tbb-commits
Threads by month
- ----- 2025 -----
- June
- May
- April
- March
- February
- January
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
April 2021
- 4 participants
- 362 discussions
[tor-browser/tor-browser-78.10.0esr-10.5-1] Bug 18821: Disable libmdns for Android and Desktop
by sysrqb@torproject.org 14 Apr '21
by sysrqb@torproject.org 14 Apr '21
14 Apr '21
commit 8d7355b71b6f353204952b83a624a962d2b91afb
Author: Georg Koppen <gk(a)torproject.org>
Date: Wed Apr 20 14:34:50 2016 +0000
Bug 18821: Disable libmdns for Android and Desktop
There should be no need to remove the OS X support introduced in
https://bugzilla.mozilla.org/show_bug.cgi?id=1225726 as enabling this
is governed by a preference (which is actually set to `false`). However,
we remove it at build time as well (defense in depth).
This is basically a backout of the relevant passages of
https://hg.mozilla.org/mozilla-central/rev/6bfb430de85d,
https://hg.mozilla.org/mozilla-central/rev/609b337bf7ab and
https://hg.mozilla.org/mozilla-central/rev/8e092ec5fbbd.
Fixed bug 21861 (Disable additional mDNS code to avoid proxy bypasses)
as well.
---
dom/presentation/provider/components.conf | 10 ----------
dom/presentation/provider/moz.build | 1 -
netwerk/dns/mdns/libmdns/components.conf | 15 ---------------
netwerk/dns/mdns/libmdns/moz.build | 28 ----------------------------
4 files changed, 54 deletions(-)
diff --git a/dom/presentation/provider/components.conf b/dom/presentation/provider/components.conf
index 04cb28ec757e..56994ed7cd94 100644
--- a/dom/presentation/provider/components.conf
+++ b/dom/presentation/provider/components.conf
@@ -6,9 +6,6 @@
categories = {}
-if buildconfig.substs['MOZ_WIDGET_TOOLKIT'] in ('cocoa', 'android'):
- categories["presentation-device-provider"] = "MulticastDNSDeviceProvider"
-
Classes = [
{
'cid': '{f4079b8b-ede5-4b90-a112-5b415a931deb}',
@@ -16,11 +13,4 @@ Classes = [
'jsm': 'resource://gre/modules/PresentationControlService.jsm',
'constructor': 'PresentationControlService',
},
- {
- 'cid': '{814f947a-52f7-41c9-94a1-3684797284ac}',
- 'contract_ids': ['@mozilla.org/presentation-device/multicastdns-provider;1'],
- 'type': 'mozilla::dom::presentation::MulticastDNSDeviceProvider',
- 'headers': ['/dom/presentation/provider/MulticastDNSDeviceProvider.h'],
- 'categories': categories,
- },
]
diff --git a/dom/presentation/provider/moz.build b/dom/presentation/provider/moz.build
index eaea61af415a..d97b75ddbcf9 100644
--- a/dom/presentation/provider/moz.build
+++ b/dom/presentation/provider/moz.build
@@ -10,7 +10,6 @@ EXTRA_JS_MODULES += [
UNIFIED_SOURCES += [
'DeviceProviderHelpers.cpp',
- 'MulticastDNSDeviceProvider.cpp',
]
XPCOM_MANIFESTS += [
diff --git a/netwerk/dns/mdns/libmdns/components.conf b/netwerk/dns/mdns/libmdns/components.conf
index 6e64140c820e..1b50dbf673a4 100644
--- a/netwerk/dns/mdns/libmdns/components.conf
+++ b/netwerk/dns/mdns/libmdns/components.conf
@@ -5,20 +5,5 @@
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
Classes = [
- {
- 'cid': '{14a50f2b-7ff6-48a5-88e3-615fd111f5d3}',
- 'contract_ids': ['@mozilla.org/toolkit/components/mdnsresponder/dns-info;1'],
- 'type': 'mozilla::net::nsDNSServiceInfo',
- 'headers': ['/netwerk/dns/mdns/libmdns/nsDNSServiceInfo.h'],
- },
]
-if buildconfig.substs['MOZ_WIDGET_TOOLKIT'] != 'cocoa':
- Classes += [
- {
- 'cid': '{f9346d98-f27a-4e89-b744-493843416480}',
- 'contract_ids': ['@mozilla.org/toolkit/components/mdnsresponder/dns-sd;1'],
- 'jsm': 'resource://gre/modules/DNSServiceDiscovery.jsm',
- 'constructor': 'nsDNSServiceDiscovery',
- },
- ]
diff --git a/netwerk/dns/mdns/libmdns/moz.build b/netwerk/dns/mdns/libmdns/moz.build
index 05dc75eb9eda..a6fc1a8a559a 100644
--- a/netwerk/dns/mdns/libmdns/moz.build
+++ b/netwerk/dns/mdns/libmdns/moz.build
@@ -4,34 +4,6 @@
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
-if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'cocoa':
- UNIFIED_SOURCES += [
- 'MDNSResponderOperator.cpp',
- 'MDNSResponderReply.cpp',
- 'nsDNSServiceDiscovery.cpp',
- ]
-
- LOCAL_INCLUDES += [
- '/netwerk/base',
- ]
-
-else:
- EXTRA_JS_MODULES += [
- 'DNSServiceDiscovery.jsm',
- 'fallback/DataReader.jsm',
- 'fallback/DataWriter.jsm',
- 'fallback/DNSPacket.jsm',
- 'fallback/DNSRecord.jsm',
- 'fallback/DNSResourceRecord.jsm',
- 'fallback/DNSTypes.jsm',
- 'fallback/MulticastDNS.jsm',
- ]
-
- if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'android':
- EXTRA_JS_MODULES += [
- 'MulticastDNSAndroid.jsm',
- ]
-
UNIFIED_SOURCES += [
'nsDNSServiceInfo.cpp',
]
1
0
[tor-browser/tor-browser-78.10.0esr-10.5-1] Bug 13252: Do not store data in the app bundle
by sysrqb@torproject.org 14 Apr '21
by sysrqb@torproject.org 14 Apr '21
14 Apr '21
commit 24aedfe05204ad746336e59b845cf837558f4988
Author: Kathy Brade <brade(a)pearlcrescent.com>
Date: Fri Mar 18 14:20:02 2016 -0400
Bug 13252: Do not store data in the app bundle
When --enable-tor-browser-data-outside-app-dir is enabled,
all user data is stored in a directory named
TorBrowser-Data which is located next to the application directory.
Display an informative error message if the TorBrowser-Data
directory cannot be created due to an "access denied" or a
"read only volume" error.
On Mac OS, add support for the --invisible command line option which
is used by the meek-http-helper to avoid showing an icon for the
helper browser on the dock.
---
toolkit/xre/nsAppRunner.cpp | 76 +++++++++++++++---
toolkit/xre/nsXREDirProvider.cpp | 43 +++++-----
toolkit/xre/nsXREDirProvider.h | 6 ++
xpcom/io/TorFileUtils.cpp | 142 +++++++++++++++++++++++++++++++++
xpcom/io/TorFileUtils.h | 33 ++++++++
xpcom/io/moz.build | 5 ++
xpcom/io/nsAppFileLocationProvider.cpp | 53 +++++-------
7 files changed, 290 insertions(+), 68 deletions(-)
diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp
index 3ba04d2b495c..8e76213e7923 100644
--- a/toolkit/xre/nsAppRunner.cpp
+++ b/toolkit/xre/nsAppRunner.cpp
@@ -1891,6 +1891,8 @@ static nsresult ProfileMissingDialog(nsINativeAppSupport* aNative) {
}
}
+// If aUnlocker is NULL, it is also OK for the following arguments to be NULL:
+// aProfileDir, aProfileLocalDir, aResult.
static ReturnAbortOnError ProfileErrorDialog(nsIFile* aProfileDir,
nsIFile* aProfileLocalDir,
ProfileStatus aStatus,
@@ -1899,17 +1901,19 @@ static ReturnAbortOnError ProfileErrorDialog(nsIFile* aProfileDir,
nsIProfileLock** aResult) {
nsresult rv;
- bool exists;
- aProfileDir->Exists(&exists);
- if (!exists) {
- return ProfileMissingDialog(aNative);
+ if (aProfileDir) {
+ bool exists;
+ aProfileDir->Exists(&exists);
+ if (!exists) {
+ return ProfileMissingDialog(aNative);
+ }
}
ScopedXPCOMStartup xpcom;
rv = xpcom.Initialize();
NS_ENSURE_SUCCESS(rv, rv);
- mozilla::Telemetry::WriteFailedProfileLock(aProfileDir);
+ if (aProfileDir) mozilla::Telemetry::WriteFailedProfileLock(aProfileDir);
rv = xpcom.SetWindowCreator(aNative);
NS_ENSURE_SUCCESS(rv, NS_ERROR_FAILURE);
@@ -1999,7 +2003,8 @@ static ReturnAbortOnError ProfileErrorDialog(nsIFile* aProfileDir,
}
} else {
#ifdef MOZ_WIDGET_ANDROID
- if (java::GeckoAppShell::UnlockProfile()) {
+ if (aProfileDir && aProfileLocalDir && aResult &&
+ java::GeckoAppShell::UnlockProfile()) {
return NS_LockProfilePath(aProfileDir, aProfileLocalDir, nullptr,
aResult);
}
@@ -2107,6 +2112,23 @@ static ReturnAbortOnError ShowProfileManager(
return LaunchChild(false);
}
+#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR
+static ProfileStatus CheckTorBrowserDataWriteAccess(nsIFile* aAppDir) {
+ // Check whether we can write to the directory that will contain
+ // TorBrowser-Data.
+ nsCOMPtr<nsIFile> tbDataDir;
+ RefPtr<nsXREDirProvider> dirProvider = nsXREDirProvider::GetSingleton();
+ if (!dirProvider) return PROFILE_STATUS_OTHER_ERROR;
+ nsresult rv =
+ dirProvider->GetTorBrowserUserDataDir(getter_AddRefs(tbDataDir));
+ NS_ENSURE_SUCCESS(rv, PROFILE_STATUS_OTHER_ERROR);
+ nsCOMPtr<nsIFile> tbDataDirParent;
+ rv = tbDataDir->GetParent(getter_AddRefs(tbDataDirParent));
+ NS_ENSURE_SUCCESS(rv, PROFILE_STATUS_OTHER_ERROR);
+ return nsToolkitProfileService::CheckProfileWriteAccess(tbDataDirParent);
+}
+#endif
+
static bool gDoMigration = false;
static bool gDoProfileReset = false;
static nsCOMPtr<nsIToolkitProfile> gResetOldProfile;
@@ -3183,6 +3205,14 @@ int XREMain::XRE_mainInit(bool* aExitFlag) {
if (PR_GetEnv("XRE_MAIN_BREAK")) NS_BREAK();
#endif
+#if defined(XP_MACOSX) && defined(TOR_BROWSER_DATA_OUTSIDE_APP_DIR)
+ bool hideDockIcon = (CheckArg("invisible") == ARG_FOUND);
+ if (hideDockIcon) {
+ ProcessSerialNumber psn = {0, kCurrentProcess};
+ TransformProcessType(&psn, kProcessTransformToBackgroundApplication);
+ }
+#endif
+
IncreaseDescriptorLimits();
#ifdef USE_GLX_TEST
@@ -4031,7 +4061,34 @@ int XREMain::XRE_mainStartup(bool* aExitFlag) {
return 0;
}
+#if (defined(MOZ_UPDATER) && !defined(MOZ_WIDGET_ANDROID)) || \
+ defined(TOR_BROWSER_DATA_OUTSIDE_APP_DIR)
+ nsCOMPtr<nsIFile> exeFile, exeDir;
+ bool persistent;
+ rv = mDirProvider.GetFile(XRE_EXECUTABLE_FILE, &persistent,
+ getter_AddRefs(exeFile));
+ NS_ENSURE_SUCCESS(rv, 1);
+ rv = exeFile->GetParent(getter_AddRefs(exeDir));
+ NS_ENSURE_SUCCESS(rv, 1);
+#endif
+
rv = NS_NewToolkitProfileService(getter_AddRefs(mProfileSvc));
+#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR
+ if (NS_FAILED(rv)) {
+ // NS_NewToolkitProfileService() returns a generic NS_ERROR_FAILURE error
+ // if creation of the TorBrowser-Data directory fails due to access denied
+ // or because of a read-only disk volume. Do an extra check here to detect
+ // these errors so we can display an informative error message.
+ ProfileStatus status = CheckTorBrowserDataWriteAccess(exeDir);
+ if ((PROFILE_STATUS_ACCESS_DENIED == status) ||
+ (PROFILE_STATUS_READ_ONLY == status)) {
+ ProfileErrorDialog(nullptr, nullptr, status, nullptr, mNativeApp,
+ nullptr);
+ return 1;
+ }
+ }
+ #endif
+
if (rv == NS_ERROR_FILE_ACCESS_DENIED) {
PR_fprintf(PR_STDERR,
"Error: Access was denied while trying to open files in "
@@ -4100,7 +4157,6 @@ int XREMain::XRE_mainStartup(bool* aExitFlag) {
#if defined(MOZ_UPDATER) && !defined(MOZ_WIDGET_ANDROID)
// Check for and process any available updates
nsCOMPtr<nsIFile> updRoot;
- bool persistent;
rv = mDirProvider.GetFile(XRE_UPDATE_ROOT_DIR, &persistent,
getter_AddRefs(updRoot));
// XRE_UPDATE_ROOT_DIR may fail. Fallback to appDir if failed
@@ -4136,12 +4192,6 @@ int XREMain::XRE_mainStartup(bool* aExitFlag) {
if (CheckArg("test-process-updates")) {
SaveToEnv("MOZ_TEST_PROCESS_UPDATES=1");
}
- nsCOMPtr<nsIFile> exeFile, exeDir;
- rv = mDirProvider.GetFile(XRE_EXECUTABLE_FILE, &persistent,
- getter_AddRefs(exeFile));
- NS_ENSURE_SUCCESS(rv, 1);
- rv = exeFile->GetParent(getter_AddRefs(exeDir));
- NS_ENSURE_SUCCESS(rv, 1);
ProcessUpdates(mDirProvider.GetGREDir(), exeDir, updRoot, gRestartArgc,
gRestartArgv, mAppData->version);
if (EnvHasValue("MOZ_TEST_PROCESS_UPDATES")) {
diff --git a/toolkit/xre/nsXREDirProvider.cpp b/toolkit/xre/nsXREDirProvider.cpp
index accdcfe7c0b0..09f34911d3cb 100644
--- a/toolkit/xre/nsXREDirProvider.cpp
+++ b/toolkit/xre/nsXREDirProvider.cpp
@@ -46,6 +46,8 @@
#include "mozilla/Telemetry.h"
#include "nsPrintfCString.h"
+#include "TorFileUtils.h"
+
#include <stdlib.h>
#ifdef XP_WIN
@@ -1383,34 +1385,18 @@ nsresult nsXREDirProvider::GetUserDataDirectoryHome(nsIFile** aFile,
return gDataDirHome->Clone(aFile);
}
- nsresult rv = GetAppDir()->Clone(getter_AddRefs(localDir));
+ nsresult rv = GetTorBrowserUserDataDir(getter_AddRefs(localDir));
NS_ENSURE_SUCCESS(rv, rv);
- int levelsToRemove = 1; // In FF21+, appDir points to browser subdirectory.
-#if defined(XP_MACOSX)
- levelsToRemove += 2;
-#endif
- while (localDir && (levelsToRemove > 0)) {
- // When crawling up the hierarchy, components named "." do not count.
- nsAutoCString removedName;
- rv = localDir->GetNativeLeafName(removedName);
- NS_ENSURE_SUCCESS(rv, rv);
- bool didRemove = !removedName.Equals(".");
-
- // Remove a directory component.
- nsCOMPtr<nsIFile> parentDir;
- rv = localDir->GetParent(getter_AddRefs(parentDir));
- NS_ENSURE_SUCCESS(rv, rv);
- localDir = parentDir;
- if (didRemove) --levelsToRemove;
- }
-
- if (!localDir) return NS_ERROR_FAILURE;
-
+#if !defined(ANDROID)
+#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR
+ rv = localDir->AppendNative(NS_LITERAL_CSTRING("Browser"));
+#else
rv = localDir->AppendRelativeNativePath(
- NS_LITERAL_CSTRING("TorBrowser" XPCOM_FILE_PATH_SEPARATOR
- "Data" XPCOM_FILE_PATH_SEPARATOR "Browser"));
+ NS_LITERAL_CSTRING("Data" XPCOM_FILE_PATH_SEPARATOR "Browser"));
+#endif
NS_ENSURE_SUCCESS(rv, rv);
+#endif
if (aLocal) {
rv = localDir->AppendNative(NS_LITERAL_CSTRING("Caches"));
@@ -1516,6 +1502,15 @@ nsresult nsXREDirProvider::GetUserDataDirectory(nsIFile** aFile, bool aLocal) {
return NS_OK;
}
+nsresult nsXREDirProvider::GetTorBrowserUserDataDir(nsIFile** aFile) {
+ NS_ENSURE_ARG_POINTER(aFile);
+ nsCOMPtr<nsIFile> exeFile;
+ bool per = false;
+ nsresult rv = GetFile(XRE_EXECUTABLE_FILE, &per, getter_AddRefs(exeFile));
+ NS_ENSURE_SUCCESS(rv, rv);
+ return TorBrowser_GetUserDataDir(exeFile, aFile);
+}
+
nsresult nsXREDirProvider::EnsureDirectoryExists(nsIFile* aDirectory) {
nsresult rv = aDirectory->Create(nsIFile::DIRECTORY_TYPE, 0700);
diff --git a/toolkit/xre/nsXREDirProvider.h b/toolkit/xre/nsXREDirProvider.h
index b9678d4ec577..2aa2face5974 100644
--- a/toolkit/xre/nsXREDirProvider.h
+++ b/toolkit/xre/nsXREDirProvider.h
@@ -113,6 +113,12 @@ class nsXREDirProvider final : public nsIDirectoryServiceProvider2,
*/
nsresult GetProfileDir(nsIFile** aResult);
+ /**
+ * Get the TorBrowser user data directory by calling the
+ * TorBrowser_GetUserDataDir() utility function.
+ */
+ nsresult GetTorBrowserUserDataDir(nsIFile** aFile);
+
protected:
nsresult GetFilesInternal(const char* aProperty,
nsISimpleEnumerator** aResult);
diff --git a/xpcom/io/TorFileUtils.cpp b/xpcom/io/TorFileUtils.cpp
new file mode 100644
index 000000000000..bddf8d7bbd95
--- /dev/null
+++ b/xpcom/io/TorFileUtils.cpp
@@ -0,0 +1,142 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "TorFileUtils.h"
+#include "nsString.h"
+#ifdef MOZ_WIDGET_COCOA
+#include <Carbon/Carbon.h>
+#include "nsILocalFileMac.h"
+#endif
+
+static nsresult GetAppRootDir(nsIFile *aExeFile, nsIFile** aFile);
+
+//-----------------------------------------------------------------------------
+nsresult
+TorBrowser_GetUserDataDir(nsIFile *aExeFile, nsIFile** aFile)
+{
+ NS_ENSURE_ARG_POINTER(aFile);
+ nsCOMPtr<nsIFile> tbDataDir;
+
+#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR
+ nsAutoCString tbDataLeafName(NS_LITERAL_CSTRING("TorBrowser-Data"));
+ nsCOMPtr<nsIFile> appRootDir;
+ nsresult rv = GetAppRootDir(aExeFile, getter_AddRefs(appRootDir));
+ NS_ENSURE_SUCCESS(rv, rv);
+#ifndef XP_MACOSX
+ // On all platforms except Mac OS, we always operate in a "portable" mode
+ // where the TorBrowser-Data directory is located next to the application.
+ rv = appRootDir->GetParent(getter_AddRefs(tbDataDir));
+ NS_ENSURE_SUCCESS(rv, rv);
+ rv = tbDataDir->AppendNative(tbDataLeafName);
+ NS_ENSURE_SUCCESS(rv, rv);
+#else
+ // For Mac OS, determine whether we should store user data in the OS's
+ // standard location (i.e., under ~/Library/Application Support). We use
+ // the OS location if (1) the application is installed in a directory whose
+ // path contains "/Applications" or (2) the TorBrowser-Data directory does
+ // not exist and cannot be created (which probably means we lack write
+ // permission to the directory that contains the application).
+ nsAutoString appRootPath;
+ rv = appRootDir->GetPath(appRootPath);
+ NS_ENSURE_SUCCESS(rv, rv);
+ bool useOSLocation = (appRootPath.Find("/Applications",
+ true /* ignore case */) >= 0);
+ if (!useOSLocation) {
+ // We hope to use the portable (aka side-by-side) approach, but before we
+ // commit to that, let's ensure that we can create the TorBrowser-Data
+ // directory. If it already exists, we will try to use it; if not and we
+ // fail to create it, we will switch to ~/Library/Application Support.
+ rv = appRootDir->GetParent(getter_AddRefs(tbDataDir));
+ NS_ENSURE_SUCCESS(rv, rv);
+ rv = tbDataDir->AppendNative(tbDataLeafName);
+ NS_ENSURE_SUCCESS(rv, rv);
+ bool exists = false;
+ rv = tbDataDir->Exists(&exists);
+ if (NS_SUCCEEDED(rv) && !exists)
+ rv = tbDataDir->Create(nsIFile::DIRECTORY_TYPE, 0700);
+ useOSLocation = NS_FAILED(rv);
+ }
+
+ if (useOSLocation) {
+ // We are using ~/Library/Application Support/TorBrowser-Data. We do not
+ // need to create that directory here because the code in nsXREDirProvider
+ // will do so (and the user should always have write permission for
+ // ~/Library/Application Support; if they do not we have no more options).
+ FSRef fsRef;
+ OSErr err = ::FSFindFolder(kUserDomain, kApplicationSupportFolderType,
+ kCreateFolder, &fsRef);
+ NS_ENSURE_FALSE(err, NS_ERROR_FAILURE);
+ // To convert the FSRef returned by FSFindFolder() into an nsIFile that
+ // points to ~/Library/Application Support, we first create an empty
+ // nsIFile object (no path) and then use InitWithFSRef() to set the
+ // path.
+ rv = NS_NewNativeLocalFile(EmptyCString(), true,
+ getter_AddRefs(tbDataDir));
+ NS_ENSURE_SUCCESS(rv, rv);
+ nsCOMPtr<nsILocalFileMac> dirFileMac = do_QueryInterface(tbDataDir);
+ if (!dirFileMac)
+ return NS_ERROR_UNEXPECTED;
+ rv = dirFileMac->InitWithFSRef(&fsRef);
+ NS_ENSURE_SUCCESS(rv, rv);
+ rv = tbDataDir->AppendNative(tbDataLeafName);
+ NS_ENSURE_SUCCESS(rv, rv);
+ }
+#endif
+
+#elif defined(ANDROID)
+ // Tor Browser Android stores data in the app home directory.
+ const char* homeDir = getenv("HOME");
+ if (!homeDir || !*homeDir)
+ return NS_ERROR_FAILURE;
+ nsresult rv = NS_NewNativeLocalFile(nsDependentCString(homeDir), true,
+ getter_AddRefs(tbDataDir));
+#else
+ // User data is embedded within the application directory (i.e.,
+ // TOR_BROWSER_DATA_OUTSIDE_APP_DIR is not defined).
+ nsresult rv = GetAppRootDir(aExeFile, getter_AddRefs(tbDataDir));
+ NS_ENSURE_SUCCESS(rv, rv);
+ rv = tbDataDir->AppendNative(NS_LITERAL_CSTRING("TorBrowser"));
+ NS_ENSURE_SUCCESS(rv, rv);
+#endif
+
+ tbDataDir.forget(aFile);
+ return NS_OK;
+}
+
+static nsresult
+GetAppRootDir(nsIFile *aExeFile, nsIFile** aFile)
+{
+ NS_ENSURE_ARG_POINTER(aExeFile);
+ NS_ENSURE_ARG_POINTER(aFile);
+ nsCOMPtr<nsIFile> appRootDir = aExeFile;
+
+ int levelsToRemove = 1; // Remove firefox (the executable file).
+#if defined(XP_MACOSX)
+ levelsToRemove += 2; // On Mac OS, we must also remove Contents/MacOS.
+#endif
+ while (appRootDir && (levelsToRemove > 0)) {
+ // When crawling up the hierarchy, components named "." do not count.
+ nsAutoCString removedName;
+ nsresult rv = appRootDir->GetNativeLeafName(removedName);
+ NS_ENSURE_SUCCESS(rv, rv);
+ bool didRemove = !removedName.Equals(".");
+
+ // Remove a directory component.
+ nsCOMPtr<nsIFile> parentDir;
+ rv = appRootDir->GetParent(getter_AddRefs(parentDir));
+ NS_ENSURE_SUCCESS(rv, rv);
+ appRootDir = parentDir;
+
+ if (didRemove)
+ --levelsToRemove;
+ }
+
+ if (!appRootDir)
+ return NS_ERROR_FAILURE;
+
+ appRootDir.forget(aFile);
+ return NS_OK;
+}
diff --git a/xpcom/io/TorFileUtils.h b/xpcom/io/TorFileUtils.h
new file mode 100644
index 000000000000..d5e86abf9685
--- /dev/null
+++ b/xpcom/io/TorFileUtils.h
@@ -0,0 +1,33 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef TorFileUtils_h__
+#define TorFileUtils_h__
+
+#include "nsIFile.h"
+
+/**
+ * TorBrowser_GetUserDataDir
+ *
+ * Retrieve the Tor Browser user data directory.
+ * When built with --enable-tor-browser-data-outside-app-dir, the directory
+ * is next to the application directory, except on Mac OS where it may be
+ * there or it may be at ~/Library/Application Support/TorBrowser-Data (the
+ * latter location is used if the .app bundle is in a directory whose path
+ * contains /Applications or if we lack write access to the directory that
+ * contains the .app).
+ * When built without --enable-tor-browser-data-outside-app-dir, this
+ * directory is TorBrowser.app/TorBrowser.
+ *
+ * @param aExeFile The firefox executable.
+ * @param aFile Out parameter that is set to the Tor Browser user data
+ * directory.
+ * @return NS_OK on success. Error otherwise.
+ */
+extern nsresult
+TorBrowser_GetUserDataDir(nsIFile *aExeFile, nsIFile** aFile);
+
+#endif // !TorFileUtils_h__
diff --git a/xpcom/io/moz.build b/xpcom/io/moz.build
index a165b491bc56..b0eb74f4c56d 100644
--- a/xpcom/io/moz.build
+++ b/xpcom/io/moz.build
@@ -86,6 +86,7 @@ EXPORTS += [
'nsUnicharInputStream.h',
'nsWildCard.h',
'SpecialSystemDirectory.h',
+ 'TorFileUtils.h',
]
EXPORTS.mozilla += [
@@ -135,6 +136,10 @@ UNIFIED_SOURCES += [
'SpecialSystemDirectory.cpp',
]
+SOURCES += [
+ 'TorFileUtils.cpp',
+]
+
if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'cocoa':
SOURCES += [
'CocoaFileUtils.mm',
diff --git a/xpcom/io/nsAppFileLocationProvider.cpp b/xpcom/io/nsAppFileLocationProvider.cpp
index 81551a8e3893..9f95e5cbec2d 100644
--- a/xpcom/io/nsAppFileLocationProvider.cpp
+++ b/xpcom/io/nsAppFileLocationProvider.cpp
@@ -28,6 +28,8 @@
# include <sys/param.h>
#endif
+#include "TorFileUtils.h"
+
// WARNING: These hard coded names need to go away. They need to
// come from localizable resources
@@ -234,8 +236,14 @@ nsresult nsAppFileLocationProvider::CloneMozBinDirectory(nsIFile** aLocalFile) {
// GetProductDirectory - Gets the directory which contains the application data
// folder
//
+#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR
+// UNIX and WIN : <App Folder>/../TorBrowser-Data/Browser
+// Mac : <App Folder>/../../../TorBrowser-Data/Browser OR
+// ~/Library/Application Support/TorBrowser-Data/Browser
+#else
// UNIX and WIN : <App Folder>/TorBrowser/Data/Browser
// Mac : <App Folder>/../../TorBrowser/Data/Browser
+#endif
//----------------------------------------------------------------------------------------
nsresult nsAppFileLocationProvider::GetProductDirectory(nsIFile** aLocalFile,
bool aLocal) {
@@ -243,42 +251,25 @@ nsresult nsAppFileLocationProvider::GetProductDirectory(nsIFile** aLocalFile,
return NS_ERROR_INVALID_ARG;
}
- nsresult rv;
+ nsresult rv = NS_ERROR_UNEXPECTED;
bool exists;
- nsCOMPtr<nsIFile> localDir;
+ nsCOMPtr<nsIFile> localDir, exeFile;
- rv = CloneMozBinDirectory(getter_AddRefs(localDir));
+ nsCOMPtr<nsIProperties> directoryService(
+ do_GetService(NS_DIRECTORY_SERVICE_CONTRACTID, &rv));
+ NS_ENSURE_SUCCESS(rv, rv);
+ rv = directoryService->Get(XRE_EXECUTABLE_FILE, NS_GET_IID(nsIFile),
+ getter_AddRefs(exeFile));
+ NS_ENSURE_SUCCESS(rv, rv);
+ rv = TorBrowser_GetUserDataDir(exeFile, getter_AddRefs(localDir));
NS_ENSURE_SUCCESS(rv, rv);
- int levelsToRemove = 1; // In FF21+, bin dir points to browser subdirectory.
-#if defined(XP_MACOSX)
- levelsToRemove += 2;
-#endif
- while (localDir && (levelsToRemove > 0)) {
- // When crawling up the hierarchy, components named "." do not count.
- nsAutoCString removedName;
- rv = localDir->GetNativeLeafName(removedName);
- NS_ENSURE_SUCCESS(rv, rv);
- bool didRemove = !removedName.Equals(".");
-
- // Remove a directory component.
- nsCOMPtr<nsIFile> parentDir;
- rv = localDir->GetParent(getter_AddRefs(parentDir));
- NS_ENSURE_SUCCESS(rv, rv);
- localDir = parentDir;
-
- if (didRemove) {
- --levelsToRemove;
- }
- }
-
- if (!localDir) {
- return NS_ERROR_FAILURE;
- }
-
+#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR
+ rv = localDir->AppendNative(NS_LITERAL_CSTRING("Browser"));
+#else
rv = localDir->AppendRelativeNativePath(
- NS_LITERAL_CSTRING("TorBrowser" XPCOM_FILE_PATH_SEPARATOR
- "Data" XPCOM_FILE_PATH_SEPARATOR "Browser"));
+ NS_LITERAL_CSTRING("Data" XPCOM_FILE_PATH_SEPARATOR "Browser"));
+#endif
NS_ENSURE_SUCCESS(rv, rv);
if (aLocal) {
1
0
[tor-browser/tor-browser-78.10.0esr-10.5-1] Bug 18800: Remove localhost DNS lookup in nsProfileLock.cpp
by sysrqb@torproject.org 14 Apr '21
by sysrqb@torproject.org 14 Apr '21
14 Apr '21
commit 98afa96b903abf4cfa572f602e275c0fc3d90f8d
Author: Kathy Brade <brade(a)pearlcrescent.com>
Date: Thu Apr 21 10:40:26 2016 -0400
Bug 18800: Remove localhost DNS lookup in nsProfileLock.cpp
Instead of using the local computer's IP address within
symlink-based profile lock signatures, always use 127.0.0.1.
---
toolkit/profile/nsProfileLock.cpp | 17 ++++++++---------
1 file changed, 8 insertions(+), 9 deletions(-)
diff --git a/toolkit/profile/nsProfileLock.cpp b/toolkit/profile/nsProfileLock.cpp
index 25c4f5a79e56..1942815e3446 100644
--- a/toolkit/profile/nsProfileLock.cpp
+++ b/toolkit/profile/nsProfileLock.cpp
@@ -289,18 +289,17 @@ nsresult nsProfileLock::LockWithSymlink(nsIFile* aLockFile,
if (!mReplacedLockTime)
aLockFile->GetLastModifiedTimeOfLink(&mReplacedLockTime);
+ // For Tor Browser, avoid a DNS lookup here so the Tor network is not
+ // bypassed. Instead, always use 127.0.0.1 for the IP address portion
+ // of the lock signature, which may cause the browser to refuse to
+ // start in the rare event that all of the following conditions are met:
+ // 1. The browser profile is on a network file system.
+ // 2. The file system does not support fcntl() locking.
+ // 3. Tor Browser is run from two different computers at the same time.
+
struct in_addr inaddr;
inaddr.s_addr = htonl(INADDR_LOOPBACK);
- char hostname[256];
- PRStatus status = PR_GetSystemInfo(PR_SI_HOSTNAME, hostname, sizeof hostname);
- if (status == PR_SUCCESS) {
- char netdbbuf[PR_NETDB_BUF_SIZE];
- PRHostEnt hostent;
- status = PR_GetHostByName(hostname, netdbbuf, sizeof netdbbuf, &hostent);
- if (status == PR_SUCCESS) memcpy(&inaddr, hostent.h_addr, sizeof inaddr);
- }
-
mozilla::SmprintfPointer signature =
mozilla::Smprintf("%s:%s%lu", inet_ntoa(inaddr),
aHaveFcntlLock ? "+" : "", (unsigned long)getpid());
1
0
[tor-browser/tor-browser-78.10.0esr-10.5-1] Bug 21724: Make Firefox and Tor Browser distinct macOS apps
by sysrqb@torproject.org 14 Apr '21
by sysrqb@torproject.org 14 Apr '21
14 Apr '21
commit 022d5f406c6a67445814c2c7480f28a03f0a12c8
Author: teor <teor2345(a)gmail.com>
Date: Mon Mar 13 23:06:23 2017 +1100
Bug 21724: Make Firefox and Tor Browser distinct macOS apps
When macOS opens a document or selects a default browser, it sometimes
uses the CFBundleSignature. Changing from the Firefox MOZB signature to
a different signature TORB allows macOS to distinguish between Firefox
and Tor Browser.
---
browser/app/Makefile.in | 2 +-
browser/app/macbuild/Contents/Info.plist.in | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/browser/app/Makefile.in b/browser/app/Makefile.in
index 1aec6541fc0f..6770319f1866 100644
--- a/browser/app/Makefile.in
+++ b/browser/app/Makefile.in
@@ -103,5 +103,5 @@ ifdef MOZ_UPDATER
mv -f '$(dist_dest)/Contents/MacOS/updater.app/Contents/MacOS/org.mozilla.updater' '$(dist_dest)/Contents/Library/LaunchServices'
ln -s ../../../../Library/LaunchServices/org.mozilla.updater '$(dist_dest)/Contents/MacOS/updater.app/Contents/MacOS/org.mozilla.updater'
endif
- printf APPLMOZB > '$(dist_dest)/Contents/PkgInfo'
+ printf APPLTORB > '$(dist_dest)/Contents/PkgInfo'
endif
diff --git a/browser/app/macbuild/Contents/Info.plist.in b/browser/app/macbuild/Contents/Info.plist.in
index f6791ea48125..95b3bc83905c 100644
--- a/browser/app/macbuild/Contents/Info.plist.in
+++ b/browser/app/macbuild/Contents/Info.plist.in
@@ -179,7 +179,7 @@
<key>CFBundleShortVersionString</key>
<string>%APP_VERSION%</string>
<key>CFBundleSignature</key>
- <string>MOZB</string>
+ <string>TORB</string>
<key>CFBundleURLTypes</key>
<array>
<dict>
1
0
[tor-browser/tor-browser-78.10.0esr-10.5-1] Bug 11641: change TBB directory structure to be more like Firefox's
by sysrqb@torproject.org 14 Apr '21
by sysrqb@torproject.org 14 Apr '21
14 Apr '21
commit fb262797317d4afa886ee62cfd10878306249875
Author: Kathy Brade <brade(a)pearlcrescent.com>
Date: Tue Apr 29 13:08:24 2014 -0400
Bug 11641: change TBB directory structure to be more like Firefox's
Unless the -osint command line flag is used, the browser now defaults
to the equivalent of -no-remote. There is a new -allow-remote flag that
may be used to restore the original (Firefox-like) default behavior.
---
toolkit/xre/nsAppRunner.cpp | 21 ++++++++++++++++-----
1 file changed, 16 insertions(+), 5 deletions(-)
diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp
index 8e76213e7923..1fd397f4aae8 100644
--- a/toolkit/xre/nsAppRunner.cpp
+++ b/toolkit/xre/nsAppRunner.cpp
@@ -1434,8 +1434,10 @@ static void DumpHelp() {
" --migration Start with migration wizard.\n"
" --ProfileManager Start with ProfileManager.\n"
#ifdef MOZ_HAS_REMOTE
- " --no-remote Do not accept or send remote commands; implies\n"
+ " --no-remote (default) Do not accept or send remote commands; "
+ "implies\n"
" --new-instance.\n"
+ " --allow-remote Accept and send remote commands.\n"
" --new-instance Open new instance, not a new window in running "
"instance.\n"
#endif
@@ -3548,16 +3550,25 @@ int XREMain::XRE_mainInit(bool* aExitFlag) {
gSafeMode);
#if defined(MOZ_HAS_REMOTE)
+ // In Tor Browser, remoting is disabled by default unless -osint is used.
+ bool allowRemote = (CheckArg("allow-remote") == ARG_FOUND);
+ bool isOsint = (CheckArg("osint", nullptr, CheckArgFlag::None) == ARG_FOUND);
+ if (!allowRemote && !isOsint) {
+ SaveToEnv("MOZ_NO_REMOTE=1");
+ }
// Handle --no-remote and --new-instance command line arguments. Setup
// the environment to better accommodate other components and various
// restart scenarios.
ar = CheckArg("no-remote");
- if (ar == ARG_FOUND || EnvHasValue("MOZ_NO_REMOTE")) {
+ if ((ar == ARG_FOUND) && allowRemote) {
+ PR_fprintf(PR_STDERR,
+ "Error: argument --no-remote is invalid when argument "
+ "--allow-remote is specified\n");
+ return 1;
+ }
+ if (EnvHasValue("MOZ_NO_REMOTE")) {
mDisableRemoteClient = true;
mDisableRemoteServer = true;
- if (!EnvHasValue("MOZ_NO_REMOTE")) {
- SaveToEnv("MOZ_NO_REMOTE=1");
- }
}
ar = CheckArg("new-instance");
1
0
[tor-browser/tor-browser-78.10.0esr-10.5-1] Bug 13379: Sign our MAR files.
by sysrqb@torproject.org 14 Apr '21
by sysrqb@torproject.org 14 Apr '21
14 Apr '21
commit 9a7083440b5fea8850e2b0c9f7569315c191cd0f
Author: Kathy Brade <brade(a)pearlcrescent.com>
Date: Wed Dec 17 16:37:11 2014 -0500
Bug 13379: Sign our MAR files.
Configure with --enable-verify-mar (when updating, require a valid
signature on the MAR file before it is applied).
Use the Tor Browser version instead of the Firefox version inside the
MAR file info block (necessary to prevent downgrade attacks).
Use NSS on all platforms for checking MAR signatures (instead of using
OS-native APIs, which Mozilla does on Mac OS and Windows). So that the
NSS and NSPR libraries the updater depends on can be found at runtime,
we add the firefox directory to the shared library search path on macOS.
On Linux, rpath is used by Mozilla to solve that problem, but that
approach won't work on macOS because the updater executable is copied
during the update process to a location that is under TorBrowser-Data,
and the location of TorBrowser-Data varies.
Also includes the fix for bug 18900.
---
.mozconfig | 1 +
.mozconfig-asan | 1 +
.mozconfig-mac | 1 +
.mozconfig-mingw | 1 +
modules/libmar/tool/mar.c | 6 +--
modules/libmar/tool/moz.build | 12 ++++--
modules/libmar/verify/moz.build | 14 +++---
.../mozapps/update/updater/updater-common.build | 24 +++++++++--
toolkit/mozapps/update/updater/updater.cpp | 25 +++++++----
toolkit/xre/moz.build | 3 ++
toolkit/xre/nsUpdateDriver.cpp | 50 ++++++++++++++++++++++
11 files changed, 113 insertions(+), 25 deletions(-)
diff --git a/.mozconfig b/.mozconfig
index 18cd1f9b6487..c50c57d410de 100755
--- a/.mozconfig
+++ b/.mozconfig
@@ -37,3 +37,4 @@ ac_add_options MOZ_TELEMETRY_REPORTING=
ac_add_options --disable-tor-launcher
ac_add_options --with-tor-browser-version=dev-build
ac_add_options --disable-tor-browser-update
+ac_add_options --enable-verify-mar
diff --git a/.mozconfig-asan b/.mozconfig-asan
index 98ea6ac6f3fe..8bee813bfee8 100644
--- a/.mozconfig-asan
+++ b/.mozconfig-asan
@@ -30,6 +30,7 @@ ac_add_options --enable-official-branding
ac_add_options --enable-default-toolkit=cairo-gtk3
ac_add_options --enable-tor-browser-update
+ac_add_options --enable-verify-mar
ac_add_options --disable-strip
ac_add_options --disable-install-strip
diff --git a/.mozconfig-mac b/.mozconfig-mac
index 26e2b6b92fdb..5b4624ef1f67 100644
--- a/.mozconfig-mac
+++ b/.mozconfig-mac
@@ -43,6 +43,7 @@ ac_add_options --disable-debug
ac_add_options --enable-tor-browser-data-outside-app-dir
ac_add_options --enable-tor-browser-update
+ac_add_options --enable-verify-mar
ac_add_options --disable-crashreporter
ac_add_options --disable-webrtc
diff --git a/.mozconfig-mingw b/.mozconfig-mingw
index 3ec6ff18a3e9..ce6ace1dad67 100644
--- a/.mozconfig-mingw
+++ b/.mozconfig-mingw
@@ -15,6 +15,7 @@ ac_add_options --enable-strip
ac_add_options --enable-official-branding
ac_add_options --enable-tor-browser-update
+ac_add_options --enable-verify-mar
ac_add_options --disable-bits-download
# Let's make sure no preference is enabling either Adobe's or Google's CDM.
diff --git a/modules/libmar/tool/mar.c b/modules/libmar/tool/mar.c
index 0bf2cb4bd1d4..ea2b79924914 100644
--- a/modules/libmar/tool/mar.c
+++ b/modules/libmar/tool/mar.c
@@ -65,7 +65,7 @@ static void print_usage() {
"signed_input_archive.mar base_64_encoded_signature_file "
"changed_signed_output.mar\n");
printf("(i) is the index of the certificate to extract\n");
-# if defined(XP_MACOSX) || (defined(XP_WIN) && !defined(MAR_NSS))
+# if (defined(XP_MACOSX) || defined(XP_WIN)) && !defined(MAR_NSS)
printf("Verify a MAR file:\n");
printf(" mar [-C workingDir] -D DERFilePath -v signed_archive.mar\n");
printf(
@@ -149,7 +149,7 @@ int main(int argc, char** argv) {
memset((void*)certBuffers, 0, sizeof(certBuffers));
#endif
#if !defined(NO_SIGN_VERIFY) && \
- ((!defined(MAR_NSS) && defined(XP_WIN)) || defined(XP_MACOSX))
+ (!defined(MAR_NSS) && (defined(XP_WIN) || defined(XP_MACOSX)))
memset(DERFilePaths, 0, sizeof(DERFilePaths));
memset(fileSizes, 0, sizeof(fileSizes));
#endif
@@ -181,7 +181,7 @@ int main(int argc, char** argv) {
argc -= 2;
}
#if !defined(NO_SIGN_VERIFY)
-# if (!defined(MAR_NSS) && defined(XP_WIN)) || defined(XP_MACOSX)
+# if (!defined(MAR_NSS) && (defined(XP_WIN) || defined(XP_MACOSX)))
/* -D DERFilePath, also matches -D[index] DERFilePath
We allow an index for verifying to be symmetric
with the import and export command line arguments. */
diff --git a/modules/libmar/tool/moz.build b/modules/libmar/tool/moz.build
index 19653fb0b073..8953af0bb15c 100644
--- a/modules/libmar/tool/moz.build
+++ b/modules/libmar/tool/moz.build
@@ -35,15 +35,21 @@ if CONFIG['MOZ_BUILD_APP'] != 'tools/update-packaging':
'verifymar',
]
+ if CONFIG['TOR_BROWSER_UPDATE']:
+ DEFINES['MAR_NSS'] = True
+
if CONFIG['OS_ARCH'] == 'WINNT':
USE_STATIC_LIBS = True
OS_LIBS += [
'ws2_32',
- 'crypt32',
- 'advapi32',
]
- elif CONFIG['OS_ARCH'] == 'Darwin':
+ if not CONFIG['TOR_BROWSER_UPDATE']:
+ OS_LIBS += [
+ 'crypt32',
+ 'advapi32',
+ ]
+ elif CONFIG['OS_ARCH'] == 'Darwin' and not CONFIG['TOR_BROWSER_UPDATE']:
OS_LIBS += [
'-framework Security',
]
diff --git a/modules/libmar/verify/moz.build b/modules/libmar/verify/moz.build
index 9f7dc56f8f8a..e1c6ced31c37 100644
--- a/modules/libmar/verify/moz.build
+++ b/modules/libmar/verify/moz.build
@@ -16,15 +16,12 @@ FORCE_STATIC_LIB = True
if CONFIG['OS_ARCH'] == 'WINNT':
USE_STATIC_LIBS = True
elif CONFIG['OS_ARCH'] == 'Darwin':
- UNIFIED_SOURCES += [
- 'MacVerifyCrypto.cpp',
- ]
- OS_LIBS += [
- '-framework Security',
+ USE_LIBS += [
+ 'nspr',
+ 'nss',
+ 'signmar',
]
else:
- DEFINES['MAR_NSS'] = True
- LOCAL_INCLUDES += ['../sign']
USE_LIBS += [
'nspr',
'nss',
@@ -38,6 +35,9 @@ else:
'-Wl,-rpath=\\$$ORIGIN',
]
+DEFINES['MAR_NSS'] = True
+LOCAL_INCLUDES += ['../sign']
+
LOCAL_INCLUDES += [
'../src',
]
diff --git a/toolkit/mozapps/update/updater/updater-common.build b/toolkit/mozapps/update/updater/updater-common.build
index 5898e92d465d..9f8365df8ade 100644
--- a/toolkit/mozapps/update/updater/updater-common.build
+++ b/toolkit/mozapps/update/updater/updater-common.build
@@ -4,6 +4,10 @@
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+DEFINES['MAR_NSS'] = True
+
+link_with_nss = DEFINES['MAR_NSS'] or (CONFIG['OS_ARCH'] == 'Linux' and CONFIG['MOZ_VERIFY_MAR_SIGNATURE'])
+
srcs = [
'archivereader.cpp',
'updater.cpp',
@@ -36,10 +40,14 @@ if CONFIG['OS_ARCH'] == 'WINNT':
'ws2_32',
'shell32',
'shlwapi',
- 'crypt32',
- 'advapi32',
]
+ if not link_with_nss:
+ OS_LIBS += [
+ 'crypt32',
+ 'advapi32',
+ ]
+
USE_LIBS += [
'bspatch',
'mar',
@@ -47,6 +55,13 @@ USE_LIBS += [
'xz-embedded',
]
+if link_with_nss:
+ USE_LIBS += [
+ 'nspr',
+ 'nss',
+ 'signmar',
+ ]
+
if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'gtk':
have_progressui = 1
srcs += [
@@ -61,9 +76,12 @@ if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'cocoa':
]
OS_LIBS += [
'-framework Cocoa',
- '-framework Security',
'-framework SystemConfiguration',
]
+ if not link_with_nss:
+ OS_LIBS += [
+ '-framework Security',
+ ]
UNIFIED_SOURCES += [
'/toolkit/xre/updaterfileutils_osx.mm',
]
diff --git a/toolkit/mozapps/update/updater/updater.cpp b/toolkit/mozapps/update/updater/updater.cpp
index 9a95c3b17761..aaec0b38dda0 100644
--- a/toolkit/mozapps/update/updater/updater.cpp
+++ b/toolkit/mozapps/update/updater/updater.cpp
@@ -106,9 +106,11 @@ struct UpdateServerThreadArgs {
# define USE_EXECV
#endif
-#if defined(MOZ_VERIFY_MAR_SIGNATURE) && !defined(XP_WIN) && !defined(XP_MACOSX)
-# include "nss.h"
-# include "prerror.h"
+#if defined(MOZ_VERIFY_MAR_SIGNATURE)
+# if defined(MAR_NSS) || (!defined(XP_WIN) && !defined(XP_MACOSX))
+# include "nss.h"
+# include "prerror.h"
+# endif
#endif
#include "crctable.h"
@@ -2738,8 +2740,13 @@ static void UpdateThreadFunc(void* param) {
if (ReadMARChannelIDs(updateSettingsPath, &MARStrings) != OK) {
rv = UPDATE_SETTINGS_FILE_CHANNEL;
} else {
+# ifdef TOR_BROWSER_UPDATE
+ const char* appVersion = TOR_BROWSER_VERSION_QUOTED;
+# else
+ const char* appVersion = MOZ_APP_VERSION;
+# endif
rv = gArchiveReader.VerifyProductInformation(MARStrings.MARChannelID,
- MOZ_APP_VERSION);
+ appVersion);
}
}
}
@@ -2940,11 +2947,10 @@ int NS_main(int argc, NS_tchar** argv) {
}
#endif
-#if defined(MOZ_VERIFY_MAR_SIGNATURE) && !defined(XP_WIN) && !defined(XP_MACOSX)
- // On Windows and Mac we rely on native APIs to do verifications so we don't
- // need to initialize NSS at all there.
- // Otherwise, minimize the amount of NSS we depend on by avoiding all the NSS
- // databases.
+#if defined(MOZ_VERIFY_MAR_SIGNATURE)
+# if defined(MAR_NSS) || (!defined(XP_WIN) && !defined(XP_MACOSX))
+ // If using NSS for signature verification, initialize NSS but minimize
+ // the portion we depend on by avoiding all of the NSS databases.
if (NSS_NoDB_Init(nullptr) != SECSuccess) {
PRErrorCode error = PR_GetError();
fprintf(stderr, "Could not initialize NSS: %s (%d)", PR_ErrorToName(error),
@@ -2952,6 +2958,7 @@ int NS_main(int argc, NS_tchar** argv) {
_exit(1);
}
#endif
+#endif
#ifdef XP_MACOSX
if (!isElevated) {
diff --git a/toolkit/xre/moz.build b/toolkit/xre/moz.build
index 7ba3be2fe241..6afab145c2b6 100644
--- a/toolkit/xre/moz.build
+++ b/toolkit/xre/moz.build
@@ -214,6 +214,9 @@ for var in ('APP_VERSION', 'APP_ID'):
if CONFIG['MOZ_BUILD_APP'] == 'browser':
DEFINES['MOZ_BUILD_APP_IS_BROWSER'] = True
+if CONFIG['TOR_BROWSER_UPDATE']:
+ DEFINES['MAR_NSS'] = True
+
LOCAL_INCLUDES += [
'../../other-licenses/nsis/Contrib/CityHash/cityhash',
'../components/find',
diff --git a/toolkit/xre/nsUpdateDriver.cpp b/toolkit/xre/nsUpdateDriver.cpp
index 55d1982504ed..1cbee302719f 100644
--- a/toolkit/xre/nsUpdateDriver.cpp
+++ b/toolkit/xre/nsUpdateDriver.cpp
@@ -360,6 +360,42 @@ static nsresult GetUpdateDirFromAppDir(nsIFile* aAppDir, nsIFile** aResult) {
# endif
#endif
+#if defined(TOR_BROWSER_UPDATE) && defined(MOZ_VERIFY_MAR_SIGNATURE) && \
+ defined(MAR_NSS) && defined(XP_MACOSX)
+/**
+ * Ideally we would save and restore the original library path value after
+ * the updater finishes its work (and before firefox is re-launched).
+ * Doing so would avoid potential problems like the following bug:
+ * https://bugzilla.mozilla.org/show_bug.cgi?id=1434033
+ */
+/**
+ * Appends the specified path to the library path.
+ * This is used so that the updater can find libnss3.dylib and other
+ * shared libs.
+ *
+ * @param pathToAppend A new library path to prepend to the dynamic linker's
+ * search path.
+ */
+# include "prprf.h"
+# define PATH_SEPARATOR ":"
+# define LD_LIBRARY_PATH_ENVVAR_NAME "DYLD_LIBRARY_PATH"
+static void AppendToLibPath(const char* pathToAppend) {
+ char* pathValue = getenv(LD_LIBRARY_PATH_ENVVAR_NAME);
+ if (nullptr == pathValue || '\0' == *pathValue) {
+ // Leak the string because that is required by PR_SetEnv.
+ char* s =
+ Smprintf("%s=%s", LD_LIBRARY_PATH_ENVVAR_NAME, pathToAppend).release();
+ PR_SetEnv(s);
+ } else {
+ // Leak the string because that is required by PR_SetEnv.
+ char* s = Smprintf("%s=%s" PATH_SEPARATOR "%s", LD_LIBRARY_PATH_ENVVAR_NAME,
+ pathToAppend, pathValue)
+ .release();
+ PR_SetEnv(s);
+ }
+}
+#endif
+
/**
* Applies, switches, or stages an update.
*
@@ -606,6 +642,20 @@ static void ApplyUpdate(nsIFile* greDir, nsIFile* updateDir, nsIFile* appDir,
PR_SetEnv("MOZ_SAFE_MODE_RESTART=1");
}
+#if defined(TOR_BROWSER_UPDATE) && defined(MOZ_VERIFY_MAR_SIGNATURE) && \
+ defined(MAR_NSS) && defined(XP_MACOSX)
+ // On macOS, append the app directory to the shared library search path
+ // so the system can locate the shared libraries that are needed by the
+ // updater, e.g., libnss3.dylib).
+ nsAutoCString appPath;
+ nsresult rv2 = appDir->GetNativePath(appPath);
+ if (NS_SUCCEEDED(rv2)) {
+ AppendToLibPath(appPath.get());
+ } else {
+ LOG(("ApplyUpdate -- appDir->GetNativePath() failed (0x%x)\n", rv2));
+ }
+#endif
+
LOG(("spawning updater process [%s]\n", updaterPath.get()));
#ifdef DEBUG
dump_argv("ApplyUpdate updater", argv, argc);
1
0
[tor-browser/tor-browser-78.10.0esr-10.5-1] Bug 19273: Avoid JavaScript patching of the external app helper dialog.
by sysrqb@torproject.org 14 Apr '21
by sysrqb@torproject.org 14 Apr '21
14 Apr '21
commit 7957bed7d23771e64cc41c042c870d75e19b0afe
Author: Kathy Brade <brade(a)pearlcrescent.com>
Date: Tue Jun 28 15:13:05 2016 -0400
Bug 19273: Avoid JavaScript patching of the external app helper dialog.
When handling an external URI or downloading a file, invoke Torbutton's
external app blocker component (which will present a download warning
dialog unless the user has checked the "Automatically download files
from now on" box).
For e10s compatibility, avoid using a modal dialog and instead use
a callback interface (nsIHelperAppWarningLauncher) to allow Torbutton
to indicate the user's desire to cancel or continue each request.
Other bugs fixed:
Bug 21766: Crash with e10s enabled while trying to download a file
Bug 21886: Download is stalled in non-e10s mode
Bug 22471: Downloading files via the PDF viewer download button is broken
Bug 22472: Fix FTP downloads when external helper app dialog is shown
Bug 22610: Avoid crashes when canceling external helper app downloads
Bug 22618: Downloading pdf file via file:/// is stalling
---
.../exthandler/nsExternalHelperAppService.cpp | 202 +++++++++++++++++----
uriloader/exthandler/nsExternalHelperAppService.h | 3 +
.../exthandler/nsIExternalHelperAppService.idl | 47 +++++
3 files changed, 217 insertions(+), 35 deletions(-)
diff --git a/uriloader/exthandler/nsExternalHelperAppService.cpp b/uriloader/exthandler/nsExternalHelperAppService.cpp
index 4ff7ed2e27cc..0dcc1d3ed6ab 100644
--- a/uriloader/exthandler/nsExternalHelperAppService.cpp
+++ b/uriloader/exthandler/nsExternalHelperAppService.cpp
@@ -132,6 +132,9 @@ static const char NEVER_ASK_FOR_SAVE_TO_DISK_PREF[] =
static const char NEVER_ASK_FOR_OPEN_FILE_PREF[] =
"browser.helperApps.neverAsk.openFile";
+static const char WARNING_DIALOG_CONTRACT_ID[] =
+ "@torproject.org/torbutton-extAppBlocker;1";
+
// Helper functions for Content-Disposition headers
/**
@@ -388,6 +391,22 @@ static nsresult GetDownloadDirectory(nsIFile** _directory,
return NS_OK;
}
+static already_AddRefed<nsIInterfaceRequestor> GetDialogParentAux(
+ BrowsingContext* aBrowsingContext, nsIInterfaceRequestor* aWindowContext) {
+ nsCOMPtr<nsIInterfaceRequestor> dialogParent = aWindowContext;
+
+ if (!dialogParent && aBrowsingContext) {
+ dialogParent = do_QueryInterface(aBrowsingContext->GetDOMWindow());
+ }
+ if (!dialogParent && aBrowsingContext && XRE_IsParentProcess()) {
+ RefPtr<Element> element = aBrowsingContext->Top()->GetEmbedderElement();
+ if (element) {
+ dialogParent = do_QueryInterface(element->OwnerDoc()->GetWindow());
+ }
+ }
+ return dialogParent.forget();
+}
+
/**
* Structure for storing extension->type mappings.
* @see defaultMimeEntries
@@ -544,6 +563,111 @@ static const nsDefaultMimeTypeEntry nonDecodableExtensions[] = {
{APPLICATION_COMPRESS, "z"},
{APPLICATION_GZIP, "svgz"}};
+//////////////////////////////////////////////////////////////////////////////////////////////////////
+// begin nsExternalLoadURIHandler class definition and implementation
+//////////////////////////////////////////////////////////////////////////////////////////////////////
+class nsExternalLoadURIHandler final : public nsIHelperAppWarningLauncher {
+ public:
+ NS_DECL_THREADSAFE_ISUPPORTS
+ NS_DECL_NSIHELPERAPPWARNINGLAUNCHER
+
+ nsExternalLoadURIHandler(nsIHandlerInfo* aHandlerInfo, nsIURI* aURI,
+ nsIPrincipal* aTriggeringPrincipal,
+ BrowsingContext* aBrowsingContext);
+
+ protected:
+ ~nsExternalLoadURIHandler();
+
+ nsCOMPtr<nsIHandlerInfo> mHandlerInfo;
+ nsCOMPtr<nsIURI> mURI;
+ nsCOMPtr<nsIPrincipal> mTriggeringPrincipal;
+ RefPtr<BrowsingContext> mBrowsingContext;
+ nsCOMPtr<nsIHelperAppWarningDialog> mWarningDialog;
+};
+
+NS_IMPL_ADDREF(nsExternalLoadURIHandler)
+NS_IMPL_RELEASE(nsExternalLoadURIHandler)
+
+NS_INTERFACE_MAP_BEGIN(nsExternalLoadURIHandler)
+ NS_INTERFACE_MAP_ENTRY_AMBIGUOUS(nsISupports, nsIHelperAppWarningLauncher)
+ NS_INTERFACE_MAP_ENTRY(nsIHelperAppWarningLauncher)
+NS_INTERFACE_MAP_END
+
+nsExternalLoadURIHandler::nsExternalLoadURIHandler(
+ nsIHandlerInfo* aHandlerInfo, nsIURI* aURI,
+ nsIPrincipal* aTriggeringPrincipal, BrowsingContext* aBrowsingContext)
+ : mHandlerInfo(aHandlerInfo),
+ mURI(aURI),
+ mTriggeringPrincipal(aTriggeringPrincipal),
+ mBrowsingContext(aBrowsingContext)
+
+{
+ nsresult rv = NS_OK;
+ mWarningDialog = do_CreateInstance(WARNING_DIALOG_CONTRACT_ID, &rv);
+ if (NS_SUCCEEDED(rv) && mWarningDialog) {
+ // This will create a reference cycle (the dialog holds a reference to us
+ // as nsIHelperAppWarningLauncher), which will be broken in ContinueRequest
+ // or CancelRequest.
+ nsCOMPtr<nsIInterfaceRequestor> dialogParent =
+ GetDialogParentAux(aBrowsingContext, nullptr);
+ rv = mWarningDialog->MaybeShow(this, dialogParent);
+ }
+
+ if (NS_FAILED(rv)) {
+ // If for some reason we could not open the download warning prompt,
+ // continue with the request.
+ ContinueRequest();
+ }
+}
+
+nsExternalLoadURIHandler::~nsExternalLoadURIHandler() {}
+
+NS_IMETHODIMP nsExternalLoadURIHandler::ContinueRequest() {
+ MOZ_ASSERT(mURI);
+ MOZ_ASSERT(mHandlerInfo);
+
+ // Break our reference cycle with the download warning dialog (set up in
+ // LoadURI).
+ mWarningDialog = nullptr;
+
+ nsHandlerInfoAction preferredAction;
+ mHandlerInfo->GetPreferredAction(&preferredAction);
+ bool alwaysAsk = true;
+ mHandlerInfo->GetAlwaysAskBeforeHandling(&alwaysAsk);
+
+ nsresult rv = NS_OK;
+ // If we are not supposed to ask, and the preferred action is to use
+ // a helper app or the system default, we just launch the URI.
+ if (!alwaysAsk && (preferredAction == nsIHandlerInfo::useHelperApp ||
+ preferredAction == nsIHandlerInfo::useSystemDefault)) {
+ rv = mHandlerInfo->LaunchWithURI(mURI, mBrowsingContext);
+ // We are not supposed to ask, but when file not found the user most likely
+ // uninstalled the application which handles the uri so we will continue
+ // by application chooser dialog.
+ if (rv != NS_ERROR_FILE_NOT_FOUND) {
+ return rv;
+ }
+ }
+
+ nsCOMPtr<nsIContentDispatchChooser> chooser =
+ do_CreateInstance("@mozilla.org/content-dispatch-chooser;1", &rv);
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ return chooser->Ask(mHandlerInfo, mURI, mTriggeringPrincipal,
+ mBrowsingContext,
+ nsIContentDispatchChooser::REASON_CANNOT_HANDLE);
+}
+
+NS_IMETHODIMP nsExternalLoadURIHandler::CancelRequest(nsresult aReason) {
+ NS_ENSURE_ARG(NS_FAILED(aReason));
+
+ // Break our reference cycle with the download warning dialog (set up in
+ // LoadURI).
+ mWarningDialog = nullptr;
+
+ return NS_OK;
+}
+
static StaticRefPtr<nsExternalHelperAppService> sExtHelperAppSvcSingleton;
/**
@@ -570,6 +694,9 @@ nsExternalHelperAppService::GetSingleton() {
return do_AddRef(sExtHelperAppSvcSingleton);
}
+//////////////////////////////////////////////////////////////////////////////////////////////////////
+// nsExternalHelperAppService definition and implementation
+//////////////////////////////////////////////////////////////////////////////////////////////////////
NS_IMPL_ISUPPORTS(nsExternalHelperAppService, nsIExternalHelperAppService,
nsPIExternalAppLauncher, nsIExternalProtocolService,
nsIMIMEService, nsIObserver, nsISupportsWeakReference)
@@ -1003,30 +1130,13 @@ nsExternalHelperAppService::LoadURI(nsIURI* aURI,
rv = GetProtocolHandlerInfo(scheme, getter_AddRefs(handler));
NS_ENSURE_SUCCESS(rv, rv);
- nsHandlerInfoAction preferredAction;
- handler->GetPreferredAction(&preferredAction);
- bool alwaysAsk = true;
- handler->GetAlwaysAskBeforeHandling(&alwaysAsk);
-
- // if we are not supposed to ask, and the preferred action is to use
- // a helper app or the system default, we just launch the URI.
- if (!alwaysAsk && (preferredAction == nsIHandlerInfo::useHelperApp ||
- preferredAction == nsIHandlerInfo::useSystemDefault)) {
- rv = handler->LaunchWithURI(uri, aBrowsingContext);
- // We are not supposed to ask, but when file not found the user most likely
- // uninstalled the application which handles the uri so we will continue
- // by application chooser dialog.
- if (rv != NS_ERROR_FILE_NOT_FOUND) {
- return rv;
- }
+ RefPtr<nsExternalLoadURIHandler> h = new nsExternalLoadURIHandler(
+ handler, uri, aTriggeringPrincipal, aBrowsingContext);
+ if (!h) {
+ return NS_ERROR_OUT_OF_MEMORY;
}
- nsCOMPtr<nsIContentDispatchChooser> chooser =
- do_CreateInstance("@mozilla.org/content-dispatch-chooser;1", &rv);
- NS_ENSURE_SUCCESS(rv, rv);
-
- return chooser->Ask(handler, uri, aTriggeringPrincipal, aBrowsingContext,
- nsIContentDispatchChooser::REASON_CANNOT_HANDLE);
+ return NS_OK;
}
//////////////////////////////////////////////////////////////////////////////////////////////////////
@@ -1171,6 +1281,7 @@ NS_INTERFACE_MAP_BEGIN(nsExternalAppHandler)
NS_INTERFACE_MAP_ENTRY(nsIStreamListener)
NS_INTERFACE_MAP_ENTRY(nsIRequestObserver)
NS_INTERFACE_MAP_ENTRY(nsIHelperAppLauncher)
+ NS_INTERFACE_MAP_ENTRY(nsIHelperAppWarningLauncher)
NS_INTERFACE_MAP_ENTRY(nsICancelable)
NS_INTERFACE_MAP_ENTRY(nsIBackgroundFileSaverObserver)
NS_INTERFACE_MAP_ENTRY(nsINamed)
@@ -1532,18 +1643,7 @@ void nsExternalAppHandler::MaybeApplyDecodingForExtension(
already_AddRefed<nsIInterfaceRequestor>
nsExternalAppHandler::GetDialogParent() {
- nsCOMPtr<nsIInterfaceRequestor> dialogParent = mWindowContext;
-
- if (!dialogParent && mBrowsingContext) {
- dialogParent = do_QueryInterface(mBrowsingContext->GetDOMWindow());
- }
- if (!dialogParent && mBrowsingContext && XRE_IsParentProcess()) {
- RefPtr<Element> element = mBrowsingContext->Top()->GetEmbedderElement();
- if (element) {
- dialogParent = do_QueryInterface(element->OwnerDoc()->GetWindow());
- }
- }
- return dialogParent.forget();
+ return GetDialogParentAux(mBrowsingContext, mWindowContext);
}
NS_IMETHODIMP nsExternalAppHandler::OnStartRequest(nsIRequest* request) {
@@ -1651,6 +1751,29 @@ NS_IMETHODIMP nsExternalAppHandler::OnStartRequest(nsIRequest* request) {
MOZ_ASSERT(NS_SUCCEEDED(rv));
}
+ mWarningDialog = do_CreateInstance(WARNING_DIALOG_CONTRACT_ID, &rv);
+ if (NS_SUCCEEDED(rv) && mWarningDialog) {
+ // This will create a reference cycle (the dialog holds a reference to us
+ // as nsIHelperAppWarningLauncher), which will be broken in ContinueRequest
+ // or CancelRequest.
+ nsCOMPtr<nsIInterfaceRequestor> dialogParent = GetDialogParent();
+ rv = mWarningDialog->MaybeShow(this, dialogParent);
+ }
+
+ if (NS_FAILED(rv)) {
+ // If for some reason we could not open the download warning prompt,
+ // continue with the request.
+ ContinueRequest();
+ }
+
+ return NS_OK;
+}
+
+NS_IMETHODIMP nsExternalAppHandler::ContinueRequest() {
+ // Break our reference cycle with the download warning dialog (set up in
+ // OnStartRequest).
+ mWarningDialog = nullptr;
+
// now that the temp file is set up, find out if we need to invoke a dialog
// asking the user what they want us to do with this content...
@@ -1736,6 +1859,7 @@ NS_IMETHODIMP nsExternalAppHandler::OnStartRequest(nsIRequest* request) {
action = nsIMIMEInfo::saveToDisk;
}
+ nsresult rv = NS_OK;
if (alwaysAsk) {
// Display the dialog
mDialog = do_CreateInstance(NS_HELPERAPPLAUNCHERDLG_CONTRACTID, &rv);
@@ -1793,6 +1917,14 @@ NS_IMETHODIMP nsExternalAppHandler::OnStartRequest(nsIRequest* request) {
return NS_OK;
}
+NS_IMETHODIMP nsExternalAppHandler::CancelRequest(nsresult aReason) {
+ // Break our reference cycle with the download warning dialog (set up in
+ // OnStartRequest).
+ mWarningDialog = nullptr;
+
+ return Cancel(aReason);
+}
+
// Convert error info into proper message text and send OnStatusChange
// notification to the dialog progress listener or nsITransfer implementation.
void nsExternalAppHandler::SendStatusChange(ErrorType type, nsresult rv,
@@ -2456,7 +2588,7 @@ NS_IMETHODIMP nsExternalAppHandler::Cancel(nsresult aReason) {
}
// Break our reference cycle with the helper app dialog (set up in
- // OnStartRequest)
+ // ContinueRequest)
mDialog = nullptr;
mRequest = nullptr;
diff --git a/uriloader/exthandler/nsExternalHelperAppService.h b/uriloader/exthandler/nsExternalHelperAppService.h
index f2bd67f64ccd..8c2d8817ac7b 100644
--- a/uriloader/exthandler/nsExternalHelperAppService.h
+++ b/uriloader/exthandler/nsExternalHelperAppService.h
@@ -203,6 +203,7 @@ class nsExternalHelperAppService : public nsIExternalHelperAppService,
*/
class nsExternalAppHandler final : public nsIStreamListener,
public nsIHelperAppLauncher,
+ public nsIHelperAppWarningLauncher,
public nsIBackgroundFileSaverObserver,
public nsINamed {
public:
@@ -210,6 +211,7 @@ class nsExternalAppHandler final : public nsIStreamListener,
NS_DECL_NSISTREAMLISTENER
NS_DECL_NSIREQUESTOBSERVER
NS_DECL_NSIHELPERAPPLAUNCHER
+ NS_DECL_NSIHELPERAPPWARNINGLAUNCHER
NS_DECL_NSICANCELABLE
NS_DECL_NSIBACKGROUNDFILESAVEROBSERVER
NS_DECL_NSINAMED
@@ -460,6 +462,7 @@ class nsExternalAppHandler final : public nsIStreamListener,
nsCOMPtr<nsITransfer> mTransfer;
nsCOMPtr<nsIHelperAppLauncherDialog> mDialog;
+ nsCOMPtr<nsIHelperAppWarningDialog> mWarningDialog;
/**
diff --git a/uriloader/exthandler/nsIExternalHelperAppService.idl b/uriloader/exthandler/nsIExternalHelperAppService.idl
index ea8b9b08f3e6..8b58671f7597 100644
--- a/uriloader/exthandler/nsIExternalHelperAppService.idl
+++ b/uriloader/exthandler/nsIExternalHelperAppService.idl
@@ -182,3 +182,50 @@ interface nsIHelperAppLauncher : nsICancelable
*/
readonly attribute uint64_t browsingContextId;
};
+
+/**
+ * nsIHelperAppWarningLauncher is implemented by two classes:
+ * nsExternalLoadURIHandler
+ * nsExternalAppHandler
+ */
+[scriptable, uuid(cffd508b-4aaf-43ad-99c6-671d35cbc558)]
+interface nsIHelperAppWarningLauncher : nsISupports
+{
+ /**
+ * Callback invoked by the external app warning dialog to continue the
+ * request.
+ * NOTE: This will release the reference to the nsIHelperAppWarningDialog.
+ */
+ void continueRequest();
+
+ /**
+ * Callback invoked by the external app warning dialog to cancel the request.
+ * NOTE: This will release the reference to the nsIHelperAppWarningDialog.
+ *
+ * @param aReason
+ * Pass a failure code to indicate the reason why this operation is
+ * being canceled. It is an error to pass a success code.
+ */
+ void cancelRequest(in nsresult aReason);
+};
+
+/**
+ * nsIHelperAppWarningDialog is implemented by Torbutton's external app
+ * blocker (src/components/external-app-blocker.js).
+ */
+[scriptable, uuid(f4899a3f-0df3-42cc-9db8-bdf599e5a208)]
+interface nsIHelperAppWarningDialog : nsISupports
+{
+ /**
+ * Possibly show a launch warning dialog (it will not be shown if the user
+ * has chosen to not see the warning again).
+ *
+ * @param aLauncher
+ * A nsIHelperAppWarningLauncher to be invoked after the user confirms
+ * or cancels the download.
+ * @param aWindowContext
+ * The window associated with the download.
+ */
+ void maybeShow(in nsIHelperAppWarningLauncher aLauncher,
+ in nsISupports aWindowContext);
+};
1
0
[tor-browser/tor-browser-78.10.0esr-10.5-1] Bug 16285: Exclude ClearKey system for now
by sysrqb@torproject.org 14 Apr '21
by sysrqb@torproject.org 14 Apr '21
14 Apr '21
commit ea0b88f429faa02a1f1d61d14383cd19c27e4c56
Author: Georg Koppen <gk(a)torproject.org>
Date: Mon May 22 12:44:40 2017 +0000
Bug 16285: Exclude ClearKey system for now
In the past the ClearKey system had not been compiled when specifying
--disable-eme. But that changed and it is even bundled nowadays (see:
Mozilla's bug 1300654). We don't want to ship it right now as the use
case for it is not really visible while the code had security
vulnerabilities in the past.
---
browser/installer/package-manifest.in | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in
index 792acb870afa..53b0b7ddf731 100644
--- a/browser/installer/package-manifest.in
+++ b/browser/installer/package-manifest.in
@@ -465,8 +465,8 @@ bin/libfreebl_64int_3.so
#endif
; media
-@RESPATH@/gmp-clearkey/0.1/@DLL_PREFIX@clearkey@DLL_SUFFIX@
-@RESPATH@/gmp-clearkey/0.1/manifest.json
+;@RESPATH@/gmp-clearkey/0.1/@DLL_PREFIX@clearkey@DLL_SUFFIX@
+;@RESPATH@/gmp-clearkey/0.1/manifest.json
#ifdef MOZ_DMD
; DMD
1
0
[tor-browser/tor-browser-78.10.0esr-10.5-1] Bug 21431: Clean-up system extensions shipped in Firefox
by sysrqb@torproject.org 14 Apr '21
by sysrqb@torproject.org 14 Apr '21
14 Apr '21
commit 6cb03649ffe62f21e369d98b508bfc275354b364
Author: Kathy Brade <brade(a)pearlcrescent.com>
Date: Tue May 23 17:05:29 2017 -0400
Bug 21431: Clean-up system extensions shipped in Firefox
Only ship the pdfjs extension.
---
browser/components/BrowserGlue.jsm | 6 ++++++
browser/extensions/moz.build | 5 -----
browser/installer/package-manifest.in | 1 -
browser/locales/Makefile.in | 8 --------
browser/locales/jar.mn | 7 -------
5 files changed, 6 insertions(+), 21 deletions(-)
diff --git a/browser/components/BrowserGlue.jsm b/browser/components/BrowserGlue.jsm
index 3b7d8d6e0309..3363e24a9b56 100644
--- a/browser/components/BrowserGlue.jsm
+++ b/browser/components/BrowserGlue.jsm
@@ -2076,6 +2076,9 @@ BrowserGlue.prototype = {
const ID = "screenshots(a)mozilla.org";
const _checkScreenshotsPref = async () => {
let addon = await AddonManager.getAddonByID(ID);
+ if (!addon) {
+ return;
+ }
let disabled = Services.prefs.getBoolPref(PREF, false);
if (disabled) {
await addon.disable({ allowSystemAddons: true });
@@ -2092,6 +2095,9 @@ BrowserGlue.prototype = {
const ID = "webcompat-reporter(a)mozilla.org";
Services.prefs.addObserver(PREF, async () => {
let addon = await AddonManager.getAddonByID(ID);
+ if (!addon) {
+ return;
+ }
let enabled = Services.prefs.getBoolPref(PREF, false);
if (enabled && !addon.isActive) {
await addon.enable({ allowSystemAddons: true });
diff --git a/browser/extensions/moz.build b/browser/extensions/moz.build
index fd2e65d01f02..499c59b8d6a5 100644
--- a/browser/extensions/moz.build
+++ b/browser/extensions/moz.build
@@ -5,12 +5,7 @@
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
DIRS += [
- 'doh-rollout',
- 'formautofill',
'pdfjs',
- 'screenshots',
- 'webcompat',
- 'report-site-issue'
]
if not CONFIG['TOR_BROWSER_DISABLE_TOR_LAUNCHER']:
diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in
index 53b0b7ddf731..ad7dd023a92e 100644
--- a/browser/installer/package-manifest.in
+++ b/browser/installer/package-manifest.in
@@ -268,7 +268,6 @@
@RESPATH@/browser/chrome/icons/default/default64.png
@RESPATH@/browser/chrome/icons/default/default128.png
#endif
-@RESPATH@/browser/features/*
; [DevTools Startup Files]
@RESPATH@/browser/chrome/devtools-startup@JAREXT@
diff --git a/browser/locales/Makefile.in b/browser/locales/Makefile.in
index 05f0242c5248..1fdf34d9460f 100644
--- a/browser/locales/Makefile.in
+++ b/browser/locales/Makefile.in
@@ -58,10 +58,6 @@ libs-%:
@$(MAKE) -C ../../toolkit/locales libs-$* XPI_ROOT_APPID='$(XPI_ROOT_APPID)'
@$(MAKE) -C ../../services/sync/locales AB_CD=$* XPI_NAME=locale-$*
@$(MAKE) -C ../../extensions/spellcheck/locales AB_CD=$* XPI_NAME=locale-$*
-ifneq (,$(wildcard ../extensions/formautofill/locales))
- @$(MAKE) -C ../extensions/formautofill/locales AB_CD=$* XPI_NAME=locale-$*
-endif
- @$(MAKE) -C ../extensions/report-site-issue/locales AB_CD=$* XPI_NAME=locale-$*
@$(MAKE) -C ../../devtools/client/locales AB_CD=$* XPI_NAME=locale-$* XPI_ROOT_APPID='$(XPI_ROOT_APPID)'
@$(MAKE) -C ../../devtools/startup/locales AB_CD=$* XPI_NAME=locale-$* XPI_ROOT_APPID='$(XPI_ROOT_APPID)'
@$(MAKE) libs AB_CD=$* XPI_NAME=locale-$* PREF_DIR=$(PREF_DIR)
@@ -75,14 +71,10 @@ chrome-%:
@$(MAKE) -C ../../toolkit/locales chrome-$*
@$(MAKE) -C ../../services/sync/locales chrome AB_CD=$*
@$(MAKE) -C ../../extensions/spellcheck/locales chrome AB_CD=$*
-ifneq (,$(wildcard ../extensions/formautofill/locales))
- @$(MAKE) -C ../extensions/formautofill/locales chrome AB_CD=$*
-endif
@$(MAKE) -C ../../devtools/client/locales chrome AB_CD=$*
@$(MAKE) -C ../../devtools/startup/locales chrome AB_CD=$*
@$(MAKE) chrome AB_CD=$*
@$(MAKE) -C $(DEPTH)/$(MOZ_BRANDING_DIRECTORY)/locales chrome AB_CD=$*
- @$(MAKE) -C ../extensions/report-site-issue/locales chrome AB_CD=$*
package-win32-installer: $(SUBMAKEFILES)
$(MAKE) -C ../installer/windows CONFIG_DIR=l10ngen ZIP_IN='$(ZIP_OUT)' installer
diff --git a/browser/locales/jar.mn b/browser/locales/jar.mn
index 31e2d3d870e6..ff577dfd4e7c 100644
--- a/browser/locales/jar.mn
+++ b/browser/locales/jar.mn
@@ -60,10 +60,3 @@
locale/browser/newInstall.dtd (%chrome/browser/newInstall.dtd)
locale/browser/brandings.dtd (%chrome/browser/brandings.dtd)
locale/browser/fxmonitor.properties (%chrome/browser/fxmonitor.properties)
-
-#ifdef XPI_NAME
-# Bug 1240628, restructure how l10n repacks work with feature addons
-# This is hacky, but ensures the chrome.manifest chain is complete
-[.] chrome.jar:
-% manifest features/chrome.manifest
-#endif
1
0
[tor-browser/tor-browser-78.10.0esr-10.5-1] Bug 16940: After update, load local change notes.
by sysrqb@torproject.org 14 Apr '21
by sysrqb@torproject.org 14 Apr '21
14 Apr '21
commit 1b3756eb8a8557c2526dcdfb35c78638c3db4cdd
Author: Kathy Brade <brade(a)pearlcrescent.com>
Date: Wed Nov 25 11:36:20 2015 -0500
Bug 16940: After update, load local change notes.
Add an about:tbupdate page that displays the first section from
TorBrowser/Docs/ChangeLog.txt and includes a link to the remote
post-update page (typically our blog entry for the release).
Always load about:tbupdate in a content process, but implement the
code that reads the file system (changelog) in the chrome process
for compatibility with future sandboxing efforts.
Also fix bug 29440. Now about:tbupdate is styled as a fairly simple
changelog page that is designed to be displayed via a link that is on
about:tor.
---
browser/actors/AboutTBUpdateChild.jsm | 53 ++++++++
browser/actors/moz.build | 5 +
.../base/content/abouttbupdate/aboutTBUpdate.css | 74 ++++++++++++
.../base/content/abouttbupdate/aboutTBUpdate.js | 10 ++
.../base/content/abouttbupdate/aboutTBUpdate.xhtml | 39 ++++++
browser/base/content/browser-siteIdentity.js | 2 +-
browser/base/content/browser.js | 4 +
browser/base/jar.mn | 5 +
browser/components/BrowserContentHandler.jsm | 55 ++++++---
browser/components/BrowserGlue.jsm | 25 ++++
browser/components/about/AboutRedirector.cpp | 6 +
browser/components/about/components.conf | 3 +
browser/components/moz.build | 5 +-
.../locales/en-US/chrome/browser/aboutTBUpdate.dtd | 8 ++
browser/locales/jar.mn | 3 +
browser/modules/AboutTBUpdate.jsm | 134 +++++++++++++++++++++
browser/modules/moz.build | 5 +
17 files changed, 420 insertions(+), 16 deletions(-)
diff --git a/browser/actors/AboutTBUpdateChild.jsm b/browser/actors/AboutTBUpdateChild.jsm
new file mode 100644
index 000000000000..91bb4dbba888
--- /dev/null
+++ b/browser/actors/AboutTBUpdateChild.jsm
@@ -0,0 +1,53 @@
+// Copyright (c) 2019, The Tor Project, Inc.
+// See LICENSE for licensing information.
+//
+// vim: set sw=2 sts=2 ts=8 et syntax=javascript:
+
+var EXPORTED_SYMBOLS = ["AboutTBUpdateChild"];
+
+const {ActorChild} = ChromeUtils.import("resource://gre/modules/ActorChild.jsm");
+
+class AboutTBUpdateChild extends ActorChild {
+ receiveMessage(aMessage) {
+ if (aMessage.name == "AboutTBUpdate:Update")
+ this.onUpdate(aMessage.data);
+ }
+
+ handleEvent(aEvent) {
+ switch (aEvent.type) {
+ case "AboutTBUpdateLoad":
+ this.onPageLoad();
+ break;
+ case "pagehide":
+ this.onPageHide(aEvent);
+ break;
+ }
+ }
+
+ // aData may contain the following string properties:
+ // version
+ // releaseDate
+ // moreInfoURL
+ // releaseNotes
+ onUpdate(aData) {
+ let doc = this.content.document;
+ doc.getElementById("version-content").textContent = aData.version;
+ if (aData.releaseDate) {
+ doc.body.setAttribute("havereleasedate", "true");
+ doc.getElementById("releasedate-content").textContent = aData.releaseDate;
+ }
+ if (aData.moreInfoURL)
+ doc.getElementById("infolink").setAttribute("href", aData.moreInfoURL);
+ doc.getElementById("releasenotes-content").textContent = aData.releaseNotes;
+ }
+
+ onPageLoad() {
+ this.mm.sendAsyncMessage("AboutTBUpdate:RequestUpdate");
+ }
+
+ onPageHide(aEvent) {
+ if (aEvent.target.defaultView.frameElement) {
+ return;
+ }
+ }
+}
diff --git a/browser/actors/moz.build b/browser/actors/moz.build
index 4b903146699e..e70f0f09fe3a 100644
--- a/browser/actors/moz.build
+++ b/browser/actors/moz.build
@@ -74,3 +74,8 @@ FINAL_TARGET_FILES.actors += [
'WebRTCChild.jsm',
'WebRTCParent.jsm',
]
+
+if CONFIG['TOR_BROWSER_UPDATE']:
+ FINAL_TARGET_FILES.actors += [
+ 'AboutTBUpdateChild.jsm',
+ ]
diff --git a/browser/base/content/abouttbupdate/aboutTBUpdate.css b/browser/base/content/abouttbupdate/aboutTBUpdate.css
new file mode 100644
index 000000000000..7c1a34b77f17
--- /dev/null
+++ b/browser/base/content/abouttbupdate/aboutTBUpdate.css
@@ -0,0 +1,74 @@
+/*
+ * Copyright (c) 2019, The Tor Project, Inc.
+ * See LICENSE for licensing information.
+ *
+ * vim: set sw=2 sts=2 ts=8 et syntax=css:
+ */
+
+:root {
+ --abouttor-text-color: white;
+ --abouttor-bg-toron-color: #420C5D;
+}
+
+body {
+ font-family: Helvetica, Arial, sans-serif;
+ color: var(--abouttor-text-color);
+ background-color: var(--abouttor-bg-toron-color);
+ background-attachment: fixed;
+ background-size: 100% 100%;
+}
+
+a {
+ color: var(--abouttor-text-color);
+}
+
+.two-column-grid {
+ display: inline-grid;
+ grid-template-columns: auto auto;
+ grid-column-gap: 50px;
+ margin: 10px 0px 0px 50px;
+}
+
+.two-column-grid div {
+ margin-top: 40px;
+ align-self: baseline; /* Align baseline of text across the row. */
+}
+
+.label-column {
+ font-size: 14px;
+ font-weight: 400;
+}
+
+/*
+ * Use a reduced top margin to bring the row that contains the
+ * "visit our website" link closer to the row that precedes it. This
+ * looks better because the "visit our website" row does not have a
+ * label in the left column.
+ */
+div.more-info-row {
+ margin-top: 5px;
+ font-size: 14px;
+}
+
+#version-content {
+ font-size: 50px;
+ font-weight: 300;
+}
+
+body:not([havereleasedate]) .release-date-cell {
+ display: none;
+}
+
+#releasedate-content {
+ font-size: 17px;
+}
+
+#releasenotes-label {
+ align-self: start; /* Anchor "Release Notes" label at the top. */
+}
+
+#releasenotes-content {
+ font-family: monospace;
+ font-size: 15px;
+ white-space: pre;
+}
diff --git a/browser/base/content/abouttbupdate/aboutTBUpdate.js b/browser/base/content/abouttbupdate/aboutTBUpdate.js
new file mode 100644
index 000000000000..da7553f0ae81
--- /dev/null
+++ b/browser/base/content/abouttbupdate/aboutTBUpdate.js
@@ -0,0 +1,10 @@
+// Copyright (c) 2019, The Tor Project, Inc.
+// See LICENSE for licensing information.
+//
+// vim: set sw=2 sts=2 ts=8 et syntax=javascript:
+
+
+addEventListener("load", () => {
+ let event = new CustomEvent("AboutTBUpdateLoad", { bubbles: true });
+ document.dispatchEvent(event);
+});
diff --git a/browser/base/content/abouttbupdate/aboutTBUpdate.xhtml b/browser/base/content/abouttbupdate/aboutTBUpdate.xhtml
new file mode 100644
index 000000000000..8489cfef5083
--- /dev/null
+++ b/browser/base/content/abouttbupdate/aboutTBUpdate.xhtml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!DOCTYPE html [
+ <!ENTITY % htmlDTD
+ PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
+ "DTD/xhtml1-strict.dtd">
+ %htmlDTD;
+ <!ENTITY % globalDTD SYSTEM "chrome://global/locale/global.dtd">
+ %globalDTD;
+ <!ENTITY % tbUpdateDTD SYSTEM "chrome://browser/locale/aboutTBUpdate.dtd">
+ %tbUpdateDTD;
+]>
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+ <meta http-equiv="Content-Security-Policy" content="default-src chrome:; object-src 'none'" />
+ <title>&aboutTBUpdate.changelogTitle;</title>
+ <link rel="stylesheet" type="text/css"
+ href="chrome://browser/content/abouttbupdate/aboutTBUpdate.css"/>
+ <script src="chrome://browser/content/abouttbupdate/aboutTBUpdate.js"
+ type="text/javascript"/>
+</head>
+<body dir="&locale.dir;">
+<div class="two-column-grid">
+ <div class="label-column">&aboutTBUpdate.version;</div>
+ <div id="version-content"/>
+
+ <div class="label-column release-date-cell">&aboutTBUpdate.releaseDate;</div>
+ <div id="releasedate-content" class="release-date-cell"/>
+
+ <div class="more-info-row"/>
+ <div class="more-info-row">&aboutTBUpdate.linkPrefix;<a id="infolink">&aboutTBUpdate.linkLabel;</a>&aboutTBUpdate.linkSuffix;</div>
+
+ <div id="releasenotes-label"
+ class="label-column">&aboutTBUpdate.releaseNotes;</div>
+ <div id="releasenotes-content"></div>
+</div>
+</body>
+</html>
diff --git a/browser/base/content/browser-siteIdentity.js b/browser/base/content/browser-siteIdentity.js
index 29f95ae4129f..1d6f9555b33f 100644
--- a/browser/base/content/browser-siteIdentity.js
+++ b/browser/base/content/browser-siteIdentity.js
@@ -57,7 +57,7 @@ var gIdentityHandler = {
* RegExp used to decide if an about url should be shown as being part of
* the browser UI.
*/
- _secureInternalUIWhitelist: /^(?:accounts|addons|cache|certificate|config|crashes|downloads|license|logins|preferences|protections|rights|sessionrestore|support|welcomeback)(?:[?#]|$)/i,
+ _secureInternalUIWhitelist: (AppConstants.TOR_BROWSER_UPDATE ? /^(?:accounts|addons|cache|certificate|config|crashes|downloads|license|logins|preferences|protections|rights|sessionrestore|support|welcomeback|tor|tbupdate)(?:[?#]|$)/i : /^(?:accounts|addons|cache|certificate|config|crashes|downloads|license|logins|preferences|protections|rights|sessionrestore|support|welcomeback|tor)(?:[?#]|$)/i),
/**
* Whether the established HTTPS connection is considered "broken".
diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js
index 3c342dedd5d4..036d92e131da 100644
--- a/browser/base/content/browser.js
+++ b/browser/base/content/browser.js
@@ -631,6 +631,10 @@ var gInitialPages = [
"about:newinstall",
];
+if (AppConstants.TOR_BROWSER_UPDATE) {
+ gInitialPages.push("about:tbupdate");
+}
+
function isInitialPage(url) {
if (!(url instanceof Ci.nsIURI)) {
try {
diff --git a/browser/base/jar.mn b/browser/base/jar.mn
index a2e1f9c259d2..df65349796b5 100644
--- a/browser/base/jar.mn
+++ b/browser/base/jar.mn
@@ -29,6 +29,11 @@ browser.jar:
content/browser/aboutTabCrashed.css (content/aboutTabCrashed.css)
content/browser/aboutTabCrashed.js (content/aboutTabCrashed.js)
content/browser/aboutTabCrashed.xhtml (content/aboutTabCrashed.xhtml)
+#ifdef TOR_BROWSER_UPDATE
+ content/browser/abouttbupdate/aboutTBUpdate.xhtml (content/abouttbupdate/aboutTBUpdate.xhtml)
+ content/browser/abouttbupdate/aboutTBUpdate.js (content/abouttbupdate/aboutTBUpdate.js)
+ content/browser/abouttbupdate/aboutTBUpdate.css (content/abouttbupdate/aboutTBUpdate.css)
+#endif
* content/browser/browser.css (content/browser.css)
content/browser/browser.js (content/browser.js)
* content/browser/browser.xhtml (content/browser.xhtml)
diff --git a/browser/components/BrowserContentHandler.jsm b/browser/components/BrowserContentHandler.jsm
index 9f5b6ab0218c..1cc1015414fc 100644
--- a/browser/components/BrowserContentHandler.jsm
+++ b/browser/components/BrowserContentHandler.jsm
@@ -650,6 +650,23 @@ nsBrowserContentHandler.prototype = {
}
}
+ // Retrieve the home page early so we can compare it against about:tor
+ // to decide whether or not we need an override page (second tab) after
+ // an update was applied.
+ var startPage = "";
+ try {
+ var choice = prefb.getIntPref("browser.startup.page");
+ if (choice == 1 || choice == 3) {
+ startPage = HomePage.get();
+ }
+ } catch (e) {
+ Cu.reportError(e);
+ }
+
+ if (startPage == "about:blank") {
+ startPage = "";
+ }
+
var override;
var overridePage = "";
var additionalPage = "";
@@ -701,6 +718,16 @@ nsBrowserContentHandler.prototype = {
// into account because that requires waiting for the session file
// to be read. If a crash occurs after updating, before restarting,
// we may open the startPage in addition to restoring the session.
+ //
+ // Tor Browser: Instead of opening the post-update "override page"
+ // directly, we ensure that about:tor will be opened in a special
+ // mode that notifies the user that their browser was updated.
+ // The about:tor page will provide a link to the override page
+ // where the user can learn more about the update, as well as a
+ // link to the Tor Browser changelog page (about:tbupdate). The
+ // override page URL comes from the openURL attribute within the
+ // updates.xml file or, if no showURL action is present, from the
+ // startup.homepage_override_url pref.
willRestoreSession = SessionStartup.isAutomaticRestoreEnabled();
overridePage = Services.urlFormatter.formatURLPref(
@@ -720,6 +747,20 @@ nsBrowserContentHandler.prototype = {
overridePage = overridePage.replace("%OLD_VERSION%", old_mstone);
overridePage = overridePage.replace("%OLD_TOR_BROWSER_VERSION%",
old_tbversion);
+#ifdef TOR_BROWSER_UPDATE
+ if (overridePage)
+ {
+ prefb.setCharPref("torbrowser.post_update.url", overridePage);
+ prefb.setBoolPref("torbrowser.post_update.shouldNotify", true);
+ // If the user's homepage is about:tor, we will inform them
+ // about the update on that page; otherwise, we arrange to
+ // open about:tor in a secondary tab.
+ if (startPage === "about:tor")
+ overridePage = "";
+ else
+ overridePage = "about:tor";
+ }
+#endif
break;
case OVERRIDE_NEW_BUILD_ID:
if (UpdateManager.activeUpdate) {
@@ -792,20 +833,6 @@ nsBrowserContentHandler.prototype = {
}
}
- var startPage = "";
- try {
- var choice = prefb.getIntPref("browser.startup.page");
- if (choice == 1 || choice == 3) {
- startPage = HomePage.get();
- }
- } catch (e) {
- Cu.reportError(e);
- }
-
- if (startPage == "about:blank") {
- startPage = "";
- }
-
let skipStartPage =
(override == OVERRIDE_NEW_PROFILE ||
override == OVERRIDE_ALTERNATE_PROFILE) &&
diff --git a/browser/components/BrowserGlue.jsm b/browser/components/BrowserGlue.jsm
index 0a3555f26432..3b7d8d6e0309 100644
--- a/browser/components/BrowserGlue.jsm
+++ b/browser/components/BrowserGlue.jsm
@@ -560,6 +560,22 @@ let LEGACY_ACTORS = {
},
};
+if (AppConstants.TOR_BROWSER_UPDATE) {
+ LEGACY_ACTORS["AboutTBUpdate"] = {
+ child: {
+ module: "resource:///actors/AboutTBUpdateChild.jsm",
+ events: {
+ "AboutTBUpdateLoad": {wantUntrusted: true},
+ "pagehide": {capture: true},
+ },
+ matches: ["about:tbupdate"],
+ messages: [
+ "AboutTBUpdate:Update",
+ ],
+ }
+ };
+}
+
(function earlyBlankFirstPaint() {
if (
AppConstants.platform == "macosx" ||
@@ -747,6 +763,11 @@ if (AppConstants.MOZ_CRASHREPORTER) {
});
}
+if (AppConstants.TOR_BROWSER_UPDATE) {
+ XPCOMUtils.defineLazyModuleGetter(this, "AboutTBUpdate",
+ "resource:///modules/AboutTBUpdate.jsm");
+}
+
XPCOMUtils.defineLazyGetter(this, "gBrandBundle", function() {
return Services.strings.createBundle(
"chrome://branding/locale/brand.properties"
@@ -2200,6 +2221,10 @@ BrowserGlue.prototype = {
AsanReporter.init();
}
+ if (AppConstants.TOR_BROWSER_UPDATE) {
+ AboutTBUpdate.init();
+ }
+
Sanitizer.onStartup();
this._scheduleStartupIdleTasks();
this._lateTasksIdleObserver = (idleService, topic, data) => {
diff --git a/browser/components/about/AboutRedirector.cpp b/browser/components/about/AboutRedirector.cpp
index 1471e10bf0db..933d519bd959 100644
--- a/browser/components/about/AboutRedirector.cpp
+++ b/browser/components/about/AboutRedirector.cpp
@@ -120,6 +120,12 @@ static const RedirEntry kRedirMap[] = {
nsIAboutModule::URI_CAN_LOAD_IN_PRIVILEGEDABOUT_PROCESS},
{"pioneer", "chrome://browser/content/pioneer.html",
nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::HIDE_FROM_ABOUTABOUT},
+#ifdef TOR_BROWSER_UPDATE
+ {"tbupdate", "chrome://browser/content/abouttbupdate/aboutTBUpdate.xhtml",
+ nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT |
+ nsIAboutModule::URI_MUST_LOAD_IN_CHILD | nsIAboutModule::ALLOW_SCRIPT |
+ nsIAboutModule::HIDE_FROM_ABOUTABOUT},
+#endif
};
static nsAutoCString GetAboutModuleName(nsIURI* aURI) {
diff --git a/browser/components/about/components.conf b/browser/components/about/components.conf
index bf0c6c096847..f31159d30e15 100644
--- a/browser/components/about/components.conf
+++ b/browser/components/about/components.conf
@@ -32,6 +32,9 @@ pages = [
'welcomeback',
]
+if defined('TOR_BROWSER_UPDATE'):
+ pages.append('tbupdate')
+
Classes = [
{
'cid': '{7e4bb6ad-2fc4-4dc6-89ef-23e8e5ccf980}',
diff --git a/browser/components/moz.build b/browser/components/moz.build
index c75c10b0c92d..cf3f566eba71 100644
--- a/browser/components/moz.build
+++ b/browser/components/moz.build
@@ -90,11 +90,14 @@ EXTRA_COMPONENTS += [
]
EXTRA_JS_MODULES += [
- 'BrowserContentHandler.jsm',
'BrowserGlue.jsm',
'distribution.js',
]
+EXTRA_PP_JS_MODULES += [
+ 'BrowserContentHandler.jsm',
+]
+
BROWSER_CHROME_MANIFESTS += [
'safebrowsing/content/test/browser.ini',
'tests/browser/browser.ini',
diff --git a/browser/locales/en-US/chrome/browser/aboutTBUpdate.dtd b/browser/locales/en-US/chrome/browser/aboutTBUpdate.dtd
new file mode 100644
index 000000000000..2d1e59b40eaf
--- /dev/null
+++ b/browser/locales/en-US/chrome/browser/aboutTBUpdate.dtd
@@ -0,0 +1,8 @@
+<!ENTITY aboutTBUpdate.changelogTitle "Tor Browser Changelog">
+<!ENTITY aboutTBUpdate.updated "Tor Browser has been updated.">
+<!ENTITY aboutTBUpdate.linkPrefix "For the most up-to-date information about this release, ">
+<!ENTITY aboutTBUpdate.linkLabel "visit our website">
+<!ENTITY aboutTBUpdate.linkSuffix ".">
+<!ENTITY aboutTBUpdate.version "Version">
+<!ENTITY aboutTBUpdate.releaseDate "Release Date">
+<!ENTITY aboutTBUpdate.releaseNotes "Release Notes">
diff --git a/browser/locales/jar.mn b/browser/locales/jar.mn
index ca892a187adf..31e2d3d870e6 100644
--- a/browser/locales/jar.mn
+++ b/browser/locales/jar.mn
@@ -20,6 +20,9 @@
locale/browser/accounts.properties (%chrome/browser/accounts.properties)
locale/browser/app-extension-fields.properties (%chrome/browser/app-extension-fields.properties)
+#ifdef TOR_BROWSER_UPDATE
+ locale/browser/aboutTBUpdate.dtd (%chrome/browser/aboutTBUpdate.dtd)
+#endif
locale/browser/browser.dtd (%chrome/browser/browser.dtd)
locale/browser/baseMenuOverlay.dtd (%chrome/browser/baseMenuOverlay.dtd)
locale/browser/browser.properties (%chrome/browser/browser.properties)
diff --git a/browser/modules/AboutTBUpdate.jsm b/browser/modules/AboutTBUpdate.jsm
new file mode 100644
index 000000000000..996e2e8394aa
--- /dev/null
+++ b/browser/modules/AboutTBUpdate.jsm
@@ -0,0 +1,134 @@
+// Copyright (c) 2019, The Tor Project, Inc.
+// See LICENSE for licensing information.
+//
+// vim: set sw=2 sts=2 ts=8 et syntax=javascript:
+
+"use strict";
+
+var Cc = Components.classes;
+var Ci = Components.interfaces;
+var Cu = Components.utils;
+
+this.EXPORTED_SYMBOLS = [ "AboutTBUpdate" ];
+
+Cu.import("resource://gre/modules/Services.jsm");
+Cu.import("resource://gre/modules/NetUtil.jsm");
+
+const kRequestUpdateMessageName = "AboutTBUpdate:RequestUpdate";
+const kSendUpdateMessageName = "AboutTBUpdate:Update";
+
+#expand const TOR_BROWSER_VERSION = __TOR_BROWSER_VERSION_QUOTED__;
+
+/**
+ * This code provides services to the about:tbupdate page. Whenever
+ * about:tbupdate needs to do something chrome-privileged, it sends a
+ * message that's handled here. It is modeled after Mozilla's about:home
+ * implementation.
+ */
+var AboutTBUpdate = {
+ init: function() {
+ Services.mm.addMessageListener(kRequestUpdateMessageName, this);
+ },
+
+ receiveMessage: function(aMessage) {
+ if (aMessage.name == kRequestUpdateMessageName)
+ this.sendAboutTBUpdateData(aMessage.target);
+ },
+
+ sendAboutTBUpdateData: function(aTarget) {
+ let data = this.releaseNoteInfo;
+ data.moreInfoURL = this.moreInfoURL;
+ if (aTarget && aTarget.messageManager) {
+ aTarget.messageManager.sendAsyncMessage(kSendUpdateMessageName, data);
+ } else {
+ Services.mm.broadcastAsyncMessage(kSendUpdateMessageName, data);
+ }
+ },
+
+ get moreInfoURL() {
+ try {
+ return Services.prefs.getCharPref("torbrowser.post_update.url");
+ } catch (e) {}
+
+ // Use the default URL as a fallback.
+ return Services.urlFormatter.formatURLPref("startup.homepage_override_url");
+ },
+
+ // Read the text from the beginning of the changelog file that is located
+ // at TorBrowser/Docs/ChangeLog.txt and return an object that contains
+ // the following properties:
+ // version e.g., Tor Browser 8.5
+ // releaseDate e.g., March 31 2019
+ // releaseNotes details of changes (lines 2 - end of ChangeLog.txt)
+ // We attempt to parse the first line of ChangeLog.txt to extract the
+ // version and releaseDate. If parsing fails, we return the entire first
+ // line in version and omit releaseDate.
+ //
+ // On Mac OS, when building with --enable-tor-browser-data-outside-app-dir
+ // to support Gatekeeper signing, the ChangeLog.txt file is located in
+ // TorBrowser.app/Contents/Resources/TorBrowser/Docs/.
+ get releaseNoteInfo() {
+ let info = {};
+
+ try {
+#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR
+ // "XREExeF".parent is the directory that contains firefox, i.e.,
+ // Browser/ or, on Mac OS, TorBrowser.app/Contents/MacOS/.
+ let f = Services.dirsvc.get("XREExeF", Ci.nsIFile).parent;
+#ifdef XP_MACOSX
+ f = f.parent;
+ f.append("Resources");
+#endif
+ f.append("TorBrowser");
+#else
+ // "DefProfRt" is .../TorBrowser/Data/Browser
+ let f = Cc["@mozilla.org/file/directory_service;1"]
+ .getService(Ci.nsIProperties).get("DefProfRt", Ci.nsIFile);
+ f = f.parent.parent; // Remove "Data/Browser"
+#endif
+ f.append("Docs");
+ f.append("ChangeLog.txt");
+
+ let fs = Cc["@mozilla.org/network/file-input-stream;1"]
+ .createInstance(Ci.nsIFileInputStream);
+ fs.init(f, -1, 0, 0);
+ let s = NetUtil.readInputStreamToString(fs, fs.available());
+ fs.close();
+
+ // Truncate at the first empty line.
+ s = s.replace(/[\r\n][\r\n][\s\S]*$/m, "");
+
+ // Split into first line (version plus releaseDate) and
+ // remainder (releaseNotes).
+ // This first match() uses multiline mode with two capture groups:
+ // first line: (.*$)
+ // remaining lines: ([\s\S]+)
+ // [\s\S] matches all characters including end of line. This trick
+ // is needed because when using JavaScript regex in multiline mode,
+ // . does not match an end of line character.
+ let matchArray = s.match(/(.*$)\s*([\s\S]+)/m);
+ if (matchArray && (matchArray.length == 3)) {
+ info.releaseNotes = matchArray[2];
+ let line1 = matchArray[1];
+ // Extract the version and releaseDate. The first line looks like:
+ // Tor Browser 8.5 -- May 1 2019
+ // The regex uses two capture groups:
+ // text that does not include a hyphen: (^[^-]*)
+ // remaining text: (.*$)
+ // In between we match optional whitespace, one or more hyphens, and
+ // optional whitespace by using: \s*-+\s*
+ matchArray = line1.match(/(^[^-]*)\s*-+\s*(.*$)/);
+ if (matchArray && (matchArray.length == 3)) {
+ info.version = matchArray[1];
+ info.releaseDate = matchArray[2];
+ } else {
+ info.version = line1; // Match failed: return entire line in version.
+ }
+ } else {
+ info.releaseNotes = s; // Only one line: use as releaseNotes.
+ }
+ } catch (e) {}
+
+ return info;
+ },
+};
diff --git a/browser/modules/moz.build b/browser/modules/moz.build
index 88f2a55d6f49..61fe5371e48f 100644
--- a/browser/modules/moz.build
+++ b/browser/modules/moz.build
@@ -160,6 +160,11 @@ EXTRA_JS_MODULES += [
'ZoomUI.jsm',
]
+if CONFIG['TOR_BROWSER_UPDATE']:
+ EXTRA_PP_JS_MODULES += [
+ 'AboutTBUpdate.jsm',
+ ]
+
if CONFIG['MOZ_ASAN_REPORTER']:
EXTRA_JS_MODULES += [
'AsanReporter.jsm',
1
0