I repeated the procedure, but successfully, like this (starting from scratch; actually you'll be able to trust my word on the procedure below only after I have updated my Air-Gapped
1 by basically following what I now write below):
Code: Select all
dpkg-source -x palemoon_27.3.0~repack-1.dsc
cd palemoon-27.3.0~repack
vi debian/mozconfig
It's very useful to note that I based my mozconfig on
Walter Dnes's one from his unofficial package that I used, and which would have also worked, but for the paxrat non-familiarity of mine...
2
My mistake was to go straight for (don't do this yet!):
Code: Select all
patch -p0 < ~/allow-sslkeylogfile.patch
Nope! The important detail about quilt, is it works only on files that it knows of. IOW, ths file that my patch modifies:
needs to be
added to quilt. And more. But
adding files to quilt is not clearly stressed in the "man quilt" for first time readers...
The best instructions I found in
/usr/share/doc/quilt/README.gz:
Code: Select all
Typical Usages: New patches; Importing patches; Patch management
======================================================================
Add new patches:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1. create a new patch: quilt new {patchname, e.g., sysctl_fix.patch}
2. add/edit file(s): quilt edit filepath
or:
2a. add file(s) to patch: quilt add {filepath}
2b. manual edit file(s) use your $editor
3. update the patch: quilt refresh
3b. list the patch description: quilt header [patch]
3c. update the patch description: quilt header -e [patch]
( And
/usr/share/doc/quilt/quilt.pdf is a very good read, and necessary: it's hands on and simple. )
So, from my ~/.bash_history, here's how I dealt with this source patching issue. I'm giving the history lines that I will likely try and follow exactly when I install all these in Air-Gapped, as only then will I be able to verify this procedure, as I noted at the top of this post.
Code: Select all
ls -lRa debian/patches/
ls -lRa .pc
cat debian/patches/series
Notice what you see. What exists and what not yet... And...
Code: Select all
quilt new allow-sslkeylogfile.patch
...[And]...
Code: Select all
ls -lRa debian/patches/
ls -lRa .pc
cat debian/patches/series
...[And] ...how it changes.
( And you can repeat it later as well. )
This was the crucial move (or it was crucial for me to understand that I needed to do it):
Code: Select all
quilt add security/nss/lib/ssl/Makefile
Before we patch the file, pls. note the first 6 lines of that Makefile that needs to be fixed so Palemoon can log SSL-keys:
Code: Select all
tail -24 security/nss/lib/ssl/Makefile
tail -24 security/nss/lib/ssl/Makefile | head -6
The if condition there is intact. And it needs to be commented out for our purpose!
Now that the
file is added, i.e. now that quilt knows about it, it doesn't matter how you edit it. IOW, simply:
Code: Select all
patch -p0 < ~/allow-sslkeylogfile.patch
did if for me.
Code: Select all
tail -24 security/nss/lib/ssl/Makefile
tail -24 security/nss/lib/ssl/Makefile | head -6
The if condition there has been commented out (or the reader didn't do it right). The compiled-to-be Palemoon will serve our purpose!
Code: Select all
quilt refresh
quilt header
quilt header allow-sslkeylogfile.patch
quilt header -e allow-sslkeylogfile.patch
quilt files
quilt diff
quilt push
I actually don't recall why I did all the above, but in essence...
In essence, I haven't later changed the patch below, not since the post of mine which is some fourth previous from here, and which I am using now by quoting it.
In essence, the above commands should get your patch again just like that, basically by manually editing after you, if I remember correctly, issue:
Code: Select all
quilt header -e allow-sslkeylogfile.patch
.
Modifying my patch to read:
Code: Select all
Description: patch to allow SSL-key logging
Forwarded: not-needed
Bug: https://forum.palemoon.org/viewforum.php?f=57
Bug-Devuan: https://bugs.devuan.org
Author: Miroslav Rovis <miro.rovis@croatiafidelis.hr>
---
--- security/nss/lib/ssl/Makefile
+++ security/nss/lib/ssl/Makefile
@@ -39,12 +39,11 @@ CSRCS += unix_err.c
endif
endif
-# Enable key logging by default in debug builds, but not opt builds.
-# Logging still needs to be enabled at runtime through env vars.
-NSS_ALLOW_SSLKEYLOGFILE ?= $(if $(BUILD_OPT),0,1)
-ifeq (1,$(NSS_ALLOW_SSLKEYLOGFILE))
+# Enable key logging by default in all builds
+#NSS_ALLOW_SSLKEYLOGFILE ?= $(if $(BUILD_OPT),0,1)
+#ifeq (1,$(NSS_ALLOW_SSLKEYLOGFILE))
DEFINES += -DNSS_ALLOW_SSLKEYLOGFILE=1
-endif
+#endif
#######################################################################
# (5) Execute "global" rules. (OPTIONAL) #
And then:
compiles the SSL-key logging Pale Moon (it did for me
).
---
1 LINKS Air-Gapped, cloning. If I'm late to post these links, pls. find them in a later post of mine.
2 Similarly I don't want dbus, and I don't want pulseaudio in my system, and of course we belong to the init-freedom users who strongly dislike systemd... I left Debian because of it.
Can't test that other install because I only need one Palemoon, and posting this procedure took precedence over testing if that $HOME installed Palemoon would work if I boot with
vmlinuz-3.16.0-4-amd64.