diff options
Diffstat (limited to 'linux')
-rw-r--r-- | linux/makepkg/PKGBUILD | 23 |
1 files changed, 4 insertions, 19 deletions
diff --git a/linux/makepkg/PKGBUILD b/linux/makepkg/PKGBUILD index cd63cef..9a4d13a 100644 --- a/linux/makepkg/PKGBUILD +++ b/linux/makepkg/PKGBUILD @@ -6,7 +6,7 @@ pkgdesc='Yet another no-frills browser' pkgver=r0 pkgrel=1 -url="https://neueland.iserlohn-fortress.net/smolbote" +url="https://neueland.iserlohn-fortress.net/gitea/smolbote" install="smolbote.install" arch=('x86_64') @@ -17,7 +17,7 @@ optdepends=('firejail: launch a sandboxed instance') makedepends=('git' 'meson' 'boost' 'python-kconfiglib' 'openssl' 'qt5-tools' 'scdoc' 'spdlog') # this is the central repository -source=("git+https://neueland.iserlohn-fortress.net/gitea/aeon/smolbote.git" +source=("git+https://neueland.iserlohn-fortress.net/gitea/aqua/smolbote.git" "git+https://github.com/itay-grudev/SingleApplication.git") sha512sums=('SKIP' @@ -32,9 +32,7 @@ sha512sums=('SKIP' #_menuconfig= # Enable plugin signing: -# - generate a 4096-bit RSA key and embed the public key into the binary -# - apply the plugin signing patch to the config, enabling PluginLoader::verify -# - sign the plugins with the private key, and install the signatures +# meson/ninja will generate the privateKey.pem and publicKey.pem in the $builddir # Because this embeds the public key into the executable, enabling this option will break reproducible builds. _signPlugins= @@ -44,19 +42,6 @@ prepare() { git submodule init git config submodule.3rd-party/SingleApplication/SingleApplication.git.url $srcdir/SingleApplication git submodule update 3rd-party/SingleApplication/SingleApplication.git - - if [ -n $_signPlugins ]; then - msg "Creating OpenSSL signing key" - mkdir $srcdir/signing - cd $srcdir/signing - # generate rsa keypair - openssl genrsa -out privateKey.pem 4096 - msg2 "Keypair written to $srcdir/signing/privateKey.pem." - - openssl rsa -in privateKey.pem -pubout -out publicKey.pem - python3 $srcdir/smolbote/tools/hexdump.py --name='publicKey_pem' publicKey.pem --output=$srcdir/smolbote/src/plugin/publicKey.h - msg2 "Public key exported to $srcdir/signing/publicKey.pem." - fi } pkgver() { @@ -104,7 +89,7 @@ package() { if [ -n $_signPlugins ]; then msg "Signing plugins" for so in $pkgdir/usr/local/lib/smolbote/plugins/*.so; do - openssl dgst -sha256 -sign $srcdir/signing/privateKey.pem -out $so.sig $so + openssl dgst -sha256 -sign $srcdir/build/privateKey.pem -out $so.sig $so # If the sigs were in another location, use #install -m644 -t $pkgdir/usr/local/lib/smolbote/plugins $so.sig done |