[packages/xulrunner] - xulrunner now requires libjpeg-turbo (with at least libjpeg 6b API), not plain libjpeg - removed o
qboosh
qboosh at pld-linux.org
Sat Jan 12 10:41:02 CET 2013
commit bea25df1514ab8b9ee67e222b6fcc703c4c212e5
Author: Jakub Bogusz <qboosh at pld-linux.org>
Date: Sat Jan 12 10:41:13 2013 +0100
- xulrunner now requires libjpeg-turbo (with at least libjpeg 6b API), not plain libjpeg
- removed outdated libpng,ssl_oldapi patches
xulrunner-libpng.patch | 21 ---
xulrunner-ssl_oldapi.patch | 372 ---------------------------------------------
xulrunner.spec | 25 +--
3 files changed, 14 insertions(+), 404 deletions(-)
---
diff --git a/xulrunner.spec b/xulrunner.spec
index 74ff5ca..100dc89 100644
--- a/xulrunner.spec
+++ b/xulrunner.spec
@@ -34,13 +34,13 @@ Source0: http://releases.mozilla.org/pub/mozilla.org/firefox/releases/%{version}
# Source0-md5: 485d02563854c20a3788d89db07b0687
Patch0: %{name}-install.patch
Patch1: %{name}-rpath.patch
-Patch4: %{name}-paths.patch
-Patch5: %{name}-pc.patch
-Patch6: %{name}-prefs.patch
-Patch7: system-cairo.patch
-Patch11: idl-parser.patch
+Patch2: %{name}-paths.patch
+Patch3: %{name}-pc.patch
+Patch4: %{name}-prefs.patch
+Patch5: system-cairo.patch
+Patch6: idl-parser.patch
# Edit patch below and restore --system-site-packages when system virtualenv gets 1.7 upgrade
-Patch12: system-virtualenv.patch
+Patch7: system-virtualenv.patch
URL: https://developer.mozilla.org/en/XULRunner
%{!?with_qt:BuildRequires: GConf2-devel >= 1.2.1}
BuildRequires: alsa-lib-devel
@@ -59,7 +59,9 @@ BuildRequires: libevent-devel >= 1.4.7
BuildRequires: libffi-devel >= 6:3.0.9
%{?with_gnomeui:BuildRequires: libgnomeui-devel >= 2.2.0}
BuildRequires: libiw-devel
+# requires libjpeg-turbo implementing at least libjpeg 6b API
BuildRequires: libjpeg-devel >= 6b
+BuildRequires: libjpeg-turbo-devel
%{!?with_qt:BuildRequires: libnotify-devel >= 0.4}
BuildRequires: libpng(APNG)-devel >= 0.10
BuildRequires: libpng-devel >= 1.5.9
@@ -133,6 +135,7 @@ Requires: cairo >= 1.10.2-5
Requires: dbus-glib >= 0.60
Requires: glib2 >= 1:2.18
%{!?with_qt:Requires: gtk+2 >= 2:2.14}
+Requires: libjpeg-turbo
Requires: libpng >= 1.4.1
Requires: libpng(APNG) >= 0.10
Requires: pango >= 1:1.14.0
@@ -189,12 +192,12 @@ echo 'LOCAL_INCLUDES += $(MOZ_HUNSPELL_CFLAGS)' >> extensions/spellcheck/src/Mak
%patch0 -p2
%patch1 -p1
-%patch4 -p2
-%patch5 -p1
-%patch6 -p1
+%patch2 -p2
+%patch3 -p1
+%patch4 -p1
+%patch5 -p2
+%patch6 -p2
%patch7 -p2
-%patch11 -p2
-%patch12 -p2
# config/rules.mk is patched by us and js/src/config/rules.mk
# is supposed to be exact copy
diff --git a/xulrunner-libpng.patch b/xulrunner-libpng.patch
deleted file mode 100644
index 13e1658..0000000
--- a/xulrunner-libpng.patch
+++ /dev/null
@@ -1,21 +0,0 @@
---- xulrunner-9.0.1/mozilla/modules/libpr0n/decoders/nsPNGDecoder.h.orig 2011-12-21 00:28:33.000000000 +0100
-+++ xulrunner-9.0.1/mozilla/modules/libpr0n/decoders/nsPNGDecoder.h 2012-01-16 18:43:35.830209631 +0100
-@@ -76,7 +76,7 @@
- // Checks if the info header contains valid information
- bool HasValidInfo() const
- {
-- return mInfo && mInfo->valid;
-+ return mInfo && png_get_valid(mPNG, mInfo, 0xFFFFFFFFU);
- }
-
- // Obtain the pixel depth if available or 0 otherwise
-@@ -85,7 +85,8 @@
- if (!mInfo) {
- return 0;
- }
-- return mInfo->pixel_depth;
-+ // XXX: shouldn't png_get_pixel_depth() be available?
-+ return png_get_bit_depth(mPNG, mInfo) * png_get_channels(mPNG, mInfo);
- }
-
- public:
diff --git a/xulrunner-ssl_oldapi.patch b/xulrunner-ssl_oldapi.patch
deleted file mode 100644
index 75ad7c9..0000000
--- a/xulrunner-ssl_oldapi.patch
+++ /dev/null
@@ -1,372 +0,0 @@
-From: Mike Hommey <glandium at debian.org>
-Date: Sun, 15 Jun 2008 12:54:32 +0200
-Subject: Fore-port nsIBadCertListener from 1.8
-
-This allows embedding applications to use the same dialogs as before, instead
-of the new ssl alert pages from Firefox, which have several problems in
-embedding applications.
----
- security/manager/ssl/public/Makefile.in | 1 +
- security/manager/ssl/public/nsIBadCertListener.idl | 155 ++++++++++++++++++++
- security/manager/ssl/src/nsNSSIOLayer.cpp | 105 +++++++++++++-
- security/manager/ssl/src/nsNSSIOLayer.h | 8 +
- 4 files changed, 268 insertions(+), 1 deletions(-)
- create mode 100644 security/manager/ssl/public/nsIBadCertListener.idl
-
-diff --git a/security/manager/ssl/public/Makefile.in b/security/manager/ssl/public/Makefile.in
-index fa84d3a..affd50a 100644
---- a/security/manager/ssl/public/Makefile.in
-+++ b/security/manager/ssl/public/Makefile.in
-@@ -60,6 +60,7 @@ SDK_XPIDLSRCS = \
-
- XPIDLSRCS = \
- nsISSLCertErrorDialog.idl \
-+ nsIBadCertListener.idl \
- nsIBadCertListener2.idl \
- nsISSLErrorListener.idl \
- nsIIdentityInfo.idl \
-diff --git a/security/manager/ssl/public/nsIBadCertListener.idl b/security/manager/ssl/public/nsIBadCertListener.idl
-new file mode 100644
-index 0000000..5e9e750
---- /dev/null
-+++ b/security/manager/ssl/public/nsIBadCertListener.idl
-@@ -0,0 +1,155 @@
-+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
-+ *
-+ * ***** BEGIN LICENSE BLOCK *****
-+ * Version: MPL 1.1/GPL 2.0/LGPL 2.1
-+ *
-+ * The contents of this file are subject to the Mozilla Public License Version
-+ * 1.1 (the "License"); you may not use this file except in compliance with
-+ * the License. You may obtain a copy of the License at
-+ * http://www.mozilla.org/MPL/
-+ *
-+ * Software distributed under the License is distributed on an "AS IS" basis,
-+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-+ * for the specific language governing rights and limitations under the
-+ * License.
-+ *
-+ * The Original Code is mozilla.org code.
-+ *
-+ * The Initial Developer of the Original Code is
-+ * Netscape Communications Corporation.
-+ * Portions created by the Initial Developer are Copyright (C) 1998
-+ * the Initial Developer. All Rights Reserved.
-+ *
-+ * Contributor(s):
-+ * Javier Delgadillo <javi at netscape.com>
-+ *
-+ * Alternatively, the contents of this file may be used under the terms of
-+ * either the GNU General Public License Version 2 or later (the "GPL"), or
-+ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-+ * in which case the provisions of the GPL or the LGPL are applicable instead
-+ * of those above. If you wish to allow use of your version of this file only
-+ * under the terms of either the GPL or the LGPL, and not to allow others to
-+ * use your version of this file under the terms of the MPL, indicate your
-+ * decision by deleting the provisions above and replace them with the notice
-+ * and other provisions required by the GPL or the LGPL. If you do not delete
-+ * the provisions above, a recipient may use your version of this file under
-+ * the terms of any one of the MPL, the GPL or the LGPL.
-+ *
-+ * ***** END LICENSE BLOCK ***** */
-+
-+#include "nsISupports.idl"
-+
-+interface nsIX509Cert;
-+interface nsIInterfaceRequestor;
-+
-+/**
-+ * Functions that display warnings for problems with web site trust.
-+ *
-+ * @status FROZEN
-+ */
-+[scriptable, uuid(86960956-edb0-11d4-998b-00b0d02354a0)]
-+interface nsIBadCertListener : nsISupports {
-+
-+ /**
-+ * No decision was made by the user, whether to trust a cert.
-+ */
-+ const short UNINIT_ADD_FLAG = -1;
-+
-+ /**
-+ * The user decided to add trust to a certificate temporarily
-+ * for the current application session only.
-+ */
-+ const short ADD_TRUSTED_FOR_SESSION = 1;
-+
-+ /**
-+ * The user decided to add trust to a certificate permanently.
-+ */
-+ const short ADD_TRUSTED_PERMANENTLY = 2;
-+
-+ /**
-+ * Inform the user there are problems with the trust of a certificate,
-+ * and request a decision from the user.
-+ * The UI should offer the user a way to look at the certificate in detail.
-+ * The following is a sample UI message to be shown to the user:
-+ *
-+ * Unable to verify the identity of %S as a trusted site.
-+ * Possible reasons for this error:
-+ * - Your browser does not recognize the Certificate Authority
-+ * that issued the site's certificate.
-+ * - The site's certificate is incomplete due to a
-+ * server misconfiguration.
-+ * - You are connected to a site pretending to be %S,
-+ * possibly to obtain your confidential information.
-+ * Please notify the site's webmaster about this problem.
-+ * Before accepting this certificate, you should examine this site's
-+ * certificate carefully. Are you willing to to accept this certificate
-+ * for the purpose of identifying the Web site %S?
-+ * o Accept this certificate permanently
-+ * x Accept this certificate temporarily for this session
-+ * o Do not accept this certificate and do not connect to this Web site
-+ *
-+ * @param socketInfo A network communication context that can be used to obtain more information
-+ * about the active connection.
-+ * @param cert The certificate that is not trusted and that is having the problem.
-+ * @param certAddType The user's trust decision. See constants defined above.
-+ *
-+ * @return true if the user decided to connect anyway, false if the user decided to not connect
-+ */
-+ boolean confirmUnknownIssuer(in nsIInterfaceRequestor socketInfo,
-+ in nsIX509Cert cert,
-+ out short certAddType);
-+
-+ /**
-+ * Inform the user there are problems with the trust of a certificate,
-+ * and request a decision from the user.
-+ * The hostname mentioned in the server's certificate is not the hostname
-+ * that was used as a destination address for the current connection.
-+ *
-+ * @param socketInfo A network communication context that can be used to obtain more information
-+ * about the active connection.
-+ * @param targetURL The URL that was used to open the current connection.
-+ * @param cert The certificate that was presented by the server.
-+ *
-+ * @return true if the user decided to connect anyway, false if the user decided to not connect
-+ */
-+ boolean confirmMismatchDomain(in nsIInterfaceRequestor socketInfo,
-+ in AUTF8String targetURL,
-+ in nsIX509Cert cert);
-+
-+ /**
-+ * Inform the user there are problems with the trust of a certificate,
-+ * and request a decision from the user.
-+ * The certificate presented by the server is no longer valid because
-+ * the validity period has expired.
-+ *
-+ * @param socketInfo A network communication context that can be used to obtain more information
-+ * about the active connection.
-+ * @param cert The certificate that was presented by the server.
-+ *
-+ * @return true if the user decided to connect anyway, false if the user decided to not connect
-+ */
-+ boolean confirmCertExpired(in nsIInterfaceRequestor socketInfo,
-+ in nsIX509Cert cert);
-+
-+ /**
-+ * Inform the user there are problems with the trust of a certificate,
-+ * and request a decision from the user.
-+ * The Certificate Authority (CA) that issued the server's certificate has issued a
-+ * Certificate Revocation List (CRL).
-+ * However, the application does not have a current version of the CA's CRL.
-+ * Due to the application configuration, the application disallows the connection
-+ * to the remote site.
-+ *
-+ * @param socketInfo A network communication context that can be used to obtain more information
-+ * about the active connection.
-+ * @param targetURL The URL that was used to open the current connection.
-+ * @param cert The certificate that was presented by the server.
-+ */
-+ void notifyCrlNextupdate(in nsIInterfaceRequestor socketInfo,
-+ in AUTF8String targetURL, in nsIX509Cert cert);
-+
-+};
-+
-+%{C++
-+#define NS_BADCERTLISTENER_CONTRACTID "@mozilla.org/nsBadCertListener;1"
-+%}
-diff --git a/security/manager/ssl/src/nsNSSIOLayer.cpp b/security/manager/ssl/src/nsNSSIOLayer.cpp
-index 88f0c98..c4d8db9 100644
---- a/security/manager/ssl/src/nsNSSIOLayer.cpp
-+++ b/security/manager/ssl/src/nsNSSIOLayer.cpp
-@@ -60,6 +60,7 @@
- #include "nsIClientAuthDialogs.h"
- #include "nsClientAuthRemember.h"
- #include "nsICertOverrideService.h"
-+#include "nsIBadCertListener.h"
- #include "nsIBadCertListener2.h"
- #include "nsISSLErrorListener.h"
- #include "nsIObjectInputStream.h"
-@@ -899,6 +900,20 @@ void nsNSSSocketInfo::SetHandshakeInProgress(bool aIsIn)
- }
- }
-
-+void nsNSSSocketInfo::SetBadCertUIStatus(nsNSSSocketInfo::BadCertUIStatusType aNewStatus)
-+{
-+ if (mBadCertUIStatus == bcuis_active &&
-+ aNewStatus == bcuis_was_shown)
-+ {
-+ // we were blocked and going back to unblocked,
-+ // so let's reset the handshake start time, in order to ensure
-+ // we do not count the amount of time while the UI was shown.
-+ mHandshakeStartTime = PR_IntervalNow();
-+ }
-+
-+ mBadCertUIStatus = aNewStatus;
-+}
-+
- void nsNSSSocketInfo::SetAllowTLSIntoleranceTimeout(bool aAllow)
- {
- mAllowTLSIntoleranceTimeout = aAllow;
-@@ -908,7 +923,8 @@ void nsNSSSocketInfo::SetAllowTLSIntoleranceTimeout(bool aAllow)
-
- bool nsNSSSocketInfo::HandshakeTimeout()
- {
-- if (!mHandshakeInProgress || !mAllowTLSIntoleranceTimeout)
-+ if (!mHandshakeInProgress || !mAllowTLSIntoleranceTimeout ||
-+ mBadCertUIStatus == bcuis_active)
- return false;
-
- return ((PRIntervalTime)(PR_IntervalNow() - mHandshakeStartTime)
-@@ -1949,6 +1965,37 @@ isTLSIntoleranceError(PRInt32 err, bool withInitialCleartext)
- return false;
- }
-
-+static bool
-+isClosedConnectionAfterBadCertUIWasShown(PRInt32 bytesTransfered,
-+ bool wasReading,
-+ PRInt32 err,
-+ nsNSSSocketInfo::BadCertUIStatusType aBadCertUIStatus)
-+{
-+ if (aBadCertUIStatus != nsNSSSocketInfo::bcuis_not_shown)
-+ {
-+ // Bad cert UI was shown for this socket.
-+ // Server timeout possible.
-+ // Retry on a simple connection close.
-+
-+ if (wasReading && 0 == bytesTransfered)
-+ return true;
-+
-+ if (0 > bytesTransfered)
-+ {
-+ switch (err)
-+ {
-+ case PR_CONNECT_RESET_ERROR:
-+ case PR_END_OF_FILE_ERROR:
-+ return true;
-+ default:
-+ break;
-+ }
-+ }
-+ }
-+
-+ return false;
-+}
-+
- PRInt32
- nsSSLThread::checkHandshake(PRInt32 bytesTransfered,
- bool wasReading,
-@@ -2000,6 +2047,12 @@ nsSSLThread::checkHandshake(PRInt32 bytesTransfered,
- return bytesTransfered;
- }
-
-+ wantRetry =
-+ isClosedConnectionAfterBadCertUIWasShown(bytesTransfered,
-+ wasReading,
-+ err,
-+ socketInfo->GetBadCertUIStatus());
-+
- if (!wantRetry // no decision yet
- && isTLSIntoleranceError(err, socketInfo->GetHasCleartextPhase()))
- {
-@@ -2017,6 +2070,12 @@ nsSSLThread::checkHandshake(PRInt32 bytesTransfered,
- {
- if (handleHandshakeResultNow)
- {
-+ wantRetry =
-+ isClosedConnectionAfterBadCertUIWasShown(bytesTransfered,
-+ wasReading,
-+ 0,
-+ socketInfo->GetBadCertUIStatus());
-+
- if (!wantRetry // no decision yet
- && !socketInfo->GetHasCleartextPhase()) // mirror PR_CONNECT_RESET_ERROR treament
- {
-@@ -3577,6 +3636,50 @@ nsNSSBadCertHandler(void *arg, PRFileDesc *sslSocket)
- nsIInterfaceRequestor *csi = static_cast<nsIInterfaceRequestor*>(mInfoObject);
- nsrv = bcl->NotifyCertProblem(csi, status, hostWithPortString, &suppressMessage);
- }
-+ } else {
-+ nsCOMPtr<nsIBadCertListener> handler = do_GetInterface(callbacks);
-+ nsIBadCertListener *badCertHandler = nsnull;
-+ if (handler) {
-+ NS_GetProxyForObject(NS_PROXY_TO_MAIN_THREAD,
-+ NS_GET_IID(nsIBadCertListener),
-+ handler,
-+ NS_PROXY_SYNC,
-+ (void**)&badCertHandler);
-+ }
-+ if (!badCertHandler) {
-+ getNSSDialogs((void**)&badCertHandler,
-+ NS_GET_IID(nsIBadCertListener),
-+ NS_BADCERTLISTENER_CONTRACTID);
-+ }
-+ if (badCertHandler) {
-+ bool retVal = true;
-+ PRInt16 addType = nsIBadCertListener::UNINIT_ADD_FLAG;
-+ nsIInterfaceRequestor *csi = static_cast<nsIInterfaceRequestor*>(infoObject);
-+ infoObject->SetBadCertUIStatus(nsNSSSocketInfo::bcuis_active);
-+ if (remaining_display_errors & nsICertOverrideService::ERROR_UNTRUSTED) {
-+ rv = badCertHandler->ConfirmUnknownIssuer(csi, ix509, &addType, &retVal);
-+ if (NS_FAILED(rv)) retVal = false;
-+ }
-+ if (retVal && (remaining_display_errors & nsICertOverrideService::ERROR_MISMATCH)) {
-+ rv = badCertHandler->ConfirmMismatchDomain(csi, hostString, ix509, &retVal);
-+ if (NS_FAILED(rv)) retVal = false;
-+ }
-+ if (retVal && (remaining_display_errors & nsICertOverrideService::ERROR_TIME)) {
-+ rv = badCertHandler->ConfirmCertExpired(csi, ix509, &retVal);
-+ if (NS_FAILED(rv)) retVal = false;
-+ }
-+ nsCOMPtr<nsICertOverrideService> overrideService =
-+ do_GetService(NS_CERTOVERRIDE_CONTRACTID);
-+ if (overrideService && retVal && addType != nsIBadCertListener::UNINIT_ADD_FLAG) {
-+ overrideService->RememberValidityOverride(hostString, port, ix509,
-+ nsICertOverrideService::ERROR_UNTRUSTED,
-+ addType == nsIBadCertListener::ADD_TRUSTED_FOR_SESSION);
-+ }
-+ infoObject->SetBadCertUIStatus(nsNSSSocketInfo::bcuis_was_shown);
-+ if (retVal)
-+ return SECSuccess;
-+ suppressMessage = true;
-+ }
- }
-
- nsCOMPtr<nsIRecentBadCertsService> recentBadCertsService =
-diff --git a/security/manager/ssl/src/nsNSSIOLayer.h b/security/manager/ssl/src/nsNSSIOLayer.h
-index c619282..fbca648 100644
---- a/security/manager/ssl/src/nsNSSIOLayer.h
-+++ b/security/manager/ssl/src/nsNSSIOLayer.h
-@@ -189,6 +189,13 @@ public:
-
- void SetAllowTLSIntoleranceTimeout(bool aAllow);
-
-+ enum BadCertUIStatusType {
-+ bcuis_not_shown, bcuis_active, bcuis_was_shown
-+ };
-+
-+ void SetBadCertUIStatus(BadCertUIStatusType aNewStatus);
-+ BadCertUIStatusType GetBadCertUIStatus() { return mBadCertUIStatus; }
-+
- bool GetExternalErrorReporting();
-
- nsresult RememberCAChain(CERTCertList *aCertList);
-@@ -225,6 +232,7 @@ protected:
- bool mHandshakeInProgress;
- bool mAllowTLSIntoleranceTimeout;
- bool mRememberClientAuthCertificate;
-+ BadCertUIStatusType mBadCertUIStatus;
- PRIntervalTime mHandshakeStartTime;
- PRInt32 mPort;
- nsXPIDLCString mHostName;
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/xulrunner.git/commitdiff/bea25df1514ab8b9ee67e222b6fcc703c4c212e5
More information about the pld-cvs-commit
mailing list