%global moz_extensions %{_datadir}/mozilla/extensions

%global firefox_app_id \{ec8030f7-c20a-464f-9b0e-13a3a9e97384\}

%global src_ext_id https-everywhere@eff.org

%global firefox_inst_dir %{moz_extensions}/%{firefox_app_id}/%{src_ext_id}

%global seamonkey_app_id \{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a}

%global seamonkey_inst_dir %{moz_extensions}/%{seamonkey_app_id}

Name:           mozilla-https-everywhere

Version:        3.0.0

Release:        2%{?dist}

Summary:        HTTPS/HSTS enforcement extension for Mozilla Firefox and SeaMonkey

Group:          Applications/Internet

License:        GPLv2+

URL:            https://eff.org/https-everywhere

# A git repo is available at git://git.torproject.org/https-everywhere.git

Source0:        https://www.eff.org/files/https-everywhere-%{version}.xpi

Patch0:         appManaged.patch

BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)

BuildRequires:  dos2unix

%if 0%{?rhel}

Requires:       firefox >= 3.5

%else

Requires:       mozilla-filesystem

%endif

BuildArch:      noarch

%description

HTTPS Everywhere is a Firefox extension produced as a collaboration between

The Tor Project and the Electronic Frontier Foundation. It encrypts your

communications with a number of major websites.

Many sites on the web offer some limited support for encryption over HTTPS,

but make it difficult to use. For instance, they may default to unencrypted

HTTP, or fill encrypted pages with links that go back to the unencrypted site.

The HTTPS Everywhere extension fixes these problems by rewriting all requests

to these sites to HTTPS.

%prep

%setup -q -c

dos2unix -f LICENSE.txt

%patch0 -p 1

%build

%install

rm -rf %{buildroot}

# top level files

install -Dp -m 644 chrome.manifest %{buildroot}%{firefox_inst_dir}/chrome.manifest

install -Dp -m 644 install.rdf %{buildroot}%{firefox_inst_dir}/install.rdf

install -Dp -m 644 Changelog %{buildroot}%{firefox_inst_dir}/Changelog

install -Dp -m 644 LICENSE.txt %{buildroot}%{firefox_inst_dir}/LICENSE.txt

# chrome/content

install -dm 755 %{buildroot}%{firefox_inst_dir}/chrome/content

install -D -m  644 chrome/content/{about.xul,fetch-source.js,fetch-source.xul,meta-preferences.xul,observatory-popup.xul,observatory-preferences.xul,observatory-warning.xul,observatory-xul.js,preferences.css,preferences.js,preferences.xul,toolbar_button.js,toolbar_button.xul} %{buildroot}%{firefox_inst_dir}/chrome/content/

# chrome/content/code

install -dm 755 %{buildroot}%{firefox_inst_dir}/chrome/content/code

for f in chrome/content/code/*; do

install -Dpm 644 ${f} \

    %{buildroot}%{firefox_inst_dir}/${f}

done

# chrome/content/rules

install -dm 755 %{buildroot}%{firefox_inst_dir}/chrome/content/rules

for f in chrome/content/rules/*; do

install -Dpm 644 ${f} \

    %{buildroot}%{firefox_inst_dir}/${f}

done

# chrome/locale and everything in it

install -dm 755 %{buildroot}/%{firefox_inst_dir}/chrome/locale

for f in chrome/locale/*; do

	install -dm 755 ${f} \

		%{buildroot}%{firefox_inst_dir}/${f}

	for g in ${f}/*; do

		install -Dpm 644 ${g} \

			%{buildroot}%{firefox_inst_dir}/${g}

	done

done

# chrome/skin

install -dm 755 %{buildroot}/%{firefox_inst_dir}/chrome/skin

for f in chrome/skin/*; do

install -Dpm 644 ${f} \

    %{buildroot}%{firefox_inst_dir}/${f}

done

# components/

install -dm 755 %{buildroot}/%{firefox_inst_dir}/components

for f in components/*; do

install -Dpm 644 ${f} \

    %{buildroot}%{firefox_inst_dir}/${f}

done

# defaults/

install -dm 755 %{buildroot}/%{firefox_inst_dir}/defaults

install -dm 755 %{buildroot}/%{firefox_inst_dir}/defaults/preferences

for f in defaults/preferences/*; do

install -Dpm 644 ${f} \

    %{buildroot}%{firefox_inst_dir}/${f}

done

# symlink from seamonkey extension to firefox extension

mkdir -p %{buildroot}%{seamonkey_inst_dir}

ln -s %{firefox_inst_dir} %{buildroot}%{seamonkey_inst_dir}

%clean

rm -rf %{buildroot}

%files

%defattr(-,root,root,-)

%doc LICENSE.txt

%{firefox_inst_dir}

%{seamonkey_inst_dir}

%changelog

* Fri Oct 12 2012 Russell Golden <niveusluna@niveusluna.org> - 3.0.0-2

- Replace "firefox" in EPEL builds with "firefox >= 3.5" for EL

    users who think updates are for sissies and/or voiding support

    contracts with proprietary vendors. They can't use this if their

    Firefox install is older than 3.5 anyway, so what's the harm?

* Tue Oct 09 2012 Russell Golden <niveusluna@niveusluna.org> - 3.0.0-1

  - Since version 2.x:

    - 1,455 new active rulesets

    - UI improvements: 

      -- right-click to view ruleset source in the config window

      -- translate some untranslated menus

      -- better icons in a few places (breaking/redirecting rules,

        context button)

    - Numerous improvements to the SSL Observatory internals, including cached

      submissions on hostile networks, better Tor and Convergence integration,

      and a new setting to control self-signed cert submission

    - New translations: Basque, Czech, Danish, French, Greek, Hungarian,

                        Italian, Korean, Malaysian, Polish, Slovak, Turkish,

                        Traditional Chinese

  - Relative to 3.0development.8:

    - Only promote the Decentralized SSL Observatory to 5% of non-Tor users

    - Update the SSL Observatory whitelist of common cert chains

    - Fixes, mostly in the CDN/media playback department: 

             Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player,

             AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein,

             Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo,

             Nokia, Widgetbox.com, Squarespace

             https://trac.torproject.org/projects/tor/ticket/4199

             https://trac.torproject.org/projects/tor/ticket/6871

             https://trac.torproject.org/projects/tor/ticket/6992

             https://trac.torproject.org/projects/tor/ticket/7000

             https://trac.torproject.org/projects/tor/ticket/7020

             https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html

    - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia

    - Remove a lot of off-by-default rulesets from the code, since they have

      some costs in terms of startup speed and RAM usage

* Thu Sep 27 2012 Russell Golden <niveusluna@niveusluna.org> - 2.2.3-1

- Workaround for breakage in Amazon Look Inside the Book (via Cloudfront)

  -- https://trac.torproject.org/projects/tor/ticket/6848

- Fix logout for AOL users

- Other fixes: PassThePopcorn, WhatCD, Antispam.de, RFCeditor,

  -- Weatherspark / GoogleMaps

- Disable broken: SVT.se

* Thu Sep 06 2012 Russell Golden <niveusluna@niveusluna.org> - 2.2.2-1

- Fix a bug that was preventing settings from persisting:

    https://trac.torproject.org/projects/tor/ticket/6653

- Fixes and improvements: Lenovo, YahooNew, Pirate Party, OpenDNS, Wordpress

    https://trac.torproject.org/projects/tor/ticket/6604

    https://mail1.eff.org/pipermail/https-everywhere-rules/2012-August/001267.html

- Disable broken rulesets: FAZ, Playboy, Mapquest, Imgur, F-Secure

* Fri Aug 17 2012 Russell Golden <niveusluna@niveusluna.org> - 2.2.1-1

- Update to upstream 2.2.1. Hopefully this one will actually work.

* Fri Aug 17 2012 Russell Golden <niveusluna@niveusluna.org> - 2.1-5

- Add appManaged flag to prevent update in user profile directories

- prompted by release of badly broken 2.2 upstream

* Fri Aug 17 2012 Russell Golden <niveusluna@niveusluna.org> - 2.2-2

- Prevent ruleset bugs from crashing the UI

  -- https://trac.torproject.org/projects/tor/ticket/6280

- Fix the enable/disable button in Firefox 14

  -- https://trac.torproject.org/projects/tor/ticket/6212

- Fix a nasty bug in the optional "Search www.google.com" ruleset:

  -- https://gitweb.torproject.org/https-everywhere.git/commitdiff/50ca41a1e189ef8383781f803e51ec7a06688a3b

- Disable buggy/broken: ZDNet, Globe and Mail, Blip.tv, Governo Portugês,

  -- Alton Towers, McAfee :( :( :(

- Fixes: Yandex, Wikipedia, PirateParty, JBoss, Gentoo

- Hopefully the last 2.x release before 3.0 stable

* Fri Jul 20 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.1-4

- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild

* Mon Jul 02 2012 Russell Golden <niveusluna@niveusluna.org> - 2.1-3

- Change Requires to require firefox on all RHEL versions

* Sun Jun 24 2012 Russell Golden <niveusluna@niveusluna.org> - 2.1-2

- Fix context menu breakage when URIs lack a host

- Fixes: CiteULike, MozillaMessaging, Yandex, Demonoid, Pirate Party,

  --  Gentoo, NYTimes, Microsoft, Wikipedia, Lenovo

  --  https://mail1.eff.org/pipermail/https-everywhere-rules/2012-June/001189.html

  --  https://trac.torproject.org/projects/tor/ticket/6091

  --  https://mail1.eff.org/pipermail/https-everywhere-rules/2012-June/001190.html

  --  https://mail1.eff.org/pipermail/https-everywhere-rules/2012-May/001186.html

  --  https://mail1.eff.org/pipermail/https-everywhere/2012-May/001433.html

- Disable broken: MarketWatch, Disqus, Magento, Lavasoft, Project Syndicate,

  -- Typepad/Say Media

  --  https://trac.torproject.org/projects/tor/ticket/5899

  --  https://trac.torproject.org/projects/tor/ticket/5496

* Tue May 01 2012 Russell Golden <niveusluna@niveusluna.org> - 2.0.3-2

- Add file that I missed in the last build.

* Sat Apr 28 2012 Russell Golden <niveusluna@niveusluna.org> - 2.0.3-1

- Fix a downgrade attack that might allow attackers to deny HTTPS

    Everywhere protection for cookies on some domains.

    https://trac.torproject.org/projects/tor/ticket/5676

- Minor redirection mechanism fixes

- Fixes: WordPress, Yandex, OpenDNS, Via.me/AWS

- Improvements: Mozilla

- Disable broken: ReadWriteWeb

* Fri Apr 20 2012 Russell Golden <niveusluna@niveusluna.org> - 2.0.2-1

- Fix a weird wrong DOM-origin bug that occurred while redirects were in

  --  progress (this might have security implications, although we are unsure

  --  if it was exploitable).

  --  https://trac.torproject.org/projects/tor/ticket/5477

- By default, use https://google.co.cctld instead of

  --  encrypted.google.com

- Add an optional ruleset to use https://www.google.com

  -- instead of encrypted.google.com, too

- Ruleset fixes: Debian, Kohls, Malwarebytes, Yandex, Wikipedia, Mises.org,

  -- OpenDNS, Wizards of the Coast, Lenovo, Barnes and Noble

  --  https://trac.torproject.org/projects/tor/ticket/5509

  --  https://trac.torproject.org/projects/tor/ticket/5491

  --  https://trac.torproject.org/projects/tor/ticket/5303

- Stumble across more horrible security holes in the Verizon website:

  --  https://mail1.eff.org/pipermail/https-everywhere-rules/2012-February/001003.html

- Disable the Gentoo ruleset on non-CAcert platforms

- Disable buggy rulesets: IBM, Scribd, Wunderground :( :( :(

  --  https://trac.torproject.org/projects/tor/ticket/5344

  --  https://trac.torproject.org/projects/tor/ticket/5435

  --  https://trac.torproject.org/projects/tor/ticket/5630

* Wed Feb 29 2012 Russell Golden <niveusluna@niveusluna.org> - 2.0.1-1

- Sync to upstream 2.0.x branch

- Too many changes to all list here. None affect the end user experience.

    Being a Mozilla extension, it'll auto-update anyway.

* Wed Jan 11 2012 Russell Golden <niveusluna@niveusluna.org> - 1.2.2-1

- Google Cache is back!

- Fixes: Wikipedia, Identi.ca, Verizon, CCC.de, UserScripts, Yandex

- Improvements: EFF

- Disable broken: NSF.gov, WHO.int

* Wed Nov 16 2011 Russell Golden <niveusluna@niveusluna.org> - 1.2.1-1

- Google Cache is broken, remove it from GoogleServices :( :( :(

- Fix for the Google Image Search homepage

- Exclude help.duckduckgo.com:

--    https://trac.torproject.org/projects/tor/ticket/4399

- Disable Yahoo! Mail:

--    https://trac.torproject.org/projects/tor/ticket/4441

- Installable on Firefox 10

* Tue Nov 15 2011 Russell Golden <niveusluna@niveusluna.org> - 1.2-1

- Fixes: WordPress, Statcounter, Java, Bahn.de, SICS.se

- Improvements: use fancy new HTTPS Wikipedia

- Disable broken: OpenUniversity, TV.com, Random.org, kb.CERT

* Thu Oct 20 2011 Russell Golden <niveusluna@niveusluna.org> - 1.1-1

- Further tweaks to internals, will hopefully fix a number of weird issues:

--      https://trac.torproject.org/projects/tor/ticket/4194

--      https://trac.torproject.org/projects/tor/ticket/4149

--      https://mail1.eff.org/pipermail/https-everywhere/2011-October/001208.html

- YouTube is enabled by default!

- Fixes: Yandex, Statcounter, Polldaddy, SBB.ch

- Improvements: Facebook+

- Disable broken: Bloglines, EPEAT

* Sat Oct 8 2011 Russell Golden <niveusluna@niveusluna.org> - 1.0.3-2

- Changelog added for current version

* Fri Sep 16 2011 Russell Golden <niveusluna@niveusluna.org> - 1.0.1-1

- Initial packaging for Fedora