summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMart Raudsepp <leio@gentoo.org>2019-04-13 21:58:50 +0300
committerMart Raudsepp <leio@gentoo.org>2019-04-13 21:59:07 +0300
commit08e02e08cb8befcf19ded8e1cee3dd32025bf4bd (patch)
treef902be3be0550cfa9015d1371c9f4790e5054b3d /net-libs
parentpackage.mask: Last rite net-analyzer/gnu-netcat (diff)
downloadgentoo-08e02e08cb8befcf19ded8e1cee3dd32025bf4bd.tar.gz
gentoo-08e02e08cb8befcf19ded8e1cee3dd32025bf4bd.tar.bz2
gentoo-08e02e08cb8befcf19ded8e1cee3dd32025bf4bd.zip
net-libs/webkit-gtk: security bump to 2.24.1, drop JIT control
JIT manual control is getting complicated for limited benefits, which mostly involve oneself shooting in the foot. Let upstream build system figure out whether it should do JIT or not and don't get in the way. May be revisited based on any fallout and relevant bug reports after discussions on such reports convince it's needed. Bug: https://bugs.gentoo.org/683234 Bug: https://bugs.gentoo.org/680580 Bug: https://bugs.gentoo.org/680464 Package-Manager: Portage-2.3.52, Repoman-2.3.12 Signed-off-by: Mart Raudsepp <leio@gentoo.org>
Diffstat (limited to 'net-libs')
-rw-r--r--net-libs/webkit-gtk/Manifest1
-rw-r--r--net-libs/webkit-gtk/webkit-gtk-2.24.1.ebuild281
2 files changed, 282 insertions, 0 deletions
diff --git a/net-libs/webkit-gtk/Manifest b/net-libs/webkit-gtk/Manifest
index 6b8e6450a8c..8d6471e0bc8 100644
--- a/net-libs/webkit-gtk/Manifest
+++ b/net-libs/webkit-gtk/Manifest
@@ -1,3 +1,4 @@
DIST webkitgtk-2.22.6.tar.xz 16773696 BLAKE2B 06ef81168f2c5c6a10362d7ebe0270c863e7eccc02a6b1f1486a01c3e583295d12f7ba5aa0ccc1ffa36f7e1c884b144ccc4203cf00f3096afa74957bc6875d71 SHA512 18f4a4c145b524bebf1eaae58057e1e6cb74ba5a162c5195f072ba25c4399e7749c74fe6f8e9351bb9f2630a2c43f59935943e5bb318a5c4977f727a68602709
DIST webkitgtk-2.22.7.tar.xz 16777676 BLAKE2B 3be5559fce7a07828a7c2a4742218efa5a8434b6e019301b70b969718a3679336b6cb6cf4270bbead814e29c7c19a7c4bf8223df2aa86e1a799364fd9bba393e SHA512 c11f60b14f279752bb75efce4b69cbfd75e854bfb16772edc3b24d28eff2fb65090e03f24c1cfaf1f27668e017d877e04d5210560da70568029c5af33a916126
DIST webkitgtk-2.24.0.tar.xz 17894000 BLAKE2B 55b43ce104c976f73f9fb71a9c395f0636de5547f62f829c098a709b28668b78dab06f90110e387c5c6f33e2c5033cdfafd6adcafb83d03f77b361d315881397 SHA512 7a1444b22fb59ecdd638344acf3525f1ef9204215a568e185f2ac7f4e43cf89c7be307be31d51ec46231bbf5e9470e48d56395873d7368aca8022ff5c4100dab
+DIST webkitgtk-2.24.1.tar.xz 17897488 BLAKE2B 62cd6d896d4b4847430f0d41de92595e955db283626dad2aa560071da12ccd0c24093163e15cc50c30ceb96f9767797f9051657ec68f822e7e371c8566872ad5 SHA512 65424f03b6baca53d64f0d633f53e2f7788c7fb65aa8b50b696418c140707c40351ec3cc0a8652806d75b9da98a04a8bb4203dd6ee4c51a3f93878964354c1ca
diff --git a/net-libs/webkit-gtk/webkit-gtk-2.24.1.ebuild b/net-libs/webkit-gtk/webkit-gtk-2.24.1.ebuild
new file mode 100644
index 00000000000..5c4c67891ba
--- /dev/null
+++ b/net-libs/webkit-gtk/webkit-gtk-2.24.1.ebuild
@@ -0,0 +1,281 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+CMAKE_MAKEFILE_GENERATOR="ninja"
+PYTHON_COMPAT=( python{2_7,3_5,3_6,3_7} )
+USE_RUBY="ruby24 ruby25 ruby26"
+
+inherit check-reqs cmake-utils flag-o-matic gnome2 pax-utils python-any-r1 ruby-single toolchain-funcs virtualx
+
+MY_P="webkitgtk-${PV}"
+DESCRIPTION="Open source web browser engine"
+HOMEPAGE="https://www.webkitgtk.org"
+SRC_URI="https://www.webkitgtk.org/releases/${MY_P}.tar.xz"
+
+LICENSE="LGPL-2+ BSD"
+SLOT="4/37" # soname version of libwebkit2gtk-4.0
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~amd64-fbsd ~amd64-linux ~x86-linux ~x86-macos"
+
+IUSE="aqua coverage doc +egl +geolocation gles2 gnome-keyring +gstreamer +introspection jpeg2k libnotify nsplugin +opengl spell wayland +webgl +X"
+
+# webgl needs gstreamer, bug #560612
+# gstreamer with opengl/gles2 needs egl
+REQUIRED_USE="
+ geolocation? ( introspection )
+ gles2? ( egl !opengl )
+ gstreamer? ( opengl? ( egl ) )
+ nsplugin? ( X )
+ webgl? ( gstreamer
+ || ( gles2 opengl ) )
+ wayland? ( egl )
+ || ( aqua wayland X )
+"
+
+# Tests fail to link for inexplicable reasons
+# https://bugs.webkit.org/show_bug.cgi?id=148210
+RESTRICT="test"
+
+# Aqua support in gtk3 is untested
+# Dependencies found at Source/cmake/OptionsGTK.cmake
+# Various compile-time optionals for gtk+-3.22.0 - ensure it
+# Missing OpenWebRTC checks and conditionals, but ENABLE_MEDIA_STREAM/ENABLE_WEB_RTC is experimental upstream (PRIVATE OFF)
+# >=gst-plugins-opus-1.14.4-r1 for opusparse (required by MSE)
+RDEPEND="
+ >=x11-libs/cairo-1.16.0:=[X?]
+ >=media-libs/fontconfig-2.13.0:1.0
+ >=media-libs/freetype-2.9.0:2
+ >=dev-libs/libgcrypt-1.7.0:0=
+ >=x11-libs/gtk+-3.22:3[aqua?,introspection?,wayland?,X?]
+ >=media-libs/harfbuzz-1.4.2:=[icu(+)]
+ >=dev-libs/icu-3.8.1-r1:=
+ virtual/jpeg:0=
+ >=net-libs/libsoup-2.48:2.4[introspection?]
+ >=dev-libs/libxml2-2.8.0:2
+ >=media-libs/libpng-1.4:0=
+ dev-db/sqlite:3=
+ sys-libs/zlib:0
+ >=dev-libs/atk-2.8.0
+ media-libs/libwebp:=
+
+ >=dev-libs/glib-2.40:2
+ >=dev-libs/libxslt-1.1.7
+ media-libs/woff2
+ gnome-keyring? ( app-crypt/libsecret )
+ geolocation? ( >=app-misc/geoclue-2.1.5:2.0 )
+ introspection? ( >=dev-libs/gobject-introspection-1.32.0:= )
+ dev-libs/libtasn1:=
+ nsplugin? ( >=x11-libs/gtk+-2.24.10:2 )
+ spell? ( >=app-text/enchant-0.22:= )
+ gstreamer? (
+ >=media-libs/gstreamer-1.14:1.0
+ >=media-libs/gst-plugins-base-1.14:1.0[egl?,gles2?,opengl?]
+ >=media-plugins/gst-plugins-opus-1.14.4-r1:1.0
+ >=media-libs/gst-plugins-bad-1.14:1.0 )
+
+ X? (
+ x11-libs/libX11
+ x11-libs/libXcomposite
+ x11-libs/libXdamage
+ x11-libs/libXrender
+ x11-libs/libXt )
+
+ libnotify? ( x11-libs/libnotify )
+ dev-libs/hyphen
+ jpeg2k? ( >=media-libs/openjpeg-2.2.0:2= )
+
+ egl? ( media-libs/mesa[egl] )
+ gles2? ( media-libs/mesa[gles2] )
+ opengl? ( virtual/opengl )
+ webgl? (
+ x11-libs/libXcomposite
+ x11-libs/libXdamage )
+"
+
+# paxctl needed for bug #407085
+# Need real bison, not yacc
+DEPEND="${RDEPEND}
+ ${PYTHON_DEPS}
+ ${RUBY_DEPS}
+ >=app-accessibility/at-spi2-core-2.5.3
+ dev-util/glib-utils
+ >=dev-util/gtk-doc-am-1.10
+ >=dev-util/gperf-3.0.1
+ >=sys-devel/bison-2.4.3
+ || ( >=sys-devel/gcc-6.0 >=sys-devel/clang-3.3 )
+ sys-devel/gettext
+ virtual/pkgconfig
+
+ >=dev-lang/perl-5.10
+ virtual/perl-Data-Dumper
+ virtual/perl-Carp
+ virtual/perl-JSON-PP
+
+ doc? ( >=dev-util/gtk-doc-1.10 )
+ geolocation? ( dev-util/gdbus-codegen )
+"
+# test? (
+# dev-python/pygobject:3[python_targets_python2_7]
+# x11-themes/hicolor-icon-theme
+# jit? ( sys-apps/paxctl ) )
+
+S="${WORKDIR}/${MY_P}"
+
+CHECKREQS_DISK_BUILD="18G" # and even this might not be enough, bug #417307
+
+pkg_pretend() {
+ if [[ ${MERGE_TYPE} != "binary" ]] ; then
+ if is-flagq "-g*" && ! is-flagq "-g*0" ; then
+ einfo "Checking for sufficient disk space to build ${PN} with debugging CFLAGS"
+ check-reqs_pkg_pretend
+ fi
+
+ if ! test-flag-CXX -std=c++11 ; then
+ die "You need at least GCC 4.9.x or Clang >= 3.3 for C++11-specific compiler flags"
+ fi
+
+ if tc-is-gcc && [[ $(gcc-version) < 4.9 ]] ; then
+ die 'The active compiler needs to be gcc 4.9 (or newer)'
+ fi
+ fi
+
+ if ! use opengl && ! use gles2; then
+ ewarn
+ ewarn "You are disabling OpenGL usage (USE=opengl or USE=gles) completely."
+ ewarn "This is an unsupported configuration meant for very specific embedded"
+ ewarn "use cases, where there truly is no GL possible (and even that use case"
+ ewarn "is very unlikely to come by). If you have GL (even software-only), you"
+ ewarn "really really should be enabling OpenGL!"
+ ewarn
+ fi
+}
+
+pkg_setup() {
+ if [[ ${MERGE_TYPE} != "binary" ]] && is-flagq "-g*" && ! is-flagq "-g*0" ; then
+ check-reqs_pkg_setup
+ fi
+
+ python-any-r1_pkg_setup
+}
+
+src_prepare() {
+ cmake-utils_src_prepare
+ gnome2_src_prepare
+}
+
+src_configure() {
+ # Respect CC, otherwise fails on prefix #395875
+ tc-export CC
+
+ # It does not compile on alpha without this in LDFLAGS
+ # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=648761
+ use alpha && append-ldflags "-Wl,--no-relax"
+
+ # ld segfaults on ia64 with LDFLAGS --as-needed, bug #555504
+ use ia64 && append-ldflags "-Wl,--no-as-needed"
+
+ # Sigbuses on SPARC with mcpu and co., bug #???
+ use sparc && filter-flags "-mvis"
+
+ # https://bugs.webkit.org/show_bug.cgi?id=42070 , #301634
+ use ppc64 && append-flags "-mminimal-toc"
+
+ # Try to use less memory, bug #469942 (see Fedora .spec for reference)
+ # --no-keep-memory doesn't work on ia64, bug #502492
+ if ! use ia64; then
+ append-ldflags "-Wl,--no-keep-memory"
+ fi
+
+ # We try to use gold when possible for this package
+# if ! tc-ld-is-gold ; then
+# append-ldflags "-Wl,--reduce-memory-overheads"
+# fi
+
+ # Multiple rendering bugs on youtube, github, etc without this, bug #547224
+ append-flags $(test-flags -fno-strict-aliasing)
+
+ # Ruby situation is a bit complicated. See bug 513888
+ local rubyimpl
+ local ruby_interpreter=""
+ for rubyimpl in ${USE_RUBY}; do
+ if has_version "virtual/rubygems[ruby_targets_${rubyimpl}]"; then
+ ruby_interpreter="-DRUBY_EXECUTABLE=$(type -P ${rubyimpl})"
+ fi
+ done
+ # This will rarely occur. Only a couple of corner cases could lead us to
+ # that failure. See bug 513888
+ [[ -z $ruby_interpreter ]] && die "No suitable ruby interpreter found"
+
+ # TODO: Check Web Audio support
+ # should somehow let user select between them?
+ #
+ # FTL_JIT requires llvm
+ #
+ # opengl needs to be explicetly handled, bug #576634
+
+ local opengl_enabled
+ if use opengl || use gles2; then
+ opengl_enabled=ON
+ else
+ opengl_enabled=OFF
+ fi
+
+ local mycmakeargs=(
+ #-DENABLE_UNIFIED_BUILDS=$(usex jumbo-build) # broken in 2.24.1
+ -DENABLE_QUARTZ_TARGET=$(usex aqua)
+ -DENABLE_API_TESTS=$(usex test)
+ -DENABLE_GTKDOC=$(usex doc)
+ -DENABLE_GEOLOCATION=$(usex geolocation)
+ $(cmake-utils_use_find_package gles2 OpenGLES2)
+ -DENABLE_GLES2=$(usex gles2)
+ -DENABLE_VIDEO=$(usex gstreamer)
+ -DENABLE_WEB_AUDIO=$(usex gstreamer)
+ -DENABLE_INTROSPECTION=$(usex introspection)
+ -DUSE_LIBNOTIFY=$(usex libnotify)
+ -DUSE_LIBSECRET=$(usex gnome-keyring)
+ -DUSE_OPENJPEG=$(usex jpeg2k)
+ -DUSE_WOFF2=ON
+ -DENABLE_PLUGIN_PROCESS_GTK2=$(usex nsplugin)
+ -DENABLE_SPELLCHECK=$(usex spell)
+ -DENABLE_WAYLAND_TARGET=$(usex wayland)
+ -DENABLE_WEBGL=$(usex webgl)
+ $(cmake-utils_use_find_package egl EGL)
+ $(cmake-utils_use_find_package opengl OpenGL)
+ -DENABLE_X11_TARGET=$(usex X)
+ -DENABLE_OPENGL=${opengl_enabled}
+ -DCMAKE_BUILD_TYPE=Release
+ -DPORT=GTK
+ ${ruby_interpreter}
+ )
+
+ # Allow it to use GOLD when possible as it has all the magic to
+ # detect when to use it and using gold for this concrete package has
+ # multiple advantages and is also the upstream default, bug #585788
+# if tc-ld-is-gold ; then
+# mycmakeargs+=( -DUSE_LD_GOLD=ON )
+# else
+# mycmakeargs+=( -DUSE_LD_GOLD=OFF )
+# fi
+
+ cmake-utils_src_configure
+}
+
+src_compile() {
+ cmake-utils_src_compile
+}
+
+src_test() {
+ # Prevents test failures on PaX systems
+ pax-mark m $(list-paxables Programs/*[Tt]ests/*) # Programs/unittests/.libs/test*
+
+ cmake-utils_src_test
+}
+
+src_install() {
+ cmake-utils_src_install
+
+ # Prevents crashes on PaX systems, bug #522808
+ pax-mark m "${ED}usr/libexec/webkit2gtk-4.0/jsc" "${ED}usr/libexec/webkit2gtk-4.0/WebKitWebProcess"
+ pax-mark m "${ED}usr/libexec/webkit2gtk-4.0/WebKitPluginProcess"
+ use nsplugin && pax-mark m "${ED}usr/libexec/webkit2gtk-4.0/WebKitPluginProcess"2
+}