Hi,
On Sat, Sep 26, 2020 at 11:11:42AM +0200, Caspar Schutijser wrote:
> The below patch updates Tor Browser to 10.0. Read
> https://blog.torproject.org/new-release-tor-browser-100 for more
> info. Tested on amd64.
>
> This is a pretty big update as Tor Browser 10.0 is based on the new
> branch of Firefox ESR, i.e., 78. That also means that Tor Browser gains
> unveil(2) support.
>
> Compared to 10.0a6 (the WIP diff I sent out for that alpha release),
> the biggest difference is that upstream changed how the HTTPS Everywhere
> extension is included. The addon is now put into the omni.ja file.
> See the release notes for more information. This means that the port
> for HTTPS Everywhere can be removed. I'll send a diff for that at some
> later point.
Here is a diff that updates Tor Browser to 10.0.2. Tested on amd64.
More info: https://blog.torproject.org/new-release-tor-browser-1002
Thanks,
Caspar Schutijser
Index: meta/tor-browser/Makefile
===================================================================
RCS file: /cvs/ports/meta/tor-browser/Makefile,v
retrieving revision 1.29
diff -u -p -r1.29 Makefile
--- meta/tor-browser/Makefile 26 Aug 2020 07:37:38 -0000 1.29
+++ meta/tor-browser/Makefile 22 Oct 2020 16:37:04 -0000
@@ -4,12 +4,11 @@ COMMENT= Tor Browser meta package
MAINTAINER= Caspar Schutijser <caspar@schutijser.com>
-PKGNAME= tor-browser-9.5.4
+PKGNAME= tor-browser-10.0.2
ONLY_FOR_ARCHS = amd64 i386
-RUN_DEPENDS= www/tor-browser/browser>=9.5.4 \
- www/tor-browser/noscript>=11.0.38 \
- www/tor-browser/https-everywhere>=2020.8.13 \
+RUN_DEPENDS= www/tor-browser/browser>=10.0.2 \
+ www/tor-browser/noscript>=11.1.3 \
net/tor>=0.4.3.6
.include <bsd.port.mk>
Index: meta/tor-browser/pkg/README
===================================================================
RCS file: /cvs/ports/meta/tor-browser/pkg/README,v
retrieving revision 1.5
diff -u -p -r1.5 README
--- meta/tor-browser/pkg/README 13 Jun 2020 06:26:01 -0000 1.5
+++ meta/tor-browser/pkg/README 22 Oct 2020 16:37:04 -0000
@@ -44,4 +44,4 @@ worth reading:
https://2019.www.torproject.org/docs/pluggable-transports.html.en
For more information about Tor Browser and the Tor anonymity network
-in general please visit http://www.torproject.org
+in general please visit https://www.torproject.org
Index: www/tor-browser/Makefile.inc
===================================================================
RCS file: /cvs/ports/www/tor-browser/Makefile.inc,v
retrieving revision 1.29
diff -u -p -r1.29 Makefile.inc
--- www/tor-browser/Makefile.inc 26 Aug 2020 07:37:38 -0000 1.29
+++ www/tor-browser/Makefile.inc 22 Oct 2020 16:37:04 -0000
@@ -5,7 +5,7 @@ HOMEPAGE ?= https://www.torproject.org
PERMIT_PACKAGE ?= Yes
CATEGORIES = www
BROWSER_NAME = tor-browser
-TB_VERSION = 9.5.4
+TB_VERSION = 10.0.2
TB_PREFIX = tb
SUBST_VARS += BROWSER_NAME TB_VERSION
@@ -13,13 +13,13 @@ SUBST_VARS += BROWSER_NAME TB_VERSION
ADDON_NAME ?=
.if !empty(ADDON_NAME)
# Everything in this .if (most of the file) is for add-ons like
-# torbutton, tor-launcher, ... tor-browser does its own thing.
+# noscript, ... tor-browser does its own thing.
. if !defined(GUID)
ERRORS += "GUID missing: please set a GUID for ${ADDON_NAME}"
. endif
# This should be set to Yes if the distfile for the addon is the .xpi
-# file itself (noscript, https-everywhere)
+# file itself (noscript)
DISTFILE_IS_XPI ?= No
TB_NAME ?= ${ADDON_NAME}-${V}
@@ -36,7 +36,7 @@ BUILD_DEPENDS += archivers/zip archivers
RUN_DEPENDS += www/tor-browser/browser
EXTDIR_ROOT ?= lib/${BROWSER_NAME}
-REAL_EXTDIR ?= ${PREFIX}/${EXTDIR_ROOT}/browser/extensions
+REAL_EXTDIR ?= ${PREFIX}/${EXTDIR_ROOT}/distribution/extensions
SUBST_VARS += EXTDIR_ROOT GUID
Index: www/tor-browser/browser/Makefile
===================================================================
RCS file: /cvs/ports/www/tor-browser/browser/Makefile,v
retrieving revision 1.49
diff -u -p -r1.49 Makefile
--- www/tor-browser/browser/Makefile 26 Aug 2020 07:37:38 -0000 1.49
+++ www/tor-browser/browser/Makefile 22 Oct 2020 16:37:04 -0000
@@ -9,34 +9,39 @@ ONLY_FOR_ARCHS = amd64 i386
MOZILLA_VERSION = ${TB_VERSION}
MOZILLA_PROJECT = ${BROWSER_NAME}
MOZILLA_CODENAME = browser
-TL_VERSION = 0.2.21.8
+TL_VERSION = 0.2.26
+HE_VERSION = 2020.8.13
EXTRACT_SUFX = .tar.xz
PATCHORIG = .pat.orig
PKGNAME = ${TB_PREFIX}-browser-${TB_VERSION}
-DISTNAME = src-firefox-tor-browser-68.12.0esr-9.5-1-build1
+DISTNAME = src-firefox-tor-browser-78.4.0esr-10.0-2-build2
FIX_EXTRACT_PERMISSIONS = Yes
-DISTFILES += ${DISTNAME}.tar.xz \
+EXTRACT_ONLY += ${DISTNAME}.tar.xz \
src-tor-launcher-${TL_VERSION}.tar.xz \
tor-browser-linux64-${TB_VERSION}_en-US.tar.xz
+DISTFILES = ${EXTRACT_ONLY} \
+ https-everywhere-${HE_VERSION}-eff.xpi:0
-SO_VERSION = 5.0
+SO_VERSION = 6.0
MOZILLA_LIBS = xul clearkey lgpllibs mozavcodec mozavutil mozgtk
-MOZILLA_LIBS += freebl3 nss3 nssckbi nssdbm3
+MOZILLA_LIBS += freebl3 nss3 nssckbi
MOZILLA_LIBS += nssutil3 smime3 softokn3 ssl3
MOZILLA_LIBS += nspr4 mozsqlite3 plc4 plds4
-# mozilla public license
+# mozilla public license for the browser; GPLv2+ for HTTPS Everywhere
PERMIT_PACKAGE= Yes
MASTER_SITES = https://dist.torproject.org/torbrowser/${TB_VERSION}/ \
https://temp.schutijser.com/~caspar/tor-browser/
+MASTER_SITES0 = https://www.eff.org/files/
MODULES = www/mozilla lang/python
MODPY_RUNDEP = No
+MODPY_VERSION = ${MODPY_DEFAULT_VERSION_3}
COMPILER = base-clang ports-clang
MODCLANG_ARCHS = amd64 i386
@@ -52,13 +57,12 @@ MOZILLA_USE_BUNDLED_HUNSPELL = Yes
# tor-browser needs built-in nss, sqlite
MOZILLA_USE_BUNDLED_NSPR = Yes
MOZILLA_USE_BUNDLED_NSS = Yes
+# #1611386
MOZILLA_USE_BUNDLED_SQLITE = Yes
-# 61 requires both versions of python
-BUILD_DEPENDS += lang/python/${MODPY_DEFAULT_VERSION_3}
# 63 requires node because why not #1483595
BUILD_DEPENDS += lang/node
# 63 requires cbindgen #1478813
-BUILD_DEPENDS += devel/cbindgen>=0.9.0
+BUILD_DEPENDS += devel/cbindgen>=0.14.3
.if (${MACHINE_ARCH}==amd64) || (${MACHINE_ARCH}==i386)
# 67 requires nasm for bundled libdav1d
BUILD_DEPENDS += devel/nasm
@@ -70,7 +74,7 @@ BUILD_DEPENDS += lang/rust
BUILD_DEPENDS += devel/llvm
# uses pledge()
-WANTLIB += X11-xcb Xcursor Xi intl xcb xcb-shm ${COMPILER_LIBCXX}
+WANTLIB += X11-xcb Xcursor Xi intl xcb xcb-shm harfbuzz ${COMPILER_LIBCXX}
# Regression tests are too hard to adapt to run here
NO_TEST = Yes
@@ -93,12 +97,19 @@ MAKE_ENV += BUILD_OPT=1 \
XCFLAGS="-I${LOCALBASE}/include ${CFLAGS}"
BUILD_DEPENDS += devel/py-virtualenv
+BUILD_DEPENDS += archivers/unzip archivers/zip
+
RUN_DEPENDS += net/tor>=0.4.3.6
CONFIGURE_ARGS += --enable-release #1386371
-CONFIGURE_ARGS += --enable-sandbox --enable-content-sandbox
+CONFIGURE_ARGS += --enable-sandbox
CONFIGURE_ARGS += --with-libclang-path=${LOCALBASE}/lib
-CONFIGURE_ARGS += --with-clang-path=${LOCALBASE}/bin/clang
+
+# XXX badly formed debug in libxul ?
+DWZ = :
+#DEBUG_PACKAGES = ${BUILD_PACKAGES}
+DEBUG_CONFIGURE_ARGS += --enable-debug-symbols \
+ --disable-install-strip
post-extract:
mv ${WRKDIR}/tor-browser_en-US ${WRKSRC}
@@ -113,8 +124,6 @@ post-patch:
${SUBST_PROGRAM} ${FILESDIR}/configure ${WRKSRC}/configure
${SUBST_PROGRAM} ${FILESDIR}/configure ${WRKSRC}/js/src/configure
${SUBST_CMD} ${WRKSRC}/browser/extensions/tor-launcher/src/defaults/preferences/torlauncher-prefs.js
- sed -i 's/"files":{[^}]*}/"files":{}/' \
- ${WRKSRC}/third_party/rust/bindgen/.cargo-checksum.json
# Not using a patch for this; patch context would contain UTF-8
sed -i 's/#ifdef XP_LINUX/#if defined(XP_LINUX) || defined(XP_OPENBSD)/' \
${WRKSRC}/browser/app/profile/000-tor-browser.js
@@ -146,11 +155,6 @@ post-install:
${INSTALL_DATA_DIR} ${PREFIX}/share/applications/
${SUBST_DATA} ${FILESDIR}/${BROWSER_NAME}.desktop \
${PREFIX}/share/applications/${BROWSER_NAME}.desktop
- # install icon for desktop file
- ${INSTALL_DATA_DIR} ${PREFIX}/share/pixmaps/
- ${INSTALL_DATA} \
- ${BROWSER_DIR}/browser/chrome/icons/default/default128.png \
- ${PREFIX}/share/pixmaps/${BROWSER_NAME}.png
# link default48.png to default.png to be used by default
# by non-icccm compliant wm
ln -f ${BROWSER_DIR}/browser/chrome/icons/default/default{48,}.png
@@ -169,9 +173,19 @@ post-install:
cp ${WRKSRC}/tor-browser_en-US/Browser/fonts/* \
${BROWSER_DIR}/browser/fonts
+ # Include HTTPS Everywhere in omni.ja
+ mkdir -p ${WRKSRC}/https-everywhere/chrome/torbutton/content/extensions/https-everywhere/
+ unzip ${FULLDISTDIR}/https-everywhere-${HE_VERSION}-eff.xpi \
+ -d ${WRKSRC}/https-everywhere/chrome/torbutton/content/extensions/https-everywhere/
+ cd ${WRKSRC}/https-everywhere && find chrome/ | zip -X -@ ${BROWSER_DIR}/omni.ja
+
# install wrapper script (remove symlink first)
rm ${PREFIX}/bin/${BROWSER_NAME}
${SUBST_PROGRAM} ${FILESDIR}/${BROWSER_NAME} \
${PREFIX}/bin/${BROWSER_NAME}
+
+.for f in unveil.content unveil.gpu unveil.main pledge.content pledge.gpu pledge.main
+ ${INSTALL_DATA} ${FILESDIR}/${f} ${BROWSER_DIR}/browser/defaults/preferences/
+.endfor
.include <bsd.port.mk>
Index: www/tor-browser/browser/distinfo
===================================================================
RCS file: /cvs/ports/www/tor-browser/browser/distinfo,v
retrieving revision 1.28
diff -u -p -r1.28 distinfo
--- www/tor-browser/browser/distinfo 26 Aug 2020 07:37:38 -0000 1.28
+++ www/tor-browser/browser/distinfo 22 Oct 2020 16:37:04 -0000
@@ -1,6 +1,8 @@
-SHA256 (mozilla/src-firefox-tor-browser-68.12.0esr-9.5-1-build1.tar.xz) = JJHvbajRiZQBZ4F/b2JBQF7COLXgBIYEjcjR3UR0+Q8=
-SHA256 (mozilla/src-tor-launcher-0.2.21.8.tar.xz) = v1cOZqTcpK1Ygxsw1GN+8Un5+8CMMuocvBE5iaZrVXg=
-SHA256 (mozilla/tor-browser-linux64-9.5.4_en-US.tar.xz) = XW2B2wTgqMU2w9XhPJNcUjGLrHykQIngMcG/fFTWb04=
-SIZE (mozilla/src-firefox-tor-browser-68.12.0esr-9.5-1-build1.tar.xz) = 348639116
-SIZE (mozilla/src-tor-launcher-0.2.21.8.tar.xz) = 214908
-SIZE (mozilla/tor-browser-linux64-9.5.4_en-US.tar.xz) = 79033640
+SHA256 (mozilla/https-everywhere-2020.8.13-eff.xpi) = e1XWrqP5HNCK5Hp5VDDX2SXwHiNsgfsLNyqxu1NrTeU=
+SHA256 (mozilla/src-firefox-tor-browser-78.4.0esr-10.0-2-build2.tar.xz) = sVMENAJKRprtDeWWQMb6ljdxGmI3PXBq92DIgmBigoo=
+SHA256 (mozilla/src-tor-launcher-0.2.26.tar.xz) = JNovULiGxs68qC1A5c4zKaZHGGGlpj9ohKT8nQFKmNU=
+SHA256 (mozilla/tor-browser-linux64-10.0.2_en-US.tar.xz) = JBJDMC44VSh1ekXPxsVvFk5nOB8Ro4UGtD32pG1weP8=
+SIZE (mozilla/https-everywhere-2020.8.13-eff.xpi) = 1766618
+SIZE (mozilla/src-firefox-tor-browser-78.4.0esr-10.0-2-build2.tar.xz) = 364731008
+SIZE (mozilla/src-tor-launcher-0.2.26.tar.xz) = 217792
+SIZE (mozilla/tor-browser-linux64-10.0.2_en-US.tar.xz) = 85903736
Index: www/tor-browser/browser/files/all-openbsd.js
===================================================================
RCS file: /cvs/ports/www/tor-browser/browser/files/all-openbsd.js,v
retrieving revision 1.4
diff -u -p -r1.4 all-openbsd.js
--- www/tor-browser/browser/files/all-openbsd.js 16 Feb 2020 10:45:59 -0000 1.4
+++ www/tor-browser/browser/files/all-openbsd.js 22 Oct 2020 16:37:04 -0000
@@ -3,7 +3,3 @@
pref("spellchecker.dictionary_path", "${LOCALBASE}/share/mozilla-dicts/");
pref("general.config.filename", "tor-browser.cfg");
pref("general.config.obscure_value", 0);
-// enable pledging the content process
-pref("security.sandbox.content.level", 1);
-pref("security.sandbox.pledge.main","stdio rpath wpath cpath inet proc exec prot_exec flock ps sendfd recvfd dns vminfo tty drm unix fattr getpw mcast video");
-pref("security.sandbox.pledge.content","stdio rpath wpath cpath inet recvfd sendfd prot_exec unix drm ps");
Index: www/tor-browser/browser/files/pledge.content
===================================================================
RCS file: www/tor-browser/browser/files/pledge.content
diff -N www/tor-browser/browser/files/pledge.content
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ www/tor-browser/browser/files/pledge.content 22 Oct 2020 16:37:04 -0000
@@ -0,0 +1,14 @@
+# $OpenBSD: pledge.content,v 1.1 2020/07/28 14:21:48 landry Exp $
+stdio
+rpath
+wpath
+cpath
+recvfd
+sendfd
+prot_exec
+unix
+drm
+ps
+inet #dns.google does socket()
+# only needed if using NIS of the profile is located on a NFS share
+getpw
Index: www/tor-browser/browser/files/pledge.gpu
===================================================================
RCS file: www/tor-browser/browser/files/pledge.gpu
diff -N www/tor-browser/browser/files/pledge.gpu
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ www/tor-browser/browser/files/pledge.gpu 22 Oct 2020 16:37:04 -0000
@@ -0,0 +1,12 @@
+# $OpenBSD: pledge.gpu,v 1.1 2020/07/28 14:21:48 landry Exp $
+stdio
+rpath
+wpath
+cpath
+ps
+sendfd
+recvfd
+drm
+dns
+unix
+prot_exec
Index: www/tor-browser/browser/files/pledge.main
===================================================================
RCS file: www/tor-browser/browser/files/pledge.main
diff -N www/tor-browser/browser/files/pledge.main
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ www/tor-browser/browser/files/pledge.main 22 Oct 2020 16:37:04 -0000
@@ -0,0 +1,23 @@
+# $OpenBSD: pledge.main,v 1.1 2020/07/28 14:21:48 landry Exp $
+stdio
+rpath
+wpath
+cpath
+inet
+proc
+exec
+prot_exec
+flock
+ps
+sendfd
+recvfd
+dns
+vminfo
+tty
+drm
+unix
+fattr
+getpw
+mcast
+# only needed for WebRTC
+video
Index: www/tor-browser/browser/files/unveil.content
===================================================================
RCS file: www/tor-browser/browser/files/unveil.content
diff -N www/tor-browser/browser/files/unveil.content
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ www/tor-browser/browser/files/unveil.content 22 Oct 2020 16:37:04 -0000
@@ -0,0 +1,42 @@
+# $OpenBSD: unveil.content,v 1.1 2020/07/28 14:21:48 landry Exp $
+/dev/drm0 rw
+
+/etc/fonts r
+/etc/machine-id r
+/usr/local/lib r
+/usr/local/share r
+/usr/share/locale r
+/var/cache/fontconfig r
+/usr/X11R6/lib r
+/usr/X11R6/share r
+/var/run r
+
+~/.XCompose r
+~/.Xauthority r
+~/.Xdefaults r
+~/.fontconfig r
+~/.fonts r
+~/.fonts.conf r
+~/.fonts.conf.d r
+~/.icons r
+~/.pki rwc
+~/.sndio rwc
+~/.terminfo r
+
+~/TorBrowser-Data r
+~/Downloads r
+
+/tmp rwc
+
+$XDG_CONFIG_HOME/dconf rwc
+$XDG_CONFIG_HOME/fontconfig r
+$XDG_CONFIG_HOME/gtk-3.0 r
+$XDG_CONFIG_HOME/mimeapps.list r
+$XDG_CONFIG_HOME/user-dirs.dirs r
+$XDG_DATA_HOME/applications r
+$XDG_DATA_HOME/applnk r
+$XDG_DATA_HOME/fonts r
+$XDG_DATA_HOME/glib-2.0 r
+$XDG_DATA_HOME/icons r
+$XDG_DATA_HOME/mime r
+$XDG_DATA_HOME/themes r
Index: www/tor-browser/browser/files/unveil.gpu
===================================================================
RCS file: www/tor-browser/browser/files/unveil.gpu
diff -N www/tor-browser/browser/files/unveil.gpu
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ www/tor-browser/browser/files/unveil.gpu 22 Oct 2020 16:37:04 -0000
@@ -0,0 +1,12 @@
+# $OpenBSD: unveil.gpu,v 1.1 2020/07/28 14:21:48 landry Exp $
+/dev/drm0 rw
+
+/usr/local/lib/tor-browser r
+/usr/local/lib/gdk-pixbuf-2.0 r
+/usr/X11R6/lib r
+/usr/share/locale r
+/usr/local/share r
+
+/tmp rwc
+
+~/.Xauthority r
Index: www/tor-browser/browser/files/unveil.main
===================================================================
RCS file: www/tor-browser/browser/files/unveil.main
diff -N www/tor-browser/browser/files/unveil.main
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ www/tor-browser/browser/files/unveil.main 22 Oct 2020 16:37:04 -0000
@@ -0,0 +1,64 @@
+# $OpenBSD: unveil.main,v 1.1 2020/07/28 14:21:48 landry Exp $
+# for uuid generation?
+/dev/urandom r
+/dev/video rw
+/dev/video0 rw
+/dev/fido rw
+
+/etc/fonts r
+/etc/machine-id r
+
+/usr/local/lib r
+/usr/local/lib/tor-browser rx
+/usr/local/share r
+/usr/share/locale r
+/usr/share/zoneinfo r
+/var/cache/fontconfig r
+/usr/X11R6/lib r
+/usr/X11R6/share r
+/var/run r
+
+# printing
+/usr/bin/lpr rx
+
+# for launching registered 3rd party applications like pdf readers
+/etc/mailcap r
+~/.mailcap r
+~/.mime.types r
+
+~/.XCompose r
+~/.Xauthority r
+~/.Xdefaults r
+~/.fontconfig r
+~/.fonts r
+~/.fonts.conf r
+~/.fonts.conf.d r
+~/.icons r
+~/.pki rwc
+~/.sndio rwc
+~/.terminfo r
+
+~/TorBrowser-Data rwc
+~/Downloads rwc
+
+# for at least shm_open (for now)
+/tmp rwc
+
+# $XDG_CACHE_HOME, $XDG_CONFIG_HOME, and $XDG_DATA_HOME will expand to the
+# given variable if it exists in the environment, otherwise defaulting to
+# ~/.cache, ~/.config, and ~/.local/share
+$XDG_CACHE_HOME/dconf rwc
+$XDG_CACHE_HOME/thumbnails rwc
+$XDG_CONFIG_HOME/dconf rw
+$XDG_CONFIG_HOME/fontconfig r
+$XDG_CONFIG_HOME/gtk-3.0 r
+$XDG_CONFIG_HOME/mimeapps.list r
+$XDG_CONFIG_HOME/user-dirs.dirs r
+$XDG_DATA_HOME/applications rwc
+$XDG_DATA_HOME/applnk r
+$XDG_DATA_HOME/fonts r
+$XDG_DATA_HOME/glib-2.0 r
+$XDG_DATA_HOME/icons r
+$XDG_DATA_HOME/mime r
+$XDG_DATA_HOME/recently-used.xbel rwc
+$XDG_DATA_HOME/themes r
Index: www/tor-browser/browser/patches/patch-_mozconfig
===================================================================
RCS file: /cvs/ports/www/tor-browser/browser/patches/patch-_mozconfig,v
retrieving revision 1.6
diff -u -p -r1.6 patch-_mozconfig
--- www/tor-browser/browser/patches/patch-_mozconfig 13 Jun 2020 06:26:01 -0000 1.6
+++ www/tor-browser/browser/patches/patch-_mozconfig 22 Oct 2020 16:37:04 -0000
@@ -8,23 +8,9 @@ means we can not pass --disable-eme to c
Index: .mozconfig
--- .mozconfig.orig
+++ .mozconfig
-@@ -19,10 +19,10 @@ ac_add_options --enable-official-branding
- # Let's support GTK3 for ESR60
- ac_add_options --enable-default-toolkit=cairo-gtk3
-
--ac_add_options --disable-tor-launcher
-+#ac_add_options --disable-tor-launcher
- ac_add_options --disable-tor-browser-update
--ac_add_options --enable-signmar
--ac_add_options --enable-verify-mar
-+#ac_add_options --enable-signmar
-+#ac_add_options --enable-verify-mar
-
- ac_add_options --disable-strip
- ac_add_options --disable-install-strip
-@@ -31,10 +31,13 @@ ac_add_options --disable-debug
- ac_add_options --disable-crashreporter
+@@ -27,13 +27,15 @@ ac_add_options --disable-crashreporter
ac_add_options --disable-webrtc
+ ac_add_options --disable-parental-controls
# Let's make sure no preference is enabling either Adobe's or Google's CDM.
-ac_add_options --disable-eme
+#ac_add_options --disable-eme
@@ -33,8 +19,12 @@ Index: .mozconfig
# Disable telemetry
ac_add_options MOZ_TELEMETRY_REPORTING=
+-ac_add_options --disable-tor-launcher
-ac_add_options --with-tor-browser-version=dev-build
+# avoid 1.1GB libxul
+ac_add_options --disable-debug-symbols
+
+#ac_add_options --with-tor-browser-version=dev-build
+ ac_add_options --disable-tor-browser-update
+-ac_add_options --enable-verify-mar
++#ac_add_options --enable-verify-mar
Index: www/tor-browser/browser/patches/patch-browser_extensions_tor-launcher_src_components_tl-process_js
===================================================================
RCS file: /cvs/ports/www/tor-browser/browser/patches/patch-browser_extensions_tor-launcher_src_components_tl-process_js,v
retrieving revision 1.2
diff -u -p -r1.2 patch-browser_extensions_tor-launcher_src_components_tl-process_js
--- www/tor-browser/browser/patches/patch-browser_extensions_tor-launcher_src_components_tl-process_js 13 Jun 2020 06:26:01 -0000 1.2
+++ www/tor-browser/browser/patches/patch-browser_extensions_tor-launcher_src_components_tl-process_js 22 Oct 2020 16:37:04 -0000
@@ -6,7 +6,7 @@ the new getTorFile() deal with it.
Index: browser/extensions/tor-launcher/src/components/tl-process.js
--- browser/extensions/tor-launcher/src/components/tl-process.js.orig
+++ browser/extensions/tor-launcher/src/components/tl-process.js
-@@ -377,6 +377,8 @@ TorProcessService.prototype =
+@@ -393,6 +393,8 @@ TorProcessService.prototype =
var torrcFile = TorLauncherUtil.getTorFile("torrc", true);
var torrcDefaultsFile =
TorLauncherUtil.getTorFile("torrc-defaults", false);
@@ -15,7 +15,7 @@ Index: browser/extensions/tor-launcher/s
var hashedPassword = this.mProtocolSvc.TorGetPassword(true);
var controlIPCFile = this.mProtocolSvc.TorGetControlIPCFile();
var controlPort = this.mProtocolSvc.TorGetControlPort();
-@@ -404,19 +406,14 @@ TorProcessService.prototype =
+@@ -420,19 +422,14 @@ TorProcessService.prototype =
return;
}
Index: www/tor-browser/browser/patches/patch-config_makefiles_rust_mk
===================================================================
RCS file: /cvs/ports/www/tor-browser/browser/patches/patch-config_makefiles_rust_mk,v
retrieving revision 1.2
diff -u -p -r1.2 patch-config_makefiles_rust_mk
--- www/tor-browser/browser/patches/patch-config_makefiles_rust_mk 26 Aug 2020 07:37:39 -0000 1.2
+++ www/tor-browser/browser/patches/patch-config_makefiles_rust_mk 22 Oct 2020 16:37:04 -0000
@@ -1,15 +1,17 @@
-$OpenBSD: patch-config_makefiles_rust_mk,v 1.2 2020/08/26 07:37:39 landry Exp $
+$OpenBSD: patch-config_makefiles_rust_mk,v 1.3 2020/08/25 13:19:49 landry Exp $
+use lto=thin to reduce memory pressure when building gkrust
https://bugzilla.mozilla.org/show_bug.cgi?id=1644409
Index: config/makefiles/rust.mk
--- config/makefiles/rust.mk.orig
+++ config/makefiles/rust.mk
-@@ -48,6 +48,7 @@ ifndef DEVELOPER_OPTIONS
- ifndef MOZ_DEBUG_RUST
- # Enable link-time optimization for release builds.
- cargo_rustc_flags += -C lto
-+export CARGO_PROFILE_RELEASE_LTO=yes
+@@ -61,7 +61,7 @@ ifndef MOZ_DEBUG_RUST
+ # Enable link-time optimization for release builds, but not when linking
+ # gkrust_gtest.
+ ifeq (,$(findstring gkrust_gtest,$(RUST_LIBRARY_FILE)))
+-cargo_rustc_flags += -Clto
++cargo_rustc_flags += -Clto=thin
+ endif
# Versions of rust >= 1.45 need -Cembed-bitcode=yes for all crates when
# using -Clto.
- ifeq (,$(filter 1.22.% 1.23.% 1.24.% 1.25.% 1.26.% 1.27.% 1.28.% 1.29.% 1.30.% 1.31.% 1.32.% 1.33.% 1.34.% 1.35.% 1.36.% 1.37.% 1.38.% 1.39.% 1.40.% 1.41.% 1.42.% 1.43.% 1.44.%,$(RUSTC_VERSION)))
Index: www/tor-browser/browser/patches/patch-config_system-headers_mozbuild
===================================================================
RCS file: www/tor-browser/browser/patches/patch-config_system-headers_mozbuild
diff -N www/tor-browser/browser/patches/patch-config_system-headers_mozbuild
--- www/tor-browser/browser/patches/patch-config_system-headers_mozbuild 13 Feb 2020 07:41:53 -0000 1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,27 +0,0 @@
-$OpenBSD: patch-config_system-headers_mozbuild,v 1.1 2020/02/13 07:41:53 landry Exp $
-
-https://hg.mozilla.org/mozilla-central/rev/d3885b9d42d3
-
-Index: config/system-headers.mozbuild
---- config/system-headers.mozbuild.orig
-+++ config/system-headers.mozbuild
-@@ -814,7 +814,6 @@ system_headers = [
- 'synch.h',
- 'syncmgr.h',
- 'sys/atomic_op.h',
-- 'sys/auxv.h',
- 'sys/bitypes.h',
- 'sys/byteorder.h',
- 'syscall.h',
-@@ -1345,6 +1344,11 @@ if CONFIG['MOZ_WAYLAND']:
- 'wayland-client.h',
- 'wayland-egl.h',
- 'wayland-util.h',
-+ ]
-+
-+if CONFIG['OS_TARGET'] in ('Android', 'Linux', 'FreeBSD'):
-+ system_headers += [
-+ 'sys/auxv.h',
- ]
-
- if CONFIG['OS_TARGET'] == 'Linux' and CONFIG['CPU_ARCH'].startswith('mips'):
Index: www/tor-browser/browser/patches/patch-dom_ipc_ContentChild_cpp
===================================================================
RCS file: www/tor-browser/browser/patches/patch-dom_ipc_ContentChild_cpp
diff -N www/tor-browser/browser/patches/patch-dom_ipc_ContentChild_cpp
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ www/tor-browser/browser/patches/patch-dom_ipc_ContentChild_cpp 22 Oct 2020 16:37:04 -0000
@@ -0,0 +1,30 @@
+$OpenBSD: patch-dom_ipc_ContentChild_cpp,v 1.1 2020/07/28 14:21:48 landry Exp $
+
+Do not unveil an already visible pledge file since that interferes with
+other unveils.
+
+cf https://bugzilla.mozilla.org/show_bug.cgi?id=1623086
+Index: dom/ipc/ContentChild.cpp
+--- dom/ipc/ContentChild.cpp.orig
++++ dom/ipc/ContentChild.cpp
+@@ -4414,8 +4414,18 @@ OpenBSDUnveilPaths(const nsACString& uPath, const nsAC
+ if (disabled) {
+ warnx("%s: disabled", PromiseFlatCString(uPath).get());
+ } else {
+- if (unveil(PromiseFlatCString(pledgePath).get(), "r") == -1) {
+- err(1, "unveil(%s, r) failed", PromiseFlatCString(pledgePath).get());
++ struct stat st;
++
++ // Only unveil the pledgePath file if it's not already unveiled, otherwise
++ // some containing directory will lose visibility.
++ if (stat(PromiseFlatCString(pledgePath).get(), &st) == -1) {
++ if (errno == ENOENT) {
++ if (unveil(PromiseFlatCString(pledgePath).get(), "r") == -1) {
++ err(1, "unveil(%s, r) failed", PromiseFlatCString(pledgePath).get());
++ }
++ } else {
++ err(1, "stat(%s)", PromiseFlatCString(pledgePath).get());
++ }
+ }
+ }
+
Index: www/tor-browser/browser/patches/patch-js_src_jit_ProcessExecutableMemory_cpp
===================================================================
RCS file: www/tor-browser/browser/patches/patch-js_src_jit_ProcessExecutableMemory_cpp
diff -N www/tor-browser/browser/patches/patch-js_src_jit_ProcessExecutableMemory_cpp
--- www/tor-browser/browser/patches/patch-js_src_jit_ProcessExecutableMemory_cpp 13 Feb 2020 07:41:53 -0000 1.4
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,29 +0,0 @@
-$OpenBSD: patch-js_src_jit_ProcessExecutableMemory_cpp,v 1.4 2020/02/13 07:41:53 landry Exp $
-
-Don't ComputeRandomAllocationAddress on OpenBSD
-https://bugzilla.mozilla.org/show_bug.cgi?id=1586912
-
-Index: js/src/jit/ProcessExecutableMemory.cpp
---- js/src/jit/ProcessExecutableMemory.cpp.orig
-+++ js/src/jit/ProcessExecutableMemory.cpp
-@@ -318,6 +318,12 @@ static void DecommitPages(void* addr, size_t bytes) {
- }
- #else // !XP_WIN
- static void* ComputeRandomAllocationAddress() {
-+#ifdef __OpenBSD__
-+ // OpenBSD already has random mmap and the idea that all x64 cpus
-+ // have 48-bit address space is not correct. Returning nullptr
-+ // allows OpenBSD do to the right thing.
-+ return nullptr;
-+#else
- uint64_t rand = js::GenerateRandomSeed();
-
- # ifdef HAVE_64BIT_BUILD
-@@ -337,6 +343,7 @@ static void* ComputeRandomAllocationAddress() {
- // Ensure page alignment.
- uintptr_t mask = ~uintptr_t(gc::SystemPageSize() - 1);
- return (void*)uintptr_t(rand & mask);
-+
No comments:
Post a Comment