diff options
author | Martin Weinelt <mweinelt@users.noreply.github.com> | 2023-11-19 21:13:16 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-11-19 21:13:16 +0100 |
commit | c423e3dda75c4256081ffa04ab293f32ce2a7df9 (patch) | |
tree | 64113939426535ae2f4d283cb93429fe8c58399f /pkgs/applications/networking/browsers/firefox | |
parent | c3d775de19d1f76849da54551529e479cc29cbfc (diff) | |
parent | db262d35698b91db20582d92cd8cac8995978df9 (diff) | |
download | nixlib-c423e3dda75c4256081ffa04ab293f32ce2a7df9.tar nixlib-c423e3dda75c4256081ffa04ab293f32ce2a7df9.tar.gz nixlib-c423e3dda75c4256081ffa04ab293f32ce2a7df9.tar.bz2 nixlib-c423e3dda75c4256081ffa04ab293f32ce2a7df9.tar.lz nixlib-c423e3dda75c4256081ffa04ab293f32ce2a7df9.tar.xz nixlib-c423e3dda75c4256081ffa04ab293f32ce2a7df9.tar.zst nixlib-c423e3dda75c4256081ffa04ab293f32ce2a7df9.zip |
Merge pull request #244591 from Infinidoge/fix/firefox-signing
buildMozillaMach: add options to disable signing requirement and to enable addon sideloading
Diffstat (limited to 'pkgs/applications/networking/browsers/firefox')
3 files changed, 11 insertions, 10 deletions
diff --git a/pkgs/applications/networking/browsers/firefox/common.nix b/pkgs/applications/networking/browsers/firefox/common.nix index c77411b6c264..5542ca62b93a 100644 --- a/pkgs/applications/networking/browsers/firefox/common.nix +++ b/pkgs/applications/networking/browsers/firefox/common.nix @@ -7,6 +7,8 @@ , application ? "browser" , applicationName ? "Mozilla Firefox" , branding ? null +, requireSigning ? true +, allowAddonSideload ? false , src , unpackPhase ? null , extraPatches ? [] @@ -367,6 +369,8 @@ buildStdenv.mkDerivation { configureFlagsArray+=("--with-mozilla-api-keyfile=$TMPDIR/mls-api-key") '' + lib.optionalString (enableOfficialBranding && !stdenv.is32bit) '' export MOZILLA_OFFICIAL=1 + '' + lib.optionalString (!requireSigning) '' + export MOZ_REQUIRE_SIGNING= '' + lib.optionalString stdenv.hostPlatform.isMusl '' # linking firefox hits the vm.max_map_count kernel limit with the default musl allocator # TODO: Default vm.max_map_count has been increased, retest without this @@ -408,6 +412,7 @@ buildStdenv.mkDerivation { # https://bugzilla.mozilla.org/show_bug.cgi?id=1482204 ++ lib.optional (ltoSupport && (buildStdenv.isAarch32 || buildStdenv.isi686 || buildStdenv.isx86_64)) "--disable-elf-hack" ++ lib.optional (!drmSupport) "--disable-eme" + ++ lib.optional (allowAddonSideload) "--allow-addon-sideload" ++ [ (enableFeature alsaSupport "alsa") (enableFeature crashreporterSupport "crashreporter") diff --git a/pkgs/applications/networking/browsers/firefox/packages.nix b/pkgs/applications/networking/browsers/firefox/packages.nix index c4d59bc2c149..37777f92005d 100644 --- a/pkgs/applications/networking/browsers/firefox/packages.nix +++ b/pkgs/applications/networking/browsers/firefox/packages.nix @@ -56,10 +56,11 @@ }; }; - firefox-devedition = (buildMozillaMach rec { + firefox-devedition = buildMozillaMach rec { pname = "firefox-devedition"; version = "120.0b9"; applicationName = "Mozilla Firefox Developer Edition"; + requireSigning = false; branding = "browser/branding/aurora"; src = fetchurl { url = "mirror://mozilla/devedition/releases/${version}/source/firefox-${version}.source.tar.xz"; @@ -84,9 +85,7 @@ versionSuffix = "b[0-9]*"; baseUrl = "https://archive.mozilla.org/pub/devedition/releases/"; }; - }).overrideAttrs (prev: { - env.MOZ_REQUIRE_SIGNING = ""; - }); + }; firefox-esr-115 = buildMozillaMach rec { pname = "firefox-esr-115"; diff --git a/pkgs/applications/networking/browsers/firefox/wrapper.nix b/pkgs/applications/networking/browsers/firefox/wrapper.nix index 68f547d1f95a..25c7ac5bb659 100644 --- a/pkgs/applications/networking/browsers/firefox/wrapper.nix +++ b/pkgs/applications/networking/browsers/firefox/wrapper.nix @@ -115,18 +115,15 @@ let nameArray = builtins.map(a: a.name) (lib.optionals usesNixExtensions nixExtensions); - requiresSigning = browser ? MOZ_REQUIRE_SIGNING - -> toString browser.MOZ_REQUIRE_SIGNING != ""; - # Check that every extension has a unqiue .name attribute # and an extid attribute extensions = if nameArray != (lib.unique nameArray) then throw "Firefox addon name needs to be unique" - else if requiresSigning && !lib.hasSuffix "esr" browser.name then - throw "Nix addons are only supported without signature enforcement (eg. Firefox ESR)" + else if browser.requireSigning || !browser.allowAddonSideload then + throw "Nix addons are only supported with signature enforcement disabled and addon sideloading enabled (eg. LibreWolf)" else builtins.map (a: if ! (builtins.hasAttr "extid" a) then - throw "nixExtensions has an invalid entry. Missing extid attribute. Please use fetchfirefoxaddon" + throw "nixExtensions has an invalid entry. Missing extid attribute. Please use fetchFirefoxAddon" else a ) (lib.optionals usesNixExtensions nixExtensions); |