
-+++ b/Source/JavaScriptCore/CMakeLists.txt (revision 229282) |
42 |
-@@ -248,4 +248,5 @@ |
43 |
- ) |
44 |
- target_link_libraries(LLIntOffsetsExtractor WTF) |
45 |
-+add_dependencies(LLIntOffsetsExtractor JavaScriptCoreForwardingHeaders) |
46 |
- |
47 |
- # The build system will execute asm.rb every time LLIntOffsetsExtractor's mtime is newer than |
48 |
|
49 |
diff --git a/net-libs/webkit-gtk/files/webkit-gtk-2.8.5-fix-ia64-build.patch b/net-libs/webkit-gtk/files/webkit-gtk-2.8.5-fix-ia64-build.patch |
50 |
deleted file mode 100644 |
51 |
index 6c88c49d8b9..00000000000 |
52 |
--- a/net-libs/webkit-gtk/files/webkit-gtk-2.8.5-fix-ia64-build.patch |
53 |
+++ /dev/null |
54 |
@@ -1,21 +0,0 @@ |
55 |
---- a/CMakeLists.txt |
56 |
-+++ b/CMakeLists.txt |
57 |
-@@ -98,6 +98,8 @@ |
58 |
- set(WTF_CPU_PPC64LE 1) |
59 |
- elseif (LOWERCASE_CMAKE_SYSTEM_PROCESSOR MATCHES "parisc*") |
60 |
- set(WTF_CPU_HPPA 1) |
61 |
-+elseif (LOWERCASE_CMAKE_SYSTEM_PROCESSOR MATCHES "ia64") |
62 |
-+ set(WTF_CPU_IA64 1) |
63 |
- elseif (LOWERCASE_CMAKE_SYSTEM_PROCESSOR MATCHES "s390") |
64 |
- set(WTF_CPU_S390 1) |
65 |
- elseif (LOWERCASE_CMAKE_SYSTEM_PROCESSOR MATCHES "s390x") |
66 |
---- a/Source/JavaScriptCore/CMakeLists.txt |
67 |
-+++ b/Source/JavaScriptCore/CMakeLists.txt |
68 |
-@@ -1147,6 +1147,7 @@ |
69 |
- endif () |
70 |
- elseif (WTF_CPU_ARM64) |
71 |
- elseif (WTF_CPU_HPPA) |
72 |
-+elseif (WTF_CPU_IA64) |
73 |
- elseif (WTF_CPU_PPC) |
74 |
- elseif (WTF_CPU_PPC64) |
75 |
- elseif (WTF_CPU_PPC64LE) |
76 |
|
77 |
diff --git a/net-libs/webkit-gtk/webkit-gtk-2.18.6.ebuild b/net-libs/webkit-gtk/webkit-gtk-2.18.6.ebuild |
78 |
deleted file mode 100644 |
79 |
index 42553a11032..00000000000 |
80 |
--- a/net-libs/webkit-gtk/webkit-gtk-2.18.6.ebuild |
81 |
+++ /dev/null |
82 |
@@ -1,284 +0,0 @@ |
83 |
-# Copyright 1999-2018 Gentoo Foundation |
84 |
-# Distributed under the terms of the GNU General Public License v2 |
85 |
- |
86 |
-EAPI=6 |
87 |
-CMAKE_MAKEFILE_GENERATOR="ninja" |
88 |
-PYTHON_COMPAT=( python2_7 ) |
89 |
-USE_RUBY="ruby22 ruby23 ruby24" |
90 |
- |
91 |
-inherit check-reqs cmake-utils eutils flag-o-matic gnome2 pax-utils python-any-r1 ruby-single toolchain-funcs versionator virtualx |
92 |
- |
93 |
-MY_P="webkitgtk-${PV}" |
94 |
-DESCRIPTION="Open source web browser engine" |
95 |
-HOMEPAGE="https://www.webkitgtk.org" |
96 |
-SRC_URI="https://www.webkitgtk.org/releases/${MY_P}.tar.xz" |
97 |
- |
98 |
-LICENSE="LGPL-2+ BSD" |
99 |
-SLOT="4/37" # soname version of libwebkit2gtk-4.0 |
100 |
-KEYWORDS="~x86-fbsd ~amd64-linux ~x86-linux ~x86-macos" |
101 |
- |
102 |
-IUSE="aqua coverage doc +egl +geolocation gles2 gnome-keyring +gstreamer +introspection +jit libnotify nsplugin +opengl spell wayland +webgl +X" |
103 |
- |
104 |
-# webgl needs gstreamer, bug #560612 |
105 |
-REQUIRED_USE=" |
106 |
- geolocation? ( introspection ) |
107 |
- gles2? ( egl ) |
108 |
- introspection? ( gstreamer ) |
109 |
- nsplugin? ( X ) |
110 |
- webgl? ( ^^ ( gles2 opengl ) ) |
111 |
- !webgl? ( ?? ( gles2 opengl ) ) |
112 |
- webgl? ( gstreamer ) |
113 |
- wayland? ( egl ) |
114 |
- || ( aqua wayland X ) |
115 |
-" |
116 |
- |
117 |
-# Tests fail to link for inexplicable reasons |
118 |
-# https://bugs.webkit.org/show_bug.cgi?id=148210 |
119 |
-RESTRICT="test" |
120 |
- |
121 |
-# Aqua support in gtk3 is untested |
122 |
-# Dependencies found at Source/cmake/OptionsGTK.cmake |
123 |
-# Various compile-time optionals for gtk+-3.22.0 - ensure it |
124 |
-# Missing OpenWebRTC checks and conditionals, but ENABLE_MEDIA_STREAM/ENABLE_WEB_RTC is experimental upstream (PRIVATE OFF) |
125 |
-RDEPEND=" |
126 |
- >=x11-libs/cairo-1.10.2:= |
127 |
- >=media-libs/fontconfig-2.8.0:1.0 |
128 |
- >=media-libs/freetype-2.4.2:2 |
129 |
- >=dev-libs/libgcrypt-1.6.0:0= |
130 |
- >=x11-libs/gtk+-3.22:3[aqua?,introspection?,wayland?,X?] |
131 |
- >=media-libs/harfbuzz-1.3.3:=[icu(+)] |
132 |
- >=dev-libs/icu-3.8.1-r1:= |
133 |
- virtual/jpeg:0= |
134 |
- >=net-libs/libsoup-2.48:2.4[introspection?] |
135 |
- >=dev-libs/libxml2-2.8.0:2 |
136 |
- >=media-libs/libpng-1.4:0= |
137 |
- dev-db/sqlite:3= |
138 |
- sys-libs/zlib:0 |
139 |
- >=dev-libs/atk-2.8.0 |
140 |
- media-libs/libwebp:= |
141 |
- |
142 |
- >=dev-libs/glib-2.40:2 |
143 |
- >=dev-libs/libxslt-1.1.7 |
144 |
- gnome-keyring? ( app-crypt/libsecret ) |
145 |
- geolocation? ( >=app-misc/geoclue-2.1.5:2.0 ) |
146 |
- introspection? ( >=dev-libs/gobject-introspection-1.32.0:= ) |
147 |
- dev-libs/libtasn1:= |
148 |
- >=dev-libs/libgcrypt-1.7.0:0= |
149 |
- nsplugin? ( >=x11-libs/gtk+-2.24.10:2 ) |
150 |
- spell? ( >=app-text/enchant-0.22:= ) |
151 |
- gstreamer? ( |
152 |
- >=media-libs/gstreamer-1.2.3:1.0 |
153 |
- >=media-libs/gst-plugins-base-1.2.3:1.0 |
154 |
- >=media-libs/gst-plugins-bad-1.10:1.0[opengl?,egl?] ) |
155 |
- |
156 |
- X? ( |
157 |
- x11-libs/cairo[X] |
158 |
- x11-libs/libX11 |
159 |
- x11-libs/libXcomposite |
160 |
- x11-libs/libXdamage |
161 |
- x11-libs/libXrender |
162 |
- x11-libs/libXt ) |
163 |
- |
164 |
- libnotify? ( x11-libs/libnotify ) |
165 |
- dev-libs/hyphen |
166 |
- |
167 |
- egl? ( media-libs/mesa[egl] ) |
168 |
- gles2? ( media-libs/mesa[gles2] ) |
169 |
- opengl? ( virtual/opengl |
170 |
- x11-libs/cairo[opengl] ) |
171 |
- webgl? ( |
172 |
- x11-libs/cairo[opengl] |
173 |
- x11-libs/libXcomposite |
174 |
- x11-libs/libXdamage ) |
175 |
-" |
176 |
- |
177 |
-# paxctl needed for bug #407085 |
178 |
-# Need real bison, not yacc |
179 |
-DEPEND="${RDEPEND} |
180 |
- ${PYTHON_DEPS} |
181 |
- ${RUBY_DEPS} |
182 |
- >=app-accessibility/at-spi2-core-2.5.3 |
183 |
- >=dev-lang/perl-5.10 |
184 |
- >=dev-util/gtk-doc-am-1.10 |
185 |
- >=dev-util/gperf-3.0.1 |
186 |
- >=sys-devel/bison-2.4.3 |
187 |
- || ( >=sys-devel/gcc-4.9 >=sys-devel/clang-3.3 ) |
188 |
- sys-devel/gettext |
189 |
- virtual/pkgconfig |
190 |
- |
191 |
- dev-lang/perl |
192 |
- virtual/perl-Data-Dumper |
193 |
- virtual/perl-Carp |
194 |
- |
195 |
- doc? ( >=dev-util/gtk-doc-1.10 ) |
196 |
- geolocation? ( dev-util/gdbus-codegen ) |
197 |
- introspection? ( jit? ( sys-apps/paxctl ) ) |
198 |
- test? ( |
199 |
- dev-lang/python:2.7 |
200 |
- dev-python/pygobject:3[python_targets_python2_7] |
201 |
- x11-themes/hicolor-icon-theme |
202 |
- jit? ( sys-apps/paxctl ) ) |
203 |
-" |
204 |
- |
205 |
-S="${WORKDIR}/${MY_P}" |
206 |
- |
207 |
-CHECKREQS_DISK_BUILD="18G" # and even this might not be enough, bug #417307 |
208 |
- |
209 |
-pkg_pretend() { |
210 |
- if [[ ${MERGE_TYPE} != "binary" ]] ; then |
211 |
- if is-flagq "-g*" && ! is-flagq "-g*0" ; then |
212 |
- einfo "Checking for sufficient disk space to build ${PN} with debugging CFLAGS" |
213 |
- check-reqs_pkg_pretend |
214 |
- fi |
215 |
- |
216 |
- if ! test-flag-CXX -std=c++11 ; then |
217 |
- die "You need at least GCC 4.9.x or Clang >= 3.3 for C++11-specific compiler flags" |
218 |
- fi |
219 |
- |
220 |
- if tc-is-gcc && [[ $(gcc-version) < 4.9 ]] ; then |
221 |
- die 'The active compiler needs to be gcc 4.9 (or newer)' |
222 |
- fi |
223 |
- fi |
224 |
-} |
225 |
- |
226 |
-pkg_setup() { |
227 |
- if [[ ${MERGE_TYPE} != "binary" ]] && is-flagq "-g*" && ! is-flagq "-g*0" ; then |
228 |
- check-reqs_pkg_setup |
229 |
- fi |
230 |
- |
231 |
- python-any-r1_pkg_setup |
232 |
-} |
233 |
- |
234 |
-src_prepare() { |
235 |
- # https://bugs.gentoo.org/show_bug.cgi?id=555504 |
236 |
- eapply "${FILESDIR}"/${PN}-2.8.5-fix-ia64-build.patch |
237 |
- cmake-utils_src_prepare |
238 |
- gnome2_src_prepare |
239 |
-} |
240 |
- |
241 |
-src_configure() { |
242 |
- # Respect CC, otherwise fails on prefix #395875 |
243 |
- tc-export CC |
244 |
- |
245 |
- # Arches without JIT support also need this to really disable it in all places |
246 |
- use jit || append-cppflags -DENABLE_JIT=0 -DENABLE_YARR_JIT=0 -DENABLE_ASSEMBLER=0 |
247 |
- |
248 |
- # It does not compile on alpha without this in LDFLAGS |
249 |
- # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=648761 |
250 |
- use alpha && append-ldflags "-Wl,--no-relax" |
251 |
- |
252 |
- # ld segfaults on ia64 with LDFLAGS --as-needed, bug #555504 |
253 |
- use ia64 && append-ldflags "-Wl,--no-as-needed" |
254 |
- |
255 |
- # Sigbuses on SPARC with mcpu and co., bug #??? |
256 |
- use sparc && filter-flags "-mvis" |
257 |
- |
258 |
- # https://bugs.webkit.org/show_bug.cgi?id=42070 , #301634 |
259 |
- use ppc64 && append-flags "-mminimal-toc" |
260 |
- |
261 |
- # Try to use less memory, bug #469942 (see Fedora .spec for reference) |
262 |
- # --no-keep-memory doesn't work on ia64, bug #502492 |
263 |
- if ! use ia64; then |
264 |
- append-ldflags "-Wl,--no-keep-memory" |
265 |
- fi |
266 |
- |
267 |
- # We try to use gold when possible for this package |
268 |
-# if ! tc-ld-is-gold ; then |
269 |
-# append-ldflags "-Wl,--reduce-memory-overheads" |
270 |
-# fi |
271 |
- |
272 |
- # Multiple rendering bugs on youtube, github, etc without this, bug #547224 |
273 |
- append-flags $(test-flags -fno-strict-aliasing) |
274 |
- |
275 |
- local ruby_interpreter="" |
276 |
- |
277 |
- if has_version "virtual/rubygems[ruby_targets_ruby24]"; then |
278 |
- ruby_interpreter="-DRUBY_EXECUTABLE=$(type -P ruby24)" |
279 |
- elif has_version "virtual/rubygems[ruby_targets_ruby23]"; then |
280 |
- ruby_interpreter="-DRUBY_EXECUTABLE=$(type -P ruby23)" |
281 |
- elif has_version "virtual/rubygems[ruby_targets_ruby22]"; then |
282 |
- ruby_interpreter="-DRUBY_EXECUTABLE=$(type -P ruby22)" |
283 |
- else |
284 |
- ruby_interpreter="-DRUBY_EXECUTABLE=$(type -P ruby21)" |
285 |
- fi |
286 |
- |
287 |
- # TODO: Check Web Audio support |
288 |
- # should somehow let user select between them? |
289 |
- # |
290 |
- # FTL_JIT requires llvm |
291 |
- # |
292 |
- # opengl needs to be explicetly handled, bug #576634 |
293 |
- |
294 |
- local opengl_enabled |
295 |
- if use opengl || use gles2; then |
296 |
- opengl_enabled=ON |
297 |
- else |
298 |
- opengl_enabled=OFF |
299 |
- fi |
300 |
- |
301 |
- # support for webgl (aka 2d-canvas accelerating) |
302 |
- local canvas_enabled |
303 |
- if use webgl && ! use gles2 ; then |
304 |
- canvas_enabled=ON |
305 |
- else |
306 |
- canvas_enabled=OFF |
307 |
- fi |
308 |
- |
309 |
- local mycmakeargs=( |
310 |
- -DENABLE_QUARTZ_TARGET=$(usex aqua) |
311 |
- -DENABLE_API_TESTS=$(usex test) |
312 |
- -DENABLE_GTKDOC=$(usex doc) |
313 |
- -DENABLE_GEOLOCATION=$(usex geolocation) |
314 |
- $(cmake-utils_use_find_package gles2 OpenGLES2) |
315 |
- -DENABLE_GLES2=$(usex gles2) |
316 |
- -DENABLE_VIDEO=$(usex gstreamer) |
317 |
- -DENABLE_WEB_AUDIO=$(usex gstreamer) |
318 |
- -DENABLE_INTROSPECTION=$(usex introspection) |
319 |
- -DENABLE_JIT=$(usex jit) |
320 |
- -DUSE_LIBNOTIFY=$(usex libnotify) |
321 |
- -DUSE_LIBSECRET=$(usex gnome-keyring) |
322 |
- -DENABLE_PLUGIN_PROCESS_GTK2=$(usex nsplugin) |
323 |
- -DENABLE_SPELLCHECK=$(usex spell) |
324 |
- -DENABLE_WAYLAND_TARGET=$(usex wayland) |
325 |
- -DENABLE_WEBGL=$(usex webgl) |
326 |
- $(cmake-utils_use_find_package egl EGL) |
327 |
- $(cmake-utils_use_find_package opengl OpenGL) |
328 |
- -DENABLE_X11_TARGET=$(usex X) |
329 |
- -DENABLE_OPENGL=${opengl_enabled} |
330 |
- -DENABLE_ACCELERATED_2D_CANVAS=${canvas_enabled} |
331 |
- -DCMAKE_BUILD_TYPE=Release |
332 |
- -DPORT=GTK |
333 |
- ${ruby_interpreter} |
334 |
- ) |
335 |
- |
336 |
- # Allow it to use GOLD when possible as it has all the magic to |
337 |
- # detect when to use it and using gold for this concrete package has |
338 |
- # multiple advantages and is also the upstream default, bug #585788 |
339 |
-# if tc-ld-is-gold ; then |
340 |
-# mycmakeargs+=( -DUSE_LD_GOLD=ON ) |
341 |
-# else |
342 |
-# mycmakeargs+=( -DUSE_LD_GOLD=OFF ) |
343 |
-# fi |
344 |
- |
345 |
- cmake-utils_src_configure |
346 |
-} |
347 |
- |
348 |
-src_compile() { |
349 |
- cmake-utils_src_compile |
350 |
-} |
351 |
- |
352 |
-src_test() { |
353 |
- # Prevents test failures on PaX systems |
354 |
- use jit && pax-mark m $(list-paxables Programs/*[Tt]ests/*) # Programs/unittests/.libs/test* |
355 |
- |
356 |
- cmake-utils_src_test |
357 |
-} |
358 |
- |
359 |
-src_install() { |
360 |
- cmake-utils_src_install |
361 |
- |
362 |
- # Prevents crashes on PaX systems, bug #522808 |
363 |
- use jit && pax-mark m "${ED}usr/libexec/webkit2gtk-4.0/jsc" "${ED}usr/libexec/webkit2gtk-4.0/WebKitWebProcess" |
364 |
- pax-mark m "${ED}usr/libexec/webkit2gtk-4.0/WebKitPluginProcess" |
365 |
- use nsplugin && pax-mark m "${ED}usr/libexec/webkit2gtk-4.0/WebKitPluginProcess"2 |
366 |
-} |