Merge pull request #53848 from veprbl/pr/qtwebengine_darwin_fix

qt511.qtwebengine: fix on darwin

pkgs/development/libraries/qt-5/5.11/default.nix

@@ -61,6 +61,9 @@ let
     qtscript = [ ./qtscript.patch ];
     qtserialport = [ ./qtserialport.patch ];
     qttools = [ ./qttools.patch ];
+    qtwebengine =
+         optional stdenv.cc.isClang ./qtwebengine-clang-fix.patch
+      ++ optional stdenv.isDarwin ./qtwebengine-darwin-sdk-10.10.patch;
     qtwebkit = [ ./qtwebkit.patch ];
   };
 

pkgs/development/libraries/qt-5/5.11/qtwebengine-clang-fix.patch

@@ -0,0 +1,30 @@
+Fix a following build error:
+
+In file included from ../../3rdparty/chromium/device/bluetooth/bluetooth_remote_gatt_characteristic_mac.mm:7:
+../../3rdparty/chromium/base/bind.h:59:3: error: static_assert failed "Bound argument |i| of type |Arg| cannot be forwarded as |Unwrapped| to the bound functor, which declares it as |Param|."
+  static_assert(
+  ^
+../../3rdparty/chromium/base/bind.h:91:7: note: in instantiation of template class 'base::internal::AssertConstructible<1, long, long, const long &, NSError *>' requested here
+    : AssertConstructible<Ns, Args, std::decay_t<Args>, Unwrapped, Params>... {
+      ^
+../../3rdparty/chromium/base/bind.h:213:27: note: in instantiation of template class 'base::internal::AssertBindArgsValidity<std::__1::integer_sequence<unsigned long, 0, 1>, base::internal::TypeList<base::WeakPtr<device::BluetoothRemoteGattCharacteristicMac>, long>, base::internal::TypeList<device::BluetoothRemoteGattCharacteristicMac *, const long &>, base::internal::TypeList<device::BluetoothRemoteGattCharacteristicMac *, NSError *> >' requested here
+  static_assert(internal::AssertBindArgsValidity<
+                          ^
+../../3rdparty/chromium/base/bind.h:242:16: note: in instantiation of function template specialization 'base::BindRepeating<void (device::BluetoothRemoteGattCharacteristicMac::*)(NSError *), base::WeakPtr<device::BluetoothRemoteGattCharacteristicMac>, long>' requested here
+  return base::BindRepeating(std::forward<Functor>(functor),
+               ^
+../../3rdparty/chromium/device/bluetooth/bluetooth_remote_gatt_characteristic_mac.mm:211:15: note: in instantiation of function template specialization 'base::Bind<void (device::BluetoothRemoteGattCharacteristicMac::*)(NSError *), base::WeakPtr<device::BluetoothRemoteGattCharacteristicMac>, long>' requested here
+        base::Bind(&BluetoothRemoteGattCharacteristicMac::DidWriteValue,
+              ^
+
+--- a/src/3rdparty/chromium/device/bluetooth/bluetooth_remote_gatt_characteristic_mac.mm
++++ b/src/3rdparty/chromium/device/bluetooth/bluetooth_remote_gatt_characteristic_mac.mm
+@@ -209,7 +209,7 @@ void BluetoothRemoteGattCharacteristicMac::WriteRemoteCharacteristic(
+     base::ThreadTaskRunnerHandle::Get()->PostTask(
+         FROM_HERE,
+         base::Bind(&BluetoothRemoteGattCharacteristicMac::DidWriteValue,
+-                   weak_ptr_factory_.GetWeakPtr(), nil));
++                   weak_ptr_factory_.GetWeakPtr(), nullptr));
+   }
+ }
+ 

pkgs/development/libraries/qt-5/5.11/qtwebengine-darwin-sdk-10.10.patch

@@ -0,0 +1,160 @@
+Fix build against 10.10 SDK
+
+The SecKey part perhaps could be fixed by implementing a revert to
+https://chromium.googlesource.com/chromium/src.git/+/8418e098b9cbedf884878b61dcd3292c515845cf%5E%21/#F0
+
+--- a/src/3rdparty/chromium/content/browser/renderer_host/input/web_input_event_builders_mac.mm
++++ b/src/3rdparty/chromium/content/browser/renderer_host/input/web_input_event_builders_mac.mm
+@@ -1,3 +1,4 @@
++#define NSEventTypeScrollWheel 22
+ // Copyright 2015 The Chromium Authors. All rights reserved.
+ // Use of this source code is governed by a BSD-style license that can be
+ // found in the LICENSE file.
+--- a/src/3rdparty/chromium/net/ssl/ssl_platform_key_mac.cc
++++ b/src/3rdparty/chromium/net/ssl/ssl_platform_key_mac.cc
+@@ -48,21 +48,6 @@ namespace net {
+ 
+ namespace {
+ 
+-// TODO(davidben): Remove this when we switch to building to the 10.13
+-// SDK. https://crbug.com/780980
+-#if !defined(MAC_OS_X_VERSION_10_13) || \
+-    MAC_OS_X_VERSION_MAX_ALLOWED < MAC_OS_X_VERSION_10_13
+-API_AVAILABLE(macosx(10.13))
+-const SecKeyAlgorithm kSecKeyAlgorithmRSASignatureDigestPSSSHA256 =
+-    CFSTR("algid:sign:RSA:digest-PSS:SHA256:SHA256:32");
+-API_AVAILABLE(macosx(10.13))
+-const SecKeyAlgorithm kSecKeyAlgorithmRSASignatureDigestPSSSHA384 =
+-    CFSTR("algid:sign:RSA:digest-PSS:SHA384:SHA384:48");
+-API_AVAILABLE(macosx(10.13))
+-const SecKeyAlgorithm kSecKeyAlgorithmRSASignatureDigestPSSSHA512 =
+-    CFSTR("algid:sign:RSA:digest-PSS:SHA512:SHA512:64");
+-#endif
+-
+ class ScopedCSSM_CC_HANDLE {
+  public:
+   ScopedCSSM_CC_HANDLE() : handle_(0) {}
+@@ -187,109 +172,6 @@ class SSLPlatformKeyCSSM : public ThreadedSSLPrivateKey::Delegate {
+   DISALLOW_COPY_AND_ASSIGN(SSLPlatformKeyCSSM);
+ };
+ 
+-// Returns the corresponding SecKeyAlgorithm or nullptr if unrecognized.
+-API_AVAILABLE(macosx(10.12))
+-SecKeyAlgorithm GetSecKeyAlgorithm(uint16_t algorithm) {
+-  switch (algorithm) {
+-    case SSL_SIGN_RSA_PKCS1_SHA512:
+-      return kSecKeyAlgorithmRSASignatureDigestPKCS1v15SHA512;
+-    case SSL_SIGN_RSA_PKCS1_SHA384:
+-      return kSecKeyAlgorithmRSASignatureDigestPKCS1v15SHA384;
+-    case SSL_SIGN_RSA_PKCS1_SHA256:
+-      return kSecKeyAlgorithmRSASignatureDigestPKCS1v15SHA256;
+-    case SSL_SIGN_RSA_PKCS1_SHA1:
+-      return kSecKeyAlgorithmRSASignatureDigestPKCS1v15SHA1;
+-    case SSL_SIGN_RSA_PKCS1_MD5_SHA1:
+-      return kSecKeyAlgorithmRSASignatureDigestPKCS1v15Raw;
+-    case SSL_SIGN_ECDSA_SECP521R1_SHA512:
+-      return kSecKeyAlgorithmECDSASignatureDigestX962SHA512;
+-    case SSL_SIGN_ECDSA_SECP384R1_SHA384:
+-      return kSecKeyAlgorithmECDSASignatureDigestX962SHA384;
+-    case SSL_SIGN_ECDSA_SECP256R1_SHA256:
+-      return kSecKeyAlgorithmECDSASignatureDigestX962SHA256;
+-    case SSL_SIGN_ECDSA_SHA1:
+-      return kSecKeyAlgorithmECDSASignatureDigestX962SHA1;
+-  }
+-
+-  if (base::mac::IsAtLeastOS10_13()) {
+-    switch (algorithm) {
+-      case SSL_SIGN_RSA_PSS_SHA512:
+-        return kSecKeyAlgorithmRSASignatureDigestPSSSHA512;
+-      case SSL_SIGN_RSA_PSS_SHA384:
+-        return kSecKeyAlgorithmRSASignatureDigestPSSSHA384;
+-      case SSL_SIGN_RSA_PSS_SHA256:
+-        return kSecKeyAlgorithmRSASignatureDigestPSSSHA256;
+-    }
+-  }
+-
+-  return nullptr;
+-}
+-
+-class API_AVAILABLE(macosx(10.12)) SSLPlatformKeySecKey
+-    : public ThreadedSSLPrivateKey::Delegate {
+- public:
+-  SSLPlatformKeySecKey(int type, size_t max_length, SecKeyRef key)
+-      : key_(key, base::scoped_policy::RETAIN) {
+-    // Determine the algorithms supported by the key.
+-    for (uint16_t algorithm : SSLPrivateKey::DefaultAlgorithmPreferences(
+-             type, true /* include PSS */)) {
+-      SecKeyAlgorithm sec_algorithm = GetSecKeyAlgorithm(algorithm);
+-      if (sec_algorithm &&
+-          SecKeyIsAlgorithmSupported(key_.get(), kSecKeyOperationTypeSign,
+-                                     sec_algorithm)) {
+-        preferences_.push_back(algorithm);
+-      }
+-    }
+-  }
+-
+-  ~SSLPlatformKeySecKey() override {}
+-
+-  std::vector<uint16_t> GetAlgorithmPreferences() override {
+-    return preferences_;
+-  }
+-
+-  Error Sign(uint16_t algorithm,
+-             base::span<const uint8_t> input,
+-             std::vector<uint8_t>* signature) override {
+-    SecKeyAlgorithm sec_algorithm = GetSecKeyAlgorithm(algorithm);
+-    if (!sec_algorithm) {
+-      NOTREACHED();
+-      return ERR_FAILED;
+-    }
+-
+-    const EVP_MD* md = SSL_get_signature_algorithm_digest(algorithm);
+-    uint8_t digest[EVP_MAX_MD_SIZE];
+-    unsigned digest_len;
+-    if (!md || !EVP_Digest(input.data(), input.size(), digest, &digest_len, md,
+-                           nullptr)) {
+-      return ERR_SSL_CLIENT_AUTH_SIGNATURE_FAILED;
+-    }
+-
+-    base::ScopedCFTypeRef<CFDataRef> digest_ref(CFDataCreateWithBytesNoCopy(
+-        kCFAllocatorDefault, digest, base::checked_cast<CFIndex>(digest_len),
+-        kCFAllocatorNull));
+-
+-    base::ScopedCFTypeRef<CFErrorRef> error;
+-    base::ScopedCFTypeRef<CFDataRef> signature_ref(SecKeyCreateSignature(
+-        key_, sec_algorithm, digest_ref, error.InitializeInto()));
+-    if (!signature_ref) {
+-      LOG(ERROR) << error;
+-      return ERR_SSL_CLIENT_AUTH_SIGNATURE_FAILED;
+-    }
+-
+-    signature->assign(
+-        CFDataGetBytePtr(signature_ref),
+-        CFDataGetBytePtr(signature_ref) + CFDataGetLength(signature_ref));
+-    return OK;
+-  }
+-
+- private:
+-  std::vector<uint16_t> preferences_;
+-  base::ScopedCFTypeRef<SecKeyRef> key_;
+-
+-  DISALLOW_COPY_AND_ASSIGN(SSLPlatformKeySecKey);
+-};
+-
+ scoped_refptr<SSLPrivateKey> CreateSSLPrivateKeyForSecKey(
+     const X509Certificate* certificate,
+     SecKeyRef private_key) {
+@@ -298,13 +180,6 @@ scoped_refptr<SSLPrivateKey> CreateSSLPrivateKeyForSecKey(
+   if (!GetClientCertInfo(certificate, &key_type, &max_length))
+     return nullptr;
+ 
+-  if (base::mac::IsAtLeastOS10_12()) {
+-    return base::MakeRefCounted<ThreadedSSLPrivateKey>(
+-        std::make_unique<SSLPlatformKeySecKey>(key_type, max_length,
+-                                               private_key),
+-        GetSSLPlatformKeyTaskRunner());
+-  }
+-
+   const CSSM_KEY* cssm_key;
+   OSStatus status = SecKeyGetCSSMKey(private_key, &cssm_key);
+   if (status != noErr) {

pkgs/development/libraries/qt-5/modules/qtwebengine.nix

@@ -12,7 +12,8 @@
 , pciutils
 , systemd
 , enableProprietaryCodecs ? true
-, gn, darwin, openbsm
+, gn
+, cups, darwin, openbsm, runCommand, xcbuild
 , ffmpeg ? null
 , lib, stdenv
 }:
@@ -26,7 +27,7 @@ qtModule {
   qtInputs = [ qtdeclarative qtquickcontrols qtlocation qtwebchannel ];
   nativeBuildInputs = [
     bison coreutils flex git gperf ninja pkgconfig python2 which gn
-  ];
+  ] ++ optional stdenv.isDarwin xcbuild;
   doCheck = true;
   outputs = [ "bin" "dev" "out" ];
 
@@ -42,7 +43,7 @@ qtModule {
       ( cd src/3rdparty/chromium; patchShebangs . )
     ''
     # Patch Chromium build files
-    + optionalString (builtins.compareVersions qtCompatVersion "5.12" < 0) ''
+    + optionalString (lib.versionOlder qtCompatVersion "5.12") ''
       substituteInPlace ./src/3rdparty/chromium/build/common.gypi --replace /bin/echo ${coreutils}/bin/echo
       substituteInPlace ./src/3rdparty/chromium/v8/${if qt56 then "build" else "gypfiles"}/toolchain.gypi \
         --replace /bin/echo ${coreutils}/bin/echo
@@ -65,33 +66,46 @@ qtModule {
       sed -i -e '/libpci_loader.*Load/s!"\(libpci\.so\)!"${pciutils}/lib/\1!' \
         src/3rdparty/chromium/gpu/config/gpu_info_collector_linux.cc
     ''
-    + optionalString stdenv.isDarwin ''
+    + optionalString stdenv.isDarwin (''
       # Remove annoying xcode check
       substituteInPlace mkspecs/features/platform.prf \
-        --replace "lessThan(QMAKE_XCODE_VERSION, 7.3)" false
+        --replace "lessThan(QMAKE_XCODE_VERSION, 7.3)" false \
+        --replace "/usr/bin/xcodebuild" "xcodebuild"
+
+      substituteInPlace src/3rdparty/chromium/build/mac_toolchain.py \
+        --replace "/usr/bin/xcode-select" "xcode-select"
+
       substituteInPlace src/core/config/mac_osx.pri \
         --replace /usr ${stdenv.cc} \
         --replace "isEmpty(QMAKE_MAC_SDK_VERSION)" false
 
-    # FIXME Needed with old Apple SDKs
-    # Abandon all hope ye who try to make sense of this.
+    ''
+    # TODO remove when new Apple SDK is in
+    + (if lib.versionOlder qtCompatVersion "5.11" then ''
     substituteInPlace src/3rdparty/chromium/base/mac/foundation_util.mm \
       --replace "NSArray<NSString*>*" "NSArray*"
     substituteInPlace src/3rdparty/chromium/base/mac/sdk_forward_declarations.h \
       --replace "NSDictionary<VNImageOption, id>*" "NSDictionary*" \
       --replace "NSArray<VNRequest*>*" "NSArray*" \
       --replace "typedef NSString* VNImageOption NS_STRING_ENUM" "typedef NSString* VNImageOption"
+    '' else ''
+    substituteInPlace src/3rdparty/chromium/third_party/webrtc/sdk/objc/Framework/Classes/Common/RTCFieldTrials.mm \
+      --replace "NSDictionary<NSString *, NSString *> *" "NSDictionary*"
+    substituteInPlace src/3rdparty/chromium/third_party/webrtc/sdk/objc/Framework/Headers/WebRTC/RTCFieldTrials.h \
+      --replace "NSDictionary<NSString *, NSString *> *" "NSDictionary*"
+    '')
+    + ''
 
     cat <<EOF > src/3rdparty/chromium/build/mac/find_sdk.py
 #!/usr/bin/env python
+print("${darwin.apple_sdk.sdk}")
 print("10.10.0")
-print("")
 EOF
 
     cat <<EOF > src/3rdparty/chromium/build/config/mac/sdk_info.py
 #!/usr/bin/env python
-print('xcode_version="9.1"')
-print('xcode_version_int=9')
+print('xcode_version="0910"')
+print('xcode_version_int=910')
 print('xcode_build="9B55"')
 print('machine_os_build="17E199"')
 print('sdk_path=""')
@@ -100,12 +114,32 @@ print('sdk_platform_path=""')
 print('sdk_build="17B41"')
 EOF
 
+    substituteInPlace src/3rdparty/chromium/third_party/crashpad/crashpad/util/BUILD.gn \
+      --replace '$sysroot/usr' "${darwin.xnu}"
+
     # Apple has some secret stuff they don't share with OpenBSM
     substituteInPlace src/3rdparty/chromium/base/mac/mach_port_broker.mm \
       --replace "audit_token_to_pid(msg.trailer.msgh_audit)" "msg.trailer.msgh_audit.val[5]"
-    '';
 
-  NIX_CFLAGS_COMPILE = lib.optionalString stdenv.isDarwin "-DMAC_OS_X_VERSION_MAX_ALLOWED=MAC_OS_X_VERSION_10_10 -DMAC_OS_X_VERSION_MIN_REQUIRED=MAC_OS_X_VERSION_10_10";
+    substituteInPlace src/3rdparty/chromium/sandbox/mac/BUILD.gn \
+      --replace 'libs = [ "sandbox" ]' 'libs = [ "/usr/lib/libsandbox.1.dylib" ]'
+    '');
+
+  NIX_CFLAGS_COMPILE =
+    lib.optionalString stdenv.isDarwin [
+      "-DMAC_OS_X_VERSION_MAX_ALLOWED=MAC_OS_X_VERSION_10_10"
+      "-DMAC_OS_X_VERSION_MIN_REQUIRED=MAC_OS_X_VERSION_10_10"
+
+      #
+      # Prevent errors like
+      # /nix/store/xxx-apple-framework-CoreData/Library/Frameworks/CoreData.framework/Headers/NSEntityDescription.h:51:7:
+      # error: pointer to non-const type 'id' with no explicit ownership
+      #     id** _kvcPropertyAccessors;
+      #
+      # TODO remove when new Apple SDK is in
+      #
+      "-fno-objc-arc"
+    ];
 
   preConfigure = ''
     export NINJAFLAGS=-j$NIX_BUILD_CORES
@@ -160,7 +194,10 @@ EOF
 
     # frameworks
     ApplicationServices
+    AVFoundation
     Foundation
+    ForceFeedback
+    GameController
     AppKit
     ImageCaptureCore
     CoreBluetooth
@@ -173,8 +210,28 @@ EOF
     libunwind
   ]);
 
+  buildInputs = optionals stdenv.isDarwin (with darwin; [
+    cups
+
+    # For sandbox.h include
+    (runCommand "MacOS_SDK_sandbox.h" {} ''
+      install -Dm444 "${lib.getDev darwin.apple_sdk.sdk}"/include/sandbox.h "$out"/include/sandbox.h
+    '')
+
+    # For:
+    # _NSDefaultRunLoopMode
+    # _OBJC_CLASS_$_NSDate
+    # _OBJC_CLASS_$_NSDictionary
+    # _OBJC_CLASS_$_NSRunLoop
+    # _OBJC_CLASS_$_NSURL
+    darwin.cf-private
+  ]);
+
+  __impureHostDeps = optional stdenv.isDarwin "/usr/lib/libsandbox.1.dylib";
+
   dontUseNinjaBuild = true;
   dontUseNinjaInstall = true;
+  dontUseXcbuild = true;
 
   postInstall = lib.optionalString stdenv.isLinux ''
     cat > $out/libexec/qt.conf <<EOF

pkgs/development/tools/xcbuild/toolchains.nix

@@ -67,5 +67,6 @@ runCommand "Toolchains" {} (''
   done
 
   ln -s ${buildPackages.darwin.bootstrap_cmds}/bin/mig $toolchain/bin
+  ln -s ${buildPackages.darwin.bootstrap_cmds}/libexec/migcom $toolchain/libexec
   ln -s ${mkdep-darwin-src} $toolchain/bin/mkdep
 '')