summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--media-gfx/blender/Manifest2
-rw-r--r--media-gfx/blender/blender-2.61-r1.ebuild425
-rw-r--r--media-gfx/blender/files/blender-2.61-CVE-2009-3850-v4.patch164
3 files changed, 591 insertions, 0 deletions
diff --git a/media-gfx/blender/Manifest b/media-gfx/blender/Manifest
index 78fc9a0..ef0c967 100644
--- a/media-gfx/blender/Manifest
+++ b/media-gfx/blender/Manifest
@@ -14,6 +14,7 @@ AUX blender-2.60a-insecure.desktop 594 RMD160 48d7b683f4ae057a1766dabb267e5048e9
AUX blender-2.60a-libav-0.7.patch 1181 RMD160 66dc84d6ca37a97bb43886ed86b72499383636b6 SHA1 be60d7fd39821fb28b3e23a659df8f7eb51d1f60 SHA256 d8e7a08b042ce8311bd71e2edec7457ddf8fe8b64243f30f179d391ea170ab50
AUX blender-2.60a-linux-3.patch 414 RMD160 cb1cfc00e363e00c67a3c6d3567768418be78f39 SHA1 71f4701aa2e88de35843661cf5eecfe411ccd99b SHA256 4f1f8960e1b5706b426e272c17b70682b1eaa5903fa325e4d4db21efd540d732
AUX blender-2.61-CVE-2009-3850-v3.patch 7515 RMD160 0faf4de3a330fd2920bdf2b688d3bc5cb530d86f SHA1 77c637a4e6be816534887dab06614bb3dddad3af SHA256 f9d2eb3e09d30c21a3f51de34bc978d25c598a2fc420e809ea49293c55178139
+AUX blender-2.61-CVE-2009-3850-v4.patch 9194 RMD160 cf5519882821c318f32ac3ff16f0a73998941228 SHA1 91e029b6bcdad6adec3034dc313604cae9f9d4dd SHA256 bcf6155d39ee3a31422ddfd21e729bce542a181ebdcfd9c4a6e40c37e06b9485
AUX blender-2.61-desktop.patch 642 RMD160 5706c6cdcad1655fb9c4f3b5feeb47c5f11f2c7a SHA1 689e9c8bbf2ce001cac08a74d7ed13ac00d7b2b4 SHA256 11dcfa44db29728c518e2b560ce9f3ccbd67af372aa3421e4f5d6512f9298a33
AUX blender-2.61-eigen.patch 27106 RMD160 3042ba69913c98531ad60bd3a7fadf7817c5b062 SHA1 cde414399438b7d9ea7e756ef86aa08b5c9983e2 SHA256 e1e465f158a49287795d0f1a046d59b8d7ff8459c3ea8d57ee4b40518897d903
AUX blender-2.61-enable_site_module.patch 1061 RMD160 60ba42b15c490776200fa0eea38ae7c856a1f567 SHA1 a9e5bf42d9b6ade5fb595009c6fde7412b002a8f SHA256 3d7b7c0814d97ed5db76828e243120782a0fb0a5304b90d978c3a20e1fb37a83
@@ -23,5 +24,6 @@ AUX blender-desktop.patch 641 RMD160 5be612d2836005e51e1bcfed10959e75315f201f SH
DIST blender-2.60a.tar.gz 25679123 RMD160 74434c4e748872322386971cf6021255b0bfa1c8 SHA1 f23551e6ed661626c61de4a758d9ff67e0f27529 SHA256 7d788599ab46dac37f630dec026d06f7e3d73508f243eeb4ade8bcdcb661f124
DIST blender-2.61.tar.gz 25087312 RMD160 fb3b368144d31cd850a0602b7b5e746fca17d7fc SHA1 1b0d008e8022cb29efc9b4a337379eeb93bdcbb7 SHA256 58563583c8775fa0f746a7f4899b1619fec3df69accfa536544fdcbf372685f1
EBUILD blender-2.60a.ebuild 13760 RMD160 bc4458ccf226e20c140ed022325c35bda09a1add SHA1 95a5894363e730db0a66a16f9e8fcb775ea6896a SHA256 146e61d01da115d202f5c77b17ae938a4c2e92344b71b5422bcf6165d4d71d29
+EBUILD blender-2.61-r1.ebuild 12982 RMD160 a4c10e2cde47bc97742e3efbbff2fbe0839bf1be SHA1 5492736f268813bf11841ae44cfcc3ba655ba04e SHA256 90d8e092d353ff35d8966ed4e3dc01d6514fc5dc41850ea5cd72c2f0e88bd215
EBUILD blender-2.61.ebuild 13767 RMD160 dfe843c6b2cff607f1215faea2eb805d03d689a7 SHA1 8b43d751d3c2b0d1c0dad0d47c0cdb202674b65b SHA256 0e4929b08a6e1da7c46ff57b12aa27c21c2f7071933d7b2002d26d15407511d8
MISC metadata.xml 2031 RMD160 7cef28cc97256936c8420d9399c5469dc917f7d1 SHA1 734027d18091dc859e24ec436f7ac992521223d7 SHA256 2aec9b99fcd11925094c06634d41af4cd3681cb81b404cc170b230dd4e337d13
diff --git a/media-gfx/blender/blender-2.61-r1.ebuild b/media-gfx/blender/blender-2.61-r1.ebuild
new file mode 100644
index 0000000..af89a1e
--- /dev/null
+++ b/media-gfx/blender/blender-2.61-r1.ebuild
@@ -0,0 +1,425 @@
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/media-gfx/blender/blender-2.60a.ebuild,v 1.4 2011/11/13 22:43:48 sping Exp $
+
+PYTHON_DEPEND="3:3.2"
+EAPI=4
+
+if [[ ${PV} == *9999 ]] ; then
+SCM="subversion"
+ESVN_REPO_URI="https://svn.blender.org/svnroot/bf-blender/trunk/blender"
+fi
+
+inherit scons-utils eutils python versionator flag-o-matic toolchain-funcs ${SCM}
+
+IUSE="cycles +game-engine player +elbeem +openexr ffmpeg jpeg2k openal openmp \
+ +dds debug doc fftw jack apidoc sndfile tweak-mode sdl sse \
+ redcode +zlib iconv contrib 3dmouse"
+
+LANGS="en ar bg ca cs de el es fi fr hr it ja ko nl pl pt_BR ro ru sr sv uk zh_CN"
+for X in ${LANGS} ; do
+ IUSE="${IUSE} linguas_${X}"
+done
+
+DESCRIPTION="3D Creation/Animation/Publishing System"
+HOMEPAGE="http://www.blender.org"
+if [[ ${PV} == *9999 ]] ; then
+ SRC_URI=""
+elif [[ ${PV%_p*} != ${PV} ]] ; then # Gentoo snapshot
+ SRC_URI="mirror://gentoo/${P}.tar.xz"
+else # Official release
+ SRC_URI="http://download.blender.org/source/${P}.tar.gz"
+fi
+
+#SLOT="$(get_version_component_range 1-2)"
+SLOT="2.60"
+LICENSE="|| ( GPL-2 BL )"
+KEYWORDS="~amd64 ~x86"
+
+RDEPEND="virtual/jpeg
+ media-libs/libpng
+ x11-libs/libXi
+ x11-libs/libX11
+ media-libs/tiff
+ media-libs/libsamplerate
+ virtual/opengl
+ >=media-libs/freetype-2.0
+ virtual/libintl
+ media-libs/glew
+ >=sci-physics/bullet-2.76
+ dev-cpp/eigen:3
+ cycles? (
+ media-libs/openimageio
+ dev-libs/boost
+ )
+ iconv? ( virtual/libiconv )
+ zlib? ( sys-libs/zlib )
+ sdl? ( media-libs/libsdl[audio,joystick] )
+ openexr? ( media-libs/openexr )
+ ffmpeg? (
+ >=virtual/ffmpeg-0.6.90[x264,mp3,encode,theora]
+ jpeg2k? ( >=virtual/ffmpeg-0.6.90[x264,mp3,encode,theora,jpeg2k] )
+ )
+ openal? ( >=media-libs/openal-1.6.372 )
+ fftw? ( sci-libs/fftw:3.0 )
+ jack? ( media-sound/jack-audio-connection-kit )
+ sndfile? ( media-libs/libsndfile )
+ 3dmouse? ( media-libs/libspnav )"
+
+DEPEND="dev-util/scons
+ apidoc? (
+ dev-python/sphinx
+ app-doc/doxygen[-nodot]
+ game-engine? ( dev-python/epydoc )
+ )
+ ${RDEPEND}"
+
+# configure internationalization only if LINGUAS have more
+# languages than 'en', otherwise must be disabled
+if [[ ${LINGUAS} != "en" && -n ${LINGUAS} ]]; then
+ DEPEND="${DEPEND}
+ sys-devel/gettext"
+fi
+
+blend_with() {
+ local UWORD="$2"
+ [ -z "${UWORD}" ] && UWORD="$1"
+ if use $1; then
+ echo "WITH_BF_${UWORD}=1" | tr '[:lower:]' '[:upper:]' \
+ >> "${S}"/user-config.py
+ else
+ echo "WITH_BF_${UWORD}=0" | tr '[:lower:]' '[:upper:]' \
+ >> "${S}"/user-config.py
+ fi
+}
+
+src_unpack() {
+if [[ ${PV} == *9999 ]] ; then
+ subversion_fetch
+ if use contrib; then
+ S="${S}"/release/scripts/addons_contrib subversion_fetch \
+ "https://svn.blender.org/svnroot/bf-extensions/contrib/py/scripts/addons/"
+ fi
+else
+ unpack ${A}
+fi
+}
+
+pkg_setup() {
+ enable_openmp=0
+ if use openmp; then
+ if tc-has-openmp; then
+ enable_openmp=1
+ else
+ ewarn "You are using gcc built without 'openmp' USE."
+ ewarn "Switch CXX to an OpenMP capable compiler."
+ die "Need openmp"
+ fi
+ fi
+ python_set_active_version 3
+}
+
+src_prepare() {
+ epatch "${FILESDIR}"/${P}-desktop.patch
+
+ # OpenJPEG
+ einfo "Removing bundled OpenJPEG ..."
+ rm -r extern/libopenjpeg
+ epatch "${FILESDIR}"/${PN}-${SLOT}-openjpeg.patch
+
+ # Glew
+ einfo "Removing bundled Glew ..."
+ rm -r extern/glew
+ epatch "${FILESDIR}"/${P}-glew.patch
+
+ # Eigen3
+ einfo "Removing bundled Eigen3 ..."
+ rm -r extern/Eigen3
+ epatch "${FILESDIR}"/${P}-eigen.patch
+
+ # Bullet2
+ einfo "Removing bundled Bullet2 ..."
+ rm -r extern/bullet2
+ epatch "${FILESDIR}"/${PN}-${SLOT}-bullet.patch
+
+ # Linux 3.x (bug #381099)
+ epatch "${FILESDIR}"/${PN}-${SLOT}-linux-3.patch
+
+ epatch "${FILESDIR}"/${PN}-${SLOT}-libav-0.7.patch
+ epatch "${FILESDIR}"/${P}-CVE-2009-3850-v4.patch
+ epatch "${FILESDIR}"/${P}-enable_site_module.patch
+}
+
+src_configure() {
+ # add system openjpeg into Scons build options.
+ cat <<- EOF >> "${S}"/user-config.py
+ BF_OPENJPEG="/usr"
+ BF_OPENJPEG_INC="/usr/include"
+ BF_OPENJPEG_LIB="openjpeg"
+ EOF
+
+ # add system sci-physic/bullet into Scons build options.
+ cat <<- EOF >> "${S}"/user-config.py
+ WITH_BF_BULLET=1
+ BF_BULLET="/usr/include"
+ BF_BULLET_INC="/usr/include/bullet /usr/include/bullet/BulletCollision /usr/include/bullet/BulletDynamics /usr/include/bullet/LinearMath /usr/include/bullet/BulletSoftBody"
+ BF_BULLET_LIB="BulletSoftBody BulletDynamics BulletCollision LinearMath"
+ EOF
+
+ #add iconv into Scons build options.
+ if use !elibc_glibc && use !elibc_uclibc && use iconv; then
+ cat <<- EOF >> "${S}"/user-config.py
+ WITH_BF_ICONV=1
+ BF_ICONV="/usr"
+ EOF
+ fi
+
+ # configure internationalization only if LINGUAS have more
+ # languages than 'en', otherwise must be disabled
+ [[ -z ${LINGUAS} ]] || [[ ${LINGUAS} == "en" ]] && echo "WITH_BF_INTERNATIONAL=0" >> "${S}"/user-config.py
+
+ # configure Elbeem fluid system
+ use elbeem || echo "BF_NO_ELBEEM=1" >> "${S}"/user-config.py
+
+ # configure Tweak Mode
+ use tweak-mode && echo "BF_TWEAK_MODE=1" >> "${S}"/user-config.py
+
+ # FIX: Game Engine module needs to be active to build the Blender Player
+ if ! use game-engine && use player; then
+ elog "Forcing Game Engine [+game-engine] as required by Blender Player [+player]"
+ echo "WITH_BF_GAMEENGINE=1" >> "${S}"/user-config.py
+ else
+ blend_with game-engine gameengine
+ fi
+
+ # set CFLAGS used in /etc/make.conf correctly
+ echo "CFLAGS=[`for i in ${CFLAGS[@]}; do printf "%s \'$i"\',; done`] " \
+ | sed -e "s:,]: ]:" >> "${S}"/user-config.py
+
+ # set CXXFLAGS used in /etc/make.conf correctly
+ local FILTERED_CXXFLAGS="`for i in ${CXXFLAGS[@]}; do printf "%s \'$i"\',; done`"
+ echo "CXXFLAGS=[${FILTERED_CXXFLAGS}]" | sed -e "s:,]: ]:" >> "${S}"/user-config.py
+ echo "BGE_CXXFLAGS=[${FILTERED_CXXFLAGS}]" | sed -e "s:,]: ]:" >> "${S}"/user-config.py
+
+ # reset general options passed to the C/C++ compilers (useless hardcoded flags)
+ # FIX: forcing '-funsigned-char' fixes an anti-aliasing issue with menu
+ # shadows, see bug #276338 for reference
+ echo "CCFLAGS= ['-funsigned-char', '-D_LARGEFILE_SOURCE', '-D_FILE_OFFSET_BITS=64']" >> "${S}"/user-config.py
+
+ # set LDFLAGS used in /etc/make.conf correctly
+ local FILTERED_LDFLAGS="`for i in ${LDFLAGS[@]}; do printf "%s \'$i"\',; done`"
+ echo "LINKFLAGS=[${FILTERED_LDFLAGS}]" | sed -e "s:,]: ]:" >> "${S}"/user-config.py
+ echo "PLATFORM_LINKFLAGS=[${FILTERED_LDFLAGS}]" | sed -e "s:,]: ]:" >> "${S}"/user-config.py
+
+ # reset REL_* variables (useless hardcoded flags)
+ cat <<- EOF >> "${S}"/user-config.py
+ REL_CFLAGS=[]
+ REL_CXXFLAGS=[]
+ REL_CCFLAGS=[]
+ EOF
+
+ # reset warning flags (useless for NON blender developers)
+ cat <<- EOF >> "${S}"/user-config.py
+ C_WARN =[ '-w', '-g0' ]
+ CC_WARN =[ '-w', '-g0' ]
+ CXX_WARN=[ '-w', '-g0' ]
+ EOF
+
+ # detecting -j value from MAKEOPTS
+ local NUMJOBS="$( echo "${MAKEOPTS}" | sed -ne 's,.*-j\([[:digit:]]\+\).*,\1,p' )"
+ [[ -z "${NUMJOBS}" ]] && NUMJOBS=1 # resetting to -j1 for empty MAKEOPTS
+
+ # generic settings which differ from the defaults from linux2-config.py
+ cat <<- EOF >> "${S}"/user-config.py
+ BF_OPENGL_LIB='GL GLU X11 Xi GLEW'
+ BF_INSTALLDIR="../install"
+ WITH_PYTHON_SECURITY=1
+ WITHOUT_BF_PYTHON_INSTALL=1
+ BF_PYTHON="/usr"
+ BF_PYTHON_VERSION="3.2"
+ BF_PYTHON_ABI_FLAGS=""
+ BF_BUILDINFO=0
+ BF_QUIET=1
+ BF_NUMJOBS=${NUMJOBS}
+ BF_LINE_OVERWRITE=0
+ WITH_BF_FHS=1
+ WITH_BF_BINRELOC=0
+ WITH_BF_STATICOPENGL=0
+ WITH_BF_OPENMP=${enable_openmp}
+ EOF
+
+ # configure WITH_BF* Scons build options
+ for arg in \
+ 'sdl' \
+ 'apidoc docs' \
+ 'jack' \
+ 'sndfile' \
+ 'openexr' \
+ 'dds' \
+ 'fftw fftw3' \
+ 'jpeg2k openjpeg' \
+ 'openal'\
+ 'ffmpeg' \
+ 'ffmpeg ogg' \
+ 'player' \
+ 'sse rayoptimization' \
+ 'redcode' \
+ 'zlib' \
+ '3dmouse' ; do
+ blend_with ${arg}
+ done
+
+ # enable debugging/testing support
+ use debug && echo "BF_DEBUG=1" >> "${S}"/user-config.py
+ use test && echo "BF_UNIT_TEST=1" >> "${S}"/user-config.py
+
+ # enables Cycles render engine
+ if use cycles; then
+ cat <<- EOF >> "${S}"/user-config.py
+ WITH_BF_CYCLES=1
+ WITH_BF_OIIO=1
+ BF_OIIO="/usr"
+ BF_OIIO_INC="/usr/include"
+ BF_OIIO_LIB="OpenImageIO"
+ WITH_BF_BOOST=1
+ BF_BOOST="/usr"
+ BF_BOOST_INC="/usr/include/boost"
+ EOF
+ fi
+
+}
+
+src_compile() {
+ escons || die \
+ '!!! Please add "${S}/scons.config" when filing bugs reports \
+ to bugs.gentoo.org'
+}
+
+src_install() {
+ # creating binary wrapper
+ cat <<- EOF >> "${WORKDIR}/install/blender-${PV}"
+ #!/bin/sh
+
+ # stop this script if the local blender path is a symlink
+ if [ -L \${HOME}/.blender ]; then
+ echo "Detected a symbolic link for \${HOME}/.blender"
+ echo "Sorry, to avoid dangerous situations, the Blender binary can"
+ echo "not be started until you have removed the symbolic link:"
+ echo " # rm -i \${HOME}/.blender"
+ exit 1
+ fi
+
+ export BLENDER_SYSTEM_SCRIPTS="/usr/share/blender/${PV}/scripts"
+ export BLENDER_SYSTEM_DATAFILES="/usr/share/blender/${PV}/datafiles"
+ export BLENDER_SYSTEM_PLUGINS="/usr/lib/blender/${PV}/plugins"
+ exec /usr/bin/blender-bin-${PV} \$*
+ EOF
+
+ # install binaries
+ exeinto /usr/bin/
+ cp "${WORKDIR}/install/blender" "${WORKDIR}/install/blender-bin-${PV}"
+ doexe "${WORKDIR}/install/blender-bin-${PV}"
+ doexe "${WORKDIR}/install/blender-${PV}"
+ if use player; then
+ cp "${WORKDIR}/install/blenderplayer" \
+ "${WORKDIR}/install/blenderplayer-${PV}"
+ doexe "${WORKDIR}/install/blenderplayer-${PV}"
+ fi
+
+ # install plugin headers
+ insinto /usr/include/${PN}/${PV}
+ doins "${WORKDIR}"/${P}/source/blender/blenpluginapi/*.h
+
+ # install contrib scripts addons
+ insinto /usr/share/${PN}/${PV}/scripts
+ use contrib && doins -r "${WORKDIR}"/${P}/release/scripts/addons_contrib
+
+ # install desktop file
+ insinto /usr/share/pixmaps
+ cp release/freedesktop/icons/scalable/apps/blender.svg \
+ release/freedesktop/icons/scalable/apps/blender-${PV}.svg
+ doins release/freedesktop/icons/scalable/apps/blender-${PV}.svg
+ insinto /usr/share/applications
+ cp release/freedesktop/blender.desktop \
+ release/freedesktop/blender-${PV}.desktop
+ doins release/freedesktop/blender-${PV}.desktop
+ newins "${FILESDIR}"/${P}-insecure.desktop ${P}-insecure.desktop
+
+ # install docs
+ doman "${WORKDIR}"/${P}/doc/manpage/blender.1
+ use doc && dodoc -r "${WORKDIR}"/${P}/doc/guides/*
+ if use apidoc; then
+
+ einfo "Generating (BGE) Blender Game Engine API docs ..."
+ epydoc source/gameengine/PyDoc/*.py -v \
+ -o doc/BGE_API \
+ --quiet --quiet --quiet \
+ --simple-term \
+ --url "http://www.blender.org" \
+ --top API_intro \
+ --name "Blender GameEngine" \
+ --no-private --no-sourcecode \
+ --inheritance=included \
+ --graph=all \
+ --dotpath /usr/bin/dot \
+ || die "epydoc failed."
+ docinto "API/gameengine"
+ dohtml -r "${WORKDIR}"/${P}/doc/BGE_API/*
+
+ #einfo "Generating (BPY) Blender Python API docs ..."
+ "${D}"/usr/bin/blender-bin-${PV} --background --python doc/python_api/sphinx_doc_gen.py || die "blender failed."
+ pushd doc/python_api > /dev/null
+ sphinx-build sphinx-in BPY_API || die "sphinx failed."
+ popd > /dev/null
+ docinto "API/python"
+ dohtml -r doc/python_api/BPY_API/*
+
+ einfo "Generating Blender C/C++ API docs ..."
+ pushd "${WORKDIR}"/${P}/doc/doxygen > /dev/null
+ doxygen -u Doxyfile
+ doxygen || die "doxygen failed to build API docs."
+ docinto "API/blender"
+ dohtml -r html/*
+ popd > /dev/null
+ fi
+
+ # final cleanup
+ rm -r "${WORKDIR}"/install/{Python-license.txt,icons,GPL-license.txt,copyright.txt}
+
+ # installing blender
+ insinto /usr/share/${PN}/${PV}
+ doins -r "${WORKDIR}"/install/${PV}/*
+
+ # FIX: making all python scripts readable only by group 'users',
+ # so nobody can modify scripts apart root user, but python
+ # cache (*.pyc) can be written and shared across the users.
+# chown root:users -R "${D}/usr/share/${PN}/${SLOT}/scripts" || die
+# chmod 755 -R "${D}/usr/share/${PN}/${SLOT}/scripts" || die
+}
+
+pkg_postinst() {
+ echo
+ elog "Blender uses python integration. As such, may have some"
+ elog "inherit risks with running unknown python scripting."
+ elog
+ elog "It is recommended to change your blender temp directory"
+ elog "from /tmp to /home/user/tmp or another tmp file under your"
+ elog "home directory. This can be done by starting blender, then"
+ elog "dragging the main menu down do display all paths."
+ elog
+ elog "Blender has its own internal rendering engine but you"
+ elog "can export to external renderers for image computation"
+ elog "like: YafRay[1], sunflow[2], PovRay[3] and luxrender[4]"
+ elog
+ elog "If you need one of them just emerge it:"
+ elog " [1] emerge -av media-gfx/yafray"
+ elog " [2] emerge -av media-gfx/sunflow"
+ elog " [3] emerge -av media-gfx/povray"
+ elog " [4] emerge -av media-gfx/luxrender"
+ elog
+ elog "When setting the Blender paths with the User Preferences"
+ elog "dialog box, remember to NOT declare your home's paths as:"
+ elog "~/.blender, but as: /home/user/.blender; in other words,"
+ elog "DO NOT USE the tilde inside the paths, as Blender is not"
+ elog "able to handle it, ignoring your customizations."
+}
diff --git a/media-gfx/blender/files/blender-2.61-CVE-2009-3850-v4.patch b/media-gfx/blender/files/blender-2.61-CVE-2009-3850-v4.patch
new file mode 100644
index 0000000..956eb50
--- /dev/null
+++ b/media-gfx/blender/files/blender-2.61-CVE-2009-3850-v4.patch
@@ -0,0 +1,164 @@
+diff -Npur blender-2.61.orig/SConstruct blender-2.61/SConstruct
+--- blender-2.61.orig/SConstruct 2012-01-02 16:57:51.329355164 +0100
++++ blender-2.61/SConstruct 2012-01-02 17:04:36.232349086 +0100
+@@ -346,6 +346,10 @@ if 'blenderplayer' in B.targets:
+ if 'blendernogame' in B.targets:
+ env['WITH_BF_GAMEENGINE'] = False
+
++# build without python autoexec security?
++if env['WITH_PYTHON_SECURITY'] == True:
++ env.Append(CPPFLAGS=['-DWITH_PYTHON_SECURITY'])
++
+ # build without elbeem (fluidsim)?
+ if env['WITH_BF_FLUID'] == 1:
+ env['CPPFLAGS'].append('-DWITH_MOD_FLUID')
+diff -Npur blender-2.61.orig/build_files/scons/tools/btools.py blender-2.61/build_files/scons/tools/btools.py
+--- blender-2.61.orig/build_files/scons/tools/btools.py 2012-01-02 16:56:21.351357062 +0100
++++ blender-2.61/build_files/scons/tools/btools.py 2012-01-02 17:01:37.760350726 +0100
+@@ -96,7 +96,7 @@ def print_arguments(args, bc):
+
+ def validate_arguments(args, bc):
+ opts_list = [
+- 'WITH_BF_PYTHON', 'WITH_BF_PYTHON_SAFETY', 'BF_PYTHON', 'BF_PYTHON_VERSION', 'BF_PYTHON_INC', 'BF_PYTHON_BINARY', 'BF_PYTHON_LIB', 'BF_PYTHON_LIBPATH', 'WITH_BF_STATICPYTHON', 'WITH_OSX_STATICPYTHON', 'BF_PYTHON_LIB_STATIC', 'BF_PYTHON_DLL', 'BF_PYTHON_ABI_FLAGS',
++ 'WITH_BF_PYTHON', 'WITH_BF_PYTHON_SAFETY', 'BF_PYTHON', 'BF_PYTHON_VERSION', 'BF_PYTHON_INC', 'BF_PYTHON_BINARY', 'BF_PYTHON_LIB', 'BF_PYTHON_LIBPATH', 'WITH_BF_STATICPYTHON', 'WITH_OSX_STATICPYTHON', 'BF_PYTHON_LIB_STATIC', 'BF_PYTHON_DLL', 'BF_PYTHON_ABI_FLAGS', 'WITH_PYTHON_SECURITY',
+ 'WITH_BF_OPENAL', 'BF_OPENAL', 'BF_OPENAL_INC', 'BF_OPENAL_LIB', 'BF_OPENAL_LIBPATH', 'WITH_BF_STATICOPENAL', 'BF_OPENAL_LIB_STATIC',
+ 'WITH_BF_SDL', 'BF_SDL', 'BF_SDL_INC', 'BF_SDL_LIB', 'BF_SDL_LIBPATH',
+ 'WITH_BF_JACK', 'BF_JACK', 'BF_JACK_INC', 'BF_JACK_LIB', 'BF_JACK_LIBPATH',
+@@ -256,6 +256,7 @@ def read_opts(env, cfg, args):
+ (BoolVariable('WITH_BF_STATICPYTHON', 'Staticly link to python', False)),
+ (BoolVariable('WITH_OSX_STATICPYTHON', 'Staticly link to python', True)),
+ ('BF_PYTHON_ABI_FLAGS', 'Python ABI flags (suffix in library version: m, mu, etc)', ''),
++ (BoolVariable('WITH_PYTHON_SECURITY', 'Disables execution of scripts within blend files by default (recommend to leave off)', False)),
+
+ (BoolVariable('WITH_BF_FLUID', 'Build with Fluid simulation (Elbeem)', True)),
+ (BoolVariable('WITH_BF_DECIMATE', 'Build with decimate modifier', True)),
+diff -Npur blender-2.61.orig/source/blender/blenkernel/intern/blender.c blender-2.61/source/blender/blenkernel/intern/blender.c
+--- blender-2.61.orig/source/blender/blenkernel/intern/blender.c 2012-01-02 16:57:51.329355164 +0100
++++ blender-2.61/source/blender/blenkernel/intern/blender.c 2012-01-02 16:48:10.700365736 +0100
+@@ -144,6 +144,7 @@ void initglobals(void)
+ G.f |= G_SCRIPT_AUTOEXEC;
+ #else
+ G.f &= ~G_SCRIPT_AUTOEXEC;
++ G.f |= G_SCRIPT_OVERRIDE_PREF; /* Disables turning G_SCRIPT_AUTOEXEC on from user prefs */
+ #endif
+ }
+
+diff -Npur blender-2.61.orig/source/blender/makesrna/intern/rna_userdef.c blender-2.61/source/blender/makesrna/intern/rna_userdef.c
+--- blender-2.61.orig/source/blender/makesrna/intern/rna_userdef.c 2012-01-02 16:57:51.330355184 +0100
++++ blender-2.61/source/blender/makesrna/intern/rna_userdef.c 2012-01-02 16:48:10.701365735 +0100
+@@ -114,9 +114,17 @@ static void rna_userdef_show_manipulator
+
+ static void rna_userdef_script_autoexec_update(Main *UNUSED(bmain), Scene *UNUSED(scene), PointerRNA *ptr)
+ {
+- UserDef *userdef = (UserDef*)ptr->data;
+- if (userdef->flag & USER_SCRIPT_AUTOEXEC_DISABLE) G.f &= ~G_SCRIPT_AUTOEXEC;
+- else G.f |= G_SCRIPT_AUTOEXEC;
++ if ((G.f & G_SCRIPT_OVERRIDE_PREF) == 0) {
++ /* Blender run with --enable-autoexec */
++ UserDef *userdef = (UserDef*)ptr->data;
++ if (userdef->flag & USER_SCRIPT_AUTOEXEC_DISABLE) G.f &= ~G_SCRIPT_AUTOEXEC;
++ else G.f |= G_SCRIPT_AUTOEXEC;
++ }
++}
++
++static int rna_userdef_script_autoexec_editable(Main *bmain, Scene *scene, PointerRNA *ptr) {
++ /* Disable "Auto Run Python Scripts" checkbox unless Blender run with --enable-autoexec */
++ return !(G.f & G_SCRIPT_OVERRIDE_PREF);
+ }
+
+ static void rna_userdef_mipmap_update(Main *bmain, Scene *scene, PointerRNA *ptr)
+@@ -2729,6 +2737,8 @@ static void rna_def_userdef_system(Blend
+ "Allow any .blend file to run scripts automatically "
+ "(unsafe with blend files from an untrusted source)");
+ RNA_def_property_update(prop, 0, "rna_userdef_script_autoexec_update");
++ /* Disable "Auto Run Python Scripts" checkbox unless Blender run with --enable-autoexec */
++ RNA_def_property_editable_func(prop, "rna_userdef_script_autoexec_editable");
+
+ prop= RNA_def_property(srna, "use_tabs_as_spaces", PROP_BOOLEAN, PROP_NONE);
+ RNA_def_property_boolean_negative_sdna(prop, NULL, "flag", USER_TXT_TABSTOSPACES_DISABLE);
+diff -Npur blender-2.61.orig/source/blender/windowmanager/intern/wm_files.c blender-2.61/source/blender/windowmanager/intern/wm_files.c
+--- blender-2.61.orig/source/blender/windowmanager/intern/wm_files.c 2012-01-02 16:57:51.330355184 +0100
++++ blender-2.61/source/blender/windowmanager/intern/wm_files.c 2012-01-02 16:48:10.702365735 +0100
+@@ -286,13 +286,18 @@ static void wm_init_userdef(bContext *C)
+
+ /* set the python auto-execute setting from user prefs */
+ /* enabled by default, unless explicitly enabled in the command line which overrides */
+- if((G.f & G_SCRIPT_OVERRIDE_PREF) == 0) {
++ if (! G.background && ((G.f & G_SCRIPT_OVERRIDE_PREF) == 0)) {
++ /* Blender run with --enable-autoexec */
+ if ((U.flag & USER_SCRIPT_AUTOEXEC_DISABLE) == 0) G.f |= G_SCRIPT_AUTOEXEC;
+ else G.f &= ~G_SCRIPT_AUTOEXEC;
+ }
+
+ /* update tempdir from user preferences */
+ BLI_init_temporary_dir(U.tempdir);
++
++ /* Workaround to fix default of "Auto Run Python Scripts" checkbox */
++ if ((G.f & G_SCRIPT_OVERRIDE_PREF) && !(G.f & G_SCRIPT_AUTOEXEC))
++ U.flag |= USER_SCRIPT_AUTOEXEC_DISABLE;
+ }
+
+
+diff -Npur blender-2.61.orig/source/blender/windowmanager/intern/wm_operators.c blender-2.61/source/blender/windowmanager/intern/wm_operators.c
+--- blender-2.61.orig/source/blender/windowmanager/intern/wm_operators.c 2012-01-02 16:57:51.331355194 +0100
++++ blender-2.61/source/blender/windowmanager/intern/wm_operators.c 2012-01-02 16:48:10.703365736 +0100
+@@ -1601,12 +1601,13 @@ static int wm_open_mainfile_exec(bContex
+ G.fileflags &= ~G_FILE_NO_UI;
+ else
+ G.fileflags |= G_FILE_NO_UI;
+-
+- if(RNA_boolean_get(op->ptr, "use_scripts"))
++
++ /* Restrict "Trusted Source" mode to Blender in --enable-autoexec mode */
++ if(RNA_boolean_get(op->ptr, "use_scripts") && (!(G.f & G_SCRIPT_OVERRIDE_PREF)))
+ G.f |= G_SCRIPT_AUTOEXEC;
+ else
+ G.f &= ~G_SCRIPT_AUTOEXEC;
+-
++
+ // XXX wm in context is not set correctly after WM_read_file -> crash
+ // do it before for now, but is this correct with multiple windows?
+ WM_event_add_notifier(C, NC_WINDOW, NULL);
+@@ -1618,6 +1619,8 @@ static int wm_open_mainfile_exec(bContex
+
+ static void WM_OT_open_mainfile(wmOperatorType *ot)
+ {
++ PropertyRNA * use_scripts_checkbox = NULL;
++
+ ot->name= "Open Blender File";
+ ot->idname= "WM_OT_open_mainfile";
+ ot->description="Open a Blender file";
+@@ -1629,7 +1632,12 @@ static void WM_OT_open_mainfile(wmOperat
+ WM_operator_properties_filesel(ot, FOLDERFILE|BLENDERFILE, FILE_BLENDER, FILE_OPENFILE, WM_FILESEL_FILEPATH);
+
+ RNA_def_boolean(ot->srna, "load_ui", 1, "Load UI", "Load user interface setup in the .blend file");
+- RNA_def_boolean(ot->srna, "use_scripts", 1, "Trusted Source", "Allow blend file execute scripts automatically, default available from system preferences");
++ use_scripts_checkbox = RNA_def_boolean(ot->srna, "use_scripts",
++ !!(G.f & G_SCRIPT_AUTOEXEC), "Trusted Source",
++ "Allow blend file execute scripts automatically, default available from system preferences");
++ /* Disable "Trusted Source" checkbox unless Blender run with --enable-autoexec */
++ if (use_scripts_checkbox && (G.f & G_SCRIPT_OVERRIDE_PREF))
++ RNA_def_property_clear_flag(use_scripts_checkbox, PROP_EDITABLE);
+ }
+
+ /* **************** link/append *************** */
+diff -Npur blender-2.61.orig/source/creator/creator.c blender-2.61/source/creator/creator.c
+--- blender-2.61.orig/source/creator/creator.c 2012-01-02 16:57:51.332355222 +0100
++++ blender-2.61/source/creator/creator.c 2012-01-02 16:48:10.704365737 +0100
+@@ -330,14 +330,14 @@ static int end_arguments(int UNUSED(argc
+ static int enable_python(int UNUSED(argc), const char **UNUSED(argv), void *UNUSED(data))
+ {
+ G.f |= G_SCRIPT_AUTOEXEC;
+- G.f |= G_SCRIPT_OVERRIDE_PREF;
++ G.f &= ~G_SCRIPT_OVERRIDE_PREF; /* Enables turning G_SCRIPT_AUTOEXEC off from user prefs */
+ return 0;
+ }
+
+ static int disable_python(int UNUSED(argc), const char **UNUSED(argv), void *UNUSED(data))
+ {
+ G.f &= ~G_SCRIPT_AUTOEXEC;
+- G.f |= G_SCRIPT_OVERRIDE_PREF;
++ G.f |= G_SCRIPT_OVERRIDE_PREF; /* Disables turning G_SCRIPT_AUTOEXEC on from user prefs */
+ return 0;
+ }
+