@ -1,3 +1,6 @@
# Build Chromium with GOST
%bcond_with gost
%define _lto_cflags %{nil}
# enable|disable system build flags
@ -36,7 +39,23 @@
ninja -j %{numjobs} -C '%1' '%2'
# enable|disable headless client build
%if %{with gost}
%global build_headless 0
%else
%global build_headless 1
%endif
# exclude build-id files for chromium-gost
%if %{with gost}
%define _build_id_links none
%endif
# enable|disable headless client build
%if %{with gost}
%global build_chromedriver 0
%else
%global build_chromedriver 1
%endif
# enable|disable chrome-remote-desktop build
%global build_remoting 0
@ -133,7 +152,11 @@
# %%{nil} for Stable; -beta for Beta; -dev for Devel
# dash in -beta and -dev is intentional !
%if %{with gost}
%global chromium_channel -gost
%else
%global chromium_channel %{nil}
%endif
%global chromium_menu_name Chromium
%global chromium_browser_channel chromium-browser%{chromium_channel}
%global chromium_path %{_libdir}/chromium-browser%{chromium_channel}
@ -232,12 +255,14 @@
%endif
%endif
%if %{with gost}
# Build with GOST patches
# https://github.com/deemru/chromium-gost/
%global gost 1
%global gost_build 1
%define chromium_gost_commit 2c81b2fed144086340d5220ef707350b7fb18ec9
%define msspi_commit 3c50c2d33a4bdf4effb01aaeb9ff5d5b67635a18
%define chromium_path_gost %{_builddir}/chromium-gost
%endif
### From 2013 until early 2021, Google permitted distribution builds of
### Chromium to access Google APIs that added significant features to
@ -274,7 +299,7 @@
Name: chromium%{chromium_channel}
Version: 119.0.6045.159
Release: 1%{?dist}.inferit.gos t
Release: 2%{?dist}.inferi t
Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use
Url: http://www.chromium.org/Home
License: BSD-3-Clause AND LGPL-2.1-or-later AND Apache-2.0 AND IJG AND MIT AND GPL-2.0-or-later AND ISC AND OpenSSL AND (MPL-1.1 OR GPL-2.0-only OR LGPL-2.0-only)
@ -475,9 +500,12 @@ BuildRequires: golang-github-evanw-esbuild
# Yandex logo
Source50: https://upload.wikimedia.org/wikipedia/commons/f/f1/Yandex_logo_2021_Russian.svg
%if %{with gost}
# GOST
Source101: https://github.com/deemru/chromium-gost/archive/%{chromium_gost_commit}.tar.gz?/chromium-gost-%{chromium_gost_commit}.tar.gz
Source102: https://github.com/deemru/msspi/archive/%{msspi_commit}.tar.gz?/msspi-%{msspi_commit}.tar.gz
Source103: chromium-browser-gost-icons.tar.xz
%endif
%if %{clang}
%if 0%{?rhel} == 7
@ -511,12 +539,12 @@ BuildRequires: binutils
#BuildRequires: pkgconfig(libavutil)
# chromium fail to start for rpmfusion users due to ABI break in ffmpeg-free-6.0.1
# bethween fedora and rpmfussion.
#%%if 0%{?rhel} == 9 || 0%%{?fedora} == 37
#Conflicts: libavformat-free%{_isa} < 5.1.4
#Conflicts: ffmpeg-libs%{_isa} < 5.1.4
#%%if 0%% {?rhel} == 9 || 0%%{?fedora} == 37
#Conflicts: libavformat-free%% {_isa} < 5.1.4
#Conflicts: ffmpeg-libs%% {_isa} < 5.1.4
#%%else
#Conflicts: libavformat-free%{_isa} < 6.0.1
#Conflicts: ffmpeg-libs%{_isa} < 6.0.1-2
#Conflicts: libavformat-free%% {_isa} < 6.0.1
#Conflicts: ffmpeg-libs%% {_isa} < 6.0.1-2
#%%endif
#%%endif
@ -892,14 +920,10 @@ Provides: bundled(xdg-user-dirs)
Requires(post): /usr/sbin/semanage
Requires(post): /usr/sbin/restorecon
%if %{gost}
Provides: %{name}-gost-lib = %{version}-%{release}
%endif
%description
Chromium is an open-source web browser, powered by WebKit (Blink).
%if %{gost}
chromium-gost patches are integrated, this Chromium supports GOST TLS
%if %{with gost}
Chromium GOST patches are integrated, this Chromium supports GOST TLS
if proprietary CryptoPro is installed.
%endif
@ -955,7 +979,7 @@ udev.
%prep
%setup -q -n chromium-%{version}
%if %{gost}
%if %{with gost}
rm -rf %{chromium_path_gost}
mkdir -p %{chromium_path_gost}
tar -C %{chromium_path_gost} --strip 1 -xf %{SOURCE101}
@ -964,12 +988,8 @@ sed -i \
%{chromium_path_gost}/src/gostssl.cpp
tar -C %{chromium_path_gost}/src/msspi --strip 1 -xf %{SOURCE102}
sed -i'' %{chromium_path_gost}/patch/chromium.patch \
-e 's/ (Chromium GOST)//g' \
-e 's/Chromium GOST/Chromium/g' \
-e 's/Chromium-Gost/Chromium/g' \
-e 's/"chromium-gost"/"chromium-browser"/g' \
-e 's/"chromium-gost.desktop"/"chromium-browser.desktop"/g' \
-e 's/(%s; Chromium GOST)/(%s)/' \
-e 's/"chromium-gost"/"chromium-browser-gost"/g' \
-e 's/"chromium-gost.desktop"/"chromium-browser-gost.desktop"/g' \
--
# make backups before GOST patching
for i in \
@ -1175,7 +1195,7 @@ cp -a %{_includedir}/libusb-1.0/libusb.h third_party/libusb/src/libusb/libusb.h
%endif
# Hard code extra version
sed -i 's/getenv("CHROME_VERSION_EXTRA")/"%{?gost: GOST TLS via CryptoPro}"/' chrome/common/channel_info_posix.cc
sed -i 's/getenv("CHROME_VERSION_EXTRA")/"%{?gost_build : GOST TLS via CryptoPro}"/' chrome/common/channel_info_posix.cc
# Fix hardcoded path in remoting code
sed -i 's|/opt/google/chrome-remote-desktop|%{crd_path}|g' remoting/host/setup/daemon_controller_delegate_linux.cc
@ -1435,7 +1455,9 @@ mkdir -p %{builddir} && cp -a %{_bindir}/gn %{builddir}/
%build_target %{builddir} chrome
%build_target %{builddir} chrome_sandbox
%if %{build_chromedriver}
%build_target %{builddir} chromedriver
%endif
%build_target %{builddir} libffmpeg.so
%if %{build_clear_key_cdm}
@ -1473,13 +1495,16 @@ export CHROMIUM_BROWSER_CHANNEL=%{chromium_browser_channel}
sed -i "s|@@BUILD_TARGET@@|$BUILD_TARGET|g" %{buildroot}%{chromium_path}/%{chromium_browser_channel}.sh
sed -i "s|@@CHROMIUM_PATH@@|$CHROMIUM_PATH|g" %{buildroot}%{chromium_path}/%{chromium_browser_channel}.sh
sed -i "s|@@CHROMIUM_BROWSER_CHANNEL@@|$CHROMIUM_BROWSER_CHANNEL|g" %{buildroot}%{chromium_path}/%{chromium_browser_channel}.sh
%if %{with gost}
sed -i "s|/etc/chromium/chromium.conf|/etc/chromium-gost/chromium-gost.conf|g" %{buildroot}%{chromium_path}/%{chromium_browser_channel}.sh
%endif
%if "%{chromium_channel}" == "%{nil}"
sed -i "s|@@EXTRA_FLAGS@@||g" %{buildroot}%{chromium_path}/%{chromium_browser_channel}.sh
%else
%if "%{chromium_channel}" == "-beta" || "%{chromium_channel}" == "-dev"
# Enable debug outputs for beta and dev channels
export EXTRA_FLAGS="--enable-logging=stderr --v=2"
sed -i "s|@@EXTRA_FLAGS@@|$EXTRA_FLAGS|g" %{buildroot}%{chromium_path}/%{chromium_browser_channel}.sh
%else
sed -i "s|@@EXTRA_FLAGS@@||g" %{buildroot}%{chromium_path}/%{chromium_browser_channel}.sh
%endif
ln -s ../..%{chromium_path}/%{chromium_browser_channel}.sh %{buildroot}%{_bindir}/%{chromium_browser_channel}
@ -1523,9 +1548,11 @@ pushd %{builddir}
%endif
%endif
%if %{build_chromedriver}
# chromedriver
cp -a chromedriver %{buildroot}%{chromium_path}/chromedriver
ln -s ../..%{chromium_path}/chromedriver %{buildroot}%{_bindir}/chromedriver
%endif
%if %{build_remoting}
# Remote desktop bits
@ -1590,19 +1617,23 @@ popd
# need to strip binaries explicitly when debug is disable
%if ! %{enable_debug}
pushd %{buildroot}%{chromium_path}/
for f in *.so chrome_crashpad_handler chrome-sandbox chromium-browser headless_shell chromedriver ; do
for f in *.so chrome_crashpad_handler chrome-sandbox chromium-browser headless_shell %{?build_ chromedriver: chromedriver} ; do
[ -f $f ] && strip $f
done
popd
%endif
# Add directories for policy management
mkdir -p %{buildroot}%{_sysconfdir}/chromium /policies/managed
mkdir -p %{buildroot}%{_sysconfdir}/chromium /policies/recommended
mkdir -p %{buildroot}%{_sysconfdir}/%{name} /policies/managed
mkdir -p %{buildroot}%{_sysconfdir}/%{name} /policies/recommended
cp -a out/Release/gen/chrome/app/policy/common/html/en-US/*.html .
cp -a out/Release/gen/chrome/app/policy/linux/examples/chrome.json .
%if %{with gost}
mkdir -p %{buildroot}%{_datadir}/icons/hicolor/
tar xavf %{SOURCE103} -C %{buildroot}%{_datadir}/icons/hicolor/
%else
mkdir -p %{buildroot}%{_datadir}/icons/hicolor/256x256/apps
cp -a chrome/app/theme/chromium/product_logo_256.png %{buildroot}%{_datadir}/icons/hicolor/256x256/apps/%{chromium_browser_channel}.png
mkdir -p %{buildroot}%{_datadir}/icons/hicolor/128x128/apps
@ -1613,6 +1644,7 @@ mkdir -p %{buildroot}%{_datadir}/icons/hicolor/48x48/apps
cp -a chrome/app/theme/chromium/product_logo_48.png %{buildroot}%{_datadir}/icons/hicolor/48x48/apps/%{chromium_browser_channel}.png
mkdir -p %{buildroot}%{_datadir}/icons/hicolor/24x24/apps
cp -a chrome/app/theme/chromium/product_logo_24.png %{buildroot}%{_datadir}/icons/hicolor/24x24/apps/%{chromium_browser_channel}.png
%endif
# Install the master_preferences file
install -m 0644 %{SOURCE11} %{buildroot}%{_sysconfdir}/%{name}/
@ -1667,7 +1699,7 @@ getent group chrome-remote-desktop >/dev/null || groupadd -r chrome-remote-deskt
%doc AUTHORS README.fedora
%doc chrome_policy_list.html *.json
%license LICENSE
%config(noreplace) %{_sysconfdir}/%{name}/chromium .conf
%config(noreplace) %{_sysconfdir}/%{name}/%{name} .conf
%config %{_sysconfdir}/%{name}/master_preferences
%config %{_sysconfdir}/%{name}/policies/
%if %{build_remoting}
@ -1795,14 +1827,16 @@ getent group chrome-remote-desktop >/dev/null || groupadd -r chrome-remote-deskt
/var/lib/chrome-remote-desktop/
%endif
%if %{build_chromedriver}
%files -n chromedriver
%doc AUTHORS
%license LICENSE
%{_bindir}/chromedriver
%{chromium_path}/chromedriver
%endif
%changelog
* Sat Nov 25 2023 Arkady L. Shane <tigro@msvsphere-os.ru> - 119.0.6045.159-1.inferit.gos t
* Sat Nov 25 2023 Arkady L. Shane <tigro@msvsphere-os.ru> - 119.0.6045.159-2.inferi t
- Apply GOST patches
* Mon Nov 20 2023 Arkady L. Shane <tigro@msvsphere-os.ru> - 119.0.6045.159-1.inferit