From c9ff966615d897f494a1c4ae90600738742b93c2 Mon Sep 17 00:00:00 2001 From: tigro Date: Sun, 13 Aug 2023 18:17:15 +0300 Subject: [PATCH] Apply GOST patches --- .chromium.metadata | 2 ++ .gitignore | 2 ++ SPECS/chromium.spec | 49 ++++++++++++++++++++++++++++++++++++++++++++- 3 files changed, 52 insertions(+), 1 deletion(-) diff --git a/.chromium.metadata b/.chromium.metadata index 96afe075..670e2c92 100644 --- a/.chromium.metadata +++ b/.chromium.metadata @@ -1 +1,3 @@ 9e4b3a30e852aa2add27115df620a113f7b9d921 SOURCES/chromium-115.0.5790.170.tar.xz +a6033325fb1c8501bf1b4821acfebc076bca3ba1 SOURCES/chromium-gost-d4a3d8f7603c0e2dfa3642cca00c169d070e043e.tar.gz +7f2dae4d92fd16ba75b35408e1c0a9003d27eb38 SOURCES/msspi-dddd947089110165db71fdc660157f102bab3660.tar.gz diff --git a/.gitignore b/.gitignore index a398c5e4..59dee401 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,3 @@ SOURCES/chromium-115.0.5790.170.tar.xz +SOURCES/chromium-gost-eff0aba6091bcf9ca9b8a6d31402dfe55ddaf8ce.tar.gz +SOURCES/msspi-dddd947089110165db71fdc660157f102bab3660.tar.gz diff --git a/SPECS/chromium.spec b/SPECS/chromium.spec index d11c57dd..d8487a38 100644 --- a/SPECS/chromium.spec +++ b/SPECS/chromium.spec @@ -200,6 +200,13 @@ %endif %endif +# Build with GOST patches +# https://github.com/deemru/chromium-gost/ +%global gost 1 +%define chromium_gost_commit d4a3d8f7603c0e2dfa3642cca00c169d070e043e +%define msspi_commit dddd947089110165db71fdc660157f102bab3660 +%define chromium_path_gost %{_builddir}/chromium-gost + ### From 2013 until early 2021, Google permitted distribution builds of ### Chromium to access Google APIs that added significant features to ### Chromium including, but not limited to, Sync and geolocation. @@ -431,6 +438,10 @@ Source21: https://nodejs.org/dist/latest-v16.x/node-%{nodejs_version}-linux-arm6 # Yandex logo Source50: https://upload.wikimedia.org/wikipedia/commons/f/f1/Yandex_logo_2021_Russian.svg +# GOST +Source101: https://github.com/deemru/chromium-gost/archive/%{chromium_gost_commit}.tar.gz?/chromium-gost-%{chromium_gost_commit}.tar.gz +Source102: https://github.com/deemru/msspi/archive/%{msspi_commit}.tar.gz?/msspi-%{msspi_commit}.tar.gz + %if %{clang} %if 0%{?rhel} == 7 BuildRequires: llvm-toolset-%{llvm_toolset_version} @@ -852,8 +863,16 @@ Provides: bundled(xdg-user-dirs) Requires(post): /usr/sbin/semanage Requires(post): /usr/sbin/restorecon +%if %{gost} +Provides: %{name}-gost-lib = %{version}-%{release} +%endif + %description Chromium is an open-source web browser, powered by WebKit (Blink). +%if %{gost} +chromium-gost patches are integrated, this Chromium supports GOST TLS +if proprietary CryptoPro is installed. +%endif %package common Summary: Files needed for both the headless_shell and full Chromium @@ -921,6 +940,31 @@ udev. %prep %setup -q -n chromium-%{version} +%if %{gost} +rm -rf %{chromium_path_gost} +mkdir -p %{chromium_path_gost} +tar -C %{chromium_path_gost} --strip 1 -xf %{SOURCE101} +sed -i \ + -e "s,^#include <../ssl/internal.h>,#include \"${PWD}/third_party/boringssl/src/ssl/internal.h\",g" \ + %{chromium_path_gost}/src/gostssl.cpp +tar -C %{chromium_path_gost}/src/msspi --strip 1 -xf %{SOURCE102} +sed -i'' %{chromium_path_gost}/patch/chromium.patch \ + -e 's/ (Chromium GOST)//g' \ + -e 's/Chromium GOST/Chromium/g' \ + -e 's/Chromium-Gost/Chromium/g' \ + -e 's/"chromium-gost"/"chromium-browser"/g' \ + -e 's/"chromium-gost.desktop"/"chromium-browser.desktop"/g' \ + -e 's/(%s; Chromium GOST)/(%s)/' \ + -- +patch -p1 < %{chromium_path_gost}/patch/chromium.patch +( cd ./third_party/boringssl/src +patch -p1 < %{chromium_path_gost}/patch/boringssl.patch ) + +cp -f %{chromium_path_gost}/src/gostssl.cpp third_party/boringssl/gostssl.cpp +cp -f %{chromium_path_gost}/src/msspi/src/* third_party/boringssl +cp -f %{chromium_path_gost}/src/msspi/third_party/cprocsp/include/* third_party/boringssl/src/include +%endif + ### Chromium Fedora Patches ### %patch -P0 -p1 -b .sandboxpie %patch -P1 -p1 -b .etc @@ -1076,7 +1120,7 @@ cp -a %{_includedir}/libusb-1.0/libusb.h third_party/libusb/src/libusb/libusb.h %endif # Hard code extra version -sed -i 's/getenv("CHROME_VERSION_EXTRA")/"MSVSphere"/' chrome/common/channel_info_posix.cc +sed -i 's/getenv("CHROME_VERSION_EXTRA")/"MSVSphere, %{name} %{version}-%{release}%{?gost: + GOST TLS via CryptoPro}"/' chrome/common/channel_info_posix.cc # Fix hardcoded path in remoting code sed -i 's|/opt/google/chrome-remote-desktop|%{crd_path}|g' remoting/host/setup/daemon_controller_delegate_linux.cc @@ -1714,6 +1758,9 @@ getent group chrome-remote-desktop >/dev/null || groupadd -r chrome-remote-deskt %{chromium_path}/chromedriver %changelog +* Sun Aug 13 2023 Arkady L. Shane - 115.0.5790.170-2.inferit.gost +- Apply GOST patches + * Fri Aug 11 2023 Sergey Cherevko - 115.0.5790.170-1.inferit.1 - Added Russian description and summary for gnome-software - Rebuilt for MSVSphere 9.2