diff --git a/certs_fallback.patch b/certs_fallback.patch new file mode 100644 index 0000000..361e829 --- /dev/null +++ b/certs_fallback.patch @@ -0,0 +1,66 @@ +From: cunix@mail.de +Date: 2019-04-29 16:00:00 +Subject: System certs as fallback for project certs +References: https://github.com/godotengine/godot/pull/22066#issuecomment-421565719 + https://github.com/godotengine/godot/pull/22066#issuecomment-422528664 + https://github.com/godotengine/godot/issues/22232 +Upstream: offered to upstream + +If project has no value set for "network/ssl/certificates" (the default), +"default_certs" is not filled by function "load_default_certificates" because +we don't use builtin certs - BUILTIN_CERTS_ENABLED is not defined. + +We use a distro specific "system_certs_path" as build option and apply it here +via "_SYSTEM_CERTS_PATH" (defined in included "core/io/certs_compressed.gen.h") +as fallback for certificates. + +In result patch restores upstream behavior for certificate usage. +Difference is: +Where upstream by default uses hard coded certificates at build time, we hard +code path to the default certificates as "/var/lib/ca-certificates/ca-bundle.pem". +This bundle might be updated separately or admin can edit content of this file. + +User can always define different path via Editor or Project settings. + +See comments in patch for more details. + +--- + +diff -r -U 5 a/modules/mbedtls/crypto_mbedtls.cpp b/modules/mbedtls/crypto_mbedtls.cpp +--- a/modules/mbedtls/crypto_mbedtls.cpp ++++ b/modules/mbedtls/crypto_mbedtls.cpp +@@ -44,10 +44,12 @@ + #define PEM_END_CRT "-----END CERTIFICATE-----\n" + + #include "mbedtls/pem.h" + #include + ++#include ++ + CryptoKey *CryptoKeyMbedTLS::create() { + return memnew(CryptoKeyMbedTLS); + } + + Error CryptoKeyMbedTLS::load(String p_path) { +@@ -204,10 +206,21 @@ + ERR_FAIL_COND(default_certs == NULL); + + if (p_path != "") { + // Use certs defined in project settings. + default_certs->load(p_path); ++ } else if (strcmp(_SYSTEM_CERTS_PATH, "") != 0) { ++ // Use system certs only if user did not override in project settings ++ // and if _SYSTEM_CERTS_PATH is set. ++ // Should happen if Project Setting "network/ssl/certificates" is empty. ++ // Editor Setting "network/ssl/editor_ssl_certificates" is already set ++ // to "_SYSTEM_CERTS_PATH" by default -> This is caught by "if (p_path != "") {". ++ // But the same fallback might apply for certificates used by editor ++ // if user has set "network/ssl/editor_ssl_certificates" to "". ++ // "load_default_certificates" is only called twice with one of ++ // these parameters. ++ default_certs->load(_SYSTEM_CERTS_PATH); + } + #ifdef BUILTIN_CERTS_ENABLED + else { + // Use builtin certs only if user did not override it in project settings. + PoolByteArray out; diff --git a/godot-rpmlintrc b/godot-rpmlintrc deleted file mode 100644 index 1df9411..0000000 --- a/godot-rpmlintrc +++ /dev/null @@ -1,2 +0,0 @@ -# package server has no manual-page -addFilter("no-manual-page-for-binary godot-server") diff --git a/godot.changes b/godot.changes index f7664bd..1f50c9e 100644 --- a/godot.changes +++ b/godot.changes @@ -1,7 +1,27 @@ +------------------------------------------------------------------- +Wed Feb 12 12:00:00 UTC 2020 - cunix@mail.de + +- Added "linker_pie_flag.patch" in order to link with "-pie". + Replaces previous "fix-pie-warning.patch". + +- "project_certs_fallback.patch" renamed to "certs_fallback.patch". + Modified and adapted to Godot source code changes. + +- bash completion files "godot", "godot-headless", "godot-runner" + and "godot-server" added. + +- Location of documentation in man page adjusted. + +- godot-rpmlintrc deleted with filter "no-manual-page-for-binary" + because this warning doesn't seems to be thrown anymore. + +- Build option "faster_build" introduced to speed up build + during tests. + ------------------------------------------------------------------- Sat Feb 1 04:33:27 UTC 2020 - Max Mitschke -- Removed patch files as they are no longer needed +- Removed patch "fix-pie-warning.patch" - Removed export_presets.cfg file as games should supply this file - Update to v3.2 @@ -76,7 +96,7 @@ Sat Feb 1 04:33:27 UTC 2020 - Max Mitschke * Exporting a project via the command-line now returns a non-zero exit code if an error occurred during exporting * Fixed autocompletion in the script editor - + And more: https://github.com/godotengine/godot/blob/3.2/CHANGELOG.md diff --git a/godot.spec b/godot.spec index eefdc12..992df24 100644 --- a/godot.spec +++ b/godot.spec @@ -17,8 +17,11 @@ # +# faster_build only builds the editor to speed up the build. +%define faster_build 0 + %define _buildshell /bin/bash -%define ca_bundle /var/lib/ca-certificates/ca-bundle.pem +%define ca_bundle %{_localstatedir}/lib/ca-certificates/ca-bundle.pem Name: godot Version: 3.2 @@ -29,7 +32,10 @@ Group: Development/Tools/Other URL: https://godotengine.org/ Source0: https://downloads.tuxfamily.org/godotengine/%{version}/%{name}-%{version}-stable.tar.xz Source1: https://downloads.tuxfamily.org/godotengine/%{version}/%{name}-%{version}-stable.tar.xz.sha256 -Source3: %{name}-rpmlintrc +# Project policy does not allow "-no-pie" +Patch0: linker_pie_flag.patch +# Use system certificates as fallback for certificates +Patch1: certs_fallback.patch BuildRequires: Mesa-devel BuildRequires: fdupes BuildRequires: gcc @@ -47,9 +53,7 @@ BuildRequires: pkgconfig(libpng) BuildRequires: pkgconfig(libpulse) BuildRequires: pkgconfig(libudev) BuildRequires: pkgconfig(libwebp) -BuildRequires: pkgconfig(libwslay) BuildRequires: pkgconfig(ogg) -BuildRequires: pkgconfig(openssl) BuildRequires: pkgconfig(opus) BuildRequires: pkgconfig(opusfile) BuildRequires: pkgconfig(theora) @@ -64,9 +68,22 @@ BuildRequires: pkgconfig(xinerama) BuildRequires: pkgconfig(xrandr) BuildRequires: pkgconfig(zlib) %if 0%{?suse_version} > 1500 +BuildRequires: mbedtls-devel BuildRequires: pkgconfig(bullet) +BuildRequires: pkgconfig(libwslay) BuildRequires: pkgconfig(libzstd) +BuildRequires: pkgconfig(miniupnpc) +%else +%if 0%{?is_opensuse} +# SLES seems not to have wslay and miniupnpc +BuildRequires: pkgconfig(libwslay) +BuildRequires: libminiupnpc-devel +%if 0%{?sle_version} >= 150200 +BuildRequires: mbedtls-devel %endif +%endif +%endif +Requires: bash-completion Requires: ca-certificates Recommends: ca-certificates-mozilla Requires(post): update-desktop-files @@ -88,13 +105,36 @@ Provides: bundled(enet) = 1.3.14 # Should not be unbundled. Provides: bundled(minizip) = 1.2.11 +Provides: bundled(cvtt) +Provides: bundled(etc2comp) +Provides: bundled(noto-sans-fonts) +Provides: bundled(hack-fonts) +Provides: bundled(google-droid-fonts) +Provides: bundled(glad) +Provides: bundled(jpeg-compressor) +Provides: bundled(libsimplewebm) +Provides: bundled(polyclipping) +Provides: bundled(FastLZ) +Provides: bundled(hqx) +Provides: bundled(open-simplex-noise-in-c) +Provides: bundled(pcg) +Provides: bundled(smaz) +Provides: bundled(polypartition) +Provides: bundled(curl_hostcheck) +Provides: bundled(yuv2rgb) +Provides: bundled(ifaddrs-android) +Provides: bundled(easing) +Provides: bundled(Tangent_Space_Normal_Maps) +Provides: bundled(stb) +Provides: bundled(pvrtccompressor) +Provides: bundled(tinyexr) +Provides: bundled(vhacd) + # Can be unbundled if packaged Provides: bundled(nanosvg) +Provides: bundled(recastnavigation) Provides: bundled(squish) = 1.15 - -# Has custom changes -Provides: bundled(mbedtls) = 2.16.4 -Provides: bundled(miniupnpc) +Provides: bundled(xatlas) ## Need to update in Factory ## Provides: bundled(assimp) @@ -102,6 +142,15 @@ Provides: bundled(assimp) %if 0%{?suse_version} > 1500 %else Provides: bundled(bullet) = 2.89 +Provides: bundled(libzstd) +%if 0%{?sle_version} < 150200 +Provides: bundled(mbedtls) = 2.16.4 +%endif +%if !0%{?is_opensuse} +# SLES seems not to have miniupnpc and wslay +Provides: bundled(libwslay) = 1.1.0 +Provides: bundled(miniupnpc) +%endif %endif %description @@ -109,9 +158,12 @@ Godot is a game engine. It provides a set of tools and a visually oriented workflow that can export games to PC, Mobile and Web platforms. +%if !0%{?faster_build} + %package headless Summary: Headless version of Godot editor useful for command line Group: Development/Tools/Other +Requires: bash-completion Requires: ca-certificates Recommends: ca-certificates-mozilla @@ -122,6 +174,7 @@ exporting Godot games on the command line. %package runner Summary: Shared binary to play games developed with the Godot engine Group: Amusements/Games/Other +Requires: bash-completion Requires: ca-certificates Recommends: ca-certificates-mozilla @@ -133,6 +186,7 @@ by pointing to the location of the game's data package. %package server Summary: Godot headless binary for servers Group: Amusements/Games/Other +Requires: bash-completion Requires: ca-certificates Recommends: ca-certificates-mozilla @@ -140,26 +194,54 @@ Recommends: ca-certificates-mozilla This package contains the headless binary for the Godot game engine particularly suited for running dedicated servers. +%endif + %prep %setup -q -n %{name}-%{version}-stable +%patch0 -p1 +%patch1 -p1 + +cp thirdparty/README.md thirdparty_README.md + +# actual doc location in openSUSE +sed -i 's/\/usr\/share\/doc\/godot\//\/usr\/share\/doc\/packages\/godot\//' misc/dist/linux/godot.6 + +# disarm shebang +sed -i '1s/#!/##/' misc/dist/shell/godot.bash-completion + +# bash completion for sub packages +cp misc/dist/shell/godot.bash-completion misc/dist/shell/godot-headless +cp misc/dist/shell/godot.bash-completion misc/dist/shell/godot-runner +cp misc/dist/shell/godot.bash-completion misc/dist/shell/godot-server + +sed -i '$s/_complete_godot_bash godot/_complete_godot_bash godot-headless/' misc/dist/shell/godot-headless +sed -i '$s/_complete_godot_bash godot/_complete_godot_bash godot-runner/' misc/dist/shell/godot-runner +sed -i '$s/_complete_godot_bash godot/_complete_godot_bash godot-server/' misc/dist/shell/godot-server %build +# Configuring build to use some distribution libraries +unbundle_libs=('certs' 'freetype' 'libogg' 'libpng' 'libtheora' 'libvorbis' \ + 'libwebp' 'opus' 'pcre2' 'zlib') + # Adding distribution name to build name %if 0%{?suse_version} %if 0%{?is_opensuse} + # Unbundle more libs for openSUSE + unbundle_libs+=('miniupnpc' 'wslay') export BUILD_NAME="openSUSE" %else export BUILD_NAME="SUSE" %endif %endif -# Configuring build to use some distribution libraries -unbundle_libs=('certs' 'freetype' 'libogg' 'libpng' 'libtheora' 'libvorbis' \ - 'libwebp' 'opus' 'pcre2' 'wslay' 'zlib') - # Unbundle more libs for Tumbleweed %if %{suse_version} > 1500 -unbundle_libs+=('bullet' 'zstd') +unbundle_libs+=('bullet' 'mbedtls' 'zstd') +%else +# Unbundle more libs for coming Leap +%if 0%{?sle_version} >= 150200 && 0%{?is_opensuse} +unbundle_libs+=('mbedtls') +%endif %endif # Unbundle libvpx only if it doesn't meet the minimum requirement. @@ -176,10 +258,6 @@ for thirdparty in "${unbundle_libs[@]}"; do rm -rf thirdparty/$thirdparty done -# Removing extra thirdparty libraries as they are either not needed or are -# provided by the distribution. -rm -rf thirdparty/rtaudio - # Keep empty certificates file needed as "source" by # function "make_certs_header" in core/core_builders.py mkdir -pv thirdparty/certs @@ -193,6 +271,7 @@ touch thirdparty/certs/ca-certificates.crt # Build graphical editor (tools) scons %{build_args} platform=x11 tools=yes target=release_debug +%if !0%{?faster_build} # Build headless version of the editor (with tools) scons %{build_args} platform=server tools=yes target=release_debug @@ -201,27 +280,33 @@ scons %{build_args} platform=x11 tools=no target=release # Build server version (without tools) scons %{build_args} platform=server tools=no target=release +%endif %install # Installing the editor install -D -p -m 755 bin/%{name}.x11.opt.tools.%{__isa_bits} %{buildroot}%{_bindir}/%{name} -# Installing the headless editor -install -D -p -m 755 bin/%{name}_server.x11.opt.tools.%{__isa_bits} %{buildroot}%{_bindir}/%{name}-headless - -# Installing the runner -install -D -p -m 755 bin/%{name}.x11.opt.%{__isa_bits} %{buildroot}%{_bindir}/%{name}-runner - -# Installing the server -install -D -p -m 755 bin/%{name}_server.x11.opt.%{__isa_bits} %{buildroot}%{_bindir}/%{name}-server - install -D -p -m 644 misc/dist/linux/godot.6 %{buildroot}/%{_mandir}/man6/%{name}.6%{?ext_man} +install -D -p -m 644 misc/dist/shell/godot.bash-completion %{buildroot}%{_datadir}/bash-completion/completions/%{name} install -D -p -m 644 icon.png %{buildroot}%{_datadir}/icons/hicolor/256x256/apps/%{name}.png install -D -p -m 644 icon.svg %{buildroot}%{_datadir}/icons/hicolor/scalable/apps/%{name}.svg install -D -p -m 644 misc/dist/linux/org.godotengine.Godot.appdata.xml %{buildroot}%{_datadir}/appdata/org.godotengine.Godot.appdata.xml %suse_update_desktop_file -i org.godotengine.Godot -cp thirdparty/README.md thirdparty_README.md +%if !0%{?faster_build} +# Installing the headless editor +install -D -p -m 755 bin/%{name}_server.x11.opt.tools.%{__isa_bits} %{buildroot}%{_bindir}/%{name}-headless +install -D -p -m 644 misc/dist/shell/godot-headless %{buildroot}%{_datadir}/bash-completion/completions/%{name}-headless + +# Installing the runner +install -D -p -m 755 bin/%{name}.x11.opt.%{__isa_bits} %{buildroot}%{_bindir}/%{name}-runner +install -D -p -m 644 misc/dist/shell/godot-runner %{buildroot}%{_datadir}/bash-completion/completions/%{name}-runner + +# Installing the server +install -D -p -m 755 bin/%{name}_server.x11.opt.%{__isa_bits} %{buildroot}%{_bindir}/%{name}-server +install -D -p -m 644 misc/dist/shell/godot-server %{buildroot}%{_datadir}/bash-completion/completions/%{name}-server +%endif + %fdupes -s %{buildroot}/%{_prefix} %files @@ -235,23 +320,29 @@ cp thirdparty/README.md thirdparty_README.md %{_bindir}/%{name} %{_datadir}/appdata/org.godotengine.Godot.appdata.xml %{_datadir}/applications/org.godotengine.Godot.desktop +%{_datadir}/bash-completion/completions/%{name} %{_datadir}/icons/hicolor/256x256/apps/%{name}.png %{_datadir}/icons/hicolor/scalable/apps/%{name}.svg %{_mandir}/man6/%{name}.6%{?ext_man} +%if !0%{?faster_build} %files headless %license LICENSE.txt LOGO_LICENSE.md COPYRIGHT.txt thirdparty_README.md %doc AUTHORS.md CHANGELOG.md CONTRIBUTING.md DONORS.md README.md CODE_OF_CONDUCT.md %{_bindir}/%{name}-headless +%{_datadir}/bash-completion/completions/%{name}-headless %files runner %license LICENSE.txt LOGO_LICENSE.md COPYRIGHT.txt thirdparty_README.md %doc AUTHORS.md CHANGELOG.md CONTRIBUTING.md DONORS.md README.md CODE_OF_CONDUCT.md %{_bindir}/%{name}-runner +%{_datadir}/bash-completion/completions/%{name}-runner %files server %license LICENSE.txt LOGO_LICENSE.md COPYRIGHT.txt thirdparty_README.md %doc AUTHORS.md CHANGELOG.md CONTRIBUTING.md DONORS.md README.md CODE_OF_CONDUCT.md %{_bindir}/%{name}-server +%{_datadir}/bash-completion/completions/%{name}-server +%endif %changelog diff --git a/linker_pie_flag.patch b/linker_pie_flag.patch new file mode 100644 index 0000000..699afd3 --- /dev/null +++ b/linker_pie_flag.patch @@ -0,0 +1,30 @@ +From: cunix@mail.de +Date: 2020-02-12 12:00:00 +Subject: linker should use "-pie" instead of "-no-pie" +References: https://github.com/godotengine/godot/pull/23542#issuecomment-436385853 + https://github.com/godotengine/godot/pull/23542 + https://github.com/godotengine/godot/issues/34533 +Upstream: seems to do the opposite + +Linker flag "-no-pie" is added by upstream. +rpmlint complains this violates project policy. +Patch replaces flag "-no-pie" with "-pie". + +--- + +diff -r -U 5 a/platform/x11/detect.py b/platform/x11/detect.py +--- a/platform/x11/detect.py ++++ b/platform/x11/detect.py +@@ -182,11 +182,11 @@ + # Check for gcc version >= 6 before adding -no-pie + if using_gcc(env): + version = get_compiler_version(env) + if version != None and version[0] >= '6': + env.Append(CCFLAGS=['-fpie']) +- env.Append(LINKFLAGS=['-no-pie']) ++ env.Append(LINKFLAGS=['-pie']) + # Do the same for clang should be fine with Clang 4 and higher + if using_clang(env): + version = get_compiler_version(env) + if version != None and version[0] >= '4': + env.Append(CCFLAGS=['-fpie'])