summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJory A. Pratt <anarchy@gentoo.org>2017-01-08 15:32:39 -0600
committerJory A. Pratt <anarchy@gentoo.org>2017-01-08 15:40:26 -0600
commit7792f12a30bf5c99ed3348ec2eb4b8f53375c5d8 (patch)
treeeeeb8d53995af7a651d3165ae87bff2f66ea9fd6 /www-client/firefox
parentwww-client/seamonkey - Ensure all users receive nss/sed fixes (diff)
downloadgentoo-7792f12a30bf5c99ed3348ec2eb4b8f53375c5d8.tar.gz
gentoo-7792f12a30bf5c99ed3348ec2eb4b8f53375c5d8.tar.bz2
gentoo-7792f12a30bf5c99ed3348ec2eb4b8f53375c5d8.zip
www-client/firefox - Fix sed-4.3 support, add support for >=nss-3.28
Diffstat (limited to 'www-client/firefox')
-rw-r--r--www-client/firefox/files/mozilla_configure_regexp.patch22
-rw-r--r--www-client/firefox/files/mozilla_configure_regexp_esr.patch32
-rw-r--r--www-client/firefox/files/update_h2_curve.patch30
-rw-r--r--www-client/firefox/firefox-45.6.0-r1.ebuild (renamed from www-client/firefox/firefox-45.6.0.ebuild)4
-rw-r--r--www-client/firefox/firefox-50.1.0-r1.ebuild (renamed from www-client/firefox/firefox-50.1.0.ebuild)2
5 files changed, 89 insertions, 1 deletions
diff --git a/www-client/firefox/files/mozilla_configure_regexp.patch b/www-client/firefox/files/mozilla_configure_regexp.patch
new file mode 100644
index 000000000000..f35e445fd261
--- /dev/null
+++ b/www-client/firefox/files/mozilla_configure_regexp.patch
@@ -0,0 +1,22 @@
+From: Jory A. Pratt <anarchy@gentoo.org>
+
+Note: the first occurrence of :space: is [:space:] (with a single pair
+of []), where it should be [[:space:]] (with two pairs of []).
+
+This causes the sed command to fail (with the error message quoted in
+my original report), driving to failure the whole configure step.
+
+https://bugzilla.mozilla.org/show_bug.cgi?id=1329252
+
+diff --git a/build/autoconf/icu.m4 b/build/autoconf/icu.m4
+--- a/build/autoconf/icu.m4
++++ b/build/autoconf/icu.m4
+@@ -70,7 +70,7 @@
+ fi
+ fi
+
+- version=`sed -n 's/^[[:space:]]*#[[:space:]]*define[[:space:]][[:space:]]*U_ICU_VERSION_MAJOR_NUM[[:space:]][[:space:]]*\([0-9][0-9]*\)[[:space:]]*$/\1/p' "$icudir/common/unicode/uvernum.h"`
++ version=`sed -n 's/^[[[:space:]]]*#[[:space:]]*define[[:space:]][[:space:]]*U_ICU_VERSION_MAJOR_NUM[[:space:]][[:space:]]*\([0-9][0-9]*\)[[:space:]]*$/\1/p' "$icudir/common/unicode/uvernum.h"`
+ if test x"$version" = x; then
+ AC_MSG_ERROR([cannot determine icu version number from uvernum.h header file $lineno])
+ fi \ No newline at end of file
diff --git a/www-client/firefox/files/mozilla_configure_regexp_esr.patch b/www-client/firefox/files/mozilla_configure_regexp_esr.patch
new file mode 100644
index 000000000000..9e165ff9e88e
--- /dev/null
+++ b/www-client/firefox/files/mozilla_configure_regexp_esr.patch
@@ -0,0 +1,32 @@
+From: Jory A. Pratt <anarchy@gentoo.org>
+
+Note: the first occurrence of :space: is [:space:] (with a single pair
+of []), where it should be [[:space:]] (with two pairs of []).
+
+This causes the sed command to fail (with the error message quoted in
+my original report), driving to failure the whole configure step.
+
+https://bugzilla.mozilla.org/show_bug.cgi?id=1329252
+
+diff --git a/build/autoconf/icu.m4 b/build/autoconf/icu.m4
+--- a/build/autoconf/icu.m4
++++ b/build/autoconf/icu.m4
+@@ -68,17 +68,17 @@ if test -n "$USE_ICU"; then
+ icudir="$_topsrcdir/intl/icu/source"
+ if test ! -d "$icudir"; then
+ icudir="$_topsrcdir/../../intl/icu/source"
+ if test ! -d "$icudir"; then
+ AC_MSG_ERROR([Cannot find the ICU directory])
+ fi
+ fi
+
+- version=`sed -n 's/^[[:space:]]*#[[:space:]]*define[[:space:]][[:space:]]*U_ICU_VERSION_MAJOR_NUM[[:space:]][[:space:]]*\([0-9][0-9]*\)[[:space:]]*$/\1/p' "$icudir/common/unicode/uvernum.h"`
++ version=`sed -n 's/^[[[:space:]]]*#[[:space:]]*define[[:space:]][[:space:]]*U_ICU_VERSION_MAJOR_NUM[[:space:]][[:space:]]*\([0-9][0-9]*\)[[:space:]]*$/\1/p' "$icudir/common/unicode/uvernum.h"`
+ if test x"$version" = x; then
+ AC_MSG_ERROR([cannot determine icu version number from uvernum.h header file $lineno])
+ fi
+ MOZ_ICU_VERSION="$version"
+
+ if test "$OS_TARGET" = WINNT; then
+ MOZ_SHARED_ICU=1
+ fi
diff --git a/www-client/firefox/files/update_h2_curve.patch b/www-client/firefox/files/update_h2_curve.patch
new file mode 100644
index 000000000000..a1f0ffaeaf94
--- /dev/null
+++ b/www-client/firefox/files/update_h2_curve.patch
@@ -0,0 +1,30 @@
+From: Franziskus Kiefer <franziskuskiefer@gmail.com>
+
+Update keybits in H2
+
+https://bugzilla.mozilla.org/show_bug.cgi?id=1290037
+
+diff --git a/netwerk/protocol/http/Http2Session.cpp b/netwerk/protocol/http/Http2Session.cpp
+--- a/netwerk/protocol/http/Http2Session.cpp
++++ b/netwerk/protocol/http/Http2Session.cpp
+@@ -3516,18 +3516,18 @@ Http2Session::ConfirmTLSProfile()
+ RETURN_SESSION_ERROR(this, INADEQUATE_SECURITY);
+ }
+
+ uint32_t keybits = ssl->GetKEAKeyBits();
+ if (kea == ssl_kea_dh && keybits < 2048) {
+ LOG3(("Http2Session::ConfirmTLSProfile %p FAILED due to DH %d < 2048\n",
+ this, keybits));
+ RETURN_SESSION_ERROR(this, INADEQUATE_SECURITY);
+- } else if (kea == ssl_kea_ecdh && keybits < 256) { // 256 bits is "security level" of 128
+- LOG3(("Http2Session::ConfirmTLSProfile %p FAILED due to ECDH %d < 256\n",
++ } else if (kea == ssl_kea_ecdh && keybits < 224) { // see rfc7540 9.2.1.
++ LOG3(("Http2Session::ConfirmTLSProfile %p FAILED due to ECDH %d < 224\n",
+ this, keybits));
+ RETURN_SESSION_ERROR(this, INADEQUATE_SECURITY);
+ }
+
+ int16_t macAlgorithm = ssl->GetMACAlgorithmUsed();
+ LOG3(("Http2Session::ConfirmTLSProfile %p MAC Algortihm (aead==6) %d\n",
+ this, macAlgorithm));
+ if (macAlgorithm != nsISSLSocketControl::SSL_MAC_AEAD) {
diff --git a/www-client/firefox/firefox-45.6.0.ebuild b/www-client/firefox/firefox-45.6.0-r1.ebuild
index 444d97709bf7..9300e5a8f6e7 100644
--- a/www-client/firefox/firefox-45.6.0.ebuild
+++ b/www-client/firefox/firefox-45.6.0-r1.ebuild
@@ -129,7 +129,9 @@ src_unpack() {
src_prepare() {
# Apply our patches
- eapply "${WORKDIR}/firefox"
+ eapply "${WORKDIR}/firefox" \
+ "${FILESDIR}"/mozilla_configure_regexp_esr.patch \
+ "${FILESDIR}"/update_h2_curve.patch
# Allow user to apply any additional patches without modifing ebuild
eapply_user
diff --git a/www-client/firefox/firefox-50.1.0.ebuild b/www-client/firefox/firefox-50.1.0-r1.ebuild
index 5306657dd64e..6c11378cb5c6 100644
--- a/www-client/firefox/firefox-50.1.0.ebuild
+++ b/www-client/firefox/firefox-50.1.0-r1.ebuild
@@ -120,6 +120,8 @@ src_unpack() {
src_prepare() {
# Apply our patches
eapply "${WORKDIR}/firefox" \
+ "${FILESDIR}"/mozilla_configure_regexp.patch \
+ "${FILESDIR}"/update_h2_curve.patch \
"${FILESDIR}"/${PN}-48.0-pgo.patch
# Enable gnomebreakpad