From de6edc8f465000ecea3981fb87efef3437e36ccd Mon Sep 17 00:00:00 2001 From: bill-auger Date: Sun, 6 Dec 2020 20:19:57 -0500 Subject: [icedove-extension-enigmail]: rebuild against latest gnupg --- ...le-Thunderbird-78-upgrade-warning-message.patch | 31 ++++++ .../0001-genxpi-make-XPI-files-reproducible.patch | 65 ++++++++++++ libre/icedove-extension-enigmail/PKGBUILD | 112 +++++++++------------ 3 files changed, 144 insertions(+), 64 deletions(-) create mode 100644 libre/icedove-extension-enigmail/0001-Disable-Thunderbird-78-upgrade-warning-message.patch create mode 100644 libre/icedove-extension-enigmail/0001-genxpi-make-XPI-files-reproducible.patch (limited to 'libre/icedove-extension-enigmail') diff --git a/libre/icedove-extension-enigmail/0001-Disable-Thunderbird-78-upgrade-warning-message.patch b/libre/icedove-extension-enigmail/0001-Disable-Thunderbird-78-upgrade-warning-message.patch new file mode 100644 index 000000000..8dadb364b --- /dev/null +++ b/libre/icedove-extension-enigmail/0001-Disable-Thunderbird-78-upgrade-warning-message.patch @@ -0,0 +1,31 @@ +From e60a1b92dc4876ffcb077fafb097246f60eff766 Mon Sep 17 00:00:00 2001 +From: Jonas Witschel +Date: Sun, 5 Jul 2020 13:43:42 +0200 +Subject: [PATCH] Disable Thunderbird 78 upgrade warning message + +--- + package/configure.jsm | 9 ++++++++- + 1 file changed, 8 insertions(+), 1 deletion(-) + +diff --git a/package/configure.jsm b/package/configure.jsm +index 1a10f901..da521a22 100644 +--- a/package/configure.jsm ++++ b/package/configure.jsm +@@ -309,6 +309,13 @@ var EnigmailConfigure = { + }, + + upgradeTo217: function(win) { +- if (!EnigmailCompat.isPostbox()) displayUpgradeInfo(win); ++ /* Enigmail obtained from addons.mozilla.org shows a warning that the extension will stop ++ working with Thunderbird >= 78 and that users should hold back on upgrading Thunderbird until ++ its new builtin OpenPGP support is mature (expected for Thunderbird 78.2). This makes sense for ++ users of the builtin Thunderbird auto-update function, but less so for user obtaining Thunderbird ++ from a distribution repository, since it encourages partial upgrades. Hence for Arch Linux we ++ remove this warning and add a versioned dependency on Thunderbird < 78 instead to prevent users ++ from accidentally upgrading to the next release while still having Enigmail installed. */ ++ // if (!EnigmailCompat.isPostbox()) displayUpgradeInfo(win); + } + }; +-- +2.27.0 + diff --git a/libre/icedove-extension-enigmail/0001-genxpi-make-XPI-files-reproducible.patch b/libre/icedove-extension-enigmail/0001-genxpi-make-XPI-files-reproducible.patch new file mode 100644 index 000000000..a6eb62a7f --- /dev/null +++ b/libre/icedove-extension-enigmail/0001-genxpi-make-XPI-files-reproducible.patch @@ -0,0 +1,65 @@ +From a68b0efbd2002aeb6aa1240b8611cbb97b84d7a7 Mon Sep 17 00:00:00 2001 +From: Jonas Witschel +Date: Fri, 10 Jul 2020 19:02:43 +0200 +Subject: [PATCH] genxpi: make XPI files reproducible + +zip records the mtime of packed files, making it harder to reproduce the +generated file bit for bit. Use the SOURCE_DATE_EPOCH specification that is +already respected in other places of this project (package/Makefile) to set the +modification time to a known, reproducible value. + +To avoid embedding time zone information and Unix UIDs/GIDs as further sources +of unreproducibilty use "export TZ=UTC" and "zip -X", resp. Also make the mtime +of the generated XPI file reproducible using "zip -o" for good measure. +--- + util/genxpi | 23 +++++++++++++++++------ + 1 file changed, 17 insertions(+), 6 deletions(-) + +diff --git a/util/genxpi b/util/genxpi +index 9d7c39e5..36110e02 100755 +--- a/util/genxpi ++++ b/util/genxpi +@@ -60,9 +60,10 @@ find chrome/content/modules -name "*.js*" | LC_ALL=C sort > chrome/content/modul + + echo "Creating ${xpiFile} file" + +-zip -9 --must-match\ +- ../${xpiFile} \ +- chrome/content/preferences/defaultPrefs.js \ ++# Avoid embedding time zone information about the current system into the XPI ++export TZ=UTC ++ ++set chrome/content/preferences/defaultPrefs.js \ + chrome/content/modules/addrbook.jsm \ + chrome/content/modules/amPrefsService.jsm \ + chrome/content/modules/app.jsm \ +@@ -184,9 +185,15 @@ zip -9 --must-match\ + chrome/content/modules/all-modules.txt \ + chrome/content/am-enigprefs.xul + +-zip -9 \ +- ../${xpiFile} \ +- chrome/content/ui/*.* \ ++# Set modification timestamps to a fixed value for reproducibilty ++[ -n "$SOURCE_DATE_EPOCH" ] && touch --date "@$SOURCE_DATE_EPOCH" -- "$@" ++zip -9 -o -X --must-match ../${xpiFile} "$@" ++ ++if [ $? -ne 0 ]; then ++ exit 1 ++fi ++ ++set chrome/content/ui/*.* \ + chrome/skin/aero/*.* \ + chrome/skin/modern/*.* \ + chrome/skin/tb-mac/*.* \ +@@ -198,3 +205,7 @@ zip -9 \ + bootstrap.js \ + chrome.manifest \ + ${pkgFile} ++ ++# Set modification timestamps to a fixed value for reproducibilty ++[ -n "$SOURCE_DATE_EPOCH" ] && touch --date "@$SOURCE_DATE_EPOCH" -- "$@" ++zip -9 -o -X ../${xpiFile} "$@" +-- +2.27.0 + diff --git a/libre/icedove-extension-enigmail/PKGBUILD b/libre/icedove-extension-enigmail/PKGBUILD index 8d4123d52..0e82deacb 100644 --- a/libre/icedove-extension-enigmail/PKGBUILD +++ b/libre/icedove-extension-enigmail/PKGBUILD @@ -9,87 +9,71 @@ # Contributor (Arch): Hinrich Harms # Maintainer: Omar Vega Ramos + # parabola changes and rationale: -# * allow building per-arch versioned packages +# * replace 'thunderbird' dependency with 'icedove' # * apply dependency version constraints +# * allow building arch-specific packages (different version constraints) _pkgname=thunderbird-extension-enigmail pkgname=icedove-extension-enigmail -_pkgver_x86_64=2.1.7 -_pkgver_i686=2.1.7 -_pkgver_armv7h=2.1.6 -_pkgrel_x86_64=3.parabola2 -_pkgrel_i686=3.parabola1 -_pkgrel_armv7h=2.parabola1 +pkgver=2.1.7 +pkgrel=3 +pkgrel+=.parabola3 _icedove_epoch=1 -eval "pkgver=\$_pkgver_${CARCH}" # this is actually an 'any' package -eval "pkgrel=\$_pkgrel_${CARCH}" # but our different arches do not always roll at the same speed pkgdesc="OpenPGP message encryption and authentication for Icedove" -arch=('armv7h' 'i686' 'x86_64') +arch=(armv7h i686 x86_64) # this could be an 'any' package; but arches roll at different speeds url="https://www.enigmail.net/" license=('MPL' 'GPL3') +depends=('gnupg' 'icedove') makedepends=('zip' 'python' 'perl') -replaces=($_pkgname 'icedove-enigmail') -conflicts=($_pkgname) -provides=($_pkgname) +replaces=($_pkgname) source=("https://www.enigmail.net/download/source/enigmail-${pkgver}.tar.gz"{,.asc} "0001-preferences-disable-pEpAutoDownload-by-default.patch" "0001-Disable-Thunderbird-78-upgrade-warning-message.patch" "0001-genxpi-make-XPI-files-reproducible.patch") -_sha512sums_x86_64=('1b57091c8ab9aaa086f327b78d904d688c850b6d39e37e2dac82e0629c0279723eae4608ecd08a24efe9ed1bdc86fbc497e97cd800c7349a70612a42b98f3e41' - 'SKIP' - 'baebd963400574db89be747a4419534f945bdc64136d4014656ff98a9615a23984bca724da3f3840670979aab08ce441eee067921e21d0cb216938a20ed785b2' - '4ddf887765e4296b3c639748d875b179d1e2a5fb38ad16e2918f115a9ff9a05e2f9c66218544f7ab8189f096908df761d4047fd5d23972c02737e46c4a0c843c' - '3902e09d801f8a3fd493450a85c23d3cd95c68465df0025599e6c923b9708a6cb0cb09920170ec5055d55a56e287ae468460fca150f7be8af9d83cffa1a40427') -_sha512sums_i686=('1b57091c8ab9aaa086f327b78d904d688c850b6d39e37e2dac82e0629c0279723eae4608ecd08a24efe9ed1bdc86fbc497e97cd800c7349a70612a42b98f3e41' - 'SKIP' - 'baebd963400574db89be747a4419534f945bdc64136d4014656ff98a9615a23984bca724da3f3840670979aab08ce441eee067921e21d0cb216938a20ed785b2' - '4ddf887765e4296b3c639748d875b179d1e2a5fb38ad16e2918f115a9ff9a05e2f9c66218544f7ab8189f096908df761d4047fd5d23972c02737e46c4a0c843c' - '3902e09d801f8a3fd493450a85c23d3cd95c68465df0025599e6c923b9708a6cb0cb09920170ec5055d55a56e287ae468460fca150f7be8af9d83cffa1a40427') -_sha512sums_armv7h=('72159287601ed95052fcdeb3c973714e775150ba41894ecb6474798fd5109ab18dee0e3b8874a920fd07d3b184ed2034cf75f7baff4e14307d8739a312193919' - 'SKIP' - 'baebd963400574db89be747a4419534f945bdc64136d4014656ff98a9615a23984bca724da3f3840670979aab08ce441eee067921e21d0cb216938a20ed785b2' - '4ddf887765e4296b3c639748d875b179d1e2a5fb38ad16e2918f115a9ff9a05e2f9c66218544f7ab8189f096908df761d4047fd5d23972c02737e46c4a0c843c' - '3902e09d801f8a3fd493450a85c23d3cd95c68465df0025599e6c923b9708a6cb0cb09920170ec5055d55a56e287ae468460fca150f7be8af9d83cffa1a40427') -eval "sha512sums=(\${_sha512sums_${CARCH}[*]})" -_b2sums_x86_64=('8f6d1ec16b48219c75c6dbcddf4807ed57965eeec29776e7c757d5aa34da6bfdbbb58964ee3d7de2efcb65ab69fa5b020f1a8ec01cd8eee662d8195a217cdc69' - 'SKIP' - 'c593ed7b094d9feecb2f14624cf0628ab390c96f0fb0212ab0069333508b59057ef4b0518da1bf59eb8aaf0942303c4c45afab76d0b8e77a93763eab975cb4c0' - 'a2ba38e56f14a87834023076a75a6c59bc17488104227d8db3e31072f2dcc6488808a980b4073111dec4cf4661349c3e995b8226808c3038d96f2cab666eb90b' - '55709a3fd099fab4b11289518a44f2b53e81031606529cec5b4786e796de438faefa52f2a7ab3d29d6b3aca120e279f30d6d7ba3c3e3d02ca2abcb85f1652661') -_b2sums_i686=('8f6d1ec16b48219c75c6dbcddf4807ed57965eeec29776e7c757d5aa34da6bfdbbb58964ee3d7de2efcb65ab69fa5b020f1a8ec01cd8eee662d8195a217cdc69' - 'SKIP' - 'c593ed7b094d9feecb2f14624cf0628ab390c96f0fb0212ab0069333508b59057ef4b0518da1bf59eb8aaf0942303c4c45afab76d0b8e77a93763eab975cb4c0' - 'a2ba38e56f14a87834023076a75a6c59bc17488104227d8db3e31072f2dcc6488808a980b4073111dec4cf4661349c3e995b8226808c3038d96f2cab666eb90b' - '55709a3fd099fab4b11289518a44f2b53e81031606529cec5b4786e796de438faefa52f2a7ab3d29d6b3aca120e279f30d6d7ba3c3e3d02ca2abcb85f1652661') -_b2sums_armv7h=('8f6d1ec16b48219c75c6dbcddf4807ed57965eeec29776e7c757d5aa34da6bfdbbb58964ee3d7de2efcb65ab69fa5b020f1a8ec01cd8eee662d8195a217cdc69' - 'SKIP' - 'c593ed7b094d9feecb2f14624cf0628ab390c96f0fb0212ab0069333508b59057ef4b0518da1bf59eb8aaf0942303c4c45afab76d0b8e77a93763eab975cb4c0' - 'a2ba38e56f14a87834023076a75a6c59bc17488104227d8db3e31072f2dcc6488808a980b4073111dec4cf4661349c3e995b8226808c3038d96f2cab666eb90b' - '55709a3fd099fab4b11289518a44f2b53e81031606529cec5b4786e796de438faefa52f2a7ab3d29d6b3aca120e279f30d6d7ba3c3e3d02ca2abcb85f1652661') -eval "b2sums=(\${_b2sums_${CARCH}[*]})" +sha512sums=('1b57091c8ab9aaa086f327b78d904d688c850b6d39e37e2dac82e0629c0279723eae4608ecd08a24efe9ed1bdc86fbc497e97cd800c7349a70612a42b98f3e41' + 'SKIP' + 'baebd963400574db89be747a4419534f945bdc64136d4014656ff98a9615a23984bca724da3f3840670979aab08ce441eee067921e21d0cb216938a20ed785b2' + '4ddf887765e4296b3c639748d875b179d1e2a5fb38ad16e2918f115a9ff9a05e2f9c66218544f7ab8189f096908df761d4047fd5d23972c02737e46c4a0c843c' + '3902e09d801f8a3fd493450a85c23d3cd95c68465df0025599e6c923b9708a6cb0cb09920170ec5055d55a56e287ae468460fca150f7be8af9d83cffa1a40427') +b2sums=('8f6d1ec16b48219c75c6dbcddf4807ed57965eeec29776e7c757d5aa34da6bfdbbb58964ee3d7de2efcb65ab69fa5b020f1a8ec01cd8eee662d8195a217cdc69' + 'SKIP' + 'c593ed7b094d9feecb2f14624cf0628ab390c96f0fb0212ab0069333508b59057ef4b0518da1bf59eb8aaf0942303c4c45afab76d0b8e77a93763eab975cb4c0' + 'a2ba38e56f14a87834023076a75a6c59bc17488104227d8db3e31072f2dcc6488808a980b4073111dec4cf4661349c3e995b8226808c3038d96f2cab666eb90b' + '55709a3fd099fab4b11289518a44f2b53e81031606529cec5b4786e796de438faefa52f2a7ab3d29d6b3aca120e279f30d6d7ba3c3e3d02ca2abcb85f1652661') validpgpkeys=('4F9F89F5505AC1D1A260631CDB1187B9DD5F693B') # Patrick Brunschwig -_version_constraint() # (dep_pkgname) +_version_constraint() # (dep_pkgname [precision]) { local dep_pkgname=$1 local full_version=$(pacman -S --print-format='%v' ${dep_pkgname} | tail -n 1) - - if [[ -z "${full_version}" ]] || [[ "${full_version}" =~ ' ' ]] - then echo "ERROR: _version_constraint() dep_pkgname=${dep_pkgname} full_version='${full_version}'" >&2 - exit 1 - else local version=${full_version%-*} - local version_inc=${version%.*}.$(( ${version##*.} + 1 )) + local n_dots=$(tmp=${full_version%-*} ; tmp=${tmp//[^\.]} ; echo "${#tmp}") + local def_precision=$(( n_dots + 1 )) + local precision=$( [[ "$2" =~ ^[1-${def_precision}]$ ]] && echo $2 || echo ${def_precision} ) + local pkgver_rx='[^-\.\ ]+' + local subver_rx='\.'${pkgver_rx} + local pkgrel_rx='[^-\ ]+' + local capture_rx=${pkgver_rx} + for (( n_dots=1 ; n_dots < precision ; n_dots++ )) ; do capture_rx+=${subver_rx} ; done ; + + if [[ "${full_version}" =~ ^(${capture_rx})(${subver_rx})*-${pkgrel_rx}$ ]] + then local version=${BASH_REMATCH[1]} + local subver_inc=$(( ${version##*.} + 1 )) + local version_inc=$( [[ "${version}" =~ \. ]] && echo ${version%.*}.${subver_inc} || \ + echo ${subver_inc} ) local constraint_string="${dep_pkgname}>=${version} ${dep_pkgname}<${version_inc}" echo "applied version constraint: ${constraint_string}" >&2 + echo -n "${constraint_string}" + else echo "ERROR: _version_constraint() error parsing: dep_pkgname='${dep_pkgname}' full_version='${full_version}'" >&2 + exit 1 fi } - prepare() { cd "${srcdir}"/enigmail @@ -113,17 +97,17 @@ build() { } package() { - # dependency version contraints - local min_max_icedove_vers=( $(grep strict_.*_version "${srcdir}"/enigmail/build-tb/dist/manifest.json | sed 's|.*: "\([0-9]*\)\..*|\1|g') ) - local min_icedove_ver=${min_max_icedove_vers[0]} - local max_icedove_ver=${min_max_icedove_vers[1]} - local icedove_constraint_string="icedove>=${_icedove_epoch}:${min_icedove_ver} icedove<${_icedove_epoch}:$(( max_icedove_ver + 1 ))" - local gnupg_constraint_string="$(_version_constraint 'gnupg')" - if (( ${min_icedove_ver} + 0 )) && (( ${max_icedove_ver} + 0 )) - then depends+=( ${icedove_constraint_string} ${gnupg_constraint_string} ) - echo "applied version constraint: icedove>=${min_icedove_ver} icedove<$(( max_icedove_ver + 1 ))" - else echo "ERROR: failed to parse icedove version from manifest.json min_icedove_ver='${min_icedove_ver}'" >&2 - return 1 + # parabola dependency version contraints + local gnupg_constraints="$( _version_constraint 'gnupg' )" + local icedove_constraints="$(_version_constraint 'icedove')" + depends+=( ${gnupg_constraints} ${icedove_constraints} ) + + # upstream min thunderbird version contraint + local min_icedove_ver=$(grep strict_min_version "${srcdir}"/enigmail/build-tb/dist/manifest.json | sed 's|.*: "\([0-9]*\)\..*|\1|g') + if (( min_icedove_ver + 0 )) + then local constraint_string="icedove>=${_icedove_epoch}:${min_icedove_ver}" + depends+=(${constraint_string}) + echo "applied upstream icedove version constraint: ${constraint_string}" fi cd "${srcdir}"/enigmail -- cgit v1.2.3