6 files changed, 178 insertions, 98 deletions
diff --git a/www-client/firefox/files/firefox-47.0-crashreporter.patch b/www-client/firefox/files/firefox-47.0-crashreporter.patch
deleted file mode 100644
index 7b3bf3da..00000000
--- a/www-client/firefox/files/firefox-47.0-crashreporter.patch
+++ /dev/null
@@ -1,27 +0,0 @@
---- a/toolkit/crashreporter/google-breakpad/src/common/linux/dump_symbols.cc
-+++ b/toolkit/crashreporter/google-breakpad/src/common/linux/dump_symbols.cc
-@@ -920,10 +920,9 @@ string FormatIdentifier(unsigned char identifier[16]) {
- // Return the non-directory portion of FILENAME: the portion after the
- // last slash, or the whole filename if there are no slashes.
- string BaseFileName(const string &filename) {
--  // Lots of copies!  basename's behavior is less than ideal.
--  char* c_filename = strdup(filename.c_str());
--  string base = basename(c_filename);
--  free(c_filename);
-+  const char *c_filename = filename.c_str();
-+  const char *p = strrchr(c_filename, '/');
-+  string base = p ? p+1 : c_filename;
-   return base;
- }
- 
---- a/toolkit/crashreporter/google-breakpad/src/third_party/lss/linux_syscall_support.h
-+++ b/toolkit/crashreporter/google-breakpad/src/third_party/lss/linux_syscall_support.h
-@@ -3851,7 +3851,7 @@ struct kernel_statfs {
-         return -1;
-     }
-   }
--  #if defined(__x86_64__)
-+  #if defined(__x86_64__) && defined(__ILP32__)
-     /* Need to make sure loff_t isn't truncated to 32-bits under x32.  */
-     LSS_INLINE ssize_t LSS_NAME(pread64)(int f, void *b, size_t c, loff_t o) {
-       LSS_BODY(4, ssize_t, pread64, LSS_SYSCALL_ARG(f), LSS_SYSCALL_ARG(b),
diff --git a/www-client/firefox/files/firefox-47.0-define-HUNSPELL_STATIC-conditionally.patch b/www-client/firefox/files/firefox-47.0-define-HUNSPELL_STATIC-conditionally.patch
deleted file mode 100644
index f7fb3b30..00000000
--- a/www-client/firefox/files/firefox-47.0-define-HUNSPELL_STATIC-conditionally.patch
+++ /dev/null
@@ -1,8 +0,0 @@
---- a/extensions/spellcheck/hunspell/glue/moz.build
-+++ b/extensions/spellcheck/hunspell/glue/moz.build
-@@ -38,4 +38,4 @@ if CONFIG['GNU_CXX']:
- 
- # This variable is referenced in configure.in.  Make sure to change that file
- # too if you need to change this variable.
--DEFINES['HUNSPELL_STATIC'] = True
-+DEFINES['HUNSPELL_STATIC'] = not CONFIG['MOZ_NATIVE_HUNSPELL']
diff --git a/www-client/firefox/files/fix_hardened_pie_detection.patch b/www-client/firefox/files/fix_hardened_pie_detection.patch
new file mode 100644
index 00000000..7cc74cd1
--- /dev/null
+++ b/www-client/firefox/files/fix_hardened_pie_detection.patch
@@ -0,0 +1,36 @@
+From: Jory A. Pratt <anarchy@gentoo.org>
+
+CFLAGS must contain -fPIC when checking the linker
+
+https://bugs.gentoo.org/show_bug.cgi?id=607350
+
+diff --git a/build/autoconf/compiler-opts.m4 b/build/autoconf/compiler-opts.m4
+--- a/build/autoconf/compiler-opts.m4
++++ b/build/autoconf/compiler-opts.m4
+@@ -263,23 +263,26 @@ fi
+ 
+ MOZ_ARG_ENABLE_BOOL(pie,
+ [  --enable-pie           Enable Position Independent Executables],
+     MOZ_PIE=1,
+     MOZ_PIE= )
+ 
+ if test "$GNU_CC" -a -n "$MOZ_PIE"; then
+     AC_MSG_CHECKING([for PIE support])
++    _SAVE_CFLAGS=$CFLAGS
++    CFLAGS="$CFLAGS -fPIC"
+     _SAVE_LDFLAGS=$LDFLAGS
+     LDFLAGS="$LDFLAGS -pie"
+     AC_TRY_LINK(,,AC_MSG_RESULT([yes])
+                   [MOZ_PROGRAM_LDFLAGS="$MOZ_PROGRAM_LDFLAGS -pie"],
+                   AC_MSG_RESULT([no])
+                   AC_MSG_ERROR([--enable-pie requires PIE support from the linker.]))
+     LDFLAGS=$_SAVE_LDFLAGS
++    CFLAGS=$_SAVE_CFLAGS
+ fi
+ 
+ AC_SUBST(MOZ_PROGRAM_LDFLAGS)
+ 
+ dnl ASan assumes no symbols are being interposed, and when that happens,
+ dnl it's not happy with it. Unconveniently, since Firefox is exporting
+ dnl libffi symbols and Gtk+3 pulls system libffi via libwayland-client,
+ dnl system libffi interposes libffi symbols that ASan assumes are in
diff --git a/www-client/firefox/files/mozilla_configure_regexp_esr.patch b/www-client/firefox/files/mozilla_configure_regexp_esr.patch
new file mode 100644
index 00000000..9e165ff9
--- /dev/null
+++ b/www-client/firefox/files/mozilla_configure_regexp_esr.patch
@@ -0,0 +1,32 @@
+From: Jory A. Pratt <anarchy@gentoo.org>
+
+Note: the first occurrence of :space: is [:space:] (with a single pair
+of []), where it should be [[:space:]] (with two pairs of []).
+
+This causes the sed command to fail (with the error message quoted in
+my original report), driving to failure the whole configure step.
+
+https://bugzilla.mozilla.org/show_bug.cgi?id=1329252
+
+diff --git a/build/autoconf/icu.m4 b/build/autoconf/icu.m4
+--- a/build/autoconf/icu.m4
++++ b/build/autoconf/icu.m4
+@@ -68,17 +68,17 @@ if test -n "$USE_ICU"; then
+     icudir="$_topsrcdir/intl/icu/source"
+     if test ! -d "$icudir"; then
+         icudir="$_topsrcdir/../../intl/icu/source"
+         if test ! -d "$icudir"; then
+             AC_MSG_ERROR([Cannot find the ICU directory])
+         fi
+     fi
+ 
+-    version=`sed -n 's/^[[:space:]]*#[[:space:]]*define[[:space:]][[:space:]]*U_ICU_VERSION_MAJOR_NUM[[:space:]][[:space:]]*\([0-9][0-9]*\)[[:space:]]*$/\1/p' "$icudir/common/unicode/uvernum.h"`
++    version=`sed -n 's/^[[[:space:]]]*#[[:space:]]*define[[:space:]][[:space:]]*U_ICU_VERSION_MAJOR_NUM[[:space:]][[:space:]]*\([0-9][0-9]*\)[[:space:]]*$/\1/p' "$icudir/common/unicode/uvernum.h"`
+     if test x"$version" = x; then
+        AC_MSG_ERROR([cannot determine icu version number from uvernum.h header file $lineno])
+     fi
+     MOZ_ICU_VERSION="$version"
+ 
+     if test "$OS_TARGET" = WINNT; then
+         MOZ_SHARED_ICU=1
+     fi
diff --git a/www-client/firefox/files/update_h2_curve.patch b/www-client/firefox/files/update_h2_curve.patch
new file mode 100644
index 00000000..a1f0ffae
--- /dev/null
+++ b/www-client/firefox/files/update_h2_curve.patch
@@ -0,0 +1,30 @@
+From: Franziskus Kiefer <franziskuskiefer@gmail.com>
+
+Update keybits in H2
+
+https://bugzilla.mozilla.org/show_bug.cgi?id=1290037
+
+diff --git a/netwerk/protocol/http/Http2Session.cpp b/netwerk/protocol/http/Http2Session.cpp
+--- a/netwerk/protocol/http/Http2Session.cpp
++++ b/netwerk/protocol/http/Http2Session.cpp
+@@ -3516,18 +3516,18 @@ Http2Session::ConfirmTLSProfile()
+     RETURN_SESSION_ERROR(this, INADEQUATE_SECURITY);
+   }
+ 
+   uint32_t keybits = ssl->GetKEAKeyBits();
+   if (kea == ssl_kea_dh && keybits < 2048) {
+     LOG3(("Http2Session::ConfirmTLSProfile %p FAILED due to DH %d < 2048\n",
+           this, keybits));
+     RETURN_SESSION_ERROR(this, INADEQUATE_SECURITY);
+-  } else if (kea == ssl_kea_ecdh && keybits < 256) { // 256 bits is "security level" of 128
+-    LOG3(("Http2Session::ConfirmTLSProfile %p FAILED due to ECDH %d < 256\n",
++  } else if (kea == ssl_kea_ecdh && keybits < 224) { // see rfc7540 9.2.1.
++    LOG3(("Http2Session::ConfirmTLSProfile %p FAILED due to ECDH %d < 224\n",
+           this, keybits));
+     RETURN_SESSION_ERROR(this, INADEQUATE_SECURITY);
+   }
+ 
+   int16_t macAlgorithm = ssl->GetMACAlgorithmUsed();
+   LOG3(("Http2Session::ConfirmTLSProfile %p MAC Algortihm (aead==6) %d\n",
+         this, macAlgorithm));
+   if (macAlgorithm != nsISSLSocketControl::SSL_MAC_AEAD) {
diff --git a/www-client/firefox/firefox-45.5.1.ebuild b/www-client/firefox/firefox-52.0.1-r1.ebuild
index 13fe8cd6..0ca4a8f9 100644
--- a/www-client/firefox/firefox-45.5.1.ebuild
+++ b/www-client/firefox/firefox-52.0.1-r1.ebuild
@@ -1,18 +1,17 @@
-# Copyright 1999-2016 Gentoo Foundation
+# Copyright 1999-2017 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Id$
 
 EAPI=6
 VIRTUALX_REQUIRED="pgo"
 WANT_AUTOCONF="2.1"
-MOZ_ESR=1
+MOZ_ESR=""
 
 # This list can be updated with scripts/get_langs.sh from the mozilla overlay
-MOZ_LANGS=( ach af an ar as ast az be bg bn-BD bn-IN br bs ca cs cy da de
-el en en-GB en-US en-ZA eo es-AR es-CL es-ES es-MX et eu fa fi fr
-fy-NL ga-IE gd gl gu-IN he hi-IN hr hsb hu hy-AM id is it ja kk km kn ko
-lt lv mai mk ml mr ms nb-NO nl nn-NO or pa-IN pl pt-BR pt-PT rm ro ru si
-sk sl son sq sr sv-SE ta te th tr uk uz vi xh zh-CN zh-TW )
+MOZ_LANGS=( ach af an ar as ast az bg bn-BD bn-IN br bs ca cak cs cy da de dsb
+el en en-GB en-US en-ZA eo es-AR es-CL es-ES es-MX et eu fa ff fi fr fy-NL ga-IE
+gd gl gn gu-IN he hi-IN hr hsb hu hy-AM id is it ja ka kab kk km kn ko lij lt lv
+mai mk ml mr ms nb-NO nl nn-NO or pa-IN pl pt-BR pt-PT rm ro ru si sk sl son sq
+sr sv-SE ta te th tr uk uz vi xh zh-CN zh-TW )
 
 # Convert the ebuild version to the upstream mozilla version, used by mozlinguas
 MOZ_PV="${PV/_alpha/a}" # Handle alpha for SRC_URI
@@ -25,15 +24,13 @@ if [[ ${MOZ_ESR} == 1 ]]; then
 fi
 
 # Patch version
-PATCH="${PN}-45.0-patches-08"
+PATCH="${PN}-52.0-patches-08"
 MOZ_HTTP_URI="https://archive.mozilla.org/pub/${PN}/releases"
 
-# Kill gtk3 support since gtk+-3.20 breaks it hard prior to 48.0
-#MOZCONFIG_OPTIONAL_GTK3=1
+MOZCONFIG_OPTIONAL_GTK2ONLY=1
 MOZCONFIG_OPTIONAL_WIFI=1
-MOZCONFIG_OPTIONAL_JIT="enabled"
 
-inherit check-reqs flag-o-matic toolchain-funcs eutils gnome2-utils mozconfig-v6.45 pax-utils fdo-mime autotools virtualx mozlinguas-v2
+inherit check-reqs flag-o-matic toolchain-funcs eutils gnome2-utils mozconfig-v6.52 pax-utils fdo-mime autotools virtualx mozlinguas-v2
 
 DESCRIPTION="Firefox Web Browser"
 HOMEPAGE="http://www.mozilla.com/firefox"
@@ -42,47 +39,40 @@ KEYWORDS="~alpha amd64 ~arm ~arm64 ~ia64 ~ppc ~ppc64 ~x86 ~amd64-linux ~x86-linu
 
 SLOT="0"
 LICENSE="MPL-2.0 GPL-2 LGPL-2.1"
-IUSE="bindist hardened +hwaccel pgo selinux +gmp-autoupdate test"
+IUSE="bindist +gmp-autoupdate hardened hwaccel jack nsplugin pgo rust selinux test"
 RESTRICT="!bindist? ( bindist )"
 
-# More URIs appended below...
+PATCH_URIS=( https://dev.gentoo.org/~{anarchy,axs,polynomial-c}/mozilla/patchsets/${PATCH}.tar.xz )
 SRC_URI="${SRC_URI}
-	https://dev.gentoo.org/~anarchy/mozilla/patchsets/${PATCH}.tar.xz
-	https://dev.gentoo.org/~axs/mozilla/patchsets/${PATCH}.tar.xz
-	https://dev.gentoo.org/~polynomial-c/mozilla/patchsets/${PATCH}.tar.xz"
+	${MOZ_HTTP_URI}/${MOZ_PV}/source/firefox-${MOZ_PV}.source.tar.xz
+	${PATCH_URIS[@]}"
 
 ASM_DEPEND=">=dev-lang/yasm-1.1"
 
-# Mesa 7.10 needed for WebGL + bugfixes
 RDEPEND="
-	>=dev-libs/nss-3.21.1
-	>=dev-libs/nspr-4.12
+	jack? ( virtual/jack )
+	>=dev-libs/nss-3.28.3
+	>=dev-libs/nspr-4.13.1
 	selinux? ( sec-policy/selinux-mozilla )"
 
 DEPEND="${RDEPEND}
-	pgo? (
-		>=sys-devel/gcc-4.5 )
-	amd64? ( ${ASM_DEPEND}
-		virtual/opengl )
-	x86? ( ${ASM_DEPEND}
-		virtual/opengl )"
-
-# No source releases for alpha|beta
-if [[ ${PV} =~ alpha ]]; then
-	CHANGESET="8a3042764de7"
-	SRC_URI="${SRC_URI}
-		https://dev.gentoo.org/~nirbheek/mozilla/firefox/firefox-${MOZ_PV}_${CHANGESET}.source.tar.xz"
-	S="${WORKDIR}/mozilla-aurora-${CHANGESET}"
-else
-	S="${WORKDIR}/firefox-${MOZ_PV}"
-	SRC_URI="${SRC_URI}
-		${MOZ_HTTP_URI}/${MOZ_PV}/source/firefox-${MOZ_PV}.source.tar.xz"
-fi
+	pgo? ( >=sys-devel/gcc-4.5 )
+	rust? ( dev-lang/rust )
+	amd64? ( ${ASM_DEPEND} virtual/opengl )
+	x86? ( ${ASM_DEPEND} virtual/opengl )"
+
+S="${WORKDIR}/firefox-${MOZ_PV}"
 
 QA_PRESTRIPPED="usr/lib*/${PN}/firefox"
 
 BUILD_OBJ_DIR="${S}/ff"
 
+# allow GMP_PLUGIN_LIST to be set in an eclass or
+# overridden in the enviromnent (advanced hackers only)
+if [[ -z $GMP_PLUGIN_LIST ]]; then
+	GMP_PLUGIN_LIST=( gmp-gmpopenh264 gmp-widevinecdm )
+fi
+
 pkg_setup() {
 	moz_pkgsetup
 
@@ -108,6 +98,11 @@ pkg_setup() {
 		ewarn "You will do a double build for profile guided optimization."
 		ewarn "This will result in your build taking at least twice as long as before."
 	fi
+
+	if use rust; then
+		einfo
+		ewarn "This is very experimental, should only be used by those developing firefox."
+	fi
 }
 
 pkg_pretend() {
@@ -132,15 +127,22 @@ src_prepare() {
 	eapply "${WORKDIR}/firefox"
 	eapply "${FILESDIR}/pgo.patch"
 
-	# Allow user to apply any additional patches without modifing ebuild
-	eapply_user
-
 	# Enable gnomebreakpad
 	if use debug ; then
 		sed -i -e "s:GNOME_DISABLE_CRASH_DIALOG=1:GNOME_DISABLE_CRASH_DIALOG=0:g" \
 			"${S}"/build/unix/run-mozilla.sh || die "sed failed!"
 	fi
 
+	# Drop -Wl,--as-needed related manipulation for ia64 as it causes ld sefgaults, bug #582432
+	if use ia64 ; then
+		sed -i \
+		-e '/^OS_LIBS += no_as_needed/d' \
+		-e '/^OS_LIBS += as_needed/d' \
+		"${S}"/widget/gtk/mozgtk/gtk2/moz.build \
+		"${S}"/widget/gtk/mozgtk/gtk3/moz.build \
+		|| die "sed failed to drop --as-needed for ia64"
+	fi
+
 	# Ensure that our plugins dir is enabled as default
 	sed -i -e "s:/usr/lib/mozilla/plugins:/usr/lib/nsbrowser/plugins:" \
 		"${S}"/xpcom/io/nsAppFileLocationProvider.cpp || die "sed failed to replace plugin path for 32bit!"
@@ -166,11 +168,17 @@ src_prepare() {
 	sed '/^MOZ_DEV_EDITION=1/d' \
 		-i "${S}"/browser/branding/aurora/configure.sh || die
 
-	eautoreconf
+	# Allow user to apply any additional patches without modifing ebuild
+	eapply_user
+
+	# Autotools configure is now called old-configure.in
+	# This works because there is still a configure.in that happens to be for the
+	# shell wrapper configure script
+	eautoreconf old-configure.in
 
 	# Must run autoconf in js/src
 	cd "${S}"/js/src || die
-	eautoconf
+	eautoconf old-configure.in
 
 	# Need to update jemalloc's configure
 	cd "${S}"/memory/jemalloc/src || die
@@ -193,25 +201,33 @@ src_configure() {
 	mozconfig_init
 	mozconfig_config
 
+	# enable JACK, bug 600002
+	mozconfig_use_enable jack
+
 	# It doesn't compile on alpha without this LDFLAGS
 	use alpha && append-ldflags "-Wl,--no-relax"
 
 	# Add full relro support for hardened
 	use hardened && append-ldflags "-Wl,-z,relro,-z,now"
 
+	# Only available on mozilla-overlay for experimentation -- Removed in Gentoo repo per bug 571180
+	#use egl && mozconfig_annotate 'Enable EGL as GL provider' --with-gl-provider=EGL
+
 	# Setup api key for location services
 	echo -n "${_google_api_key}" > "${S}"/google-api-key
 	mozconfig_annotate '' --with-google-api-keyfile="${S}/google-api-key"
 
 	mozconfig_annotate '' --enable-extensions="${MEXTENSIONS}"
-	mozconfig_annotate '' --disable-mailnews
+
+	mozconfig_use_enable rust
 
 	# Allow for a proper pgo build
 	if use pgo; then
-		echo "mk_add_options PROFILE_GEN_SCRIPT='\$(PYTHON) \$(OBJDIR)/_profile/pgo/profileserver.py'" >> "${S}"/.mozconfig
+		echo "mk_add_options PROFILE_GEN_SCRIPT='EXTRA_TEST_ARGS=10 \$(MAKE) -C \$(MOZ_OBJDIR) pgo-profile-run'" >> "${S}"/.mozconfig
 	fi
 
 	echo "mk_add_options MOZ_OBJDIR=${BUILD_OBJ_DIR}" >> "${S}"/.mozconfig
+	echo "mk_add_options XARGS=/usr/bin/xargs" >> "${S}"/.mozconfig
 
 	# Finalize and report settings
 	mozconfig_final
@@ -221,6 +237,7 @@ src_configure() {
 	fi
 
 	# workaround for funky/broken upstream configure...
+	SHELL="${SHELL:-${EPREFIX%/}/bin/bash}" \
 	emake -f client.mk configure
 }
 
@@ -231,11 +248,9 @@ src_compile() {
 		# Reset and cleanup environment variables used by GNOME/XDG
 		gnome2_environment_reset
 
-		CC="$(tc-getCC)" CXX="$(tc-getCXX)" LD="$(tc-getLD)" \
 		MOZ_MAKE_FLAGS="${MAKEOPTS}" SHELL="${SHELL:-${EPREFIX%/}/bin/bash}" \
 		virtx emake -f client.mk profiledbuild || die "virtx emake failed"
 	else
-		CC="$(tc-getCC)" CXX="$(tc-getCXX)" LD="$(tc-getLD)" \
 		MOZ_MAKE_FLAGS="${MAKEOPTS}" SHELL="${SHELL:-${EPREFIX%/}/bin/bash}" \
 		emake -f client.mk realbuild
 	fi
@@ -267,15 +282,20 @@ src_install() {
 		"${BUILD_OBJ_DIR}/dist/bin/browser/defaults/preferences/all-gentoo.js" \
 		|| die
 
+	if use nsplugin; then
+		echo "pref(\"plugin.load_flash_only\", false);" >> \
+			"${BUILD_OBJ_DIR}/dist/bin/browser/defaults/preferences/all-gentoo.js" \
+			|| die
+	fi
+
 	local plugin
-	use gmp-autoupdate || for plugin in \
-	gmp-gmpopenh264 ; do
+	use gmp-autoupdate || for plugin in "${GMP_PLUGIN_LIST[@]}" ; do
 		echo "pref(\"media.${plugin}.autoupdate\", false);" >> \
 			"${BUILD_OBJ_DIR}/dist/bin/browser/defaults/preferences/all-gentoo.js" \
 			|| die
 	done
 
-	MOZ_MAKE_FLAGS="${MAKEOPTS}" \
+	MOZ_MAKE_FLAGS="${MAKEOPTS}" SHELL="${SHELL:-${EPREFIX%/}/bin/bash}" \
 	emake DESTDIR="${D}" install
 
 	# Install language packs
@@ -328,18 +348,8 @@ PROFILE_EOF
 			|| die
 	fi
 
-	# Required in order to use plugins and even run firefox on hardened, with jit useflag.
-	if use jit; then
-		pax-mark m "${ED}"${MOZILLA_FIVE_HOME}/{firefox,firefox-bin,plugin-container}
-	else
-		pax-mark m "${ED}"${MOZILLA_FIVE_HOME}/plugin-container
-	fi
-
-	# very ugly hack to make firefox not sigbus on sparc
-	# FIXME: is this still needed??
-	use sparc && { sed -e 's/Firefox/FirefoxGentoo/g' \
-					 -i "${ED}/${MOZILLA_FIVE_HOME}/application.ini" \
-					|| die "sparc sed failed"; }
+	# Required in order to use plugins and even run firefox on hardened.
+	pax-mark m "${ED}"${MOZILLA_FIVE_HOME}/{firefox,firefox-bin,plugin-container}
 }
 
 pkg_preinst() {
@@ -350,6 +360,13 @@ pkg_postinst() {
 	# Update mimedb for the new .desktop file
 	fdo-mime_desktop_database_update
 	gnome2_icon_cache_update
+
+	if ! use gmp-autoupdate ; then
+		elog "USE='-gmp-autoupdate' has disabled the following plugins from updating or"
+		elog "installing into new profiles:"
+		local plugin
+		for plugin in "${GMP_PLUGIN_LIST[@]}"; do elog "\t ${plugin}" ; done
+	fi
 }
 
 pkg_postrm() {