diff options
| author |   Gregory M. Turner <gmt@be-evil.net> | 2018-05-08 12:27:31 -0700 |
|---|---|---|
| committer |   Mike Gilbert <floppym@gentoo.org> | 2018-05-09 12:56:57 -0400 |
| commit | 09b804516320eee06930303870cd68008aac8a8a (patch) | |
| tree | 1fd981822c71cbc88dd3c6c0951600e58727d472 | |
| parent | dev-db/cockroach: 2.0.1 version bump (diff) | |
| download | gentoo-09b804516320eee06930303870cd68008aac8a8a.tar.gz gentoo-09b804516320eee06930303870cd68008aac8a8a.tar.bz2 gentoo-09b804516320eee06930303870cd68008aac8a8a.zip | |
www-client/chromium: widevine rehabilitation
>chromium-66 ebuilds dropped the widevine useflag because upstream
decided (again! but only "for now") to add code to induce build
failure when linux builds request widevine.
However, it seems that if we just add linux to the whitelist,
everything works as before (but buckle up, there may be
turbulent skies ahead).
nb: ninja no longer copies the widevine .so to out/ (so we needn't
remove it anymore in src_install).
Signed-off-by: Gregory M. Turner <gmt@be-evil.net>
Closes: https://github.com/gentoo/gentoo/pull/8323
4 files changed, 51 insertions, 3 deletions
diff --git a/www-client/chromium/chromium-67.0.3396.18.ebuild b/www-client/chromium/chromium-67.0.3396.18.ebuild index ececa654c8c9..fe48e8dc8ec4 100644 --- a/www-client/chromium/chromium-67.0.3396.18.ebuild +++ b/www-client/chromium/chromium-67.0.3396.18.ebuild @@ -17,7 +17,7 @@ SRC_URI="https://commondatastorage.googleapis.com/chromium-browser-official/${P} LICENSE="BSD" SLOT="0" KEYWORDS="~amd64 ~arm64 ~x86" -IUSE="component-build cups gnome-keyring +hangouts jumbo-build kerberos neon pic +proprietary-codecs pulseaudio selinux +suid +system-ffmpeg +system-icu +system-libvpx +tcmalloc" +IUSE="component-build cups gnome-keyring +hangouts jumbo-build kerberos neon pic +proprietary-codecs pulseaudio selinux +suid +system-ffmpeg +system-icu +system-libvpx +tcmalloc widevine" RESTRICT="!system-ffmpeg? ( proprietary-codecs? ( bindist ) )" COMMON_DEPEND=" @@ -85,6 +85,7 @@ RDEPEND="${COMMON_DEPEND} virtual/ttf-fonts selinux? ( sec-policy/selinux-chromium ) tcmalloc? ( !<x11-drivers/nvidia-drivers-331.20 ) + widevine? ( www-plugins/chrome-binary-plugins[widevine(-)] ) " # dev-vcs/git - https://bugs.gentoo.org/593476 # sys-apps/sandbox - https://crbug.com/586444 @@ -144,6 +145,7 @@ GTK+ icon theme. " PATCHES=( + "${FILESDIR}/chromium-widevine-r2.patch" "${FILESDIR}/chromium-compiler-r0.patch" "${FILESDIR}/chromium-webrtc-r0.patch" "${FILESDIR}/chromium-memcpy-r0.patch" @@ -467,6 +469,7 @@ src_configure() { # Optional dependencies. myconf_gn+=" enable_hangout_services_extension=$(usex hangouts true false)" + myconf_gn+=" enable_widevine=$(usex widevine true false)" myconf_gn+=" use_cups=$(usex cups true false)" myconf_gn+=" use_gnome_keyring=$(usex gnome-keyring true false)" myconf_gn+=" use_kerberos=$(usex kerberos true false)" diff --git a/www-client/chromium/chromium-67.0.3396.30.ebuild b/www-client/chromium/chromium-67.0.3396.30.ebuild index ececa654c8c9..fe48e8dc8ec4 100644 --- a/www-client/chromium/chromium-67.0.3396.30.ebuild +++ b/www-client/chromium/chromium-67.0.3396.30.ebuild @@ -17,7 +17,7 @@ SRC_URI="https://commondatastorage.googleapis.com/chromium-browser-official/${P} LICENSE="BSD" SLOT="0" KEYWORDS="~amd64 ~arm64 ~x86" -IUSE="component-build cups gnome-keyring +hangouts jumbo-build kerberos neon pic +proprietary-codecs pulseaudio selinux +suid +system-ffmpeg +system-icu +system-libvpx +tcmalloc" +IUSE="component-build cups gnome-keyring +hangouts jumbo-build kerberos neon pic +proprietary-codecs pulseaudio selinux +suid +system-ffmpeg +system-icu +system-libvpx +tcmalloc widevine" RESTRICT="!system-ffmpeg? ( proprietary-codecs? ( bindist ) )" COMMON_DEPEND=" @@ -85,6 +85,7 @@ RDEPEND="${COMMON_DEPEND} virtual/ttf-fonts selinux? ( sec-policy/selinux-chromium ) tcmalloc? ( !<x11-drivers/nvidia-drivers-331.20 ) + widevine? ( www-plugins/chrome-binary-plugins[widevine(-)] ) " # dev-vcs/git - https://bugs.gentoo.org/593476 # sys-apps/sandbox - https://crbug.com/586444 @@ -144,6 +145,7 @@ GTK+ icon theme. " PATCHES=( + "${FILESDIR}/chromium-widevine-r2.patch" "${FILESDIR}/chromium-compiler-r0.patch" "${FILESDIR}/chromium-webrtc-r0.patch" "${FILESDIR}/chromium-memcpy-r0.patch" @@ -467,6 +469,7 @@ src_configure() { # Optional dependencies. myconf_gn+=" enable_hangout_services_extension=$(usex hangouts true false)" + myconf_gn+=" enable_widevine=$(usex widevine true false)" myconf_gn+=" use_cups=$(usex cups true false)" myconf_gn+=" use_gnome_keyring=$(usex gnome-keyring true false)" myconf_gn+=" use_kerberos=$(usex kerberos true false)" diff --git a/www-client/chromium/chromium-68.0.3409.2.ebuild b/www-client/chromium/chromium-68.0.3409.2.ebuild index 86da01dec685..956659ce7cf4 100644 --- a/www-client/chromium/chromium-68.0.3409.2.ebuild +++ b/www-client/chromium/chromium-68.0.3409.2.ebuild @@ -17,7 +17,7 @@ SRC_URI="https://commondatastorage.googleapis.com/chromium-browser-official/${P} LICENSE="BSD" SLOT="0" KEYWORDS="~amd64 ~arm64 ~x86" -IUSE="component-build cups gnome-keyring +hangouts jumbo-build kerberos neon pic +proprietary-codecs pulseaudio selinux +suid +system-ffmpeg +system-icu +system-libvpx +tcmalloc" +IUSE="component-build cups gnome-keyring +hangouts jumbo-build kerberos neon pic +proprietary-codecs pulseaudio selinux +suid +system-ffmpeg +system-icu +system-libvpx +tcmalloc widevine" RESTRICT="!system-ffmpeg? ( proprietary-codecs? ( bindist ) )" COMMON_DEPEND=" @@ -85,6 +85,7 @@ RDEPEND="${COMMON_DEPEND} virtual/ttf-fonts selinux? ( sec-policy/selinux-chromium ) tcmalloc? ( !<x11-drivers/nvidia-drivers-331.20 ) + widevine? ( www-plugins/chrome-binary-plugins[widevine(-)] ) " # dev-vcs/git - https://bugs.gentoo.org/593476 # sys-apps/sandbox - https://crbug.com/586444 @@ -144,6 +145,7 @@ GTK+ icon theme. " PATCHES=( + "${FILESDIR}/chromium-widevine-r2.patch" "${FILESDIR}/chromium-compiler-r1.patch" "${FILESDIR}/chromium-ffmpeg-build-r0.patch" "${FILESDIR}/chromium-webrtc-r0.patch" @@ -472,6 +474,7 @@ src_configure() { # Optional dependencies. myconf_gn+=" enable_hangout_services_extension=$(usex hangouts true false)" + myconf_gn+=" enable_widevine=$(usex widevine true false)" myconf_gn+=" use_cups=$(usex cups true false)" myconf_gn+=" use_gnome_keyring=$(usex gnome-keyring true false)" myconf_gn+=" use_kerberos=$(usex kerberos true false)" diff --git a/www-client/chromium/files/chromium-widevine-r2.patch b/www-client/chromium/files/chromium-widevine-r2.patch new file mode 100644 index 000000000000..5527f7f293c6 --- /dev/null +++ b/www-client/chromium/files/chromium-widevine-r2.patch @@ -0,0 +1,39 @@ +Minimal patch to get chromium to compile with widevine support. + +Exactly the same as -r1, but we now need to patch +ninja to pretty please not terminate our build. + +caveat emptor: it's in no way clear that building chromium this +way is safer, from a security perspective, than whatever Google +Chrome does. + +Upstream appears to be cooking up a code-signing trust-chain +which may protect users against malicious cdm blobs; I doubt +we benefit from these using this kludge. Ideally, someone +would look into this more carefully than I have ... tbh as +soon as I got my "stories" back, I pretty much lost interest :) + +-gmt + +-- +--- a/third_party/widevine/cdm/stub/widevine_cdm_version.h ++++ b/third_party/widevine/cdm/stub/widevine_cdm_version.h +@@ -10,6 +10,7 @@ + + #include "third_party/widevine/cdm/widevine_cdm_common.h" + ++#define WIDEVINE_CDM_VERSION_STRING "unknown" + #define WIDEVINE_CDM_AVAILABLE + + #endif // WIDEVINE_CDM_VERSION_H_ +--- a/third_party/widevine/cdm/BUILD.gn ++++ b/third_party/widevine/cdm/BUILD.gn +@@ -11,7 +11,7 @@ import("//third_party/widevine/cdm/widev + # Internal Cast builds set enable_widevine=true to bring in Widevine support. + # TODO(xhwang): Support component updated CDM on other platforms and remove this + # assert. +-assert(!enable_widevine || is_win || is_mac || is_chromecast, ++assert(!enable_widevine || is_win || is_mac || is_chromecast || is_linux, + "Component updated CDM only supported on Windows and Mac for now.") + + widevine_arch = current_cpu |