Unverified Commit c4c81ac8 authored by Infinidoge's avatar Infinidoge
Browse files

buildMozillaMach: support disabling extension signing enforcement 

Previously, derivations specified the environment variable themselves,
which did not actually disable signing enforcement.
parent 377f9c29

pkgs/applications/networking/browsers/firefox/common.nix

+3 −0
Original line number Diff line number Diff line
@@ -6,6 +6,7 @@ 
, application ? "browser"

, applicationName ? "Mozilla Firefox"

, branding ? null

, requireSigning ? true

, src

, unpackPhase ? null

, extraPatches ? []
@@ -367,6 +368,8 @@ buildStdenv.mkDerivation { 
    configureFlagsArray+=("--with-mozilla-api-keyfile=$TMPDIR/mls-api-key")

  '' + lib.optionalString (enableOfficialBranding && !stdenv.is32bit) ''

    export MOZILLA_OFFICIAL=1

  '' + lib.optionalString (!requireSigning) ''

    export MOZ_REQUIRE_SIGNING=

  '' + lib.optionalString stdenv.hostPlatform.isMusl ''

    # linking firefox hits the vm.max_map_count kernel limit with the default musl allocator

    # TODO: Default vm.max_map_count has been increased, retest without this

pkgs/applications/networking/browsers/firefox/packages.nix

+3 −4
Original line number Diff line number Diff line
@@ -54,10 +54,11 @@ 
    };

  };



  firefox-devedition = (buildMozillaMach rec {

  firefox-devedition = buildMozillaMach rec {

    pname = "firefox-devedition";

    version = "116.0b3";

    applicationName = "Mozilla Firefox Developer Edition";

    requireSigning = false;

    branding = "browser/branding/aurora";

    src = fetchurl {

      url = "mirror://mozilla/devedition/releases/${version}/source/firefox-${version}.source.tar.xz";
@@ -81,9 +82,7 @@ 
      versionSuffix = "b[0-9]*";

      baseUrl = "https://archive.mozilla.org/pub/devedition/releases/";

    };

  }).overrideAttrs (prev: {

    env.MOZ_REQUIRE_SIGNING = "";

  });

  };



  firefox-esr-102 = buildMozillaMach rec {

    pname = "firefox-esr-102";

pkgs/applications/networking/browsers/firefox/wrapper.nix

+2 −5
Original line number Diff line number Diff line
@@ -102,15 +102,12 @@ let 


      nameArray = builtins.map(a: a.name) (lib.optionals usesNixExtensions nixExtensions);



      requiresSigning = browser ? MOZ_REQUIRE_SIGNING

                     -> toString browser.MOZ_REQUIRE_SIGNING != "";



      # Check that every extension has a unqiue .name attribute

      # and an extid attribute

      extensions = if nameArray != (lib.unique nameArray) then

        throw "Firefox addon name needs to be unique"

      else if requiresSigning && !lib.hasSuffix "esr" browser.name then

        throw "Nix addons are only supported without signature enforcement (eg. Firefox ESR)"

      else if browser.requireSigning then

        throw "Nix addons are only supported with signature enforcement disabled"

      else builtins.map (a:

        if ! (builtins.hasAttr "extid" a) then

        throw "nixExtensions has an invalid entry. Missing extid attribute. Please use fetchfirefoxaddon"

pkgs/applications/networking/browsers/librewolf/default.nix

+3 −4
Original line number Diff line number Diff line
@@ -3,12 +3,13 @@ 
let

  librewolf-src = callPackage ./librewolf.nix { };

in

((buildMozillaMach rec {

(buildMozillaMach rec {

  pname = "librewolf";

  applicationName = "LibreWolf";

  binaryName = "librewolf";

  version = librewolf-src.packageVersion;

  src = librewolf-src.firefox;

  requireSigning = false;

  inherit (librewolf-src) extraConfigureFlags extraPatches extraPostPatch extraPassthru;



  meta = {
@@ -29,6 +30,4 @@ in 
}).override {

  crashreporterSupport = false;

  enableOfficialBranding = false;

}).overrideAttrs (prev: {

  MOZ_REQUIRE_SIGNING = "";

})
 
}