File libsignal.spec of Package libsignal
#
# spec file for package libsignal
#
# Copyright (c) 2024 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
#Both electron and webrtc require SSE2 on the x86 port. So we can require SSE2 on all other code, too.
%ifarch %ix86
ExclusiveArch: i586 i686
BuildArch: i686
%{expand:%%global optflags %(echo "%optflags") -march=pentium4 -mtune=generic}
%{expand:%%global build_rustflags %(echo "%build_rustflags") -C target-cpu=pentium4 -Z tune-cpu=generic}
%endif
%global __provides_exclude ^lib.*\\.so.*$
Name: libsignal
Version: 0.80.0
Release: 0
Summary: Signal protocol and cryptographic libraries
License: AGPL-3.0-only AND Apache-2.0 AND BSD-3-Clause AND ISC AND MIT AND OpenSSL
Group: System/Libraries
Url: https://github.com/signalapp/libsignal/
#
Source0: https://github.com/signalapp/libsignal/archive/refs/tags/v%{version}.tar.gz
Source1: vendor.tar.zst
Patch0: build_node_bridge-inject-options.patch
# fix rust breaking gcc LTO
Patch10: boringssl-sys-no-static.patch
Patch24: libsignal-client-visibility-hidden.patch
Patch27: cc-link-lib-no-static.patch
Patch30: ring-no-static.patch
#
Patch32: dns_lookup-test-bsc1241387.patch
#
BuildRequires: cargo
#see node_modules/@signalapp/libsignal-client/vendor/boring-sys/build.rs
BuildRequires: git-core
%if 0%{?suse_version} > 1500 || 0%{?fedora_version}
BuildRequires: gcc >= 11
BuildRequires: gcc-c++ >= 11
%else
#It actually needs to be the same version as used by Rust.
BuildRequires: gcc13-PIE
BuildRequires: gcc13-c++
%endif
BuildRequires: jq
# support for `optional` keyword is now required
%if 0%{?fedora}
BuildRequires: protobuf-compiler
%endif
BuildRequires: protobuf-devel >= 3.15
%if 0%{?suse_version} >= 1550 || 0%{?sle_version} >= 150700 || 0%{?fedora}
%define PYVER 3
%else
%define PYVER 3.11
BuildRequires: python311-base
%endif
BuildRequires: clang
%if 0%{?fedora}
BuildRequires: rust-srpm-macros
%else
BuildRequires: cargo-packaging >= 1.2.0+3
BuildRequires: cargo-auditable
%endif
BuildRequires: cmake
BuildRequires: zstd
Conflicts: signal-desktop < 7.15
#
%description
libsignal contains platform-agnostic APIs used by the official Signal clients and servers.
This package contains the NodeJS native module used by `signal-desktop` and is not intended to be used outside that application.
%prep
%autosetup -p1 -a1
# https://blogs.gnome.org/mcatanzaro/2020/05/18/patching-vendored-rust-dependencies/
for i in boring-sys prost-build libloading bindgen rustix blake2 cc serde_derive ring aes-gcm aes-gcm-siv chacha20poly1305; do
pushd vendor/$i
jq -cj '.files={}' .cargo-checksum.json >tmp && mv tmp .cargo-checksum.json && popd
done
mkdir %{_builddir}/path
#AWFUL HACK: Custom cmake wrapper to override CFLAGS because -g -O2 seems to get stripped by Rust no matter what i do otherwise
#Compare openSUSE macros.cmake
cat <<"EOF" > %{_builddir}/path/cmake
#!/bin/bash
if [[ "$1" = --build ]]; then
exec %{_bindir}/cmake "$@"
fi
exec %{_bindir}/cmake "$@" -DCMAKE_C_FLAGS="${CFLAGS}" \
-DCMAKE_CXX_FLAGS="${CXXFLAGS}" \
-DCMAKE_EXE_LINKER_FLAGS="$LDFLAGS -Wl,--as-needed -Wl,--no-undefined -Wl,-z,now" \
-DCMAKE_MODULE_LINKER_FLAGS="$LDFLAGS -Wl,--as-needed" \
-DCMAKE_SHARED_LINKER_FLAGS="$LDFLAGS -Wl,--as-needed -Wl,--no-undefined -Wl,-z,now"
EOF
cat %{_builddir}/path/cmake
chmod +x %{_builddir}/path/*
%build
export CC=gcc
export CXX=g++
export AR=gcc-ar
export NM=gcc-nm
export RANLIB=gcc-ranlib
%if 0%{?suse_version} && 0%{?suse_version} <= 1500
export CC=gcc-13
export CXX=g++-13
export AR=gcc-ar-13
export NM=gcc-nm-13
export RANLIB=gcc-ranlib-13
#/suse_version <= 1500
%endif
export RUSTFLAGS="%{build_rustflags} --verbose"
export RUSTC_LOG='rustc_codegen_ssa::back::link=info'
export RUST_BACKTRACE=1
export CARGO_TERM_VERBOSE=true
# https://github.com/Firstyear/cargo-packaging/pull/10
export CARGO_INCREMENTAL=0
# upstream build script iterates over this, it can be empty
mkdir -pv ~/.cargo/registry/src
%if 0%{?suse_version}
auditable='--auditable'
%endif
#[ 114s] npm ERR! error[E0554]: `#![feature]` may not be used on the stable release channel
#[ 114s] npm ERR! --> /home/abuild/rpmbuild/BUILD/Signal-Desktop-5.55.0/node_modules/@signalapp/libsignal-client/vendor/polyval/src/lib.rs:80:5
export RUSTC_BOOTSTRAP=1
export CFLAGS="%{optflags} -fpic -fno-semantic-interposition -fno-fat-lto-objects -fvisibility=hidden"
export CXXFLAGS="%{optflags} -fpic -fno-semantic-interposition -fno-fat-lto-objects -fvisibility=hidden"
export MAKEFLAGS="%{_smp_mflags}"
# use correct hardening defines also when generating headers for Rust
# this does not (currently) affect the compiled binary at all but better safe than sorry
# -fvisiblity=default works around a bug in bindgen
export BINDGEN_EXTRA_CLANG_ARGS="$(echo " $CXXFLAGS " | sed 's/ -mtls-dialect=gnu2 / /') -fvisibility=default"
export LDFLAGS="%{?build_ldflags}"
# The `cc` crate tries to be too clever and passes some default cflags to cmake.
# Disable these and use only the ones from CFLAGS env. variable
export CRATE_CC_NO_DEFAULTS=1
# Ensure cmake gets the RelWithDebInfo profile
export CARGO_PROFILE_RELEASE_DEBUG=2
# make cmake louder?
export VERBOSE=1
export V=1
# make `ring crate` output build log
export CC_ENABLE_DEBUG_OUTPUT=1
python%PYVER ./node/build_node_bridge.py $auditable
%install
#It does not actually matter what the library is named as long as it's in the correct directory
install -pvDm755 target/release/libsignal_node.so \
%{buildroot}%{_libexecdir}/signal-desktop/node_modules/@signalapp/libsignal-client/build/Release/signal_node.node
%check
pushd %{buildroot}%{_libexecdir}/signal-desktop
#detect underlinking — compare electron_check_native macro
! ldd -d -r node_modules/@signalapp/libsignal-client/build/Release/*.node | \
grep '^undefined symbol' | \
grep -v '^undefined symbol: napi_' | \
grep -v '^undefined symbol: uv_'
# Sanity check that we did not mistakenly link system openssl instead of boringssl
# since they have the same name and a similar set of exported symbols
objdump -p node_modules/@signalapp/libsignal-client/build/Release/*.node >%{_builddir}/objdump
cat %{_builddir}/objdump
! grep -F libcrypto %{_builddir}/objdump
! grep -F libssl %{_builddir}/objdump
popd
#rust tests
export CC=gcc
export CXX=g++
export AR=gcc-ar
export NM=gcc-nm
export RANLIB=gcc-ranlib
%if 0%{?suse_version} && 0%{?suse_version} <= 1500
export CC=gcc-13
export CXX=g++-13
export AR=gcc-ar-13
export NM=gcc-nm-13
export RANLIB=gcc-ranlib-13
#/suse_version <= 1500
%endif
export RUSTFLAGS="%{build_rustflags} --verbose"
export RUSTC_LOG='rustc_codegen_ssa::back::link=info'
export RUST_BACKTRACE=1
export CARGO_TERM_VERBOSE=true
export CARGO_INCREMENTAL=0
%if 0%{?suse_version}
auditable='--auditable'
%endif
export RUSTC_BOOTSTRAP=1
export CFLAGS="%{optflags} -fpic -fno-semantic-interposition -fno-fat-lto-objects -fvisibility=hidden"
export CXXFLAGS="%{optflags} -fpic -fno-semantic-interposition -fno-fat-lto-objects -fvisibility=hidden"
export MAKEFLAGS="%{_smp_mflags}"
export BINDGEN_EXTRA_CLANG_ARGS="$(echo " $CXXFLAGS " | sed 's/ -mtls-dialect=gnu2 / /') -fvisibility=default"
export CRATE_CC_NO_DEFAULTS=1
export CARGO_PROFILE_RELEASE_DEBUG=2
export VERBOSE=1
export V=1
export CC_ENABLE_DEBUG_OUTPUT=1
export LDFLAGS="%{?build_ldflags}"
python%PYVER ./node/build_node_bridge.py $auditable --check
%files
%defattr(-,root,root)
%doc README.md RELEASE_NOTES.md
%license LICENSE acknowledgments/acknowledgments.html
%{_libexecdir}/signal-desktop
%changelog
