nixpkgs/pkgs/applications/networking/browsers/firefox/common.nix
SLNOS ec4a7a02ca firefoxPackages.tor-browser: carry over more configureFlags from upstream
These are taken from `tor-browser-build.git` repository.
2019-03-24 18:40:37 +00:00

343 lines
13 KiB
Nix

{ pname, ffversion, meta, updateScript ? null
, src, unpackPhase ? null, patches ? []
, extraNativeBuildInputs ? [], extraConfigureFlags ? [], extraMakeFlags ? []
, isIceCatLike ? false, icversion ? null
, isTorBrowserLike ? false, tbversion ? null }:
{ lib, stdenv, pkgconfig, pango, perl, python2, zip, libIDL
, libjpeg, zlib, dbus, dbus-glib, bzip2, xorg
, freetype, fontconfig, file, nspr, nss, libnotify
, yasm, libGLU_combined, sqlite, unzip, makeWrapper
, hunspell, libevent, libstartup_notification, libvpx
, icu, libpng, jemalloc, glib
, autoconf213, which, gnused, cargo, rustc, llvmPackages
, rust-cbindgen, nodejs, nasm
, debugBuild ? false
### optionals
## optional libraries
, alsaSupport ? stdenv.isLinux, alsaLib
, pulseaudioSupport ? stdenv.isLinux, libpulseaudio
, ffmpegSupport ? true
, gtk3Support ? true, gtk2, gtk3, wrapGAppsHook
, waylandSupport ? true, libxkbcommon
, gssSupport ? true, kerberos
## privacy-related options
, privacySupport ? isTorBrowserLike || isIceCatLike
# WARNING: NEVER set any of the options below to `true` by default.
# Set to `privacySupport` or `false`.
# webrtcSupport breaks the aarch64 build on version >= 60.
# https://bugzilla.mozilla.org/show_bug.cgi?id=1434589
, webrtcSupport ? (if lib.versionAtLeast ffversion "60" && stdenv.isAarch64 then false else !privacySupport)
, geolocationSupport ? !privacySupport
, googleAPISupport ? geolocationSupport
, crashreporterSupport ? false
, safeBrowsingSupport ? false
, drmSupport ? false
# macOS dependencies
, xcbuild, CoreMedia, ExceptionHandling, Kerberos, AVFoundation, MediaToolbox
, CoreLocation, Foundation, AddressBook, libobjc, cups, rsync
## other
# As stated by Sylvestre Ledru (@sylvestre) on Nov 22, 2017 at
# https://github.com/NixOS/nixpkgs/issues/31843#issuecomment-346372756 we
# have permission to use the official firefox branding.
#
# Fur purposes of documentation the statement of @sylvestre:
# > As the person who did part of the work described in the LWN article
# > and release manager working for Mozilla, I can confirm the statement
# > that I made in
# > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815006
# >
# > @garbas shared with me the list of patches applied for the Nix package.
# > As they are just for portability and tiny modifications, they don't
# > alter the experience of the product. In parallel, Rok also shared the
# > build options. They seem good (even if I cannot judge the quality of the
# > packaging of the underlying dependencies like sqlite, png, etc).
# > Therefor, as long as you keep the patch queue sane and you don't alter
# > the experience of Firefox users, you won't have any issues using the
# > official branding.
, enableOfficialBranding ? true
}:
assert stdenv.cc.libc or null != null;
let
flag = tf: x: [(if tf then "--enable-${x}" else "--disable-${x}")];
default-toolkit = if stdenv.isDarwin then "cairo-cocoa"
else "cairo-gtk${if gtk3Support then "3${lib.optionalString waylandSupport "-wayland"}" else "2"}";
binaryName = if isIceCatLike then "icecat" else "firefox";
binaryNameCapitalized = lib.toUpper (lib.substring 0 1 binaryName) + lib.substring 1 (-1) binaryName;
browserName = if stdenv.isDarwin then binaryNameCapitalized else binaryName;
execdir = if stdenv.isDarwin
then "/Applications/${binaryNameCapitalized}.app/Contents/MacOS"
else "/bin";
browserVersion = if isIceCatLike then icversion
else if isTorBrowserLike then tbversion
else ffversion;
browserPatches = [
./env_var_for_system_dir.patch
] ++ patches;
in
stdenv.mkDerivation rec {
name = "${pname}-unwrapped-${version}";
version = browserVersion;
inherit src unpackPhase meta;
patches = browserPatches;
# Ignore trivial whitespace changes in patches, this fixes compatibility of
# ./env_var_for_system_dir.patch with Firefox >=65 without having to track
# two patches.
patchFlags = [ "-p1" "-l" ];
buildInputs = [
gtk2 perl zip libIDL libjpeg zlib bzip2
dbus dbus-glib pango freetype fontconfig xorg.libXi xorg.libXcursor
xorg.libX11 xorg.libXrender xorg.libXft xorg.libXt file
libnotify xorg.pixman yasm libGLU_combined
xorg.libXScrnSaver xorg.xorgproto
xorg.libXext sqlite unzip makeWrapper
libevent libstartup_notification libvpx /* cairo */
icu libpng jemalloc glib
]
++ lib.optionals (!isTorBrowserLike) [ nspr nss ]
++ lib.optional (lib.versionOlder ffversion "61") hunspell
# >= 66 requires nasm for the AV1 lib dav1d
# yasm can potentially be removed in future versions
# https://bugzilla.mozilla.org/show_bug.cgi?id=1501796
# https://groups.google.com/forum/#!msg/mozilla.dev.platform/o-8levmLU80/SM_zQvfzCQAJ
++ lib.optional (lib.versionAtLeast ffversion "66") nasm
++ lib.optional alsaSupport alsaLib
++ lib.optional pulseaudioSupport libpulseaudio # only headers are needed
++ lib.optional gtk3Support gtk3
++ lib.optional gssSupport kerberos
++ lib.optional waylandSupport libxkbcommon
++ lib.optionals stdenv.isDarwin [ CoreMedia ExceptionHandling Kerberos
AVFoundation MediaToolbox CoreLocation
Foundation libobjc AddressBook cups ];
NIX_CFLAGS_COMPILE = [
"-I${glib.dev}/include/gio-unix-2.0"
]
++ lib.optionals (!isTorBrowserLike) [
"-I${nss.dev}/include/nss"
]
++ lib.optional stdenv.isDarwin [
"-isystem ${llvmPackages.libcxx}/include/c++/v1"
"-DMAC_OS_X_VERSION_MAX_ALLOWED=MAC_OS_X_VERSION_10_10"
];
postPatch = lib.optionalString stdenv.isDarwin ''
substituteInPlace js/src/jsmath.cpp --replace 'defined(HAVE___SINCOS)' 0
'' + lib.optionalString (lib.versionAtLeast ffversion "63.0" && !isTorBrowserLike) ''
substituteInPlace third_party/prio/prio/rand.c --replace 'nspr/prinit.h' 'prinit.h'
'';
nativeBuildInputs =
[ autoconf213 which gnused pkgconfig perl python2 cargo rustc ]
++ lib.optional gtk3Support wrapGAppsHook
++ lib.optionals stdenv.isDarwin [ xcbuild rsync ]
++ lib.optionals (lib.versionAtLeast ffversion "63.0") [ rust-cbindgen nodejs ]
++ extraNativeBuildInputs;
preConfigure = ''
# remove distributed configuration files
rm -f configure
rm -f js/src/configure
rm -f .mozconfig*
'' + (if lib.versionAtLeast ffversion "58"
# this will run autoconf213
then ''
configureScript="$(realpath ./mach) configure"
'' else ''
make -f client.mk configure-files
configureScript="$(realpath ./configure)"
'') + lib.optionalString (lib.versionAtLeast ffversion "53") ''
export MOZCONFIG=$(pwd)/mozconfig
# Set C flags for Rust's bindgen program. Unlike ordinary C
# compilation, bindgen does not invoke $CC directly. Instead it
# uses LLVM's libclang. To make sure all necessary flags are
# included we need to look in a few places.
# TODO: generalize this process for other use-cases.
BINDGEN_CFLAGS="$(< ${stdenv.cc}/nix-support/libc-cflags) \
$(< ${stdenv.cc}/nix-support/cc-cflags) \
${stdenv.cc.default_cxx_stdlib_compile} \
${lib.optionalString stdenv.cc.isClang "-idirafter ${stdenv.cc.cc}/lib/clang/${lib.getVersion stdenv.cc.cc}/include"} \
${lib.optionalString stdenv.cc.isGNU "-isystem ${stdenv.cc.cc}/include/c++/${lib.getVersion stdenv.cc.cc} -isystem ${stdenv.cc.cc}/include/c++/${lib.getVersion stdenv.cc.cc}/$(cc -dumpmachine)"} \
$NIX_CFLAGS_COMPILE"
echo "ac_add_options BINDGEN_CFLAGS='$BINDGEN_CFLAGS'" >> $MOZCONFIG
'' + lib.optionalString googleAPISupport ''
# Google API key used by Chromium and Firefox.
# Note: These are for NixOS/nixpkgs use ONLY. For your own distribution,
# please get your own set of keys.
echo "AIzaSyDGi15Zwl11UNe6Y-5XW_upsfyw31qwZPI" > $TMPDIR/ga
# 60.5+ & 66+ did split the google API key arguments: https://bugzilla.mozilla.org/show_bug.cgi?id=1531176
${if (lib.versionAtLeast ffversion "60.6" && lib.versionOlder ffversion "61") || (lib.versionAtLeast ffversion "66") then ''
configureFlagsArray+=("--with-google-location-service-api-keyfile=$TMPDIR/ga")
configureFlagsArray+=("--with-google-safebrowsing-api-keyfile=$TMPDIR/ga")
'' else ''
configureFlagsArray+=("--with-google-api-keyfile=$TMPDIR/ga")
''}
'' + lib.optionalString (lib.versionOlder ffversion "58") ''
cd obj-*
''
# AS=as in the environment causes build failure https://bugzilla.mozilla.org/show_bug.cgi?id=1497286
+ lib.optionalString (lib.versionAtLeast ffversion "64") ''
unset AS
'';
configureFlags = [
"--enable-application=browser"
"--with-system-jpeg"
"--with-system-zlib"
"--with-system-bz2"
"--with-system-libevent"
"--with-system-libvpx"
"--with-system-png" # needs APNG support
"--with-system-icu"
"--enable-system-ffi"
"--enable-system-pixman"
"--enable-system-sqlite"
#"--enable-system-cairo"
"--enable-startup-notification"
#"--enable-content-sandbox" # TODO: probably enable after 54
"--disable-tests"
"--disable-necko-wifi" # maybe we want to enable this at some point
"--disable-updater"
"--enable-jemalloc"
"--disable-gconf"
"--enable-default-toolkit=${default-toolkit}"
]
++ lib.optional (lib.versionOlder ffversion "64") "--disable-maintenance-service"
++ lib.optional (stdenv.isDarwin && lib.versionAtLeast ffversion "61") "--disable-xcode-checks"
++ lib.optional (lib.versionOlder ffversion "61") "--enable-system-hunspell"
++ lib.optionals (lib.versionAtLeast ffversion "56") [
"--with-libclang-path=${llvmPackages.libclang}/lib"
"--with-clang-path=${llvmPackages.clang}/bin/clang"
]
++ lib.optionals (lib.versionAtLeast ffversion "57") [
"--enable-webrender=build"
]
# TorBrowser patches these
++ lib.optionals (!isTorBrowserLike) [
"--with-system-nspr"
"--with-system-nss"
]
# and wants these
++ lib.optionals isTorBrowserLike ([
"--with-tor-browser-version=${tbversion}"
"--with-distribution-id=org.torproject"
"--enable-signmar"
"--enable-verify-mar"
"--enable-bundled-fonts"
])
++ flag alsaSupport "alsa"
++ flag pulseaudioSupport "pulseaudio"
++ flag ffmpegSupport "ffmpeg"
++ flag gssSupport "negotiateauth"
++ flag webrtcSupport "webrtc"
++ flag crashreporterSupport "crashreporter"
++ lib.optional drmSupport "--enable-eme=widevine"
++ lib.optionals (lib.versionOlder ffversion "60") ([]
++ flag geolocationSupport "mozril-geoloc"
++ flag safeBrowsingSupport "safe-browsing"
)
++ (if debugBuild then [ "--enable-debug" "--enable-profiling" ]
else [ "--disable-debug" "--enable-release"
"--enable-optimize"
"--enable-strip" ])
++ lib.optional enableOfficialBranding "--enable-official-branding"
++ extraConfigureFlags;
# Before 58 we have to run `make -f client.mk configure-files` at
# the top level, and then run `./configure` in the obj-* dir (see
# above), but in 58 we have to instead run `./mach configure` at the
# top level and then run `make` in obj-*. (We can also run the
# `make` at the top level in 58, but then we would have to `cd` to
# `make install` anyway. This is ugly, but simple.)
postConfigure = lib.optionalString (lib.versionAtLeast ffversion "58") ''
cd obj-*
'';
preBuild = lib.optionalString isTorBrowserLike ''
buildFlagsArray=("MOZ_APP_DISPLAYNAME=Tor Browser")
'';
makeFlags = lib.optionals enableOfficialBranding [
"MOZILLA_OFFICIAL=1"
"BUILD_OFFICIAL=1"
]
++ extraMakeFlags;
enableParallelBuilding = true;
doCheck = false; # "--disable-tests" above
installPhase = if stdenv.isDarwin then ''
mkdir -p $out/Applications
cp -LR dist/${binaryNameCapitalized}.app $out/Applications
'' else null;
postInstall = lib.optionalString stdenv.isLinux ''
# Remove SDK cruft. FIXME: move to a separate output?
rm -rf $out/share/idl $out/include $out/lib/${binaryName}-devel-*
# Needed to find Mozilla runtime
gappsWrapperArgs+=(--argv0 "$out/bin/.${binaryName}-wrapped")
'';
postFixup = lib.optionalString stdenv.isLinux ''
# Fix notifications. LibXUL uses dlopen for this, unfortunately; see #18712.
patchelf --set-rpath "${lib.getLib libnotify
}/lib:$(patchelf --print-rpath "$out"/lib/${binaryName}*/libxul.so)" \
"$out"/lib/${binaryName}*/libxul.so
'';
doInstallCheck = true;
installCheckPhase = ''
# Some basic testing
"$out${execdir}/${browserName}" --version
'';
passthru = {
inherit version updateScript;
isFirefox3Like = true;
inherit isIceCatLike;
inherit isTorBrowserLike;
gtk = gtk2;
inherit nspr;
inherit ffmpegSupport;
inherit gssSupport;
inherit execdir;
inherit browserName;
} // lib.optionalAttrs gtk3Support { inherit gtk3; };
}