OpenBSD Mail Box: Re: WIP: Tor Browser 10.0a6

Hi,

On Sat, Aug 29, 2020 at 06:07:20PM -0000, Dimitri Karamazov wrote:
> Almost no addons are loaded, that is the reason the slider doesn't work.
> Extensions lie in /usr/local/lib/tor-browser/browser/exensions/ but
> are not visible in about:addons. Maybe a issue with pledge?
> Because I can install the addons manually, and then slider works fine.

Hmm, indeed. I observed some problems with the addons over here as well.
Not sure how I missed that. Using ktrace I found that the browser looks
in /usr/local/lib/tor-browser/distribution/extensions for the
extensions, not in /usr/local/lib/tor-browser/browser/extensions
(which used to work). I wonder whether this is documented somewhere, I
looked around but I could not find a note on whether Firefox made any
changes in this regard recently. But anyway, here is an updated diff.
Thanks for the feedback so far, I appreciate it.

Regarding support for ffmpeg/mp4 files, I indeed noticed it still
does not work after all. I'm not entirely sure yet where to look but
I'll keep it in the back of my head.

Thanks,
Caspar Schutijser

Index: meta/tor-browser/Makefile
===================================================================
RCS file: /cvs/ports/meta/tor-browser/Makefile,v
retrieving revision 1.29
diff -u -p -r1.29 Makefile
--- meta/tor-browser/Makefile 26 Aug 2020 07:37:38 -0000 1.29
+++ meta/tor-browser/Makefile 29 Aug 2020 20:06:57 -0000
@@ -4,12 +4,12 @@ COMMENT= Tor Browser meta package

MAINTAINER= Caspar Schutijser <caspar@schutijser.com>

-PKGNAME= tor-browser-9.5.4
+PKGNAME= tor-browser-10.0a6
ONLY_FOR_ARCHS = amd64 i386

-RUN_DEPENDS= www/tor-browser/browser>=9.5.4 \
- www/tor-browser/noscript>=11.0.38 \
- www/tor-browser/https-everywhere>=2020.8.13 \
+RUN_DEPENDS= www/tor-browser/browser>=10.0a6 \
+ www/tor-browser/noscript>=11.0.39 \
+ www/tor-browser/https-everywhere>=2020.8.13p0 \
net/tor>=0.4.3.6

.include <bsd.port.mk>
Index: www/tor-browser/Makefile.inc
===================================================================
RCS file: /cvs/ports/www/tor-browser/Makefile.inc,v
retrieving revision 1.29
diff -u -p -r1.29 Makefile.inc
--- www/tor-browser/Makefile.inc 26 Aug 2020 07:37:38 -0000 1.29
+++ www/tor-browser/Makefile.inc 29 Aug 2020 20:06:57 -0000
@@ -5,7 +5,7 @@ HOMEPAGE ?= https://www.torproject.org
PERMIT_PACKAGE ?= Yes
CATEGORIES = www
BROWSER_NAME = tor-browser
-TB_VERSION = 9.5.4
+TB_VERSION = 10.0a6
TB_PREFIX = tb

SUBST_VARS += BROWSER_NAME TB_VERSION
@@ -36,7 +36,7 @@ BUILD_DEPENDS += archivers/zip archivers
RUN_DEPENDS += www/tor-browser/browser

EXTDIR_ROOT ?= lib/${BROWSER_NAME}
-REAL_EXTDIR ?= ${PREFIX}/${EXTDIR_ROOT}/browser/extensions
+REAL_EXTDIR ?= ${PREFIX}/${EXTDIR_ROOT}/distribution/extensions

SUBST_VARS += EXTDIR_ROOT GUID

Index: www/tor-browser/browser/Makefile
===================================================================
RCS file: /cvs/ports/www/tor-browser/browser/Makefile,v
retrieving revision 1.49
diff -u -p -r1.49 Makefile
--- www/tor-browser/browser/Makefile 26 Aug 2020 07:37:38 -0000 1.49
+++ www/tor-browser/browser/Makefile 29 Aug 2020 20:06:57 -0000
@@ -3,28 +3,31 @@
# browser is a fork of ESR. It is a good idea to look at that
# Makefile when editing this one (ESR versions not always the same).

+# XXX sync README
+# XXX TB changelog mentions Go, what's that about?
+
COMMENT = modified version of Firefox ESR for browsing over Tor
ONLY_FOR_ARCHS = amd64 i386

MOZILLA_VERSION = ${TB_VERSION}
MOZILLA_PROJECT = ${BROWSER_NAME}
MOZILLA_CODENAME = browser
-TL_VERSION = 0.2.21.8
+TL_VERSION = 0.2.23

EXTRACT_SUFX = .tar.xz
PATCHORIG = .pat.orig

PKGNAME = ${TB_PREFIX}-browser-${TB_VERSION}
-DISTNAME = src-firefox-tor-browser-68.12.0esr-9.5-1-build1
+DISTNAME = src-firefox-tor-browser-78.2.0esr-10.0-1-build1

FIX_EXTRACT_PERMISSIONS = Yes
DISTFILES += ${DISTNAME}.tar.xz \
src-tor-launcher-${TL_VERSION}.tar.xz \
tor-browser-linux64-${TB_VERSION}_en-US.tar.xz

-SO_VERSION = 5.0
+SO_VERSION = 6.0
MOZILLA_LIBS = xul clearkey lgpllibs mozavcodec mozavutil mozgtk
-MOZILLA_LIBS += freebl3 nss3 nssckbi nssdbm3
+MOZILLA_LIBS += freebl3 nss3 nssckbi
MOZILLA_LIBS += nssutil3 smime3 softokn3 ssl3
MOZILLA_LIBS += nspr4 mozsqlite3 plc4 plds4

@@ -37,6 +40,7 @@ MASTER_SITES = https://dist.torproject.
MODULES = www/mozilla lang/python

MODPY_RUNDEP = No
+MODPY_VERSION = ${MODPY_DEFAULT_VERSION_3}

COMPILER = base-clang ports-clang
MODCLANG_ARCHS = amd64 i386
@@ -52,13 +56,12 @@ MOZILLA_USE_BUNDLED_HUNSPELL = Yes
# tor-browser needs built-in nss, sqlite
MOZILLA_USE_BUNDLED_NSPR = Yes
MOZILLA_USE_BUNDLED_NSS = Yes
+# #1611386
MOZILLA_USE_BUNDLED_SQLITE = Yes
-# 61 requires both versions of python
-BUILD_DEPENDS += lang/python/${MODPY_DEFAULT_VERSION_3}
# 63 requires node because why not #1483595
BUILD_DEPENDS += lang/node
# 63 requires cbindgen #1478813
-BUILD_DEPENDS += devel/cbindgen>=0.9.0
+BUILD_DEPENDS += devel/cbindgen>=0.14.3
.if (${MACHINE_ARCH}==amd64) || (${MACHINE_ARCH}==i386)
# 67 requires nasm for bundled libdav1d
BUILD_DEPENDS += devel/nasm
@@ -70,7 +73,7 @@ BUILD_DEPENDS += lang/rust
BUILD_DEPENDS += devel/llvm

# uses pledge()
-WANTLIB += X11-xcb Xcursor Xi intl xcb xcb-shm ${COMPILER_LIBCXX}
+WANTLIB += X11-xcb Xcursor Xi intl xcb xcb-shm harfbuzz ${COMPILER_LIBCXX}

# Regression tests are too hard to adapt to run here
NO_TEST = Yes
@@ -96,9 +99,14 @@ BUILD_DEPENDS += devel/py-virtualenv
RUN_DEPENDS += net/tor>=0.4.3.6

CONFIGURE_ARGS += --enable-release #1386371
-CONFIGURE_ARGS += --enable-sandbox --enable-content-sandbox
+CONFIGURE_ARGS += --enable-sandbox
CONFIGURE_ARGS += --with-libclang-path=${LOCALBASE}/lib
-CONFIGURE_ARGS += --with-clang-path=${LOCALBASE}/bin/clang
+
+# XXX badly formed debug in libxul ?
+DWZ = :
+#DEBUG_PACKAGES = ${BUILD_PACKAGES}
+DEBUG_CONFIGURE_ARGS += --enable-debug-symbols \
+ --disable-install-strip

post-extract:
mv ${WRKDIR}/tor-browser_en-US ${WRKSRC}
@@ -113,8 +121,6 @@ post-patch:
${SUBST_PROGRAM} ${FILESDIR}/configure ${WRKSRC}/configure
${SUBST_PROGRAM} ${FILESDIR}/configure ${WRKSRC}/js/src/configure
${SUBST_CMD} ${WRKSRC}/browser/extensions/tor-launcher/src/defaults/preferences/torlauncher-prefs.js
- sed -i 's/"files":{[^}]*}/"files":{}/' \
- ${WRKSRC}/third_party/rust/bindgen/.cargo-checksum.json
# Not using a patch for this; patch context would contain UTF-8
sed -i 's/#ifdef XP_LINUX/#if defined(XP_LINUX) || defined(XP_OPENBSD)/' \
${WRKSRC}/browser/app/profile/000-tor-browser.js
@@ -146,11 +152,6 @@ post-install:
${INSTALL_DATA_DIR} ${PREFIX}/share/applications/
${SUBST_DATA} ${FILESDIR}/${BROWSER_NAME}.desktop \
${PREFIX}/share/applications/${BROWSER_NAME}.desktop
- # install icon for desktop file
- ${INSTALL_DATA_DIR} ${PREFIX}/share/pixmaps/
- ${INSTALL_DATA} \
- ${BROWSER_DIR}/browser/chrome/icons/default/default128.png \
- ${PREFIX}/share/pixmaps/${BROWSER_NAME}.png
# link default48.png to default.png to be used by default
# by non-icccm compliant wm
ln -f ${BROWSER_DIR}/browser/chrome/icons/default/default{48,}.png
@@ -173,5 +174,9 @@ post-install:
rm ${PREFIX}/bin/${BROWSER_NAME}
${SUBST_PROGRAM} ${FILESDIR}/${BROWSER_NAME} \
${PREFIX}/bin/${BROWSER_NAME}
+
+.for f in unveil.content unveil.gpu unveil.main pledge.content pledge.gpu pledge.main
+ ${INSTALL_DATA} ${FILESDIR}/${f} ${BROWSER_DIR}/browser/defaults/preferences/
+.endfor

.include <bsd.port.mk>
Index: www/tor-browser/browser/distinfo
===================================================================
RCS file: /cvs/ports/www/tor-browser/browser/distinfo,v
retrieving revision 1.28
diff -u -p -r1.28 distinfo
--- www/tor-browser/browser/distinfo 26 Aug 2020 07:37:38 -0000 1.28
+++ www/tor-browser/browser/distinfo 29 Aug 2020 20:06:57 -0000
@@ -1,6 +1,6 @@
-SHA256 (mozilla/src-firefox-tor-browser-68.12.0esr-9.5-1-build1.tar.xz) = JJHvbajRiZQBZ4F/b2JBQF7COLXgBIYEjcjR3UR0+Q8=
-SHA256 (mozilla/src-tor-launcher-0.2.21.8.tar.xz) = v1cOZqTcpK1Ygxsw1GN+8Un5+8CMMuocvBE5iaZrVXg=
-SHA256 (mozilla/tor-browser-linux64-9.5.4_en-US.tar.xz) = XW2B2wTgqMU2w9XhPJNcUjGLrHykQIngMcG/fFTWb04=
-SIZE (mozilla/src-firefox-tor-browser-68.12.0esr-9.5-1-build1.tar.xz) = 348639116
-SIZE (mozilla/src-tor-launcher-0.2.21.8.tar.xz) = 214908
-SIZE (mozilla/tor-browser-linux64-9.5.4_en-US.tar.xz) = 79033640
+SHA256 (mozilla/src-firefox-tor-browser-78.2.0esr-10.0-1-build1.tar.xz) = 8BEA1MEnGSFvLteQ2Ce1nln6xxBcV0wTfCrAFQvBqtk=
+SHA256 (mozilla/src-tor-launcher-0.2.23.tar.xz) = TFKPsmwWqUoc1IObcocIeBet0oSt6upTJaWa4U/HfM8=
+SHA256 (mozilla/tor-browser-linux64-10.0a6_en-US.tar.xz) = cKRtZXvvuRZDJS2XZKOxk/w0Ghe6/7DdexhBbo+5GII=
+SIZE (mozilla/src-firefox-tor-browser-78.2.0esr-10.0-1-build1.tar.xz) = 364293728
+SIZE (mozilla/src-tor-launcher-0.2.23.tar.xz) = 214928
+SIZE (mozilla/tor-browser-linux64-10.0a6_en-US.tar.xz) = 86175472
Index: www/tor-browser/browser/files/all-openbsd.js
===================================================================
RCS file: /cvs/ports/www/tor-browser/browser/files/all-openbsd.js,v
retrieving revision 1.4
diff -u -p -r1.4 all-openbsd.js
--- www/tor-browser/browser/files/all-openbsd.js 16 Feb 2020 10:45:59 -0000 1.4
+++ www/tor-browser/browser/files/all-openbsd.js 29 Aug 2020 20:06:57 -0000
@@ -3,7 +3,3 @@
pref("spellchecker.dictionary_path", "${LOCALBASE}/share/mozilla-dicts/");
pref("general.config.filename", "tor-browser.cfg");
pref("general.config.obscure_value", 0);
-// enable pledging the content process
-pref("security.sandbox.content.level", 1);
-pref("security.sandbox.pledge.main","stdio rpath wpath cpath inet proc exec prot_exec flock ps sendfd recvfd dns vminfo tty drm unix fattr getpw mcast video");
-pref("security.sandbox.pledge.content","stdio rpath wpath cpath inet recvfd sendfd prot_exec unix drm ps");
Index: www/tor-browser/browser/files/pledge.content
===================================================================
RCS file: www/tor-browser/browser/files/pledge.content
diff -N www/tor-browser/browser/files/pledge.content
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ www/tor-browser/browser/files/pledge.content 29 Aug 2020 20:06:57 -0000
@@ -0,0 +1,14 @@
+# $OpenBSD: pledge.content,v 1.1 2020/07/28 14:21:48 landry Exp $
+stdio
+rpath
+wpath
+cpath
+recvfd
+sendfd
+prot_exec
+unix
+drm
+ps
+inet #dns.google does socket()
+# only needed if using NIS of the profile is located on a NFS share
+getpw
Index: www/tor-browser/browser/files/pledge.gpu
===================================================================
RCS file: www/tor-browser/browser/files/pledge.gpu
diff -N www/tor-browser/browser/files/pledge.gpu
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ www/tor-browser/browser/files/pledge.gpu 29 Aug 2020 20:06:57 -0000
@@ -0,0 +1,12 @@
+# $OpenBSD: pledge.gpu,v 1.1 2020/07/28 14:21:48 landry Exp $
+stdio
+rpath
+wpath
+cpath
+ps
+sendfd
+recvfd
+drm
+dns
+unix
+prot_exec
Index: www/tor-browser/browser/files/pledge.main
===================================================================
RCS file: www/tor-browser/browser/files/pledge.main
diff -N www/tor-browser/browser/files/pledge.main
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ www/tor-browser/browser/files/pledge.main 29 Aug 2020 20:06:57 -0000
@@ -0,0 +1,23 @@
+# $OpenBSD: pledge.main,v 1.1 2020/07/28 14:21:48 landry Exp $
+stdio
+rpath
+wpath
+cpath
+inet
+proc
+exec
+prot_exec
+flock
+ps
+sendfd
+recvfd
+dns
+vminfo
+tty
+drm
+unix
+fattr
+getpw
+mcast
+# only needed for WebRTC
+video
Index: www/tor-browser/browser/files/unveil.content
===================================================================
RCS file: www/tor-browser/browser/files/unveil.content
diff -N www/tor-browser/browser/files/unveil.content
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ www/tor-browser/browser/files/unveil.content 29 Aug 2020 20:06:57 -0000
@@ -0,0 +1,42 @@
+# $OpenBSD: unveil.content,v 1.1 2020/07/28 14:21:48 landry Exp $
+/dev/drm0 rw
+
+/etc/fonts r
+/etc/machine-id r
+/usr/local/lib r
+/usr/local/share r
+/usr/share/locale r
+/var/cache/fontconfig r
+/usr/X11R6/lib r
+/usr/X11R6/share r
+/var/run r
+
+~/.XCompose r
+~/.Xauthority r
+~/.Xdefaults r
+~/.fontconfig r
+~/.fonts r
+~/.fonts.conf r
+~/.fonts.conf.d r
+~/.icons r
+~/.pki rwc
+~/.sndio rwc
+~/.terminfo r
+
+~/TorBrowser-Data r
+~/Downloads r
+
+/tmp rwc
+
+$XDG_CONFIG_HOME/dconf rwc
+$XDG_CONFIG_HOME/fontconfig r
+$XDG_CONFIG_HOME/gtk-3.0 r
+$XDG_CONFIG_HOME/mimeapps.list r
+$XDG_CONFIG_HOME/user-dirs.dirs r
+$XDG_DATA_HOME/applications r
+$XDG_DATA_HOME/applnk r
+$XDG_DATA_HOME/fonts r
+$XDG_DATA_HOME/glib-2.0 r
+$XDG_DATA_HOME/icons r
+$XDG_DATA_HOME/mime r
+$XDG_DATA_HOME/themes r
Index: www/tor-browser/browser/files/unveil.gpu
===================================================================
RCS file: www/tor-browser/browser/files/unveil.gpu
diff -N www/tor-browser/browser/files/unveil.gpu
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ www/tor-browser/browser/files/unveil.gpu 29 Aug 2020 20:06:57 -0000
@@ -0,0 +1,12 @@
+# $OpenBSD: unveil.gpu,v 1.1 2020/07/28 14:21:48 landry Exp $
+/dev/drm0 rw
+
+/usr/local/lib/tor-browser r
+/usr/local/lib/gdk-pixbuf-2.0 r
+/usr/X11R6/lib r
+/usr/share/locale r
+/usr/local/share r
+
+/tmp rwc
+
+~/.Xauthority r
Index: www/tor-browser/browser/files/unveil.main
===================================================================
RCS file: www/tor-browser/browser/files/unveil.main
diff -N www/tor-browser/browser/files/unveil.main
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ www/tor-browser/browser/files/unveil.main 29 Aug 2020 20:06:57 -0000
@@ -0,0 +1,64 @@
+# $OpenBSD: unveil.main,v 1.1 2020/07/28 14:21:48 landry Exp $
+# for uuid generation?
+/dev/urandom r
+/dev/video rw
+/dev/video0 rw
+/dev/fido rw
+
+/etc/fonts r
+/etc/machine-id r
+
+/usr/local/lib r
+/usr/local/lib/tor-browser rx
+/usr/local/share r
+/usr/share/locale r
+/usr/share/zoneinfo r
+/var/cache/fontconfig r
+/usr/X11R6/lib r
+/usr/X11R6/share r
+/var/run r
+
+# printing
+/usr/bin/lpr rx
+
+# for launching registered 3rd party applications like pdf readers
+/etc/mailcap r
+~/.mailcap r
+~/.mime.types r
+
+~/.XCompose r
+~/.Xauthority r
+~/.Xdefaults r
+~/.fontconfig r
+~/.fonts r
+~/.fonts.conf r
+~/.fonts.conf.d r
+~/.icons r
+~/.pki rwc
+~/.sndio rwc
+~/.terminfo r
+
+~/TorBrowser-Data rwc
+~/Downloads rwc
+
+# for at least shm_open (for now)
+/tmp rwc
+
+# $XDG_CACHE_HOME, $XDG_CONFIG_HOME, and $XDG_DATA_HOME will expand to the
+# given variable if it exists in the environment, otherwise defaulting to
+# ~/.cache, ~/.config, and ~/.local/share
+$XDG_CACHE_HOME/dconf rwc
+$XDG_CACHE_HOME/thumbnails rwc
+$XDG_CONFIG_HOME/dconf rw
+$XDG_CONFIG_HOME/fontconfig r
+$XDG_CONFIG_HOME/gtk-3.0 r
+$XDG_CONFIG_HOME/mimeapps.list r
+$XDG_CONFIG_HOME/user-dirs.dirs r
+$XDG_DATA_HOME/applications rwc
+$XDG_DATA_HOME/applnk r
+$XDG_DATA_HOME/fonts r
+$XDG_DATA_HOME/glib-2.0 r
+$XDG_DATA_HOME/icons r
+$XDG_DATA_HOME/mime r
+$XDG_DATA_HOME/recently-used.xbel rwc
+$XDG_DATA_HOME/themes r
Index: www/tor-browser/browser/patches/patch-_mozconfig
===================================================================
RCS file: /cvs/ports/www/tor-browser/browser/patches/patch-_mozconfig,v
retrieving revision 1.6
diff -u -p -r1.6 patch-_mozconfig
--- www/tor-browser/browser/patches/patch-_mozconfig 13 Jun 2020 06:26:01 -0000 1.6
+++ www/tor-browser/browser/patches/patch-_mozconfig 29 Aug 2020 20:06:57 -0000
@@ -5,26 +5,14 @@ Disable the updater and related stuff.
Encrypted Media Extensions is not supported on OpenBSD. Apparently this also
means we can not pass --disable-eme to configure so comment that out.

+XXX --enable-verify-mar
+
Index: .mozconfig
--- .mozconfig.orig
+++ .mozconfig
-@@ -19,10 +19,10 @@ ac_add_options --enable-official-branding
- # Let's support GTK3 for ESR60
- ac_add_options --enable-default-toolkit=cairo-gtk3
-
--ac_add_options --disable-tor-launcher
-+#ac_add_options --disable-tor-launcher
- ac_add_options --disable-tor-browser-update
--ac_add_options --enable-signmar
--ac_add_options --enable-verify-mar
-+#ac_add_options --enable-signmar
-+#ac_add_options --enable-verify-mar
-
- ac_add_options --disable-strip
- ac_add_options --disable-install-strip
-@@ -31,10 +31,13 @@ ac_add_options --disable-debug
- ac_add_options --disable-crashreporter
+@@ -27,13 +27,16 @@ ac_add_options --disable-crashreporter
ac_add_options --disable-webrtc
+ ac_add_options --disable-parental-controls
# Let's make sure no preference is enabling either Adobe's or Google's CDM.
-ac_add_options --disable-eme
+#ac_add_options --disable-eme
@@ -33,8 +21,12 @@ Index: .mozconfig
# Disable telemetry
ac_add_options MOZ_TELEMETRY_REPORTING=

--ac_add_options --with-tor-browser-version=dev-build
+-ac_add_options --disable-tor-launcher
+# avoid 1.1GB libxul
+ac_add_options --disable-debug-symbols
+
+#ac_add_options --with-tor-browser-version=dev-build
+ ac_add_options --with-tor-browser-version=dev-build
+ ac_add_options --disable-tor-browser-update
+-ac_add_options --enable-verify-mar
++#ac_add_options --enable-verify-mar
Index: www/tor-browser/browser/patches/patch-browser_extensions_tor-launcher_src_components_tl-process_js
===================================================================
RCS file: /cvs/ports/www/tor-browser/browser/patches/patch-browser_extensions_tor-launcher_src_components_tl-process_js,v
retrieving revision 1.2
diff -u -p -r1.2 patch-browser_extensions_tor-launcher_src_components_tl-process_js
--- www/tor-browser/browser/patches/patch-browser_extensions_tor-launcher_src_components_tl-process_js 13 Jun 2020 06:26:01 -0000 1.2
+++ www/tor-browser/browser/patches/patch-browser_extensions_tor-launcher_src_components_tl-process_js 29 Aug 2020 20:06:57 -0000
@@ -6,7 +6,7 @@ the new getTorFile() deal with it.
Index: browser/extensions/tor-launcher/src/components/tl-process.js
--- browser/extensions/tor-launcher/src/components/tl-process.js.orig
+++ browser/extensions/tor-launcher/src/components/tl-process.js
-@@ -377,6 +377,8 @@ TorProcessService.prototype =
+@@ -393,6 +393,8 @@ TorProcessService.prototype =
var torrcFile = TorLauncherUtil.getTorFile("torrc", true);
var torrcDefaultsFile =
TorLauncherUtil.getTorFile("torrc-defaults", false);
@@ -15,7 +15,7 @@ Index: browser/extensions/tor-launcher/s
var hashedPassword = this.mProtocolSvc.TorGetPassword(true);
var controlIPCFile = this.mProtocolSvc.TorGetControlIPCFile();
var controlPort = this.mProtocolSvc.TorGetControlPort();
-@@ -404,19 +406,14 @@ TorProcessService.prototype =
+@@ -420,19 +422,14 @@ TorProcessService.prototype =
return;
}

Index: www/tor-browser/browser/patches/patch-config_makefiles_rust_mk
===================================================================
RCS file: /cvs/ports/www/tor-browser/browser/patches/patch-config_makefiles_rust_mk,v
retrieving revision 1.2
diff -u -p -r1.2 patch-config_makefiles_rust_mk
--- www/tor-browser/browser/patches/patch-config_makefiles_rust_mk 26 Aug 2020 07:37:39 -0000 1.2
+++ www/tor-browser/browser/patches/patch-config_makefiles_rust_mk 29 Aug 2020 20:06:57 -0000
@@ -1,15 +1,17 @@
-$OpenBSD: patch-config_makefiles_rust_mk,v 1.2 2020/08/26 07:37:39 landry Exp $
+$OpenBSD: patch-config_makefiles_rust_mk,v 1.3 2020/08/25 13:19:49 landry Exp $

+use lto=thin to reduce memory pressure when building gkrust
https://bugzilla.mozilla.org/show_bug.cgi?id=1644409

Index: config/makefiles/rust.mk
--- config/makefiles/rust.mk.orig
+++ config/makefiles/rust.mk
-@@ -48,6 +48,7 @@ ifndef DEVELOPER_OPTIONS
- ifndef MOZ_DEBUG_RUST
- # Enable link-time optimization for release builds.
- cargo_rustc_flags += -C lto
-+export CARGO_PROFILE_RELEASE_LTO=yes
+@@ -61,7 +61,7 @@ ifndef MOZ_DEBUG_RUST
+ # Enable link-time optimization for release builds, but not when linking
+ # gkrust_gtest.
+ ifeq (,$(findstring gkrust_gtest,$(RUST_LIBRARY_FILE)))
+-cargo_rustc_flags += -Clto
++cargo_rustc_flags += -Clto=thin
+ endif
# Versions of rust >= 1.45 need -Cembed-bitcode=yes for all crates when
# using -Clto.
- ifeq (,$(filter 1.22.% 1.23.% 1.24.% 1.25.% 1.26.% 1.27.% 1.28.% 1.29.% 1.30.% 1.31.% 1.32.% 1.33.% 1.34.% 1.35.% 1.36.% 1.37.% 1.38.% 1.39.% 1.40.% 1.41.% 1.42.% 1.43.% 1.44.%,$(RUSTC_VERSION)))
Index: www/tor-browser/browser/patches/patch-config_system-headers_mozbuild
===================================================================
RCS file: www/tor-browser/browser/patches/patch-config_system-headers_mozbuild
diff -N www/tor-browser/browser/patches/patch-config_system-headers_mozbuild
--- www/tor-browser/browser/patches/patch-config_system-headers_mozbuild 13 Feb 2020 07:41:53 -0000 1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,27 +0,0 @@
-$OpenBSD: patch-config_system-headers_mozbuild,v 1.1 2020/02/13 07:41:53 landry Exp $
-
-https://hg.mozilla.org/mozilla-central/rev/d3885b9d42d3
-
-Index: config/system-headers.mozbuild
---- config/system-headers.mozbuild.orig
-+++ config/system-headers.mozbuild
-@@ -814,7 +814,6 @@ system_headers = [
- 'synch.h',
- 'syncmgr.h',
- 'sys/atomic_op.h',
-- 'sys/auxv.h',
- 'sys/bitypes.h',
- 'sys/byteorder.h',
- 'syscall.h',
-@@ -1345,6 +1344,11 @@ if CONFIG['MOZ_WAYLAND']:
- 'wayland-client.h',
- 'wayland-egl.h',
- 'wayland-util.h',
-+ ]
-+
-+if CONFIG['OS_TARGET'] in ('Android', 'Linux', 'FreeBSD'):
-+ system_headers += [
-+ 'sys/auxv.h',
- ]
-
- if CONFIG['OS_TARGET'] == 'Linux' and CONFIG['CPU_ARCH'].startswith('mips'):
Index: www/tor-browser/browser/patches/patch-dom_ipc_ContentChild_cpp
===================================================================
RCS file: www/tor-browser/browser/patches/patch-dom_ipc_ContentChild_cpp
diff -N www/tor-browser/browser/patches/patch-dom_ipc_ContentChild_cpp
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ www/tor-browser/browser/patches/patch-dom_ipc_ContentChild_cpp 29 Aug 2020 20:06:57 -0000
@@ -0,0 +1,30 @@
+$OpenBSD: patch-dom_ipc_ContentChild_cpp,v 1.1 2020/07/28 14:21:48 landry Exp $
+
+Do not unveil an already visible pledge file since that interferes with
+other unveils.
+
+cf https://bugzilla.mozilla.org/show_bug.cgi?id=1623086
+Index: dom/ipc/ContentChild.cpp
+--- dom/ipc/ContentChild.cpp.orig
++++ dom/ipc/ContentChild.cpp
+@@ -4414,8 +4414,18 @@ OpenBSDUnveilPaths(const nsACString& uPath, const nsAC
+ if (disabled) {
+ warnx("%s: disabled", PromiseFlatCString(uPath).get());
+ } else {
+- if (unveil(PromiseFlatCString(pledgePath).get(), "r") == -1) {
+- err(1, "unveil(%s, r) failed", PromiseFlatCString(pledgePath).get());
++ struct stat st;
++
++ // Only unveil the pledgePath file if it's not already unveiled, otherwise
++ // some containing directory will lose visibility.
++ if (stat(PromiseFlatCString(pledgePath).get(), &st) == -1) {
++ if (errno == ENOENT) {
++ if (unveil(PromiseFlatCString(pledgePath).get(), "r") == -1) {
++ err(1, "unveil(%s, r) failed", PromiseFlatCString(pledgePath).get());
++ }
++ } else {
++ err(1, "stat(%s)", PromiseFlatCString(pledgePath).get());
++ }
+ }
+ }
+
Index: www/tor-browser/browser/patches/patch-js_src_jit_ProcessExecutableMemory_cpp
===================================================================
RCS file: www/tor-browser/browser/patches/patch-js_src_jit_ProcessExecutableMemory_cpp
diff -N www/tor-browser/browser/patches/patch-js_src_jit_ProcessExecutableMemory_cpp
--- www/tor-browser/browser/patches/patch-js_src_jit_ProcessExecutableMemory_cpp 13 Feb 2020 07:41:53 -0000 1.4
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,29 +0,0 @@
-$OpenBSD: patch-js_src_jit_ProcessExecutableMemory_cpp,v 1.4 2020/02/13 07:41:53 landry Exp $
-
-Don't ComputeRandomAllocationAddress on OpenBSD
-https://bugzilla.mozilla.org/show_bug.cgi?id=1586912
-
-Index: js/src/jit/ProcessExecutableMemory.cpp
---- js/src/jit/ProcessExecutableMemory.cpp.orig
-+++ js/src/jit/ProcessExecutableMemory.cpp
-@@ -318,6 +318,12 @@ static void DecommitPages(void* addr, size_t bytes) {
- }
- #else // !XP_WIN
- static void* ComputeRandomAllocationAddress() {
-+#ifdef __OpenBSD__
-+ // OpenBSD already has random mmap and the idea that all x64 cpus
-+ // have 48-bit address space is not correct. Returning nullptr
-+ // allows OpenBSD do to the right thing.
-+ return nullptr;
-+#else
- uint64_t rand = js::GenerateRandomSeed();
-
- # ifdef HAVE_64BIT_BUILD
-@@ -337,6 +343,7 @@ static void* ComputeRandomAllocationAddress() {
- // Ensure page alignment.
- uintptr_t mask = ~uintptr_t(gc::SystemPageSize() - 1);
- return (void*)uintptr_t(rand & mask);
-+

OpenBSD Mail Box

Saturday, August 29, 2020

Re: WIP: Tor Browser 10.0a6

No comments:

Post a Comment