- tbb-commits - lists.torproject.org

[tor-browser-build/maint-9.0] Changelog update and build2
by sysrqb＠torproject.org 06 Feb '20

06 Feb '20

commit b334967863adbacfb05ebddc3933da6edcbb51c0 Author: Matthew Finkel <sysrqb(a)torproject.org> Date: Thu Feb 6 16:59:48 2020 +0000 Changelog update and build2 --- projects/firefox/config | 2 +- projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt | 3 +++ rbm.conf | 2 +- 3 files changed, 5 insertions(+), 2 deletions(-) diff --git a/projects/firefox/config b/projects/firefox/config index ccb9ec8..87010ee 100644 --- a/projects/firefox/config +++ b/projects/firefox/config @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 version: '[% c("abbrev") %]' filename: 'firefox-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %]' -git_hash: 'tor-browser-[% c("var/firefox_version") %]-[% c("var/torbrowser_branch") %]-1-build1' +git_hash: 'tor-browser-[% c("var/firefox_version") %]-[% c("var/torbrowser_branch") %]-1-build2' tag_gpg_id: 1 git_url: https://git.torproject.org/tor-browser.git git_submodule: 1 diff --git a/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt b/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt index 9ad5b4f..c576cdf 100644 --- a/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt +++ b/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt @@ -9,6 +9,9 @@ Tor Browser 9.0.5 -- February 11 2020 * Bump Tor to 0.4.2.6 * Windows * Bug 32132: Re-enable jemalloc for Windows users + * Build System + * All Platforms + * Bug 32739: Bump clang to 8.0.1 Tor Browser 9.0.4 -- January 9 2020 * All Platforms diff --git a/rbm.conf b/rbm.conf index c394689..5e43719 100644 --- a/rbm.conf +++ b/rbm.conf @@ -25,7 +25,7 @@ buildconf: var: torbrowser_version: '9.0.5' - torbrowser_build: 'build1' + torbrowser_build: 'build2' torbrowser_incremental_from: - 9.0.4 project_name: tor-browser

1 0

[tor-browser-build/maint-9.0] Release preparations for 9.0.5
by sysrqb＠torproject.org 06 Feb '20

06 Feb '20

commit 06470dd9dc737547d43b1e15b96b441b0601add4 Author: Matthew Finkel <sysrqb(a)torproject.org> Date: Thu Feb 6 14:28:17 2020 +0000 Release preparations for 9.0.5 Versions bump and Changelog update --- projects/firefox/config | 2 +- projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt | 12 ++++++++++++ projects/tor-browser/config | 4 ++-- projects/tor/config | 2 +- rbm.conf | 5 ++--- 5 files changed, 18 insertions(+), 7 deletions(-) diff --git a/projects/firefox/config b/projects/firefox/config index f50af8c..ccb9ec8 100644 --- a/projects/firefox/config +++ b/projects/firefox/config @@ -8,7 +8,7 @@ git_submodule: 1 gpg_keyring: torbutton.gpg var: - firefox_platform_version: 68.4.1 + firefox_platform_version: 68.5.0 firefox_version: '[% c("var/firefox_platform_version") %]esr' torbrowser_branch: 9.0 torbrowser_update_channel: alpha diff --git a/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt b/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt index 78dd726..9ad5b4f 100644 --- a/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt +++ b/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt @@ -1,3 +1,15 @@ +Tor Browser 9.0.5 -- February 11 2020 + * All Platforms + * Update Firefox to 68.5.0esr + * Bump NoScript to 11.0.13 + * Bug 32053: Fix LLVM reproducibility issues + * Bug 32255: Missing ORIGIN header breaks CORS + * Bug 32891: Add new default bridges + * Windows + OS X + Linux + * Bump Tor to 0.4.2.6 + * Windows + * Bug 32132: Re-enable jemalloc for Windows users + Tor Browser 9.0.4 -- January 9 2020 * All Platforms * Update Firefox to 68.4.1esr diff --git a/projects/tor-browser/config b/projects/tor-browser/config index c4de769..4e8ee14 100644 --- a/projects/tor-browser/config +++ b/projects/tor-browser/config @@ -73,9 +73,9 @@ input_files: enable: '[% c("var/snowflake") %]' - filename: Bundle-Data enable: '[% ! c("var/android") %]' - - URL: https://addons.cdn.mozilla.net/user-media/addons/722/noscript_security_suit… + - URL: https://addons.cdn.mozilla.net/user-media/addons/722/noscript_security_suit… name: noscript - sha256sum: 1b0daa12e1b8fbc8e30e7bdb5689b12774aaa9f883cb3e9ad57943a883ce65b5 + sha256sum: ced718d9d9e719547db392ad85d24a7ad5c6b54cc0f93f9c57f2fcb44bb4de56 - filename: 'RelativeLink/start-tor-browser.desktop' enable: '[% c("var/linux") %]' - filename: 'RelativeLink/execdesktop' diff --git a/projects/tor/config b/projects/tor/config index 4a1045c..45e2a63 100644 --- a/projects/tor/config +++ b/projects/tor/config @@ -1,6 +1,6 @@ # vim: filetype=yaml sw=2 filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %]' -version: 0.4.2.5 +version: 0.4.2.6 git_hash: 'tor-[% c("version") %]' git_url: https://git.torproject.org/tor.git git_submodule: 1 diff --git a/rbm.conf b/rbm.conf index d8fccd1..c394689 100644 --- a/rbm.conf +++ b/rbm.conf @@ -24,11 +24,10 @@ buildconf: git_signtag_opt: '-s' var: - torbrowser_version: '9.0.4' + torbrowser_version: '9.0.5' torbrowser_build: 'build1' torbrowser_incremental_from: - - 9.0.2 - - 9.0.3 + - 9.0.4 project_name: tor-browser multi_lingual: 0 build_mar: 1

1 0

[tor-browser-build/master] Add missing '#' characters in license headers
by gk＠torproject.org 06 Feb '20

06 Feb '20

commit 28c15aa19da511b213ef6e1708116013fbaef9a3 Author: Georg Koppen <gk(a)torproject.org> Date: Thu Feb 6 10:20:22 2020 +0000 Add missing '#' characters in license headers --- tools/authenticode_check.sh | 2 +- tools/hash_signed_bundles.sh | 2 +- tools/marsigning_check.sh | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/tools/authenticode_check.sh b/tools/authenticode_check.sh index 819c9d1..5d3b4cc 100755 --- a/tools/authenticode_check.sh +++ b/tools/authenticode_check.sh @@ -5,7 +5,7 @@ # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions are # met: - +# # * Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # diff --git a/tools/hash_signed_bundles.sh b/tools/hash_signed_bundles.sh index 4354d47..1e21c49 100755 --- a/tools/hash_signed_bundles.sh +++ b/tools/hash_signed_bundles.sh @@ -5,7 +5,7 @@ # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions are # met: - +# # * Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # diff --git a/tools/marsigning_check.sh b/tools/marsigning_check.sh index 0663603..3e58249 100755 --- a/tools/marsigning_check.sh +++ b/tools/marsigning_check.sh @@ -5,7 +5,7 @@ # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions are # met: - +# # * Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. #

1 0

[tor-browser-build/maint-9.0] Bug 32891: Pick up new default bridge
by sysrqb＠torproject.org 06 Feb '20

06 Feb '20

commit 00fcc3970b4f0ebd924890cda54fa3ab347694a6 Author: Matthew Finkel <sysrqb(a)torproject.org> Date: Wed Feb 5 00:30:06 2020 +0000 Bug 32891: Pick up new default bridge --- projects/tor-android-service/config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/projects/tor-android-service/config b/projects/tor-android-service/config index b65c657..b0dc4b0 100644 --- a/projects/tor-android-service/config +++ b/projects/tor-android-service/config @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 version: '[% c("abbrev") %]' filename: '[% project %]-[% c("version") %]-[% c("var/build_id") %]' -git_hash: 4a81e5806f36e7d0bf9492437d824599ecf4ff43 +git_hash: 18ba7d2780b1d5194cc5854d703655f6c9d3d196 git_url: https://git.torproject.org/tor-android-service.git git_submodule: 1

1 0

[tor-browser-build/maint-9.0] Bug 32053: Fix LLVM reproducibility issues
by sysrqb＠torproject.org 06 Feb '20

06 Feb '20

commit 0fbb6fa8a942e8243130f8c68616a28d4181a090 Author: Georg Koppen <gk(a)torproject.org> Date: Fri Dec 6 13:43:24 2019 +0000 Bug 32053: Fix LLVM reproducibility issues This patch contains two backports for reproducibility issues found and fixed in LLVM's optimization code. The patch from bug 42574 might not be necessary in our context as I only witnessed problems when compiling Stylo with an older Rust (1.32.0) and then omptimizing with LLVM 8. However, it's hard to exclude any mismatching builds we encountered so far from being affected by that issue, so I think it is safer to backport that patch as well. Bug 43909 is an issue we and Mozilla definitely hit and very likely responsible for at least the vast majority of different builds we got over the course of the last weeks and months. Many thanks to Alex Crichton for the invaluable help in tracking this issue down. --- projects/clang/42574.patch | 236 ++++++++++++++++++++++++++++++++++++++++++ projects/clang/43909.patch | 252 +++++++++++++++++++++++++++++++++++++++++++++ projects/clang/build | 4 + projects/clang/config | 2 + projects/rust/42574.patch | 236 ++++++++++++++++++++++++++++++++++++++++++ projects/rust/43909.patch | 252 +++++++++++++++++++++++++++++++++++++++++++++ projects/rust/build | 7 ++ projects/rust/config | 2 + 8 files changed, 991 insertions(+) diff --git a/projects/clang/42574.patch b/projects/clang/42574.patch new file mode 100644 index 0000000..285d254 --- /dev/null +++ b/projects/clang/42574.patch @@ -0,0 +1,236 @@ +From 3757213db371dcea53cae357cf9c56d1b0604f98 Mon Sep 17 00:00:00 2001 +From: Alina Sbirlea <asbirlea(a)google.com> +Date: Fri, 12 Jul 2019 22:30:30 +0000 +Subject: [PATCH] [MemorySSA] Use SetVector to avoid nondeterminism. + +Summary: +Use a SetVector for DeadBlockSet. +Resolves PR42574. + +Reviewers: george.burgess.iv, uabelho, dblaikie + +Subscribers: jlebar, Prazek, mgrang, llvm-commits + +Tags: #llvm + +Differential Revision: https://reviews.llvm.org/D64601 + +llvm-svn: 365970 + +diff --git a/llvm/include/llvm/Analysis/MemorySSAUpdater.h b/llvm/include/llvm/Analysis/MemorySSAUpdater.h +index 169d5bd9fa8..276620bd445 100644 +--- a/llvm/include/llvm/Analysis/MemorySSAUpdater.h ++++ b/llvm/include/llvm/Analysis/MemorySSAUpdater.h +@@ -32,6 +32,7 @@ + #ifndef LLVM_ANALYSIS_MEMORYSSAUPDATER_H + #define LLVM_ANALYSIS_MEMORYSSAUPDATER_H + ++#include "llvm/ADT/SetVector.h" + #include "llvm/ADT/SmallPtrSet.h" + #include "llvm/ADT/SmallSet.h" + #include "llvm/ADT/SmallVector.h" +@@ -239,7 +240,7 @@ public: + /// Deleted blocks still have successor info, but their predecessor edges and + /// Phi nodes may already be updated. Instructions in DeadBlocks should be + /// deleted after this call. +- void removeBlocks(const SmallPtrSetImpl<BasicBlock *> &DeadBlocks); ++ void removeBlocks(const SmallSetVector<BasicBlock *, 8> &DeadBlocks); + + /// Get handle on MemorySSA. + MemorySSA* getMemorySSA() const { return MSSA; } +diff --git a/llvm/lib/Analysis/MemorySSAUpdater.cpp b/llvm/lib/Analysis/MemorySSAUpdater.cpp +index 6c817d20368..a6c7142a697 100644 +--- a/llvm/lib/Analysis/MemorySSAUpdater.cpp ++++ b/llvm/lib/Analysis/MemorySSAUpdater.cpp +@@ -1101,7 +1101,7 @@ void MemorySSAUpdater::removeMemoryAccess(MemoryAccess *MA) { + } + + void MemorySSAUpdater::removeBlocks( +- const SmallPtrSetImpl<BasicBlock *> &DeadBlocks) { ++ const SmallSetVector<BasicBlock *, 8> &DeadBlocks) { + // First delete all uses of BB in MemoryPhis. + for (BasicBlock *BB : DeadBlocks) { + Instruction *TI = BB->getTerminator(); +diff --git a/llvm/lib/Transforms/Scalar/LoopSimplifyCFG.cpp b/llvm/lib/Transforms/Scalar/LoopSimplifyCFG.cpp +index 2e5927f9a06..f464df26a02 100644 +--- a/llvm/lib/Transforms/Scalar/LoopSimplifyCFG.cpp ++++ b/llvm/lib/Transforms/Scalar/LoopSimplifyCFG.cpp +@@ -388,8 +388,8 @@ private: + void deleteDeadLoopBlocks() { + DomTreeUpdater DTU(DT, DomTreeUpdater::UpdateStrategy::Eager); + if (MSSAU) { +- SmallPtrSet<BasicBlock *, 8> DeadLoopBlocksSet(DeadLoopBlocks.begin(), +- DeadLoopBlocks.end()); ++ SmallSetVector<BasicBlock *, 8> DeadLoopBlocksSet(DeadLoopBlocks.begin(), ++ DeadLoopBlocks.end()); + MSSAU->removeBlocks(DeadLoopBlocksSet); + } + for (auto *BB : DeadLoopBlocks) { +diff --git a/llvm/lib/Transforms/Scalar/SimpleLoopUnswitch.cpp b/llvm/lib/Transforms/Scalar/SimpleLoopUnswitch.cpp +index 5a67178cef3..814cf814989 100644 +--- a/llvm/lib/Transforms/Scalar/SimpleLoopUnswitch.cpp ++++ b/llvm/lib/Transforms/Scalar/SimpleLoopUnswitch.cpp +@@ -1436,8 +1436,8 @@ deleteDeadClonedBlocks(Loop &L, ArrayRef<BasicBlock *> ExitBlocks, + + // Remove all MemorySSA in the dead blocks + if (MSSAU) { +- SmallPtrSet<BasicBlock *, 16> DeadBlockSet(DeadBlocks.begin(), +- DeadBlocks.end()); ++ SmallSetVector<BasicBlock *, 8> DeadBlockSet(DeadBlocks.begin(), ++ DeadBlocks.end()); + MSSAU->removeBlocks(DeadBlockSet); + } + +@@ -1455,7 +1455,7 @@ static void deleteDeadBlocksFromLoop(Loop &L, + MemorySSAUpdater *MSSAU) { + // Find all the dead blocks tied to this loop, and remove them from their + // successors. +- SmallPtrSet<BasicBlock *, 16> DeadBlockSet; ++ SmallSetVector<BasicBlock *, 8> DeadBlockSet; + + // Start with loop/exit blocks and get a transitive closure of reachable dead + // blocks. +diff --git a/llvm/lib/Transforms/Utils/Local.cpp b/llvm/lib/Transforms/Utils/Local.cpp +index 499e611acb5..83dabcd7952 100644 +--- a/llvm/lib/Transforms/Utils/Local.cpp ++++ b/llvm/lib/Transforms/Utils/Local.cpp +@@ -2211,7 +2211,7 @@ bool llvm::removeUnreachableBlocks(Function &F, LazyValueInfo *LVI, + assert(Reachable.size() < F.size()); + NumRemoved += F.size()-Reachable.size(); + +- SmallPtrSet<BasicBlock *, 16> DeadBlockSet; ++ SmallSetVector<BasicBlock *, 8> DeadBlockSet; + for (Function::iterator I = ++F.begin(), E = F.end(); I != E; ++I) { + auto *BB = &*I; + if (Reachable.count(BB)) +diff --git a/llvm/test/Analysis/MemorySSA/nondeterminism.ll b/llvm/test/Analysis/MemorySSA/nondeterminism.ll +new file mode 100644 +index 00000000000..0bb3df30b58 +--- /dev/null ++++ b/llvm/test/Analysis/MemorySSA/nondeterminism.ll +@@ -0,0 +1,122 @@ ++; RUN: opt -simplifycfg -enable-mssa-loop-dependency -S --preserve-ll-uselistorder %s | FileCheck %s ++; REQUIRES: x86-registered-target ++; CHECK-LABEL: @n ++; CHECK: uselistorder i16 0, { 3, 2, 4, 1, 5, 0, 6 } ++ ++; Note: test was added in an effort to ensure determinism when updating memoryssa. See PR42574. ++; If the uselistorder check becomes no longer relevant, the test can be disabled or removed. ++ ++%rec9 = type { i16, i32, i32 } ++ ++@a = global [1 x [1 x %rec9]] zeroinitializer ++ ++define i16 @n() { ++ br label %..split_crit_edge ++ ++..split_crit_edge: ; preds = %0 ++ br label %.split ++ ++bb4.us4: ; preds = %bb2.split.us32, %bb6.us28 ++ %i.4.01.us5 = phi i16 [ %_tmp49.us30, %bb6.us28 ] ++ br label %g.exit4.us21 ++ ++bb1.i.us14: ; preds = %bb4.us4 ++ br label %g.exit4.us21 ++ ++g.exit4.us21: ; preds = %bb1.i.us14, %g.exit4.critedge.us9 ++ %i.4.02.us22 = phi i16 [ %i.4.01.us5, %bb4.us4 ], [ %i.4.01.us5, %bb1.i.us14 ] ++ br label %bb6.us28 ++ ++bb5.us26: ; preds = %g.exit4.us21 ++ br label %bb6.us28 ++ ++bb6.us28: ; preds = %bb5.us26, %g.exit4.us21 ++ %i.4.03.us29 = phi i16 [ %i.4.02.us22, %bb5.us26 ], [ %i.4.02.us22, %g.exit4.us21 ] ++ %_tmp49.us30 = add nuw nsw i16 %i.4.03.us29, 1 ++ br label %bb4.us4 ++ ++bb4.us.us: ; preds = %bb2.split.us.us, %bb6.us.us ++ %i.4.01.us.us = phi i16 [ %_tmp49.us.us, %bb6.us.us ] ++ br label %bb1.i.us.us ++ ++bb1.i.us.us: ; preds = %bb4.us.us ++ br label %g.exit4.us.us ++ ++g.exit4.us.us: ; preds = %bb1.i.us.us, %g.exit4.critedge.us.us ++ %i.4.02.us.us = phi i16 [ %i.4.01.us.us, %bb1.i.us.us ] ++ br label %bb5.us.us ++ ++bb5.us.us: ; preds = %g.exit4.us.us ++ br label %bb6.us.us ++ ++bb6.us.us: ; preds = %bb5.us.us, %g.exit4.us.us ++ %i.4.03.us.us = phi i16 [ %i.4.02.us.us, %bb5.us.us ] ++ %_tmp49.us.us = add nuw nsw i16 %i.4.03.us.us, 1 ++ br label %bb4.us.us ++ ++ ++.split: ; preds = %..split_crit_edge ++ br label %bb2 ++ ++bb2: ; preds = %.split, %bb7 ++ %h.3.0 = phi i16 [ undef, %.split ], [ %_tmp53, %bb7 ] ++ br label %bb2.bb2.split_crit_edge ++ ++bb2.bb2.split_crit_edge: ; preds = %bb2 ++ br label %bb2.split ++ ++bb2.split.us: ; preds = %bb2 ++ br label %bb4.us ++ ++bb4.us: ; preds = %bb6.us, %bb2.split.us ++ %i.4.01.us = phi i16 [ 0, %bb2.split.us ] ++ br label %bb1.i.us ++ ++g.exit4.critedge.us: ; preds = %bb4.us ++ br label %g.exit4.us ++ ++bb1.i.us: ; preds = %bb4.us ++ br label %g.exit4.us ++ ++g.exit4.us: ; preds = %bb1.i.us, %g.exit4.critedge.us ++ %i.4.02.us = phi i16 [ %i.4.01.us, %g.exit4.critedge.us ], [ %i.4.01.us, %bb1.i.us ] ++ br label %bb5.us ++ ++bb5.us: ; preds = %g.exit4.us ++ br label %bb7 ++ ++bb2.split: ; preds = %bb2.bb2.split_crit_edge ++ br label %bb4 ++ ++bb4: ; preds = %bb2.split, %bb6 ++ %i.4.01 = phi i16 [ 0, %bb2.split ] ++ %_tmp16 = getelementptr [1 x [1 x %rec9]], [1 x [1 x %rec9]]* @a, i16 0, i16 %h.3.0, i16 %i.4.01, i32 0 ++ %_tmp17 = load i16, i16* %_tmp16, align 1 ++ br label %g.exit4.critedge ++ ++bb1.i: ; preds = %bb4 ++ br label %g.exit4 ++ ++g.exit4.critedge: ; preds = %bb4 ++ %_tmp28.c = getelementptr [1 x [1 x %rec9]], [1 x [1 x %rec9]]* @a, i16 0, i16 %h.3.0, i16 %i.4.01, i32 1 ++ %_tmp29.c = load i32, i32* %_tmp28.c, align 1 ++ %_tmp30.c = trunc i32 %_tmp29.c to i16 ++ br label %g.exit4 ++ ++g.exit4: ; preds = %g.exit4.critedge, %bb1.i ++ %i.4.02 = phi i16 [ %i.4.01, %g.exit4.critedge ], [ %i.4.01, %bb1.i ] ++ %_tmp41 = getelementptr [1 x [1 x %rec9]], [1 x [1 x %rec9]]* @a, i16 0, i16 %h.3.0, i16 %i.4.02, i32 2 ++ br label %bb6 ++ ++bb5: ; preds = %g.exit4 ++ br label %bb6 ++ ++bb6: ; preds = %bb5, %g.exit4 ++ %i.4.03 = phi i16 [ %i.4.02, %bb5 ], [ %i.4.02, %g.exit4 ] ++ %_tmp49 = add nuw nsw i16 %i.4.03, 1 ++ br label %bb7 ++ ++bb7: ; preds = %bb7.us-lcssa.us, %bb7.us-lcssa ++ %_tmp53 = add nsw i16 %h.3.0, 1 ++ br label %bb2 ++} +-- +2.24.0 + diff --git a/projects/clang/43909.patch b/projects/clang/43909.patch new file mode 100644 index 0000000..78d2a75 --- /dev/null +++ b/projects/clang/43909.patch @@ -0,0 +1,252 @@ +From c95310f2d4fd3c88241c3b5d6dbf6251d34a3256 Mon Sep 17 00:00:00 2001 +From: Nikita Popov <nikita.ppv(a)gmail.com> +Date: Sat, 16 Nov 2019 16:22:18 +0100 +Subject: [PATCH] Restructure caching + +Variant on D70103. The caching is switched to always use a BB to +cache entry map, which then contains per-value caches. A separate +set contains value handles with a deletion callback. This allows us +to properly invalidate overdefined values. + +A possible alternative would be to always cache by value first and +have per-BB maps/sets in the each cache entry. In that case we could +use a ValueMap and would avoid the separate value handle set. I went +with the BB indexing at the top level to make it easier to integrate +D69914, but possibly that's not the right choice. + +Differential Revision: https://reviews.llvm.org/D70376 + +diff --git a/llvm/lib/Analysis/LazyValueInfo.cpp b/llvm/lib/Analysis/LazyValueInfo.cpp +index 110c085d3f3..aa6862cb588 100644 +--- a/llvm/lib/Analysis/LazyValueInfo.cpp ++++ b/llvm/lib/Analysis/LazyValueInfo.cpp +@@ -133,12 +133,9 @@ namespace { + /// A callback value handle updates the cache when values are erased. + class LazyValueInfoCache; + struct LVIValueHandle final : public CallbackVH { +- // Needs to access getValPtr(), which is protected. +- friend struct DenseMapInfo<LVIValueHandle>; +- + LazyValueInfoCache *Parent; + +- LVIValueHandle(Value *V, LazyValueInfoCache *P) ++ LVIValueHandle(Value *V, LazyValueInfoCache *P = nullptr) + : CallbackVH(V), Parent(P) { } + + void deleted() override; +@@ -152,89 +149,63 @@ namespace { + /// This is the cache kept by LazyValueInfo which + /// maintains information about queries across the clients' queries. + class LazyValueInfoCache { +- /// This is all of the cached block information for exactly one Value*. +- /// The entries are sorted by the BasicBlock* of the +- /// entries, allowing us to do a lookup with a binary search. +- /// Over-defined lattice values are recorded in OverDefinedCache to reduce +- /// memory overhead. +- struct ValueCacheEntryTy { +- ValueCacheEntryTy(Value *V, LazyValueInfoCache *P) : Handle(V, P) {} +- LVIValueHandle Handle; +- SmallDenseMap<PoisoningVH<BasicBlock>, ValueLatticeElement, 4> BlockVals; ++ /// This is all of the cached information for one basic block. It contains ++ /// the per-value lattice elements, as well as a separate set for ++ /// overdefined values to reduce memory usage. ++ struct BlockCacheEntryTy { ++ SmallDenseMap<AssertingVH<Value>, ValueLatticeElement, 4> LatticeElements; ++ SmallDenseSet<AssertingVH<Value>, 4> OverDefined; + }; + +- /// This tracks, on a per-block basis, the set of values that are +- /// over-defined at the end of that block. +- typedef DenseMap<PoisoningVH<BasicBlock>, SmallPtrSet<Value *, 4>> +- OverDefinedCacheTy; +- /// Keep track of all blocks that we have ever seen, so we +- /// don't spend time removing unused blocks from our caches. +- DenseSet<PoisoningVH<BasicBlock> > SeenBlocks; +- +- /// This is all of the cached information for all values, +- /// mapped from Value* to key information. +- DenseMap<Value *, std::unique_ptr<ValueCacheEntryTy>> ValueCache; +- OverDefinedCacheTy OverDefinedCache; +- ++ /// Cached information per basic block. ++ DenseMap<PoisoningVH<BasicBlock>, BlockCacheEntryTy> BlockCache; ++ /// Set of value handles used to erase values from the cache on deletion. ++ DenseSet<LVIValueHandle, DenseMapInfo<Value *>> ValueHandles; + + public: + void insertResult(Value *Val, BasicBlock *BB, + const ValueLatticeElement &Result) { +- SeenBlocks.insert(BB); +- ++ auto &CacheEntry = BlockCache.try_emplace(BB).first->second; + // Insert over-defined values into their own cache to reduce memory + // overhead. + if (Result.isOverdefined()) +- OverDefinedCache[BB].insert(Val); +- else { +- auto It = ValueCache.find_as(Val); +- if (It == ValueCache.end()) { +- ValueCache[Val] = make_unique<ValueCacheEntryTy>(Val, this); +- It = ValueCache.find_as(Val); +- assert(It != ValueCache.end() && "Val was just added to the map!"); +- } +- It->second->BlockVals[BB] = Result; +- } +- } +- +- bool isOverdefined(Value *V, BasicBlock *BB) const { +- auto ODI = OverDefinedCache.find(BB); +- +- if (ODI == OverDefinedCache.end()) +- return false; ++ CacheEntry.OverDefined.insert(Val); ++ else ++ CacheEntry.LatticeElements.insert({ Val, Result }); + +- return ODI->second.count(V); ++ auto HandleIt = ValueHandles.find_as(Val); ++ if (HandleIt == ValueHandles.end()) ++ ValueHandles.insert({ Val, this }); + } + + bool hasCachedValueInfo(Value *V, BasicBlock *BB) const { +- if (isOverdefined(V, BB)) +- return true; +- +- auto I = ValueCache.find_as(V); +- if (I == ValueCache.end()) ++ auto It = BlockCache.find(BB); ++ if (It == BlockCache.end()) + return false; + +- return I->second->BlockVals.count(BB); ++ return It->second.OverDefined.count(V) || ++ It->second.LatticeElements.count(V); + } + + ValueLatticeElement getCachedValueInfo(Value *V, BasicBlock *BB) const { +- if (isOverdefined(V, BB)) ++ auto It = BlockCache.find(BB); ++ if (It == BlockCache.end()) ++ return ValueLatticeElement(); ++ ++ if (It->second.OverDefined.count(V)) + return ValueLatticeElement::getOverdefined(); + +- auto I = ValueCache.find_as(V); +- if (I == ValueCache.end()) ++ auto LatticeIt = It->second.LatticeElements.find(V); ++ if (LatticeIt == It->second.LatticeElements.end()) + return ValueLatticeElement(); +- auto BBI = I->second->BlockVals.find(BB); +- if (BBI == I->second->BlockVals.end()) +- return ValueLatticeElement(); +- return BBI->second; ++ ++ return LatticeIt->second; + } + + /// clear - Empty the cache. + void clear() { +- SeenBlocks.clear(); +- ValueCache.clear(); +- OverDefinedCache.clear(); ++ BlockCache.clear(); ++ ValueHandles.clear(); + } + + /// Inform the cache that a given value has been deleted. +@@ -248,23 +219,18 @@ namespace { + /// OldSucc might have (unless also overdefined in NewSucc). This just + /// flushes elements from the cache and does not add any. + void threadEdgeImpl(BasicBlock *OldSucc,BasicBlock *NewSucc); +- +- friend struct LVIValueHandle; + }; + } + + void LazyValueInfoCache::eraseValue(Value *V) { +- for (auto I = OverDefinedCache.begin(), E = OverDefinedCache.end(); I != E;) { +- // Copy and increment the iterator immediately so we can erase behind +- // ourselves. +- auto Iter = I++; +- SmallPtrSetImpl<Value *> &ValueSet = Iter->second; +- ValueSet.erase(V); +- if (ValueSet.empty()) +- OverDefinedCache.erase(Iter); ++ for (auto &Pair : BlockCache) { ++ Pair.second.LatticeElements.erase(V); ++ Pair.second.OverDefined.erase(V); + } + +- ValueCache.erase(V); ++ auto HandleIt = ValueHandles.find_as(V); ++ if (HandleIt != ValueHandles.end()) ++ ValueHandles.erase(HandleIt); + } + + void LVIValueHandle::deleted() { +@@ -274,18 +240,7 @@ void LVIValueHandle::deleted() { + } + + void LazyValueInfoCache::eraseBlock(BasicBlock *BB) { +- // Shortcut if we have never seen this block. +- DenseSet<PoisoningVH<BasicBlock> >::iterator I = SeenBlocks.find(BB); +- if (I == SeenBlocks.end()) +- return; +- SeenBlocks.erase(I); +- +- auto ODI = OverDefinedCache.find(BB); +- if (ODI != OverDefinedCache.end()) +- OverDefinedCache.erase(ODI); +- +- for (auto &I : ValueCache) +- I.second->BlockVals.erase(BB); ++ BlockCache.erase(BB); + } + + void LazyValueInfoCache::threadEdgeImpl(BasicBlock *OldSucc, +@@ -303,10 +258,11 @@ void LazyValueInfoCache::threadEdgeImpl(BasicBlock *OldSucc, + std::vector<BasicBlock*> worklist; + worklist.push_back(OldSucc); + +- auto I = OverDefinedCache.find(OldSucc); +- if (I == OverDefinedCache.end()) ++ auto I = BlockCache.find(OldSucc); ++ if (I == BlockCache.end() || I->second.OverDefined.empty()) + return; // Nothing to process here. +- SmallVector<Value *, 4> ValsToClear(I->second.begin(), I->second.end()); ++ SmallVector<Value *, 4> ValsToClear(I->second.OverDefined.begin(), ++ I->second.OverDefined.end()); + + // Use a worklist to perform a depth-first search of OldSucc's successors. + // NOTE: We do not need a visited list since any blocks we have already +@@ -320,10 +276,10 @@ void LazyValueInfoCache::threadEdgeImpl(BasicBlock *OldSucc, + if (ToUpdate == NewSucc) continue; + + // If a value was marked overdefined in OldSucc, and is here too... +- auto OI = OverDefinedCache.find(ToUpdate); +- if (OI == OverDefinedCache.end()) ++ auto OI = BlockCache.find(ToUpdate); ++ if (OI == BlockCache.end() || OI->second.OverDefined.empty()) + continue; +- SmallPtrSetImpl<Value *> &ValueSet = OI->second; ++ auto &ValueSet = OI->second.OverDefined; + + bool changed = false; + for (Value *V : ValsToClear) { +@@ -333,11 +289,6 @@ void LazyValueInfoCache::threadEdgeImpl(BasicBlock *OldSucc, + // If we removed anything, then we potentially need to update + // blocks successors too. + changed = true; +- +- if (ValueSet.empty()) { +- OverDefinedCache.erase(OI); +- break; +- } + } + + if (!changed) continue; +-- +2.24.0 + diff --git a/projects/clang/build b/projects/clang/build index c1afa6d..825b21e 100644 --- a/projects/clang/build +++ b/projects/clang/build @@ -20,6 +20,10 @@ tar -xf $rootdir/[% c('input_files_by_name/libcxxabi') %] tar -xf $rootdir/[% c('input_files_by_name/lld') %] tar -xf $rootdir/[% c('input_files_by_name/compiler-rt') %] mv llvm-* llvm +# LLVM has reproducibility issues when optimizing bitcode, which we need to +# patch. See: #32053 for more details. +patch -p1 < $rootdir/42574.patch +patch -p1 < $rootdir/43909.patch mv cfe-* llvm/tools/clang mv libcxx-* llvm/projects/libcxx mv libcxxabi-* llvm/projects/libcxxabi diff --git a/projects/clang/config b/projects/clang/config index 08231be..59a9102 100644 --- a/projects/clang/config +++ b/projects/clang/config @@ -45,3 +45,5 @@ input_files: enable: '[% c("var/windows") %]' - filename: timestamp.patch enable: '[% c("var/windows") %]' + - filename: 42574.patch + - filename: 43909.patch diff --git a/projects/rust/42574.patch b/projects/rust/42574.patch new file mode 100644 index 0000000..285d254 --- /dev/null +++ b/projects/rust/42574.patch @@ -0,0 +1,236 @@ +From 3757213db371dcea53cae357cf9c56d1b0604f98 Mon Sep 17 00:00:00 2001 +From: Alina Sbirlea <asbirlea(a)google.com> +Date: Fri, 12 Jul 2019 22:30:30 +0000 +Subject: [PATCH] [MemorySSA] Use SetVector to avoid nondeterminism. + +Summary: +Use a SetVector for DeadBlockSet. +Resolves PR42574. + +Reviewers: george.burgess.iv, uabelho, dblaikie + +Subscribers: jlebar, Prazek, mgrang, llvm-commits + +Tags: #llvm + +Differential Revision: https://reviews.llvm.org/D64601 + +llvm-svn: 365970 + +diff --git a/llvm/include/llvm/Analysis/MemorySSAUpdater.h b/llvm/include/llvm/Analysis/MemorySSAUpdater.h +index 169d5bd9fa8..276620bd445 100644 +--- a/llvm/include/llvm/Analysis/MemorySSAUpdater.h ++++ b/llvm/include/llvm/Analysis/MemorySSAUpdater.h +@@ -32,6 +32,7 @@ + #ifndef LLVM_ANALYSIS_MEMORYSSAUPDATER_H + #define LLVM_ANALYSIS_MEMORYSSAUPDATER_H + ++#include "llvm/ADT/SetVector.h" + #include "llvm/ADT/SmallPtrSet.h" + #include "llvm/ADT/SmallSet.h" + #include "llvm/ADT/SmallVector.h" +@@ -239,7 +240,7 @@ public: + /// Deleted blocks still have successor info, but their predecessor edges and + /// Phi nodes may already be updated. Instructions in DeadBlocks should be + /// deleted after this call. +- void removeBlocks(const SmallPtrSetImpl<BasicBlock *> &DeadBlocks); ++ void removeBlocks(const SmallSetVector<BasicBlock *, 8> &DeadBlocks); + + /// Get handle on MemorySSA. + MemorySSA* getMemorySSA() const { return MSSA; } +diff --git a/llvm/lib/Analysis/MemorySSAUpdater.cpp b/llvm/lib/Analysis/MemorySSAUpdater.cpp +index 6c817d20368..a6c7142a697 100644 +--- a/llvm/lib/Analysis/MemorySSAUpdater.cpp ++++ b/llvm/lib/Analysis/MemorySSAUpdater.cpp +@@ -1101,7 +1101,7 @@ void MemorySSAUpdater::removeMemoryAccess(MemoryAccess *MA) { + } + + void MemorySSAUpdater::removeBlocks( +- const SmallPtrSetImpl<BasicBlock *> &DeadBlocks) { ++ const SmallSetVector<BasicBlock *, 8> &DeadBlocks) { + // First delete all uses of BB in MemoryPhis. + for (BasicBlock *BB : DeadBlocks) { + Instruction *TI = BB->getTerminator(); +diff --git a/llvm/lib/Transforms/Scalar/LoopSimplifyCFG.cpp b/llvm/lib/Transforms/Scalar/LoopSimplifyCFG.cpp +index 2e5927f9a06..f464df26a02 100644 +--- a/llvm/lib/Transforms/Scalar/LoopSimplifyCFG.cpp ++++ b/llvm/lib/Transforms/Scalar/LoopSimplifyCFG.cpp +@@ -388,8 +388,8 @@ private: + void deleteDeadLoopBlocks() { + DomTreeUpdater DTU(DT, DomTreeUpdater::UpdateStrategy::Eager); + if (MSSAU) { +- SmallPtrSet<BasicBlock *, 8> DeadLoopBlocksSet(DeadLoopBlocks.begin(), +- DeadLoopBlocks.end()); ++ SmallSetVector<BasicBlock *, 8> DeadLoopBlocksSet(DeadLoopBlocks.begin(), ++ DeadLoopBlocks.end()); + MSSAU->removeBlocks(DeadLoopBlocksSet); + } + for (auto *BB : DeadLoopBlocks) { +diff --git a/llvm/lib/Transforms/Scalar/SimpleLoopUnswitch.cpp b/llvm/lib/Transforms/Scalar/SimpleLoopUnswitch.cpp +index 5a67178cef3..814cf814989 100644 +--- a/llvm/lib/Transforms/Scalar/SimpleLoopUnswitch.cpp ++++ b/llvm/lib/Transforms/Scalar/SimpleLoopUnswitch.cpp +@@ -1436,8 +1436,8 @@ deleteDeadClonedBlocks(Loop &L, ArrayRef<BasicBlock *> ExitBlocks, + + // Remove all MemorySSA in the dead blocks + if (MSSAU) { +- SmallPtrSet<BasicBlock *, 16> DeadBlockSet(DeadBlocks.begin(), +- DeadBlocks.end()); ++ SmallSetVector<BasicBlock *, 8> DeadBlockSet(DeadBlocks.begin(), ++ DeadBlocks.end()); + MSSAU->removeBlocks(DeadBlockSet); + } + +@@ -1455,7 +1455,7 @@ static void deleteDeadBlocksFromLoop(Loop &L, + MemorySSAUpdater *MSSAU) { + // Find all the dead blocks tied to this loop, and remove them from their + // successors. +- SmallPtrSet<BasicBlock *, 16> DeadBlockSet; ++ SmallSetVector<BasicBlock *, 8> DeadBlockSet; + + // Start with loop/exit blocks and get a transitive closure of reachable dead + // blocks. +diff --git a/llvm/lib/Transforms/Utils/Local.cpp b/llvm/lib/Transforms/Utils/Local.cpp +index 499e611acb5..83dabcd7952 100644 +--- a/llvm/lib/Transforms/Utils/Local.cpp ++++ b/llvm/lib/Transforms/Utils/Local.cpp +@@ -2211,7 +2211,7 @@ bool llvm::removeUnreachableBlocks(Function &F, LazyValueInfo *LVI, + assert(Reachable.size() < F.size()); + NumRemoved += F.size()-Reachable.size(); + +- SmallPtrSet<BasicBlock *, 16> DeadBlockSet; ++ SmallSetVector<BasicBlock *, 8> DeadBlockSet; + for (Function::iterator I = ++F.begin(), E = F.end(); I != E; ++I) { + auto *BB = &*I; + if (Reachable.count(BB)) +diff --git a/llvm/test/Analysis/MemorySSA/nondeterminism.ll b/llvm/test/Analysis/MemorySSA/nondeterminism.ll +new file mode 100644 +index 00000000000..0bb3df30b58 +--- /dev/null ++++ b/llvm/test/Analysis/MemorySSA/nondeterminism.ll +@@ -0,0 +1,122 @@ ++; RUN: opt -simplifycfg -enable-mssa-loop-dependency -S --preserve-ll-uselistorder %s | FileCheck %s ++; REQUIRES: x86-registered-target ++; CHECK-LABEL: @n ++; CHECK: uselistorder i16 0, { 3, 2, 4, 1, 5, 0, 6 } ++ ++; Note: test was added in an effort to ensure determinism when updating memoryssa. See PR42574. ++; If the uselistorder check becomes no longer relevant, the test can be disabled or removed. ++ ++%rec9 = type { i16, i32, i32 } ++ ++@a = global [1 x [1 x %rec9]] zeroinitializer ++ ++define i16 @n() { ++ br label %..split_crit_edge ++ ++..split_crit_edge: ; preds = %0 ++ br label %.split ++ ++bb4.us4: ; preds = %bb2.split.us32, %bb6.us28 ++ %i.4.01.us5 = phi i16 [ %_tmp49.us30, %bb6.us28 ] ++ br label %g.exit4.us21 ++ ++bb1.i.us14: ; preds = %bb4.us4 ++ br label %g.exit4.us21 ++ ++g.exit4.us21: ; preds = %bb1.i.us14, %g.exit4.critedge.us9 ++ %i.4.02.us22 = phi i16 [ %i.4.01.us5, %bb4.us4 ], [ %i.4.01.us5, %bb1.i.us14 ] ++ br label %bb6.us28 ++ ++bb5.us26: ; preds = %g.exit4.us21 ++ br label %bb6.us28 ++ ++bb6.us28: ; preds = %bb5.us26, %g.exit4.us21 ++ %i.4.03.us29 = phi i16 [ %i.4.02.us22, %bb5.us26 ], [ %i.4.02.us22, %g.exit4.us21 ] ++ %_tmp49.us30 = add nuw nsw i16 %i.4.03.us29, 1 ++ br label %bb4.us4 ++ ++bb4.us.us: ; preds = %bb2.split.us.us, %bb6.us.us ++ %i.4.01.us.us = phi i16 [ %_tmp49.us.us, %bb6.us.us ] ++ br label %bb1.i.us.us ++ ++bb1.i.us.us: ; preds = %bb4.us.us ++ br label %g.exit4.us.us ++ ++g.exit4.us.us: ; preds = %bb1.i.us.us, %g.exit4.critedge.us.us ++ %i.4.02.us.us = phi i16 [ %i.4.01.us.us, %bb1.i.us.us ] ++ br label %bb5.us.us ++ ++bb5.us.us: ; preds = %g.exit4.us.us ++ br label %bb6.us.us ++ ++bb6.us.us: ; preds = %bb5.us.us, %g.exit4.us.us ++ %i.4.03.us.us = phi i16 [ %i.4.02.us.us, %bb5.us.us ] ++ %_tmp49.us.us = add nuw nsw i16 %i.4.03.us.us, 1 ++ br label %bb4.us.us ++ ++ ++.split: ; preds = %..split_crit_edge ++ br label %bb2 ++ ++bb2: ; preds = %.split, %bb7 ++ %h.3.0 = phi i16 [ undef, %.split ], [ %_tmp53, %bb7 ] ++ br label %bb2.bb2.split_crit_edge ++ ++bb2.bb2.split_crit_edge: ; preds = %bb2 ++ br label %bb2.split ++ ++bb2.split.us: ; preds = %bb2 ++ br label %bb4.us ++ ++bb4.us: ; preds = %bb6.us, %bb2.split.us ++ %i.4.01.us = phi i16 [ 0, %bb2.split.us ] ++ br label %bb1.i.us ++ ++g.exit4.critedge.us: ; preds = %bb4.us ++ br label %g.exit4.us ++ ++bb1.i.us: ; preds = %bb4.us ++ br label %g.exit4.us ++ ++g.exit4.us: ; preds = %bb1.i.us, %g.exit4.critedge.us ++ %i.4.02.us = phi i16 [ %i.4.01.us, %g.exit4.critedge.us ], [ %i.4.01.us, %bb1.i.us ] ++ br label %bb5.us ++ ++bb5.us: ; preds = %g.exit4.us ++ br label %bb7 ++ ++bb2.split: ; preds = %bb2.bb2.split_crit_edge ++ br label %bb4 ++ ++bb4: ; preds = %bb2.split, %bb6 ++ %i.4.01 = phi i16 [ 0, %bb2.split ] ++ %_tmp16 = getelementptr [1 x [1 x %rec9]], [1 x [1 x %rec9]]* @a, i16 0, i16 %h.3.0, i16 %i.4.01, i32 0 ++ %_tmp17 = load i16, i16* %_tmp16, align 1 ++ br label %g.exit4.critedge ++ ++bb1.i: ; preds = %bb4 ++ br label %g.exit4 ++ ++g.exit4.critedge: ; preds = %bb4 ++ %_tmp28.c = getelementptr [1 x [1 x %rec9]], [1 x [1 x %rec9]]* @a, i16 0, i16 %h.3.0, i16 %i.4.01, i32 1 ++ %_tmp29.c = load i32, i32* %_tmp28.c, align 1 ++ %_tmp30.c = trunc i32 %_tmp29.c to i16 ++ br label %g.exit4 ++ ++g.exit4: ; preds = %g.exit4.critedge, %bb1.i ++ %i.4.02 = phi i16 [ %i.4.01, %g.exit4.critedge ], [ %i.4.01, %bb1.i ] ++ %_tmp41 = getelementptr [1 x [1 x %rec9]], [1 x [1 x %rec9]]* @a, i16 0, i16 %h.3.0, i16 %i.4.02, i32 2 ++ br label %bb6 ++ ++bb5: ; preds = %g.exit4 ++ br label %bb6 ++ ++bb6: ; preds = %bb5, %g.exit4 ++ %i.4.03 = phi i16 [ %i.4.02, %bb5 ], [ %i.4.02, %g.exit4 ] ++ %_tmp49 = add nuw nsw i16 %i.4.03, 1 ++ br label %bb7 ++ ++bb7: ; preds = %bb7.us-lcssa.us, %bb7.us-lcssa ++ %_tmp53 = add nsw i16 %h.3.0, 1 ++ br label %bb2 ++} +-- +2.24.0 + diff --git a/projects/rust/43909.patch b/projects/rust/43909.patch new file mode 100644 index 0000000..78d2a75 --- /dev/null +++ b/projects/rust/43909.patch @@ -0,0 +1,252 @@ +From c95310f2d4fd3c88241c3b5d6dbf6251d34a3256 Mon Sep 17 00:00:00 2001 +From: Nikita Popov <nikita.ppv(a)gmail.com> +Date: Sat, 16 Nov 2019 16:22:18 +0100 +Subject: [PATCH] Restructure caching + +Variant on D70103. The caching is switched to always use a BB to +cache entry map, which then contains per-value caches. A separate +set contains value handles with a deletion callback. This allows us +to properly invalidate overdefined values. + +A possible alternative would be to always cache by value first and +have per-BB maps/sets in the each cache entry. In that case we could +use a ValueMap and would avoid the separate value handle set. I went +with the BB indexing at the top level to make it easier to integrate +D69914, but possibly that's not the right choice. + +Differential Revision: https://reviews.llvm.org/D70376 + +diff --git a/llvm/lib/Analysis/LazyValueInfo.cpp b/llvm/lib/Analysis/LazyValueInfo.cpp +index 110c085d3f3..aa6862cb588 100644 +--- a/llvm/lib/Analysis/LazyValueInfo.cpp ++++ b/llvm/lib/Analysis/LazyValueInfo.cpp +@@ -133,12 +133,9 @@ namespace { + /// A callback value handle updates the cache when values are erased. + class LazyValueInfoCache; + struct LVIValueHandle final : public CallbackVH { +- // Needs to access getValPtr(), which is protected. +- friend struct DenseMapInfo<LVIValueHandle>; +- + LazyValueInfoCache *Parent; + +- LVIValueHandle(Value *V, LazyValueInfoCache *P) ++ LVIValueHandle(Value *V, LazyValueInfoCache *P = nullptr) + : CallbackVH(V), Parent(P) { } + + void deleted() override; +@@ -152,89 +149,63 @@ namespace { + /// This is the cache kept by LazyValueInfo which + /// maintains information about queries across the clients' queries. + class LazyValueInfoCache { +- /// This is all of the cached block information for exactly one Value*. +- /// The entries are sorted by the BasicBlock* of the +- /// entries, allowing us to do a lookup with a binary search. +- /// Over-defined lattice values are recorded in OverDefinedCache to reduce +- /// memory overhead. +- struct ValueCacheEntryTy { +- ValueCacheEntryTy(Value *V, LazyValueInfoCache *P) : Handle(V, P) {} +- LVIValueHandle Handle; +- SmallDenseMap<PoisoningVH<BasicBlock>, ValueLatticeElement, 4> BlockVals; ++ /// This is all of the cached information for one basic block. It contains ++ /// the per-value lattice elements, as well as a separate set for ++ /// overdefined values to reduce memory usage. ++ struct BlockCacheEntryTy { ++ SmallDenseMap<AssertingVH<Value>, ValueLatticeElement, 4> LatticeElements; ++ SmallDenseSet<AssertingVH<Value>, 4> OverDefined; + }; + +- /// This tracks, on a per-block basis, the set of values that are +- /// over-defined at the end of that block. +- typedef DenseMap<PoisoningVH<BasicBlock>, SmallPtrSet<Value *, 4>> +- OverDefinedCacheTy; +- /// Keep track of all blocks that we have ever seen, so we +- /// don't spend time removing unused blocks from our caches. +- DenseSet<PoisoningVH<BasicBlock> > SeenBlocks; +- +- /// This is all of the cached information for all values, +- /// mapped from Value* to key information. +- DenseMap<Value *, std::unique_ptr<ValueCacheEntryTy>> ValueCache; +- OverDefinedCacheTy OverDefinedCache; +- ++ /// Cached information per basic block. ++ DenseMap<PoisoningVH<BasicBlock>, BlockCacheEntryTy> BlockCache; ++ /// Set of value handles used to erase values from the cache on deletion. ++ DenseSet<LVIValueHandle, DenseMapInfo<Value *>> ValueHandles; + + public: + void insertResult(Value *Val, BasicBlock *BB, + const ValueLatticeElement &Result) { +- SeenBlocks.insert(BB); +- ++ auto &CacheEntry = BlockCache.try_emplace(BB).first->second; + // Insert over-defined values into their own cache to reduce memory + // overhead. + if (Result.isOverdefined()) +- OverDefinedCache[BB].insert(Val); +- else { +- auto It = ValueCache.find_as(Val); +- if (It == ValueCache.end()) { +- ValueCache[Val] = make_unique<ValueCacheEntryTy>(Val, this); +- It = ValueCache.find_as(Val); +- assert(It != ValueCache.end() && "Val was just added to the map!"); +- } +- It->second->BlockVals[BB] = Result; +- } +- } +- +- bool isOverdefined(Value *V, BasicBlock *BB) const { +- auto ODI = OverDefinedCache.find(BB); +- +- if (ODI == OverDefinedCache.end()) +- return false; ++ CacheEntry.OverDefined.insert(Val); ++ else ++ CacheEntry.LatticeElements.insert({ Val, Result }); + +- return ODI->second.count(V); ++ auto HandleIt = ValueHandles.find_as(Val); ++ if (HandleIt == ValueHandles.end()) ++ ValueHandles.insert({ Val, this }); + } + + bool hasCachedValueInfo(Value *V, BasicBlock *BB) const { +- if (isOverdefined(V, BB)) +- return true; +- +- auto I = ValueCache.find_as(V); +- if (I == ValueCache.end()) ++ auto It = BlockCache.find(BB); ++ if (It == BlockCache.end()) + return false; + +- return I->second->BlockVals.count(BB); ++ return It->second.OverDefined.count(V) || ++ It->second.LatticeElements.count(V); + } + + ValueLatticeElement getCachedValueInfo(Value *V, BasicBlock *BB) const { +- if (isOverdefined(V, BB)) ++ auto It = BlockCache.find(BB); ++ if (It == BlockCache.end()) ++ return ValueLatticeElement(); ++ ++ if (It->second.OverDefined.count(V)) + return ValueLatticeElement::getOverdefined(); + +- auto I = ValueCache.find_as(V); +- if (I == ValueCache.end()) ++ auto LatticeIt = It->second.LatticeElements.find(V); ++ if (LatticeIt == It->second.LatticeElements.end()) + return ValueLatticeElement(); +- auto BBI = I->second->BlockVals.find(BB); +- if (BBI == I->second->BlockVals.end()) +- return ValueLatticeElement(); +- return BBI->second; ++ ++ return LatticeIt->second; + } + + /// clear - Empty the cache. + void clear() { +- SeenBlocks.clear(); +- ValueCache.clear(); +- OverDefinedCache.clear(); ++ BlockCache.clear(); ++ ValueHandles.clear(); + } + + /// Inform the cache that a given value has been deleted. +@@ -248,23 +219,18 @@ namespace { + /// OldSucc might have (unless also overdefined in NewSucc). This just + /// flushes elements from the cache and does not add any. + void threadEdgeImpl(BasicBlock *OldSucc,BasicBlock *NewSucc); +- +- friend struct LVIValueHandle; + }; + } + + void LazyValueInfoCache::eraseValue(Value *V) { +- for (auto I = OverDefinedCache.begin(), E = OverDefinedCache.end(); I != E;) { +- // Copy and increment the iterator immediately so we can erase behind +- // ourselves. +- auto Iter = I++; +- SmallPtrSetImpl<Value *> &ValueSet = Iter->second; +- ValueSet.erase(V); +- if (ValueSet.empty()) +- OverDefinedCache.erase(Iter); ++ for (auto &Pair : BlockCache) { ++ Pair.second.LatticeElements.erase(V); ++ Pair.second.OverDefined.erase(V); + } + +- ValueCache.erase(V); ++ auto HandleIt = ValueHandles.find_as(V); ++ if (HandleIt != ValueHandles.end()) ++ ValueHandles.erase(HandleIt); + } + + void LVIValueHandle::deleted() { +@@ -274,18 +240,7 @@ void LVIValueHandle::deleted() { + } + + void LazyValueInfoCache::eraseBlock(BasicBlock *BB) { +- // Shortcut if we have never seen this block. +- DenseSet<PoisoningVH<BasicBlock> >::iterator I = SeenBlocks.find(BB); +- if (I == SeenBlocks.end()) +- return; +- SeenBlocks.erase(I); +- +- auto ODI = OverDefinedCache.find(BB); +- if (ODI != OverDefinedCache.end()) +- OverDefinedCache.erase(ODI); +- +- for (auto &I : ValueCache) +- I.second->BlockVals.erase(BB); ++ BlockCache.erase(BB); + } + + void LazyValueInfoCache::threadEdgeImpl(BasicBlock *OldSucc, +@@ -303,10 +258,11 @@ void LazyValueInfoCache::threadEdgeImpl(BasicBlock *OldSucc, + std::vector<BasicBlock*> worklist; + worklist.push_back(OldSucc); + +- auto I = OverDefinedCache.find(OldSucc); +- if (I == OverDefinedCache.end()) ++ auto I = BlockCache.find(OldSucc); ++ if (I == BlockCache.end() || I->second.OverDefined.empty()) + return; // Nothing to process here. +- SmallVector<Value *, 4> ValsToClear(I->second.begin(), I->second.end()); ++ SmallVector<Value *, 4> ValsToClear(I->second.OverDefined.begin(), ++ I->second.OverDefined.end()); + + // Use a worklist to perform a depth-first search of OldSucc's successors. + // NOTE: We do not need a visited list since any blocks we have already +@@ -320,10 +276,10 @@ void LazyValueInfoCache::threadEdgeImpl(BasicBlock *OldSucc, + if (ToUpdate == NewSucc) continue; + + // If a value was marked overdefined in OldSucc, and is here too... +- auto OI = OverDefinedCache.find(ToUpdate); +- if (OI == OverDefinedCache.end()) ++ auto OI = BlockCache.find(ToUpdate); ++ if (OI == BlockCache.end() || OI->second.OverDefined.empty()) + continue; +- SmallPtrSetImpl<Value *> &ValueSet = OI->second; ++ auto &ValueSet = OI->second.OverDefined; + + bool changed = false; + for (Value *V : ValsToClear) { +@@ -333,11 +289,6 @@ void LazyValueInfoCache::threadEdgeImpl(BasicBlock *OldSucc, + // If we removed anything, then we potentially need to update + // blocks successors too. + changed = true; +- +- if (ValueSet.empty()) { +- OverDefinedCache.erase(OI); +- break; +- } + } + + if (!changed) continue; +-- +2.24.0 + diff --git a/projects/rust/build b/projects/rust/build index 9a6b54a..8b45e3f 100644 --- a/projects/rust/build +++ b/projects/rust/build @@ -51,6 +51,13 @@ mkdir /var/tmp/build tar -C /var/tmp/build -xf [% c('input_files_by_name/rust') %] cd /var/tmp/build/rustc-[% c('version') %]-src +# LLVM has reproducibility issues when optimizing bitcode, which we need to +# patch. See: #32053 for more details. +cd src/llvm-project +patch -p1 < $rootdir/42574.patch +patch -p1 < $rootdir/43909.patch +cd ../../ + [% IF c("var/windows-i686") %] # Cross-compiling for Windows 32bit is currently not possible without any # patches. The reason for that is libstd expecting DWARF unwinding while most diff --git a/projects/rust/config b/projects/rust/config index 03d7be0..848ccd0 100644 --- a/projects/rust/config +++ b/projects/rust/config @@ -106,3 +106,5 @@ input_files: gpg_keyring: rust.gpg - filename: unwind.patch enable: '[% c("var/windows-i686") %]' + - filename: 42574.patch + - filename: 43909.patch

1 0

[tor-browser-build/maint-9.0] Bug 32132: Re-enable jemalloc for Windows users
by sysrqb＠torproject.org 06 Feb '20

06 Feb '20

commit 153b7d9b25f10f983f7577fb00d8e4c594e06738 Author: Georg Koppen <gk(a)torproject.org> Date: Thu Oct 17 20:56:29 2019 +0000 Bug 32132: Re-enable jemalloc for Windows users Now that https://bugzilla.mozilla.org/show_bug.cgi?id=1547519 got backported (to esr68.2.0) we can re-enable jemalloc for Windows users. --- projects/firefox/mozconfig-windows-i686 | 3 +-- projects/firefox/mozconfig-windows-x86_64 | 3 +-- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/projects/firefox/mozconfig-windows-i686 b/projects/firefox/mozconfig-windows-i686 index 685b294..fe3cc7d 100644 --- a/projects/firefox/mozconfig-windows-i686 +++ b/projects/firefox/mozconfig-windows-i686 @@ -38,8 +38,7 @@ ac_add_options --disable-maintenance-service ac_add_options --enable-proxy-bypass-protection ac_add_options --disable-webrtc # Bug 1393901 ac_add_options --disable-tests -ac_add_options --disable-jemalloc # Bug 154751 ac_add_options --disable-geckodriver # Bug 1489320 # Disable telemetry -ac_add_options MOZ_TELEMETRY_REPORTING= \ No newline at end of file +ac_add_options MOZ_TELEMETRY_REPORTING= diff --git a/projects/firefox/mozconfig-windows-x86_64 b/projects/firefox/mozconfig-windows-x86_64 index 92c774c..ef28c9b 100644 --- a/projects/firefox/mozconfig-windows-x86_64 +++ b/projects/firefox/mozconfig-windows-x86_64 @@ -38,8 +38,7 @@ ac_add_options --disable-maintenance-service ac_add_options --enable-proxy-bypass-protection ac_add_options --disable-webrtc # Bug 1393901 ac_add_options --disable-tests -ac_add_options --disable-jemalloc # Bug 1547519 ac_add_options --disable-geckodriver # Bug 1489320 # Disable telemetry -ac_add_options MOZ_TELEMETRY_REPORTING= \ No newline at end of file +ac_add_options MOZ_TELEMETRY_REPORTING=

1 0

[tor-browser/tor-browser-68.4.1esr-9.0-1] Bug 1598647 - Set Origin to null with network.http.referer.hideOnionSource r=JuniorHsu
by sysrqb＠torproject.org 06 Feb '20

06 Feb '20

commit 5526a109e6266ce31f8014912d5b91b154736ef6 Author: Alex Catarineu <acat(a)torproject.org> Date: Mon Nov 25 13:29:47 2019 +0000 Bug 1598647 - Set Origin to null with network.http.referer.hideOnionSource r=JuniorHsu Differential Revision: https://phabricator.services.mozilla.com/D54303 --HG-- extra : moz-landing-system : lando --- dom/security/ReferrerInfo.cpp | 3 ++- dom/security/ReferrerInfo.h | 2 +- netwerk/protocol/http/nsCORSListenerProxy.cpp | 2 +- netwerk/protocol/http/nsHttpChannel.cpp | 17 +++++++---------- 4 files changed, 11 insertions(+), 13 deletions(-) diff --git a/dom/security/ReferrerInfo.cpp b/dom/security/ReferrerInfo.cpp index 2d06d9b3d3d3..25d9cd3290c0 100644 --- a/dom/security/ReferrerInfo.cpp +++ b/dom/security/ReferrerInfo.cpp @@ -322,7 +322,8 @@ nsresult ReferrerInfo::HandleUserReferrerSendingPolicy(nsIHttpChannel* aChannel, return NS_OK; } -bool ReferrerInfo::IsCrossOriginRequest(nsIHttpChannel* aChannel) const { +/* static */ +bool ReferrerInfo::IsCrossOriginRequest(nsIHttpChannel* aChannel) { nsCOMPtr<nsILoadInfo> loadInfo = aChannel->LoadInfo(); nsCOMPtr<nsIURI> triggeringURI; diff --git a/dom/security/ReferrerInfo.h b/dom/security/ReferrerInfo.h index bf21233a0510..5fa052f3f32d 100644 --- a/dom/security/ReferrerInfo.h +++ b/dom/security/ReferrerInfo.h @@ -155,7 +155,7 @@ class ReferrerInfo : public nsIReferrerInfo { * Computing whether the request is cross-origin may be expensive, so please * do that in cases where we're going to use this information later on. */ - bool IsCrossOriginRequest(nsIHttpChannel* aChannel) const; + static bool IsCrossOriginRequest(nsIHttpChannel* aChannel); /* * Check whether referrer is allowed to send in secure to insecure scenario. diff --git a/netwerk/protocol/http/nsCORSListenerProxy.cpp b/netwerk/protocol/http/nsCORSListenerProxy.cpp index 36b263ddf003..36027a5d2809 100644 --- a/netwerk/protocol/http/nsCORSListenerProxy.cpp +++ b/netwerk/protocol/http/nsCORSListenerProxy.cpp @@ -985,7 +985,7 @@ nsresult nsCORSListenerProxy::UpdateChannel(nsIChannel* aChannel, if (!currentOrgin.EqualsIgnoreCase(origin.get()) && StringEndsWith(potentialOnionHost, NS_LITERAL_CSTRING(".onion"))) { - origin.Truncate(); + origin.AssignLiteral("null"); } } diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp index d9c750dff4b0..b2c0956d0b66 100644 --- a/netwerk/protocol/http/nsHttpChannel.cpp +++ b/netwerk/protocol/http/nsHttpChannel.cpp @@ -9634,8 +9634,7 @@ void nsHttpChannel::SetOriginHeader() { nsContentUtils::GetASCIIOrigin(referrer, origin); } - // Restrict Origin to same-origin loads if requested by user or leaving from - // .onion + // Restrict Origin to same-origin loads if requested by user if (sSendOriginHeader == 1) { nsAutoCString currentOrigin; nsContentUtils::GetASCIIOrigin(mURI, currentOrigin); @@ -9643,16 +9642,14 @@ void nsHttpChannel::SetOriginHeader() { // Origin header suppressed by user setting return; } - } else if (dom::ReferrerInfo::HideOnionReferrerSource()) { + } + + if (dom::ReferrerInfo::HideOnionReferrerSource()) { nsAutoCString host; if (referrer && NS_SUCCEEDED(referrer->GetAsciiHost(host)) && - StringEndsWith(host, NS_LITERAL_CSTRING(".onion"))) { - nsAutoCString currentOrigin; - nsContentUtils::GetASCIIOrigin(mURI, currentOrigin); - if (!origin.EqualsIgnoreCase(currentOrigin.get())) { - // Origin header is suppressed by .onion - return; - } + StringEndsWith(host, NS_LITERAL_CSTRING(".onion")) && + dom::ReferrerInfo::IsCrossOriginRequest(this)) { + origin.AssignLiteral("null"); } }

1 0

[tor-browser/tor-browser-68.4.1esr-9.5-1] fixup! Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing
by sysrqb＠torproject.org 06 Feb '20

06 Feb '20

commit bfe5efa2e8eaac36bc9930fa1437b1a70045532b Author: Alex Catarineu <acat(a)torproject.org> Date: Wed Feb 5 12:29:58 2020 +0100 fixup! Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing --- .../search/extensions/disconnect/favicon.ico | Bin 1150 -> 0 bytes .../search/extensions/disconnect/manifest.json | 25 -------- browser/components/search/extensions/list.json | 68 ++++++++++----------- 3 files changed, 34 insertions(+), 59 deletions(-) diff --git a/browser/components/search/extensions/disconnect/favicon.ico b/browser/components/search/extensions/disconnect/favicon.ico deleted file mode 100644 index bffe0e17e698..000000000000 Binary files a/browser/components/search/extensions/disconnect/favicon.ico and /dev/null differ diff --git a/browser/components/search/extensions/disconnect/manifest.json b/browser/components/search/extensions/disconnect/manifest.json deleted file mode 100644 index 7f768579554f..000000000000 --- a/browser/components/search/extensions/disconnect/manifest.json +++ /dev/null @@ -1,25 +0,0 @@ -{ - "name": "Disconnect", - "description": "Private searches using disconnect.me", - "manifest_version": 2, - "version": "1.0", - "applications": { - "gecko": { - "id": "disconnect(a)search.mozilla.org" - } - }, - "hidden": true, - "icons": { - "16": "favicon.ico" - }, - "web_accessible_resources": [ - "favicon.ico" - ], - "chrome_settings_overrides": { - "search_provider": { - "name": "Disconnect", - "search_url": "https://search.disconnect.me/searchTerms/search?ses=Google&location_option=…", - "search_url_post_params": "query={searchTerms}" - } - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/list.json b/browser/components/search/extensions/list.json index 15504eacb70c..84428869d627 100644 --- a/browser/components/search/extensions/list.json +++ b/browser/components/search/extensions/list.json @@ -3,7 +3,7 @@ "searchDefault": "DuckDuckGo", "searchOrder": ["DuckDuckGo", "YouTube", "Google"], "visibleDefaultEngines": [ - "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "disconnect", "youtube", "startpage" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] }, "regionOverrides": { @@ -12,7 +12,7 @@ "en-US": { "default": { "visibleDefaultEngines": [ - "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "disconnect", "youtube", "startpage" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] }, "experimental-hidden": { @@ -45,7 +45,7 @@ "ar": { "default": { "visibleDefaultEngines": [ - "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "disconnect", "youtube", "startpage" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -134,7 +134,7 @@ "ca": { "default": { "visibleDefaultEngines": [ - "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "disconnect", "youtube", "startpage" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -155,7 +155,7 @@ "cs": { "default": { "visibleDefaultEngines": [ - "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "disconnect", "youtube", "startpage" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -169,14 +169,14 @@ "da": { "default": { "visibleDefaultEngines": [ - "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "disconnect", "youtube", "startpage" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, "de": { "default": { "visibleDefaultEngines": [ - "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "disconnect", "youtube", "startpage" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -190,7 +190,7 @@ "el": { "default": { "visibleDefaultEngines": [ - "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "disconnect", "youtube", "startpage" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -307,7 +307,7 @@ "es-AR": { "default": { "visibleDefaultEngines": [ - "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "disconnect", "youtube", "startpage" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -321,7 +321,7 @@ "es-ES": { "default": { "visibleDefaultEngines": [ - "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "disconnect", "youtube", "startpage" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -354,7 +354,7 @@ "fa": { "default": { "visibleDefaultEngines": [ - "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "disconnect", "youtube", "startpage" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -375,7 +375,7 @@ "fr": { "default": { "visibleDefaultEngines": [ - "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "disconnect", "youtube", "startpage" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -394,7 +394,7 @@ "ga-IE": { "default": { "visibleDefaultEngines": [ - "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "disconnect", "youtube", "startpage" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -429,7 +429,7 @@ "he": { "default": { "visibleDefaultEngines": [ - "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "disconnect", "youtube", "startpage" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -457,7 +457,7 @@ "hu": { "default": { "visibleDefaultEngines": [ - "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "disconnect", "youtube", "startpage" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -478,42 +478,42 @@ "id": { "default": { "visibleDefaultEngines": [ - "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "disconnect", "youtube", "startpage" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, "is": { "default": { "visibleDefaultEngines": [ - "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "disconnect", "youtube", "startpage" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, "it": { "default": { "visibleDefaultEngines": [ - "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "disconnect", "youtube", "startpage" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, "ja-JP-macos": { "default": { "visibleDefaultEngines": [ - "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "disconnect", "youtube", "startpage" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, "ja": { "default": { "visibleDefaultEngines": [ - "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "disconnect", "youtube", "startpage" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, "ka": { "default": { "visibleDefaultEngines": [ - "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "disconnect", "youtube", "startpage" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -560,7 +560,7 @@ "ko": { "default": { "visibleDefaultEngines": [ - "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "disconnect", "youtube", "startpage" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -609,7 +609,7 @@ "mk": { "default": { "visibleDefaultEngines": [ - "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "disconnect", "youtube", "startpage" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -644,7 +644,7 @@ "nb-NO": { "default": { "visibleDefaultEngines": [ - "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "disconnect", "youtube", "startpage" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -658,7 +658,7 @@ "nl": { "default": { "visibleDefaultEngines": [ - "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "disconnect", "youtube", "startpage" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] }, "experimental-hidden": { @@ -698,14 +698,14 @@ "pl": { "default": { "visibleDefaultEngines": [ - "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "disconnect", "youtube", "startpage" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, "pt-BR": { "default": { "visibleDefaultEngines": [ - "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "disconnect", "youtube", "startpage" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -726,14 +726,14 @@ "ro": { "default": { "visibleDefaultEngines": [ - "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "disconnect", "youtube", "startpage" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, "ru": { "default": { "visibleDefaultEngines": [ - "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "disconnect", "youtube", "startpage" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] }, "RU": { @@ -794,7 +794,7 @@ "sv-SE": { "default": { "visibleDefaultEngines": [ - "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "disconnect", "youtube", "startpage" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -829,7 +829,7 @@ "tr": { "default": { "visibleDefaultEngines": [ - "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "disconnect", "youtube", "startpage" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] }, "TR": { @@ -876,7 +876,7 @@ "vi": { "default": { "visibleDefaultEngines": [ - "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "disconnect", "youtube", "startpage" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -897,7 +897,7 @@ "zh-CN": { "default": { "visibleDefaultEngines": [ - "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "disconnect", "youtube", "startpage" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] }, "CN": { @@ -907,7 +907,7 @@ "zh-TW": { "default": { "visibleDefaultEngines": [ - "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "disconnect", "youtube", "startpage" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }

1 0

[tor-browser/tor-browser-68.4.1esr-9.5-1] fixup! Pick up latest Torbutton code
by sysrqb＠torproject.org 06 Feb '20

06 Feb '20

commit 3b2bbab2571b2179c5d4ca272fce120cc732a62e Author: Matthew Finkel <Matthew.Finkel(a)gmail.com> Date: Thu Feb 6 03:53:58 2020 +0000 fixup! Pick up latest Torbutton code --- toolkit/torproject/torbutton | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/toolkit/torproject/torbutton b/toolkit/torproject/torbutton index f4d81a9f8130..f87cd0af7462 160000 --- a/toolkit/torproject/torbutton +++ b/toolkit/torproject/torbutton @@ -1 +1 @@ -Subproject commit f4d81a9f8130dd3350eae0bf967ef857308ea4d0 +Subproject commit f87cd0af7462faab1d349e28e7b17c76274624b0

1 0

[torbutton/master] Bug 31395: Remove inline script in aboutTor.xhtml
by sysrqb＠torproject.org 06 Feb '20

06 Feb '20

commit f87cd0af7462faab1d349e28e7b17c76274624b0 Author: Alex Catarineu <acat(a)torproject.org> Date: Tue Jan 14 13:14:06 2020 +0100 Bug 31395: Remove inline script in aboutTor.xhtml --- chrome.manifest | 1 + chrome/content/aboutTor/aboutTor.xhtml | 11 ++--------- chrome/content/aboutTor/resources/aboutTor.js | 11 +++++++++++ jar.mn | 1 + 4 files changed, 15 insertions(+), 9 deletions(-) diff --git a/chrome.manifest b/chrome.manifest index d1ffe6d6..6d9d12d4 100644 --- a/chrome.manifest +++ b/chrome.manifest @@ -1,5 +1,6 @@ content torbutton chrome/content/ resource torbutton ./ +resource torbutton-abouttor resource://torbutton/content/aboutTor/resources/ contentaccessible=yes resource torbutton-assets resource://torbutton/chrome/skin/ contentaccessible=yes # browser branding diff --git a/chrome/content/aboutTor/aboutTor.xhtml b/chrome/content/aboutTor/aboutTor.xhtml index 56777ba3..db313c3d 100644 --- a/chrome/content/aboutTor/aboutTor.xhtml +++ b/chrome/content/aboutTor/aboutTor.xhtml @@ -20,19 +20,12 @@ <html xmlns="http://www.w3.org/1999/xhtml"> <head> - <meta http-equiv="Content-Security-Policy" content="default-src chrome: resource:; script-src chrome: resource: 'unsafe-inline';" /> + <meta http-equiv="Content-Security-Policy" content="default-src resource:;" /> <meta name="viewport" content="width=device-width, initial-scale=1"/> <title>&aboutTor.title;</title> <link rel="stylesheet" type="text/css" media="all" href="resource://torbutton-assets/aboutTor.css"/> -<script type="text/javascript"> - <![CDATA[ -window.addEventListener("pageshow", function() { - let evt = new CustomEvent("AboutTorLoad", { bubbles: true }); - document.dispatchEvent(evt); -}); -]]> -</script> + <script type="text/javascript" src="resource://torbutton-abouttor/aboutTor.js"></script> </head> <body dir="&locale.dir;"> <div class="torcontent-container"> diff --git a/chrome/content/aboutTor/resources/aboutTor.js b/chrome/content/aboutTor/resources/aboutTor.js new file mode 100644 index 00000000..6687390b --- /dev/null +++ b/chrome/content/aboutTor/resources/aboutTor.js @@ -0,0 +1,11 @@ +/************************************************************************* + * Copyright (c) 2020, The Tor Project, Inc. + * See LICENSE for licensing information. + * + * vim: set sw=2 sts=2 ts=8 et syntax=javascript: + *************************************************************************/ + +window.addEventListener("pageshow", function() { + let evt = new CustomEvent("AboutTorLoad", { bubbles: true }); + document.dispatchEvent(evt); +}); diff --git a/jar.mn b/jar.mn index 45c8c9b8..3838bc9b 100644 --- a/jar.mn +++ b/jar.mn @@ -10,6 +10,7 @@ torbutton.jar: skin/ (chrome/skin/*) % resource torbutton % +% resource torbutton-abouttor resource://torbutton/content/aboutTor/resources/ contentaccessible=yes % resource torbutton-assets resource://torbutton/skin/ contentaccessible=yes # browser branding

1 0

[tor-browser-build/master] Move OpenPGP keys under Build System in Changelog
by sysrqb＠torproject.org 05 Feb '20

05 Feb '20

commit fbad74f0a5f743a031683420426983ab99a97835 Author: Matthew Finkel <sysrqb(a)torproject.org> Date: Tue Feb 4 20:40:00 2020 +0000 Move OpenPGP keys under Build System in Changelog --- projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt b/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt index a123447..ad3cc9d 100644 --- a/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt +++ b/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt @@ -3,7 +3,6 @@ Tor Browser 9.5a4 -- January 10 2020 * Update Firefox to 68.4.1esr * Bump NoScript to 11.0.11 * Translations update - * Update OpenPGP keyring * Bug 31134: Govern graphite again by security settings * Bug 31855: Remove End of Year Fundraising Campaign from about:tor * Bug 32053: Fix LLVM reproducibility issues @@ -17,6 +16,7 @@ Tor Browser 9.5a4 -- January 10 2020 * Bug 32674: Point the about:tor "Get involved" link to the community portal * Build System * All Platforms + * Update OpenPGP keyring * Bug 32739: Bump clang to 8.0.1 * Linux * Bug 32676: Create a tarball with all Linux x86_64 language packs @@ -30,7 +30,6 @@ Tor Browser 9.0.3 -- January 7 2020 * Update Firefox to 68.4.0esr * Bump NoScript to 11.0.11 * Translations update - * Update OpenPGP keyring * Bug 32606: Set up default bridge at Georgetown University * Bug 32659: Remove IPv6 address of default bridge * Bug 32547: Add new default bridge at UMN @@ -42,6 +41,8 @@ Tor Browser 9.0.3 -- January 7 2020 * Android * Bug 32405: Crash immediately after bootstrap on Android * Build System + * All Platforms + * Update OpenPGP keyring * Linux * Bug 32676: Create a tarball with all Linux x86_64 language packs

1 0

[tor-browser-build/master] Bump tor alpha version
by sysrqb＠torproject.org 05 Feb '20

05 Feb '20

commit 9f9deebd2327555c6afbfa9e0a83a2b6f94ff9a3 Author: Matthew Finkel <sysrqb(a)torproject.org> Date: Wed Feb 5 00:09:20 2020 +0000 Bump tor alpha version --- projects/tor/config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/projects/tor/config b/projects/tor/config index 4a1045c..c1c41a6 100644 --- a/projects/tor/config +++ b/projects/tor/config @@ -1,6 +1,6 @@ # vim: filetype=yaml sw=2 filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %]' -version: 0.4.2.5 +version: 0.4.3.1-alpha git_hash: 'tor-[% c("version") %]' git_url: https://git.torproject.org/tor.git git_submodule: 1

1 0

[tor-browser-build/master] Bug 32891: Pick up new default bridge
by sysrqb＠torproject.org 05 Feb '20

05 Feb '20

commit 0d50bcb46dc0ec08c7076d26da3eb561ba10d6b1 Author: Matthew Finkel <sysrqb(a)torproject.org> Date: Wed Feb 5 00:30:06 2020 +0000 Bug 32891: Pick up new default bridge --- projects/tor-android-service/config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/projects/tor-android-service/config b/projects/tor-android-service/config index d7a5882..ca68d7b 100644 --- a/projects/tor-android-service/config +++ b/projects/tor-android-service/config @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 version: '[% c("abbrev") %]' filename: '[% project %]-[% c("version") %]-[% c("var/build_id") %]' -git_hash: 4a81e5806f36e7d0bf9492437d824599ecf4ff43 +git_hash: 18ba7d2780b1d5194cc5854d703655f6c9d3d196 git_url: https://git.torproject.org/tor-android-service.git git_submodule: 1

1 0

[tor-browser-build/master] Bug 32768: Create a build-infos.json file
by sysrqb＠torproject.org 05 Feb '20

05 Feb '20

commit 50b8b9db82bbf84713b3af0bbe27d06a729642ab Author: Nicolas Vigier <boklm(a)torproject.org> Date: Mon Dec 16 18:57:22 2019 +0100 Bug 32768: Create a build-infos.json file Create a file containing firefox platformVersion and buildID. --- projects/firefox/build | 9 +++++++++ projects/tor-browser/build | 3 +++ rbm.conf | 1 + 3 files changed, 13 insertions(+) diff --git a/projects/firefox/build b/projects/firefox/build index 22c5b5d..c334854 100644 --- a/projects/firefox/build +++ b/projects/firefox/build @@ -273,3 +273,12 @@ END; zip_src => [ 'mar-tools' ], zip_args => dest_dir _ '/' _ c('filename') _ '/' _ c('var/martools_filename'), }) %] + +[% IF c("var/build_infos_json") -%] + cat > "[% dest_dir _ '/' _ c('filename') _ '/build-infos.json' %]" << EOF_BUILDINFOS + { + "firefox_platform_version" : "[% c("var/firefox_platform_version") %]", + "firefox_buildid" : "$MOZ_BUILD_DATE" + } +EOF_BUILDINFOS +[% END -%] diff --git a/projects/tor-browser/build b/projects/tor-browser/build index 4d44f12..2633ddc 100644 --- a/projects/tor-browser/build +++ b/projects/tor-browser/build @@ -297,6 +297,9 @@ cp $rootdir/[% c('input_files_by_name/firefox') %]/mar-tools-*.zip "$OUTDIR"/ [% IF c("var/linux") -%] cp $rootdir/[% c('input_files_by_name/tor') %]/tor-debug.tar.xz "$OUTDIR"/tor-[% c("var/mar_osname") %]-debug.tar.xz [% END -%] +[% IF c("var/build_infos_json") -%] + cp $rootdir/[% c('input_files_by_name/firefox') %]/build-infos.json "$OUTDIR"/build-infos-[% c("var/mar_osname") %].json +[% END -%] # Create a tarball with all Linux x86_64 language packs (Bug 32676) [% IF c("var/release") && c("var/linux-x86_64") && ! c("var/multi_lingual") && ! c("var/testbuild") -%] diff --git a/rbm.conf b/rbm.conf index f0e22a8..77c6e4a 100644 --- a/rbm.conf +++ b/rbm.conf @@ -158,6 +158,7 @@ targets: - fr - ru max_torbrowser_incremental_from: 2 + build_infos_json: 1 torbrowser-testbuild: - testbuild

1 0

[tor-android-service/master] Merge remote-tracking branch 'phwgh/task/32891'
by sysrqb＠torproject.org 05 Feb '20

05 Feb '20

commit 18ba7d2780b1d5194cc5854d703655f6c9d3d196 Merge: 4a81e58 694ef51 Author: Matthew Finkel <Matthew.Finkel(a)gmail.com> Date: Wed Feb 5 00:28:58 2020 +0000 Merge remote-tracking branch 'phwgh/task/32891' service/src/main/assets/common/bridges.txt | 2 ++ 1 file changed, 2 insertions(+) diff --cc service/src/main/assets/common/bridges.txt index adc6b8c,5e3227d..7c1ebcf --- a/service/src/main/assets/common/bridges.txt +++ b/service/src/main/assets/common/bridges.txt @@@ -10,5 -10,6 +10,7 @@@ obfs4 193.11.166.194:27015 2D82C2E354D5 obfs4 193.11.166.194:27020 86AC7B8D430DAC4117E9F42C9EAED18133863AAF cert=0LDeJH4JzMDtkJJrFphJCiPqKx7loozKN7VNfuukMGfHO0Z8OGdzHVkhVAOfo1mUdv9cMg iat-mode=0 obfs4 193.11.166.194:27025 1AE2C08904527FEA90C4C4F8C1083EA59FBC6FAF cert=ItvYZzW5tn6v3G4UnQa6Qz04Npro6e81AP70YujmK/KXwDFPTs3aHXcHp4n8Vt6w/bv8cA iat-mode=0 obfs4 209.148.46.65:443 74FAD13168806246602538555B5521A0383A1875 cert=ssH+9rP8dG2NLDN2XuFw63hIO/9MNNinLmxQDpVa+7kTOa9/m+tGWT1SmSYpQ9uTBGa6Hw iat-mode=0 +obfs4 146.57.248.225:22 10A6CD36A537FCE513A322361547444B393989F0 cert=K1gDtDAIcUfeLqbstggjIw2rtgIKqdIhUlHp82XRqNSq/mtAjp1BIC9vHKJ2FAEpGssTPw iat-mode=0 + obfs4 45.145.95.6:27015 C5B7CD6946FF10C5B3E89691A7D3F2C122D2117C cert=TD7PbUO0/0k6xYHMPW3vJxICfkMZNdkRrb63Zhl5j9dW3iRGiCx0A7mPhe5T2EDzQ35+Zw iat-mode=0 + obfs4 [2a0c:4d80:42:702::1]:27015 C5B7CD6946FF10C5B3E89691A7D3F2C122D2117C cert=TD7PbUO0/0k6xYHMPW3vJxICfkMZNdkRrb63Zhl5j9dW3iRGiCx0A7mPhe5T2EDzQ35+Zw iat-mode=0 meek_lite 0.0.2.0:2 97700DFE9F483596DDA6264C4D7DF7641E1E39CE url=https://meek.azureedge.net/ front=ajax.aspnetcdn.com

1 0

[tor-android-service/master] Bug 32891: Add new IPv4/IPv6 default bridge.
by sysrqb＠torproject.org 05 Feb '20

05 Feb '20

commit 694ef51f3a59c39c74bd22d1a1ee48f4b91d235f Author: Philipp Winter <phw(a)nymity.ch> Date: Wed Jan 8 15:54:38 2020 +0100 Bug 32891: Add new IPv4/IPv6 default bridge. Toke Høiland-Jørgensen generously offered to set up a default bridge in Denmark. This fixes <https://bugs.torproject.org/32891>. --- service/src/main/assets/common/bridges.txt | 2 ++ 1 file changed, 2 insertions(+) diff --git a/service/src/main/assets/common/bridges.txt b/service/src/main/assets/common/bridges.txt index 36ed076..5e3227d 100644 --- a/service/src/main/assets/common/bridges.txt +++ b/service/src/main/assets/common/bridges.txt @@ -10,4 +10,6 @@ obfs4 193.11.166.194:27015 2D82C2E354D531A68469ADF7F878FA6060C6BACA cert=4TLQPJr obfs4 193.11.166.194:27020 86AC7B8D430DAC4117E9F42C9EAED18133863AAF cert=0LDeJH4JzMDtkJJrFphJCiPqKx7loozKN7VNfuukMGfHO0Z8OGdzHVkhVAOfo1mUdv9cMg iat-mode=0 obfs4 193.11.166.194:27025 1AE2C08904527FEA90C4C4F8C1083EA59FBC6FAF cert=ItvYZzW5tn6v3G4UnQa6Qz04Npro6e81AP70YujmK/KXwDFPTs3aHXcHp4n8Vt6w/bv8cA iat-mode=0 obfs4 209.148.46.65:443 74FAD13168806246602538555B5521A0383A1875 cert=ssH+9rP8dG2NLDN2XuFw63hIO/9MNNinLmxQDpVa+7kTOa9/m+tGWT1SmSYpQ9uTBGa6Hw iat-mode=0 +obfs4 45.145.95.6:27015 C5B7CD6946FF10C5B3E89691A7D3F2C122D2117C cert=TD7PbUO0/0k6xYHMPW3vJxICfkMZNdkRrb63Zhl5j9dW3iRGiCx0A7mPhe5T2EDzQ35+Zw iat-mode=0 +obfs4 [2a0c:4d80:42:702::1]:27015 C5B7CD6946FF10C5B3E89691A7D3F2C122D2117C cert=TD7PbUO0/0k6xYHMPW3vJxICfkMZNdkRrb63Zhl5j9dW3iRGiCx0A7mPhe5T2EDzQ35+Zw iat-mode=0 meek_lite 0.0.2.0:2 97700DFE9F483596DDA6264C4D7DF7641E1E39CE url=https://meek.azureedge.net/ front=ajax.aspnetcdn.com

1 0

[tor-launcher/master] Bug 30237: Add v3 onion services client authentication prompt
by sysrqb＠torproject.org 05 Feb '20

05 Feb '20

commit 8726dc9a06524edc03d053a3258652dd9337ef78 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Mon Nov 18 09:50:28 2019 -0500 Bug 30237: Add v3 onion services client authentication prompt Enable Tor's SOCKS extended error code feature by including ExtendedErrors in the socks port flags. --- src/defaults/preferences/torlauncher-prefs.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/defaults/preferences/torlauncher-prefs.js b/src/defaults/preferences/torlauncher-prefs.js index 55fe38c..472b763 100644 --- a/src/defaults/preferences/torlauncher-prefs.js +++ b/src/defaults/preferences/torlauncher-prefs.js @@ -38,7 +38,7 @@ pref("extensions.torlauncher.control_ipc_path", ""); // careful). pref("extensions.torlauncher.socks_port_use_ipc", false); pref("extensions.torlauncher.socks_ipc_path", ""); -pref("extensions.torlauncher.socks_port_flags", "IPv6Traffic PreferIPv6 KeepAliveIsolateSOCKSAuth"); +pref("extensions.torlauncher.socks_port_flags", "ExtendedErrors IPv6Traffic PreferIPv6 KeepAliveIsolateSOCKSAuth"); // The tor_path is relative to the application directory. On Linux and // Windows this is the Browser/ directory that contains the firefox

1 0

[tor-browser/tor-browser-68.4.1esr-9.5-1] Bug 30237: Add v3 onion services client authentication prompt
by sysrqb＠torproject.org 05 Feb '20

05 Feb '20

commit 6cac185d0c10e4f26ca7eaf000c31fae36d13bfc Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Tue Nov 12 16:11:05 2019 -0500 Bug 30237: Add v3 onion services client authentication prompt When Tor informs the browser that client authentication is needed, temporarily load about:blank instead of about:neterror and prompt for the user's key. If a correctly formatted key is entered, use Tor's ONION_CLIENT_AUTH_ADD control port command to add the key (via Torbutton's control port module) and reload the page. If the user cancels the prompt, display the standard about:neterror "Unable to connect" page. This requires a small change to browser/actors/NetErrorChild.jsm to account for the fact that the docShell no longer has the failedChannel information. The failedChannel is used to extract TLS-related error info, which is not applicable in the case of a canceled .onion authentication prompt. Add a leaveOpen option to PopupNotifications.show so we can display error messages within the popup notification doorhanger without closing the prompt. Add support for onion services strings to the TorStrings module. Add support for Tor extended SOCKS errors (Tor proposal 304) to the socket transport and SOCKS layers. Improved display of all of these errors will be implemented as part of bug 30025. --- browser/actors/NetErrorChild.jsm | 2 +- browser/base/content/browser.js | 10 + browser/base/content/browser.xul | 3 + browser/base/content/tab-content.js | 5 + browser/components/moz.build | 1 + .../content/authNotificationIcon.inc.xul | 6 + .../onionservices/content/authPopup.inc.xul | 14 + .../components/onionservices/content/authPrompt.js | 290 +++++++++++++++++++++ .../components/onionservices/content/authUtil.jsm | 32 +++ .../onionservices/content/onionservices.css | 69 +++++ browser/components/onionservices/jar.mn | 4 + browser/components/onionservices/moz.build | 1 + browser/modules/TorStrings.jsm | 74 +++++- browser/themes/shared/notification-icons.inc.css | 3 + docshell/base/nsDocShell.cpp | 62 +++++ dom/ipc/BrowserParent.cpp | 23 ++ dom/ipc/BrowserParent.h | 3 + dom/ipc/PBrowser.ipdl | 8 + js/xpconnect/src/xpc.msg | 8 + netwerk/base/nsSocketTransport2.cpp | 6 + netwerk/socket/nsSOCKSIOLayer.cpp | 30 +++ toolkit/modules/PopupNotifications.jsm | 6 + xpcom/base/ErrorList.py | 18 ++ 23 files changed, 672 insertions(+), 6 deletions(-) diff --git a/browser/actors/NetErrorChild.jsm b/browser/actors/NetErrorChild.jsm index 173a93ad5f29..7834f7168a42 100644 --- a/browser/actors/NetErrorChild.jsm +++ b/browser/actors/NetErrorChild.jsm @@ -840,7 +840,7 @@ class NetErrorChild extends ActorChild { } if (this.isAboutNetError(win.document)) { let docShell = win.docShell; - if (docShell) { + if (docShell && docShell.failedChannel) { let { securityInfo } = docShell.failedChannel; // We don't have a securityInfo when this is for example a DNS error. if (securityInfo) { diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js index b213d72551fc..11857f16b8e9 100644 --- a/browser/base/content/browser.js +++ b/browser/base/content/browser.js @@ -216,6 +216,11 @@ XPCOMUtils.defineLazyScriptGetter( ); XPCOMUtils.defineLazyScriptGetter( this, + ["OnionAuthPrompt"], + "chrome://browser/content/onionservices/authPrompt.js" +); +XPCOMUtils.defineLazyScriptGetter( + this, "gEditItemOverlay", "chrome://browser/content/places/editBookmark.js" ); @@ -1855,6 +1860,9 @@ var gBrowserInit = { // Init the SecuritySettingsButton SecurityLevelButton.init(); + // Init the OnionAuthPrompt + OnionAuthPrompt.init(); + // Certain kinds of automigration rely on this notification to complete // their tasks BEFORE the browser window is shown. SessionStore uses it to // restore tabs into windows AFTER important parts like gMultiProcessBrowser @@ -2488,6 +2496,8 @@ var gBrowserInit = { SecurityLevelButton.uninit(); + OnionAuthPrompt.uninit(); + gAccessibilityServiceIndicator.uninit(); AccessibilityRefreshBlocker.uninit(); diff --git a/browser/base/content/browser.xul b/browser/base/content/browser.xul index 8e47fd36fb75..d2f72eea8edb 100644 --- a/browser/base/content/browser.xul +++ b/browser/base/content/browser.xul @@ -33,6 +33,7 @@ <?xml-stylesheet href="chrome://browser/skin/places/editBookmark.css" type="text/css"?> <?xml-stylesheet href="chrome://torbutton/skin/tor-circuit-display.css" type="text/css"?> <?xml-stylesheet href="chrome://torbutton/skin/torbutton.css" type="text/css"?> +<?xml-stylesheet href="chrome://browser/content/onionservices/onionservices.css" type="text/css"?> # All DTD information is stored in a separate file so that it can be shared by # hiddenWindow.xul. @@ -623,6 +624,7 @@ #include ../../components/controlcenter/content/protectionsPanel.inc.xul #include ../../components/downloads/content/downloadsPanel.inc.xul #include ../../components/securitylevel/content/securityLevelPanel.inc.xul +#include ../../components/onionservices/content/authPopup.inc.xul #include browser-allTabsMenu.inc.xul <hbox id="downloads-animation-container" mousethrough="always"> @@ -922,6 +924,7 @@ tooltiptext="&urlbar.indexedDBNotificationAnchor.tooltip;"/> <image id="password-notification-icon" class="notification-anchor-icon login-icon" role="button" tooltiptext="&urlbar.passwordNotificationAnchor.tooltip;"/> +#include ../../components/onionservices/content/authNotificationIcon.inc.xul <stack id="plugins-notification-icon" class="notification-anchor-icon" role="button" align="center" tooltiptext="&urlbar.pluginsNotificationAnchor.tooltip;"> <image class="plugin-icon" /> diff --git a/browser/base/content/tab-content.js b/browser/base/content/tab-content.js index 57f3925a1ca5..14311242f5d1 100644 --- a/browser/base/content/tab-content.js +++ b/browser/base/content/tab-content.js @@ -19,6 +19,9 @@ ChromeUtils.defineModuleGetter( "BrowserUtils", "resource://gre/modules/BrowserUtils.jsm" ); +var { OnionAuthUtil } = ChromeUtils.import( + "chrome://browser/content/onionservices/authUtil.jsm" +); var { ActorManagerChild } = ChromeUtils.import( "resource://gre/modules/ActorManagerChild.jsm" @@ -118,3 +121,5 @@ addEventListener("MozAfterPaint", function onFirstNonBlankPaint() { removeEventListener("MozAfterPaint", onFirstNonBlankPaint); sendAsyncMessage("Browser:FirstNonBlankPaint"); }); + +OnionAuthUtil.addCancelMessageListener(this, docShell); diff --git a/browser/components/moz.build b/browser/components/moz.build index c0c9629cac65..3331a51fbe88 100644 --- a/browser/components/moz.build +++ b/browser/components/moz.build @@ -42,6 +42,7 @@ DIRS += [ 'library', 'migration', 'newtab', + 'onionservices', 'originattributes', 'places', 'pocket', diff --git a/browser/components/onionservices/content/authNotificationIcon.inc.xul b/browser/components/onionservices/content/authNotificationIcon.inc.xul new file mode 100644 index 000000000000..91274d612739 --- /dev/null +++ b/browser/components/onionservices/content/authNotificationIcon.inc.xul @@ -0,0 +1,6 @@ +# Copyright (c) 2020, The Tor Project, Inc. + +<image id="tor-clientauth-notification-icon" + class="notification-anchor-icon tor-clientauth-icon" + role="button" + tooltiptext="&torbutton.onionServices.authPrompt.tooltip;"/> diff --git a/browser/components/onionservices/content/authPopup.inc.xul b/browser/components/onionservices/content/authPopup.inc.xul new file mode 100644 index 000000000000..d327e4c6a88d --- /dev/null +++ b/browser/components/onionservices/content/authPopup.inc.xul @@ -0,0 +1,14 @@ +# Copyright (c) 2020, The Tor Project, Inc. + +<popupnotification id="tor-clientauth-notification" hidden="true"> + <popupnotificationcontent orient="vertical"> + <description id="tor-clientauth-notification-desc"/> + <label id="tor-clientauth-notification-learnmore" + class="text-link popup-notification-learnmore-link" + is="text-link"/> + <html:div> + <html:input id="tor-clientauth-notification-key" type="password"/> + <html:div id="tor-clientauth-warning"/> + </html:div> + </popupnotificationcontent> +</popupnotification> diff --git a/browser/components/onionservices/content/authPrompt.js b/browser/components/onionservices/content/authPrompt.js new file mode 100644 index 000000000000..2d4ebcafd688 --- /dev/null +++ b/browser/components/onionservices/content/authPrompt.js @@ -0,0 +1,290 @@ +// Copyright (c) 2020, The Tor Project, Inc. + +"use strict"; + +XPCOMUtils.defineLazyModuleGetters(this, { + OnionAuthUtil: "chrome://browser/content/onionservices/authUtil.jsm", + CommonUtils: "resource://services-common/utils.js", + TorStrings: "resource:///modules/TorStrings.jsm", +}); + +const OnionAuthPrompt = (function() { + // OnionServicesAuthPrompt objects run within the main/chrome process. + function OnionServicesAuthPrompt(aBrowser, aFailedURI, aOnionName) { + this._browser = aBrowser; + this._failedURI = aFailedURI; + this._onionName = aOnionName; + } + + OnionServicesAuthPrompt.prototype = { + show(aWarningMessage) { + let mainAction = { + label: TorStrings.onionServices.authPrompt.done, + accessKey: TorStrings.onionServices.authPrompt.doneAccessKey, + leaveOpen: true, // Callback is responsible for closing the notification. + callback: this._onDone.bind(this), + }; + + let dialogBundle = Services.strings.createBundle( + "chrome://global/locale/dialog.properties"); + + let cancelAccessKey = dialogBundle.GetStringFromName("accesskey-cancel"); + if (!cancelAccessKey) + cancelAccessKey = "c"; // required by PopupNotifications.show() + + let cancelAction = { + label: dialogBundle.GetStringFromName("button-cancel"), + accessKey: cancelAccessKey, + callback: this._onCancel.bind(this), + }; + + let _this = this; + let options = { + autofocus: true, + hideClose: true, + persistent: true, + removeOnDismissal: false, + eventCallback(aTopic) { + if (aTopic === "showing") { + _this._onPromptShowing(aWarningMessage); + } else if (aTopic === "shown") { + _this._onPromptShown(); + } else if (aTopic === "removed") { + _this._onPromptRemoved(); + } + } + }; + + this._prompt = PopupNotifications.show(this._browser, + OnionAuthUtil.string.notificationID, "", + OnionAuthUtil.string.anchorID, + mainAction, [cancelAction], options); + }, + + _onPromptShowing(aWarningMessage) { + let xulDoc = this._browser.ownerDocument; + let descElem = xulDoc.getElementById(OnionAuthUtil.string.descriptionID); + if (descElem) { + // Handle replacement of the onion name within the localized + // string ourselves so we can show the onion name as bold text. + // We do this by splitting the localized string and creating + // several HTML <span> elements. + while (descElem.firstChild) + descElem.removeChild(descElem.firstChild); + + let fmtString = TorStrings.onionServices.authPrompt.description; + let prefix = ""; + let suffix = ""; + const kToReplace = "%S"; + let idx = fmtString.indexOf(kToReplace); + if (idx < 0) { + prefix = fmtString; + } else { + prefix = fmtString.substring(0, idx); + suffix = fmtString.substring(idx + kToReplace.length); + } + + const kHTMLNS = "http://www.w3.org/1999/xhtml"; + let span = xulDoc.createElementNS(kHTMLNS, "span"); + span.textContent = prefix; + descElem.appendChild(span); + span = xulDoc.createElementNS(kHTMLNS, "span"); + span.id = OnionAuthUtil.string.onionNameSpanID; + span.textContent = this._onionName; + descElem.appendChild(span); + span = xulDoc.createElementNS(kHTMLNS, "span"); + span.textContent = suffix; + descElem.appendChild(span); + } + + // Set "Learn More" label and href. + let learnMoreElem = xulDoc.getElementById(OnionAuthUtil.string.learnMoreID); + if (learnMoreElem) { + learnMoreElem.setAttribute("value", TorStrings.onionServices.learnMore); + learnMoreElem.setAttribute("href", TorStrings.onionServices.learnMoreURL); + } + + this._showWarning(aWarningMessage); + }, + + _onPromptShown() { + let keyElem = this._getKeyElement(); + if (keyElem) { + keyElem.setAttribute("placeholder", + TorStrings.onionServices.authPrompt.keyPlaceholder); + this._boundOnKeyFieldKeyPress = this._onKeyFieldKeyPress.bind(this); + this._boundOnKeyFieldInput = this._onKeyFieldInput.bind(this); + keyElem.addEventListener("keypress", this._boundOnKeyFieldKeyPress); + keyElem.addEventListener("input", this._boundOnKeyFieldInput); + keyElem.focus(); + } + }, + + _onPromptRemoved() { + if (this._boundOnKeyFieldKeyPress) { + let keyElem = this._getKeyElement(); + if (keyElem) { + keyElem.value = ""; + keyElem.removeEventListener("keypress", + this._boundOnKeyFieldKeyPress); + this._boundOnKeyFieldKeyPress = undefined; + keyElem.removeEventListener("input", this._boundOnKeyFieldInput); + this._boundOnKeyFieldInput = undefined; + } + } + }, + + _onKeyFieldKeyPress(aEvent) { + if (aEvent.keyCode == aEvent.DOM_VK_RETURN) { + this._onDone(); + } else if (aEvent.keyCode == aEvent.DOM_VK_ESCAPE) { + this._prompt.remove(); + this._onCancel(); + } + }, + + _onKeyFieldInput(aEvent) { + this._showWarning(undefined); // Remove the warning. + }, + + _onDone() { + let keyElem = this._getKeyElement(); + if (!keyElem) + return; + + let base64key = this._keyToBase64(keyElem.value); + if (!base64key) { + this._showWarning(TorStrings.onionServices.authPrompt.invalidKey); + return; + } + + this._prompt.remove(); + + // Use Torbutton's controller module to add the private key to Tor. + let controllerFailureMsg = + TorStrings.onionServices.authPrompt.failedToSetKey; + try { + let { controller } = + Cu.import("resource://torbutton/modules/tor-control-port.js", {}); + let torController = controller(aError => { + this.show(controllerFailureMsg); + }); + let onionAddr = this._onionName.toLowerCase().replace(/\.onion$/, ""); + torController.onionAuthAdd(onionAddr, base64key) + .then(aResponse => { + // Success! Reload the page. + this._browser.messageManager.sendAsyncMessage("Browser:Reload", {}); + }) + .catch(aError => { + if (aError.torMessage) + this.show(aError.torMessage); + else + this.show(controllerFailureMsg); + }); + } catch (e) { + this.show(controllerFailureMsg); + } + }, + + _onCancel() { + // Arrange for an error page to be displayed. + this._browser.messageManager.sendAsyncMessage( + OnionAuthUtil.string.authPromptCanceledMessage, + {failedURI: this._failedURI.spec}); + }, + + _getKeyElement() { + let xulDoc = this._browser.ownerDocument; + return xulDoc.getElementById(OnionAuthUtil.string.keyElementID); + }, + + _showWarning(aWarningMessage) { + let xulDoc = this._browser.ownerDocument; + let warningElem = + xulDoc.getElementById(OnionAuthUtil.string.warningElementID); + let keyElem = this._getKeyElement(); + if (warningElem) { + if (aWarningMessage) { + warningElem.textContent = aWarningMessage; + warningElem.removeAttribute("hidden"); + if (keyElem) + keyElem.className = "invalid"; + } else { + warningElem.setAttribute("hidden", "true"); + if (keyElem) + keyElem.className = ""; + } + } + }, + + // Returns undefined if the key is the wrong length or format. + _keyToBase64(aKeyString) { + if (!aKeyString) + return undefined; + + let base64key; + if (aKeyString.length == 52) { + // The key is probably base32-encoded. Attempt to decode. + let rawKey; + try { + rawKey = CommonUtils.decodeBase32(aKeyString); + } catch (e) {} + + if (rawKey) try { + base64key = btoa(rawKey); + } catch (e) {} + } else if ((aKeyString.length == 44) && + /^[a-zA-Z0-9+/]*=*$/.test(aKeyString)) { + // The key appears to be a correctly formatted base64 value. If not, + // tor will return an error when we try to add the key via the + // control port. + base64key = aKeyString; + } + + return base64key; + }, + }; + + let retval = { + init() { + Services.obs.addObserver(this, OnionAuthUtil.string.authPromptTopic); + }, + + uninit() { + Services.obs.removeObserver(this, OnionAuthUtil.string.authPromptTopic); + }, + + // aSubject is the DOM Window or browser where the prompt should be shown. + // aData contains the .onion name. + observe(aSubject, aTopic, aData) { + if (aTopic != OnionAuthUtil.string.authPromptTopic) { + return; + } + + let browser; + if (aSubject instanceof Ci.nsIDOMWindow) { + let contentWindow = aSubject.QueryInterface(Ci.nsIDOMWindow); + browser = contentWindow.docShell.chromeEventHandler; + } else { + browser = aSubject.QueryInterface(Ci.nsIBrowser); + } + + if (!gBrowser.browsers.some(aBrowser => aBrowser == browser)) { + return; // This window does not contain the subject browser; ignore. + } + + let failedURI = browser.currentURI; + let authPrompt = new OnionServicesAuthPrompt(browser, failedURI, aData); + authPrompt.show(undefined); + } + }; + + return retval; +})(); /* OnionAuthPrompt */ + + +Object.defineProperty(this, "OnionAuthPrompt", { + value: OnionAuthPrompt, + enumerable: true, + writable: false +}); diff --git a/browser/components/onionservices/content/authUtil.jsm b/browser/components/onionservices/content/authUtil.jsm new file mode 100644 index 000000000000..8547fba83a62 --- /dev/null +++ b/browser/components/onionservices/content/authUtil.jsm @@ -0,0 +1,32 @@ +// Copyright (c) 2020, The Tor Project, Inc. + +"use strict"; + +var EXPORTED_SYMBOLS = [ + "OnionAuthUtil", +]; + +var { Services } = ChromeUtils.import("resource://gre/modules/Services.jsm"); + +const OnionAuthUtil = { + string: { + authPromptTopic: "tor-onion-services-auth-prompt", + authPromptCanceledMessage: "Tor:OnionServicesAuthPromptCanceled", + anchorID: "tor-clientauth-notification-icon", + notificationID: "tor-clientauth", + descriptionID: "tor-clientauth-notification-desc", + learnMoreID: "tor-clientauth-notification-learnmore", + onionNameSpanID: "tor-clientauth-notification-onionname", + keyElementID: "tor-clientauth-notification-key", + warningElementID: "tor-clientauth-warning", + }, + + addCancelMessageListener(aTabContent, aDocShell) { + aTabContent.addMessageListener(this.string.authPromptCanceledMessage, + (aMessage) => { + let failedURI = Services.io.newURI(aMessage.data.failedURI); + aDocShell.displayLoadError(Cr.NS_ERROR_CONNECTION_REFUSED, failedURI, + undefined, undefined); + }); + }, +}; diff --git a/browser/components/onionservices/content/onionservices.css b/browser/components/onionservices/content/onionservices.css new file mode 100644 index 000000000000..e2621ec8266d --- /dev/null +++ b/browser/components/onionservices/content/onionservices.css @@ -0,0 +1,69 @@ +/* Copyright (c) 2020, The Tor Project, Inc. */ + +@namespace html url("http://www.w3.org/1999/xhtml"); + +html|*#tor-clientauth-notification-onionname { + font-weight: bold; +} + +html|*#tor-clientauth-notification-key { + box-sizing: border-box; + width: 100%; + margin-top: 15px; + padding: 6px; +} + +/* Start of rules adapted from + * browser/components/newtab/css/activity-stream-mac.css (linux and windows + * use the same rules). + */ +html|*#tor-clientauth-notification-key.invalid { + border: 1px solid #D70022; + box-shadow: 0 0 0 1px #D70022, 0 0 0 4px rgba(215, 0, 34, 0.3); +} + +html|*#tor-clientauth-warning { + display: inline-block; + animation: fade-up-tt 450ms; + background: #D70022; + border-radius: 2px; + color: #FFF; + inset-inline-start: 3px; + padding: 5px 12px; + position: relative; + top: 6px; + z-index: 1; +} + +html|*#tor-clientauth-warning[hidden] { + display: none; +} + +html|*#tor-clientauth-warning::before { + background: #D70022; + bottom: -8px; + content: '.'; + height: 16px; + inset-inline-start: 12px; + position: absolute; + text-indent: -999px; + top: -7px; + transform: rotate(45deg); + white-space: nowrap; + width: 16px; + z-index: -1; +} + +@keyframes fade-up-tt { + 0% { + opacity: 0; + transform: translateY(15px); + } + 100% { + opacity: 1; + transform: translateY(0); + } +} +/* End of rules adapted from + * browser/components/newtab/css/activity-stream-mac.css + */ diff --git a/browser/components/onionservices/jar.mn b/browser/components/onionservices/jar.mn new file mode 100644 index 000000000000..06cf2df6e7ac --- /dev/null +++ b/browser/components/onionservices/jar.mn @@ -0,0 +1,4 @@ +browser.jar: + content/browser/onionservices/authPrompt.js (content/authPrompt.js) + content/browser/onionservices/authUtil.jsm (content/authUtil.jsm) + content/browser/onionservices/onionservices.css (content/onionservices.css) diff --git a/browser/components/onionservices/moz.build b/browser/components/onionservices/moz.build new file mode 100644 index 000000000000..7e103239c8d6 --- /dev/null +++ b/browser/components/onionservices/moz.build @@ -0,0 +1 @@ +JAR_MANIFESTS += ['jar.mn'] diff --git a/browser/modules/TorStrings.jsm b/browser/modules/TorStrings.jsm index 0b682ceeeb83..f68d60cf1343 100644 --- a/browser/modules/TorStrings.jsm +++ b/browser/modules/TorStrings.jsm @@ -5,6 +5,9 @@ var EXPORTED_SYMBOLS = ["TorStrings"]; const { XPCOMUtils } = ChromeUtils.import( "resource://gre/modules/XPCOMUtils.jsm" ); +const { Services } = ChromeUtils.import( + "resource://gre/modules/Services.jsm" +); const { getLocale } = ChromeUtils.import( "resource://torbutton/modules/utils.js" ); @@ -17,11 +20,11 @@ XPCOMUtils.defineLazyGetter(this, "domParser", () => { }); /* - Tor String Bundle + Tor DTD String Bundle - Strings loaded from torbutton/tor-launcher, but provide a fallback in case they aren't available + DTD strings loaded from torbutton/tor-launcher, but provide a fallback in case they aren't available */ -class TorStringBundle { +class TorDTDStringBundle { constructor(aBundleURLs, aPrefix) { let locations = []; for (const [index, url] of aBundleURLs.entries()) { @@ -65,6 +68,36 @@ class TorStringBundle { } /* + Tor Property String Bundle + + Property strings loaded from torbutton/tor-launcher, but provide a fallback in case they aren't available +*/ +class TorPropertyStringBundle { + constructor(aBundleURL, aPrefix) { + try { + this._bundle = Services.strings.createBundle(aBundleURL); + } catch (e) {} + + this._prefix = aPrefix; + } + + getString(key, fallback) { + if (key) { + try { + return this._bundle.GetStringFromName(`${this._prefix}${key}`); + } catch (e) {} + } + + // on failure, assign the fallback if it exists + if (fallback) { + return fallback; + } + // otherwise return string key + return `$(${key})`; + } +} + +/* Security Level Strings */ var TorStrings = { @@ -72,7 +105,7 @@ var TorStrings = { Tor Browser Security Level Strings */ securityLevel: (function() { - let tsb = new TorStringBundle( + let tsb = new TorDTDStringBundle( ["chrome://torbutton/locale/torbutton.dtd"], "torbutton.prefs.sec_" ); @@ -157,7 +190,7 @@ var TorStrings = { Tor about:preferences#tor Strings */ settings: (function() { - let tsb = new TorStringBundle( + let tsb = new TorDTDStringBundle( ["chrome://torlauncher/locale/network-settings.dtd"], "" ); @@ -284,6 +317,37 @@ var TorStrings = { })() /* Tor Network Settings Strings */, /* + Tor Onion Services Strings, e.g., for the authentication prompt. + */ + onionServices: (function() { + let tsb = new TorPropertyStringBundle( + "chrome://torbutton/locale/torbutton.properties", + "onionServices." + ); + let getString = function(key, fallback) { + return tsb.getString(key, fallback); + }; + + let retval = { + learnMore: getString("torPreferences.learnMore", "Learn More"), + learnMoreURL: `https://2019.www.torproject.org/docs/tor-manual-dev.html.${getLocale()}#_client_authorization`, + authPrompt: { + description: + getString("authPrompt.description", "%S is requesting your private key."), + keyPlaceholder: getString("authPrompt.keyPlaceholder", "Enter your key"), + done: getString("authPrompt.done", "Done"), + doneAccessKey: getString("authPrompt.doneAccessKey", "d"), + invalidKey: getString("authPrompt.invalidKey", "Invalid key"), + failedToSetKey: + getString("authPrompt.failedToSetKey", "Failed to set key"), + }, + }; + + return retval; + })() /* Tor Onion Services Strings */, + + + /* Tor Deamon Configuration Key Strings */ diff --git a/browser/themes/shared/notification-icons.inc.css b/browser/themes/shared/notification-icons.inc.css index 6d461a89488c..d35f292a0860 100644 --- a/browser/themes/shared/notification-icons.inc.css +++ b/browser/themes/shared/notification-icons.inc.css @@ -113,6 +113,9 @@ list-style-image: url(chrome://browser/skin/notification-icons/indexedDB.svg); } +/* Reuse Firefox's login (key) icon for the Tor onion services auth. prompt */ +.popup-notification-icon[popupid="tor-clientauth"], +.tor-clientauth-icon, .popup-notification-icon[popupid="password"], .login-icon { list-style-image: url(chrome://browser/skin/login.svg); diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index 3cf2086206a4..cc329a50c109 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -4363,6 +4363,26 @@ nsDocShell::DisplayLoadError(nsresult aError, nsIURI* aURI, // HTTP/2 stack detected a protocol error error = "networkProtocolError"; break; + case NS_ERROR_TOR_ONION_SVC_NOT_FOUND: + case NS_ERROR_TOR_ONION_SVC_IS_INVALID: + case NS_ERROR_TOR_ONION_SVC_INTRO_FAILED: + case NS_ERROR_TOR_ONION_SVC_REND_FAILED: + // For now, handle these Tor onion service errors the same as + // NS_ERROR_CONNECTION_REFUSED. + NS_ENSURE_ARG_POINTER(aURI); + addHostPort = true; + error = "connectionFailure"; + break; + case NS_ERROR_TOR_ONION_SVC_BAD_CLIENT_AUTH: + // For now, we let this fall through but it should be handled in + // a special way, e.g., tell the user in our auth prompt that the + // key they provided was bad. This will be done as part of #30025. + MOZ_FALLTHROUGH; + case NS_ERROR_TOR_ONION_SVC_MISSING_CLIENT_AUTH: + error = "onionServices.clientAuthMissing"; + // Display about:blank while the Tor client auth prompt is open. + errorPage.AssignLiteral("blank"); + break; default: break; } @@ -4442,6 +4462,20 @@ nsDocShell::DisplayLoadError(nsresult aError, nsIURI* aURI, nsAutoString str; rv = stringBundle->FormatStringFromName(errorDescriptionID, strs, formatStrCount, str); + if (NS_FAILED(rv)) { + // As a fallback, check torbutton.properties for the error string. + const char bundleURL[] = "chrome://torbutton/locale/torbutton.properties"; + nsCOMPtr<nsIStringBundleService> stringBundleService = + mozilla::services::GetStringBundleService(); + if (stringBundleService) { + nsCOMPtr<nsIStringBundle> tbStringBundle; + if (NS_SUCCEEDED(stringBundleService->CreateBundle(bundleURL, + getter_AddRefs(tbStringBundle)))) { + rv = tbStringBundle->FormatStringFromName(errorDescriptionID, strs, + formatStrCount, str); + } + } + } NS_ENSURE_SUCCESS(rv, rv); messageStr.Assign(str.get()); } @@ -6964,6 +6998,7 @@ nsresult nsDocShell::EndPageLoad(nsIWebProgress* aProgress, aStatus == NS_ERROR_INTERCEPTION_FAILED || aStatus == NS_ERROR_NET_INADEQUATE_SECURITY || aStatus == NS_ERROR_NET_HTTP2_SENT_GOAWAY || + NS_ERROR_GET_MODULE(aStatus) == NS_ERROR_MODULE_TOR || NS_ERROR_GET_MODULE(aStatus) == NS_ERROR_MODULE_SECURITY) { // Errors to be shown for any frame DisplayLoadError(aStatus, url, nullptr, aChannel); @@ -8371,6 +8406,33 @@ nsresult nsDocShell::CreateContentViewer(const nsACString& aContentType, FireOnLocationChange(this, aRequest, mCurrentURI, locationFlags); } + // Arrange to show a Tor onion service client authentication prompt if + // appropriate. + if ((mLoadType == LOAD_ERROR_PAGE) && failedChannel) { + nsresult status = NS_OK; + if (NS_SUCCEEDED(failedChannel->GetStatus(&status)) && + ((status == NS_ERROR_TOR_ONION_SVC_MISSING_CLIENT_AUTH) || + (status == NS_ERROR_TOR_ONION_SVC_BAD_CLIENT_AUTH))) { + nsAutoCString onionHost; + failedURI->GetHost(onionHost); + if (XRE_IsContentProcess()) { + nsCOMPtr<nsIBrowserChild> browserChild = GetBrowserChild(); + if (browserChild) { + static_cast<BrowserChild*>(browserChild.get()) + ->SendShowOnionServicesAuthPrompt(onionHost); + } + } else { + nsCOMPtr<nsPIDOMWindowOuter> browserWin = GetWindow(); + nsCOMPtr<nsIObserverService> obsSvc = services::GetObserverService(); + if (browserWin && obsSvc) { + const char* topic = "tor-onion-services-auth-prompt"; + obsSvc->NotifyObservers(browserWin, topic, + NS_ConvertUTF8toUTF16(onionHost).get()); + } + } + } + } + return NS_OK; } diff --git a/dom/ipc/BrowserParent.cpp b/dom/ipc/BrowserParent.cpp index 42e5cbd10cc1..88605c949502 100644 --- a/dom/ipc/BrowserParent.cpp +++ b/dom/ipc/BrowserParent.cpp @@ -3776,6 +3776,29 @@ mozilla::ipc::IPCResult BrowserParent::RecvShowCanvasPermissionPrompt( return IPC_OK(); } +mozilla::ipc::IPCResult BrowserParent::RecvShowOnionServicesAuthPrompt( + const nsCString& aOnionName) { + nsCOMPtr<nsIBrowser> browser = + mFrameElement ? mFrameElement->AsBrowser() : nullptr; + if (!browser) { + // If the tab is being closed, the browser may not be available. + // In this case we can ignore the request. + return IPC_OK(); + } + nsCOMPtr<nsIObserverService> os = services::GetObserverService(); + if (!os) { + return IPC_FAIL_NO_REASON(this); + } + nsresult rv = os->NotifyObservers( + browser, + "tor-onion-services-auth-prompt", + NS_ConvertUTF8toUTF16(aOnionName).get()); + if (NS_FAILED(rv)) { + return IPC_FAIL_NO_REASON(this); + } + return IPC_OK(); +} + mozilla::ipc::IPCResult BrowserParent::RecvVisitURI( const URIParams& aURI, const Maybe<URIParams>& aLastVisitedURI, const uint32_t& aFlags) { diff --git a/dom/ipc/BrowserParent.h b/dom/ipc/BrowserParent.h index 1be1da2e4d81..23c189cf6243 100644 --- a/dom/ipc/BrowserParent.h +++ b/dom/ipc/BrowserParent.h @@ -718,6 +718,9 @@ class BrowserParent final : public PBrowserParent, mozilla::ipc::IPCResult RecvShowCanvasPermissionPrompt( const nsCString& aOrigin, const bool& aHideDoorHanger); + mozilla::ipc::IPCResult RecvShowOnionServicesAuthPrompt( + const nsCString& aOnionName); + mozilla::ipc::IPCResult RecvSetSystemFont(const nsCString& aFontName); mozilla::ipc::IPCResult RecvGetSystemFont(nsCString* aFontName); diff --git a/dom/ipc/PBrowser.ipdl b/dom/ipc/PBrowser.ipdl index 55ce57441a2d..b99d7f04fe39 100644 --- a/dom/ipc/PBrowser.ipdl +++ b/dom/ipc/PBrowser.ipdl @@ -562,6 +562,14 @@ parent: int32_t[] aPositionDescendants, uint32_t aFlushId); + /** + * This function is used to notify the parent that it should display a + * onion services client authentication prompt. + * + * @param aOnionHost The hostname of the .onion that needs authentication. + */ + async ShowOnionServicesAuthPrompt(nsCString aOnionHost); + child: async NativeSynthesisResponse(uint64_t aObserverId, nsCString aResponse); async FlushTabState(uint32_t aFlushId); diff --git a/js/xpconnect/src/xpc.msg b/js/xpconnect/src/xpc.msg index d0088cb2fb07..d9b64fe87fce 100644 --- a/js/xpconnect/src/xpc.msg +++ b/js/xpconnect/src/xpc.msg @@ -246,5 +246,13 @@ XPC_MSG_DEF(NS_ERROR_HARMFUL_URI , "The URI is harmful") XPC_MSG_DEF(NS_ERROR_FINGERPRINTING_URI , "The URI is fingerprinting") XPC_MSG_DEF(NS_ERROR_CRYPTOMINING_URI , "The URI is cryptomining") +/* Codes related to Tor */ +XPC_MSG_DEF(NS_ERROR_TOR_ONION_SVC_NOT_FOUND , "Tor onion service descriptor cannot be found") +XPC_MSG_DEF(NS_ERROR_TOR_ONION_SVC_IS_INVALID , "Tor onion service descriptor is invalid") +XPC_MSG_DEF(NS_ERROR_TOR_ONION_SVC_INTRO_FAILED , "Tor onion service introduction failed") +XPC_MSG_DEF(NS_ERROR_TOR_ONION_SVC_REND_FAILED , "Tor onion service rendezvous failed") +XPC_MSG_DEF(NS_ERROR_TOR_ONION_SVC_MISSING_CLIENT_AUTH, "Tor onion service missing client authorization") +XPC_MSG_DEF(NS_ERROR_TOR_ONION_SVC_BAD_CLIENT_AUTH , "Tor onion service wrong client authorization") + /* Profile manager error codes */ XPC_MSG_DEF(NS_ERROR_DATABASE_CHANGED , "Flushing the profiles to disk would have overwritten changes made elsewhere.") diff --git a/netwerk/base/nsSocketTransport2.cpp b/netwerk/base/nsSocketTransport2.cpp index 04f692dcd7e0..e6a32bddb16f 100644 --- a/netwerk/base/nsSocketTransport2.cpp +++ b/netwerk/base/nsSocketTransport2.cpp @@ -213,6 +213,12 @@ nsresult ErrorAccordingToNSPR(PRErrorCode errorCode) { default: if (psm::IsNSSErrorCode(errorCode)) { rv = psm::GetXPCOMFromNSSError(errorCode); + } else { + // If we received a Tor extended error code via SOCKS, pass it through. + nsresult res = nsresult(errorCode); + if (NS_ERROR_GET_MODULE(res) == NS_ERROR_MODULE_TOR) { + rv = res; + } } break; diff --git a/netwerk/socket/nsSOCKSIOLayer.cpp b/netwerk/socket/nsSOCKSIOLayer.cpp index 6909ade1c958..6649056da1e7 100644 --- a/netwerk/socket/nsSOCKSIOLayer.cpp +++ b/netwerk/socket/nsSOCKSIOLayer.cpp @@ -1012,6 +1012,36 @@ PRStatus nsSOCKSSocketInfo::ReadV5ConnectResponseTop() { "08, Address type not supported.")); c = PR_BAD_ADDRESS_ERROR; break; + case 0xF0: // Tor SOCKS5_HS_NOT_FOUND + LOGERROR(("socks5: connect failed: F0," + " Tor onion service descriptor can not be found.")); + c = static_cast<uint32_t>(NS_ERROR_TOR_ONION_SVC_NOT_FOUND); + break; + case 0xF1: // Tor SOCKS5_HS_IS_INVALID + LOGERROR(("socks5: connect failed: F1," + " Tor onion service descriptor is invalid.")); + c = static_cast<uint32_t>(NS_ERROR_TOR_ONION_SVC_IS_INVALID); + break; + case 0xF2: // Tor SOCKS5_HS_INTRO_FAILED + LOGERROR(("socks5: connect failed: F2," + " Tor onion service introduction failed.")); + c = static_cast<uint32_t>(NS_ERROR_TOR_ONION_SVC_INTRO_FAILED); + break; + case 0xF3: // Tor SOCKS5_HS_REND_FAILED + LOGERROR(("socks5: connect failed: F3," + " Tor onion service rendezvous failed.")); + c = static_cast<uint32_t>(NS_ERROR_TOR_ONION_SVC_REND_FAILED); + break; + case 0xF4: // Tor SOCKS5_HS_MISSING_CLIENT_AUTH + LOGERROR(("socks5: connect failed: F4," + " Tor onion service missing client authorization.")); + c = static_cast<uint32_t>(NS_ERROR_TOR_ONION_SVC_MISSING_CLIENT_AUTH); + break; + case 0xF5: // Tor SOCKS5_HS_BAD_CLIENT_AUTH + LOGERROR(("socks5: connect failed: F5," + " Tor onion service wrong client authorization.")); + c = static_cast<uint32_t>(NS_ERROR_TOR_ONION_SVC_BAD_CLIENT_AUTH); + break; default: LOGERROR(("socks5: connect failed.")); break; diff --git a/toolkit/modules/PopupNotifications.jsm b/toolkit/modules/PopupNotifications.jsm index a6f8be0be40c..fe8e6d4949a4 100644 --- a/toolkit/modules/PopupNotifications.jsm +++ b/toolkit/modules/PopupNotifications.jsm @@ -400,6 +400,8 @@ PopupNotifications.prototype = { * - "menucommand" if a menu was activated. * - [optional] dismiss (boolean): If this is true, the notification * will be dismissed instead of removed after running the callback. + * - [optional] leaveOpen (boolean): If this is true, the notification + * will not be removed after running the callback. * - [optional] disableHighlight (boolean): If this is true, the button * will not apply the default highlight style. * If null, the notification will have a default "OK" action button @@ -1863,6 +1865,10 @@ PopupNotifications.prototype = { this._dismiss(); return; } + + if (action.leaveOpen) { + return; + } } this._remove(notification); diff --git a/xpcom/base/ErrorList.py b/xpcom/base/ErrorList.py index 48b3149a4255..24cabd355b0d 100755 --- a/xpcom/base/ErrorList.py +++ b/xpcom/base/ErrorList.py @@ -84,6 +84,7 @@ modules["URL_CLASSIFIER"] = Mod(42) # ErrorResult gets its own module to reduce the chance of someone accidentally # defining an error code matching one of the ErrorResult ones. modules["ERRORRESULT"] = Mod(43) +modules["TOR"] = Mod(44) # NS_ERROR_MODULE_GENERAL should be used by modules that do not # care if return code values overlap. Callers of methods that @@ -1120,6 +1121,23 @@ with modules["ERRORRESULT"]: # ======================================================================= +# 44: Tor-specific error codes. +# ======================================================================= +with modules["TOR"]: + # Tor onion service descriptor can not be found. + errors["NS_ERROR_TOR_ONION_SVC_NOT_FOUND"] = FAILURE(1) + # Tor onion service descriptor is invalid. + errors["NS_ERROR_TOR_ONION_SVC_IS_INVALID"] = FAILURE(2) + # Tor onion service introduction failed. + errors["NS_ERROR_TOR_ONION_SVC_INTRO_FAILED"] = FAILURE(3) + # Tor onion service rendezvous failed. + errors["NS_ERROR_TOR_ONION_SVC_REND_FAILED"] = FAILURE(4) + # Tor onion service missing client authorization. + errors["NS_ERROR_TOR_ONION_SVC_MISSING_CLIENT_AUTH"] = FAILURE(5) + # Tor onion service wrong client authorization. + errors["NS_ERROR_TOR_ONION_SVC_BAD_CLIENT_AUTH"] = FAILURE(6) + +# ======================================================================= # 51: NS_ERROR_MODULE_GENERAL # ======================================================================= with modules["GENERAL"]:

1 0

[tor-browser/tor-browser-68.4.1esr-9.5-1] Merge commit '6cac185d0c10e4f26ca7eaf000c31fae36d13bfc' into tor-browser-68.4.1esr-9.5-1
by sysrqb＠torproject.org 05 Feb '20

05 Feb '20

commit 28641dbae674f58429aa3518342555a6b977342e Merge: 45677fd3bc4f 6cac185d0c10 Author: Matthew Finkel <Matthew.Finkel(a)gmail.com> Date: Wed Feb 5 00:02:35 2020 +0000 Merge commit '6cac185d0c10e4f26ca7eaf000c31fae36d13bfc' into tor-browser-68.4.1esr-9.5-1 browser/actors/NetErrorChild.jsm | 2 +- browser/base/content/browser.js | 10 + browser/base/content/browser.xul | 3 + browser/base/content/tab-content.js | 5 + browser/components/moz.build | 1 + .../content/authNotificationIcon.inc.xul | 6 + .../onionservices/content/authPopup.inc.xul | 14 + .../components/onionservices/content/authPrompt.js | 290 +++++++++++++++++++++ .../components/onionservices/content/authUtil.jsm | 32 +++ .../onionservices/content/onionservices.css | 69 +++++ browser/components/onionservices/jar.mn | 4 + browser/components/onionservices/moz.build | 1 + browser/modules/TorStrings.jsm | 74 +++++- browser/themes/shared/notification-icons.inc.css | 3 + docshell/base/nsDocShell.cpp | 62 +++++ dom/ipc/BrowserParent.cpp | 23 ++ dom/ipc/BrowserParent.h | 3 + dom/ipc/PBrowser.ipdl | 8 + js/xpconnect/src/xpc.msg | 8 + netwerk/base/nsSocketTransport2.cpp | 6 + netwerk/socket/nsSOCKSIOLayer.cpp | 30 +++ toolkit/modules/PopupNotifications.jsm | 6 + xpcom/base/ErrorList.py | 18 ++ 23 files changed, 672 insertions(+), 6 deletions(-)

1 0

[torbutton/master] Bug 30237: Control port module improvements for v3 client authentication
by sysrqb＠torproject.org 04 Feb '20

04 Feb '20

commit 9dbc7d20a0efbe6d6d085950c937ed223176e6fa Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Wed Dec 4 09:41:18 2019 -0500 Bug 30237: Control port module improvements for v3 client authentication Modify the Tor controller onionAuthAdd() function to remove support for the nickname parameter (not supported by tor) and add some missing parameter validation. --- modules/tor-control-port.js | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/modules/tor-control-port.js b/modules/tor-control-port.js index 1b0a79ad..815df473 100644 --- a/modules/tor-control-port.js +++ b/modules/tor-control-port.js @@ -580,15 +580,21 @@ info.getConf = function (aControlSocket, key) { // A namespace for functions related to tor's ONION_CLIENT_AUTH_* commands. let onionAuth = {}; -// __onionAuth.add(controlSocket, hsAddress, b64PrivateKey, nickname, isPermanent)__. +// __onionAuth.add(controlSocket, hsAddress, b64PrivateKey, isPermanent)__. // Sends a ONION_CLIENT_AUTH_ADD command to add a private key to the // Tor configuration. onionAuth.add = function (aControlSocket, hsAddress, b64PrivateKey, - nickname, isPermanent) { + isPermanent) { + if (!utils.isString(hsAddress)) { + return utils.rejectPromise("hsAddress argument should be a string"); + } + + if (!utils.isString(b64PrivateKey)) { + return utils.rejectPromise("b64PrivateKey argument should be a string"); + } + const keyType = "x25519"; let cmd = `onion_client_auth_add ${hsAddress} ${keyType}:${b64PrivateKey}`; - if (nickname) - cmd += ` ClientName=${nickname}`; if (isPermanent) cmd += " Flags=Permanent"; return aControlSocket.sendCommand(cmd); @@ -649,9 +655,9 @@ tor.controller = function (ipcFile, host, port, password, onError) { isOpen = true; return { getInfo : key => info.getInfo(socket, key), getConf : key => info.getConf(socket, key), - onionAuthAdd : (hsAddress, b64PrivateKey, nickname, isPermanent) => + onionAuthAdd : (hsAddress, b64PrivateKey, isPermanent) => onionAuth.add(socket, hsAddress, b64PrivateKey, - nickname, isPermanent), + isPermanent), watchEvent : (type, filter, onData) => event.watchEvent(socket, type, filter, onData), isOpen : () => isOpen,

1 0

[tor-browser-build/master] Merge remote-tracking branch 'cohosh/ticket/32870'
by boklm＠torproject.org 03 Feb '20

03 Feb '20

commit af8affa4bfb0c1cea943de716ce64da7c5d2d146 Merge: 930497f 21fe6c3 Author: Nicolas Vigier <boklm(a)torproject.org> Date: Mon Feb 3 15:32:00 2020 +0100 Merge remote-tracking branch 'cohosh/ticket/32870' projects/gocheck/config | 6 +++++- projects/pion-datachannel/config | 5 +---- projects/pion-dtls/config | 2 +- projects/pion-ice/config | 2 +- projects/pion-mdns/config | 5 ++++- projects/pion-rtp/config | 2 +- projects/pion-sctp/config | 11 ++++++++++- projects/pion-sdp/config | 2 +- projects/pion-stun/config | 2 +- projects/pion-transport/config | 3 ++- projects/pion-turn/config | 8 +++++++- projects/pion-webrtc/config | 5 ++++- projects/pretty/config | 21 +++++++++++++++++++++ projects/pty/config | 17 +++++++++++++++++ projects/text/config | 21 +++++++++++++++++++++ 15 files changed, 97 insertions(+), 15 deletions(-)

1 0

[tor-browser-build/master] Bug 32870: Update version of pion-webrtc
by boklm＠torproject.org 03 Feb '20

03 Feb '20

commit 21fe6c309dc17fc8b989ad31a6a308b86b130bf3 Author: Cecylia Bocovich <cohosh(a)torproject.org> Date: Thu Jan 2 21:09:57 2020 +0000 Bug 32870: Update version of pion-webrtc This updates the version of the pion webrtc library used by snowflake to v2.1.18. --- projects/gocheck/config | 6 +++++- projects/pion-datachannel/config | 5 +---- projects/pion-dtls/config | 2 +- projects/pion-ice/config | 2 +- projects/pion-mdns/config | 5 ++++- projects/pion-rtp/config | 2 +- projects/pion-sctp/config | 11 ++++++++++- projects/pion-sdp/config | 2 +- projects/pion-stun/config | 2 +- projects/pion-transport/config | 3 ++- projects/pion-turn/config | 8 +++++++- projects/pion-webrtc/config | 5 ++++- projects/pretty/config | 21 +++++++++++++++++++++ projects/pty/config | 17 +++++++++++++++++ projects/text/config | 21 +++++++++++++++++++++ 15 files changed, 97 insertions(+), 15 deletions(-) diff --git a/projects/gocheck/config b/projects/gocheck/config index a78af0f..bc71d01 100644 --- a/projects/gocheck/config +++ b/projects/gocheck/config @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 version: '[% c("abbrev") %]' git_url: https://gopkg.in/check.v1 -git_hash: 20d25e2804050c1cd24a7eea1e7a6447dd0e74ec +git_hash: 41f04d3bba152ddec2103e299fed053415705330 # v1.0.0 filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz' build: '[% c("projects/go/var/build_go_lib") %]' @@ -10,8 +10,12 @@ var: container: use_container: 1 go_lib: gopkg.in/check.v1 + go_lib_deps: + - pretty input_files: - project: container-image - name: go project: go + - name: pretty + project: pretty diff --git a/projects/pion-datachannel/config b/projects/pion-datachannel/config index 50094d6..b8a521c 100644 --- a/projects/pion-datachannel/config +++ b/projects/pion-datachannel/config @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 version: '[% c("abbrev") %]' git_url: https://github.com/pion/datachannel -git_hash: 401bef0a9b89c2ca212c908999709ff1967c9617 # v1.4.5 +git_hash: 58b4a51d48764c2cb19e0c7ced43640a87857c69 # v1.4.13 filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz' build: '[% c("projects/go/var/build_go_lib") %]' @@ -11,7 +11,6 @@ var: use_container: 1 go_lib: github.com/pion/datachannel go_lib_deps: - - go-spew - goerrors - pion-logging - pion-sctp @@ -22,8 +21,6 @@ input_files: - project: container-image - name: go project: go - - name: go-spew - project: go-spew - name: goerrors project: goerrors - name: pion-logging diff --git a/projects/pion-dtls/config b/projects/pion-dtls/config index af2a17f..244c764 100644 --- a/projects/pion-dtls/config +++ b/projects/pion-dtls/config @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 version: '[% c("abbrev") %]' git_url: https://github.com/pion/dtls -git_hash: 91d652d3f91d6c08c193e4d297067f8f653775f9 # v1.5.1 +git_hash: 8748e4ac8bf7960bbf399e6f23a9bf4dd30d4e92 # v2.0.0-rc.3 filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz' build: '[% c("projects/go/var/build_go_lib") %]' diff --git a/projects/pion-ice/config b/projects/pion-ice/config index 8946852..56d0a03 100644 --- a/projects/pion-ice/config +++ b/projects/pion-ice/config @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 version: '[% c("abbrev") %]' git_url: https://github.com/pion/ice -git_hash: 45cb33ebe6b557dbf50a7779cd713aeedbc84813 # v0.5.13 +git_hash: 57e7b93a4bac70ee2fd3b38cc2fdf3c6d586ed27 # v0.7.6 filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz' build: '[% c("projects/go/var/build_go_lib") %]' diff --git a/projects/pion-mdns/config b/projects/pion-mdns/config index 05eb8c4..510b97c 100644 --- a/projects/pion-mdns/config +++ b/projects/pion-mdns/config @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 version: '[% c("abbrev") %]' git_url: https://github.com/pion/mdns -git_hash: c5bfa7641a9decf65f7597ba5299c3ee36feb28e # v0.0.3 +git_hash: 0200ff62c805e3b691a6b8764f2de93909b90bb3 # v0.0.4 filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz' build: '[% c("projects/go/var/build_go_lib") %]' @@ -13,6 +13,7 @@ var: go_lib_deps: - goxnet - pion-logging + - pion-transport input_files: - project: container-image @@ -22,3 +23,5 @@ input_files: project: goxnet - name: pion-logging project: pion-logging + - name: pion-transport + project: pion-transport diff --git a/projects/pion-rtp/config b/projects/pion-rtp/config index 0f586ec..5e63b29 100644 --- a/projects/pion-rtp/config +++ b/projects/pion-rtp/config @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 version: '[% c("abbrev") %]' git_url: https://github.com/pion/rtp -git_hash: 23312f4b270b6a469355099f9cfb96d871240098 # v1.1.3 +git_hash: 94055aff4ae00d46f218eab6949fa713d48306af # v1.1.4 filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz' build: '[% c("projects/go/var/build_go_lib") %]' diff --git a/projects/pion-sctp/config b/projects/pion-sctp/config index 8615bd4..a81911c 100644 --- a/projects/pion-sctp/config +++ b/projects/pion-sctp/config @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 version: '[% c("abbrev") %]' git_url: https://github.com/pion/sctp -git_hash: 321ee3612199dd7363fc63ec4e111db50c22faf1 # v1.6.9 +git_hash: ced24b2276cf7991920a301ce5f0735cabafaf3e # v1.7.3 filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz' build: '[% c("projects/go/var/build_go_lib") %]' @@ -11,20 +11,29 @@ var: use_container: 1 go_lib: github.com/pion/sctp go_lib_deps: + - go-spew + - gocheck - goerrors - pion-logging - pion-transport + - pretty - testify input_files: - project: container-image - name: go project: go + - name: go-spew + project: go-spew + - name: gocheck + project: gocheck - name: goerrors project: goerrors - name: pion-logging project: pion-logging - name: pion-transport project: pion-transport + - name: pretty + project: pretty - name: testify project: testify diff --git a/projects/pion-sdp/config b/projects/pion-sdp/config index 7f95bc0..1a865d4 100644 --- a/projects/pion-sdp/config +++ b/projects/pion-sdp/config @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 version: '[% c("abbrev") %]' git_url: https://github.com/pion/sdp -git_hash: 03441e3c706c7c3b719ee75194049a31cbb2eb7e # v2.3.0 +git_hash: 9b824fbb8047370a0073ef4b9ebae356e7536502 # v2.3.1 filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz' build: '[% c("projects/go/var/build_go_lib") %]' diff --git a/projects/pion-stun/config b/projects/pion-stun/config index aeba0af..37405eb 100644 --- a/projects/pion-stun/config +++ b/projects/pion-stun/config @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 version: '[% c("abbrev") %]' git_url: https://github.com/pion/stun -git_hash: 8136435b6d3ad36535081253a032468235a43581 # v0.3.1 +git_hash: 51fef3542ed793994ff3da9c9b897fb23d744503 # v0.3.3 filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz' build: '[% c("projects/go/var/build_go_lib") %]' diff --git a/projects/pion-transport/config b/projects/pion-transport/config index be3d385..b2615be 100644 --- a/projects/pion-transport/config +++ b/projects/pion-transport/config @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 version: '[% c("abbrev") %]' git_url: https://github.com/pion/transport -git_hash: 6903e3cd05a899ca7284753a4b6cb265655c28ff # v0.8.6 +git_hash: 95bf2d4e3f04b8d658048d1de02b30a27c8acc18 # v0.8.10 filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz' build: '[% c("projects/go/var/build_go_lib") %]' @@ -18,6 +18,7 @@ var: - github.com/pion/transport/test - github.com/pion/transport/vnet + input_files: - project: container-image - name: go diff --git a/projects/pion-turn/config b/projects/pion-turn/config index 06a6f14..2cbef46 100644 --- a/projects/pion-turn/config +++ b/projects/pion-turn/config @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 version: '[% c("abbrev") %]' git_url: https://github.com/pion/turn -git_hash: cab8f88798429b68b7cfb4db7c12fc6d205e91e2 # v1.3.5 +git_hash: bac88c5c692a9826c9703b2950dc52093ae1779a # v1.4.0 filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz' build: '[% c("projects/go/var/build_go_lib") %]' @@ -12,10 +12,12 @@ var: go_lib: github.com/pion/turn go_lib_deps: - go-spew + - gocheck - goerrors - pion-logging - pion-stun - pion-transport + - pretty - testify input_files: @@ -24,6 +26,8 @@ input_files: project: go - name: go-spew project: go-spew + - name: gocheck + project: gocheck - name: goerrors project: goerrors - name: pion-logging @@ -32,5 +36,7 @@ input_files: project: pion-stun - name: pion-transport project: pion-transport + - name: pretty + project: pretty - name: testify project: testify diff --git a/projects/pion-webrtc/config b/projects/pion-webrtc/config index 0f22dbb..925bb1c 100644 --- a/projects/pion-webrtc/config +++ b/projects/pion-webrtc/config @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 version: '[% c("abbrev") %]' git_url: https://github.com/pion/webrtc -git_hash: 5bceb0126f92c42015a1e143e24ae84122b8f0b0 # v2.1.3 +git_hash: 77c6e3b827e40175572fcf2894bb81ab1e8fd2c9 # v2.1.18 filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz' build: '[% c("projects/go/var/build_go_lib") %]' @@ -11,6 +11,7 @@ var: use_container: 1 go_lib: github.com/pion/webrtc go_lib_deps: + - goxcrypto - pion-datachannel - pion-dtls - pion-ice @@ -28,6 +29,8 @@ input_files: - project: container-image - name: go project: go + - name: goxcrypto + project: goxcrypto - name: pion-datachannel project: pion-datachannel - name: pion-dtls diff --git a/projects/pretty/config b/projects/pretty/config new file mode 100644 index 0000000..7514e53 --- /dev/null +++ b/projects/pretty/config @@ -0,0 +1,21 @@ +# vim: filetype=yaml sw=2 +version: '[% c("abbrev") %]' +git_url: https://github.com/kr/pretty +git_hash: 73f6ac0b30a98e433b289500d779f50c1a6f0712 # v0.1.0 +filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz' + +build: '[% c("projects/go/var/build_go_lib") %]' + +var: + container: + use_container: 1 + go_lib: github.com/kr/pretty + go_lib_deps: + - text + +input_files: + - project: container-image + - name: go + project: go + - name: text + project: text diff --git a/projects/pty/config b/projects/pty/config new file mode 100644 index 0000000..ab2d7bd --- /dev/null +++ b/projects/pty/config @@ -0,0 +1,17 @@ +# vim: filetype=yaml sw=2 +version: '[% c("abbrev") %]' +git_url: https://github.com/kr/pty +git_hash: 282ce0e5322c82529687d609ee670fac7c7d917c # v1.1.1 +filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz' + +build: '[% c("projects/go/var/build_go_lib") %]' + +var: + container: + use_container: 1 + go_lib: github.com/kr/pty + +input_files: + - project: container-image + - name: go + project: go diff --git a/projects/text/config b/projects/text/config new file mode 100644 index 0000000..aeb449b --- /dev/null +++ b/projects/text/config @@ -0,0 +1,21 @@ +# vim: filetype=yaml sw=2 +version: '[% c("abbrev") %]' +git_url: https://github.com/kr/text +git_hash: e2ffdb16a802fe2bb95e2e35ff34f0e53aeef34f # v0.1.0 +filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz' + +build: '[% c("projects/go/var/build_go_lib") %]' + +var: + container: + use_container: 1 + go_lib: github.com/kr/text + go_lib_deps: + - pty + +input_files: + - project: container-image + - name: go + project: go + - name: pty + project: pty

1 0

[tor-browser-build/master] Bug 31988: Add script to generate a mar signing key for nightly builds
by boklm＠torproject.org 30 Jan '20

30 Jan '20

commit 930497f483bc85e056ed278e00edd3266c4fed47 Author: Nicolas Vigier <boklm(a)torproject.org> Date: Mon Dec 16 19:02:01 2019 +0100 Bug 31988: Add script to generate a mar signing key for nightly builds --- tools/signing/nightly/.gitignore | 1 + tools/signing/nightly/create-nightly-mar-signing-key | 13 +++++++++++++ 2 files changed, 14 insertions(+) diff --git a/tools/signing/nightly/.gitignore b/tools/signing/nightly/.gitignore new file mode 100644 index 0000000..ec07f9a --- /dev/null +++ b/tools/signing/nightly/.gitignore @@ -0,0 +1 @@ +nssdb diff --git a/tools/signing/nightly/create-nightly-mar-signing-key b/tools/signing/nightly/create-nightly-mar-signing-key new file mode 100755 index 0000000..e4138be --- /dev/null +++ b/tools/signing/nightly/create-nightly-mar-signing-key @@ -0,0 +1,13 @@ +#!/bin/bash +set -e +nssdb="$(dirname "$0")/nssdb" +if test -d $nssdb +then + echo "Error: $nssdb already exists" >&2 + exit 1 +fi +mkdir -p $nssdb +chmod 700 $nssdb +certutil -d $nssdb -N --empty-password +certutil -d $nssdb -S -x -g 4096 -Z SHA384 -n nightly-marsigner -s "CN=Tor Browser Nightly MAR signing key" -t,, +certutil -d $nssdb -L -r -n nightly-marsigner -o $nssdb/nightly-marsigner.der

1 0

[tor-browser-build/master] Bug 32700: Don't disable GeckoDriver separately
by boklm＠torproject.org 30 Jan '20

30 Jan '20

commit 40502c9d0abb4e2c6b732162536fd2ea26bfe35b Author: Georg Koppen <gk(a)torproject.org> Date: Mon Dec 9 07:46:12 2019 +0000 Bug 32700: Don't disable GeckoDriver separately --- projects/firefox/mozconfig-windows-i686 | 1 - projects/firefox/mozconfig-windows-x86_64 | 1 - 2 files changed, 2 deletions(-) diff --git a/projects/firefox/mozconfig-windows-i686 b/projects/firefox/mozconfig-windows-i686 index fe3cc7d..4fd9958 100644 --- a/projects/firefox/mozconfig-windows-i686 +++ b/projects/firefox/mozconfig-windows-i686 @@ -38,7 +38,6 @@ ac_add_options --disable-maintenance-service ac_add_options --enable-proxy-bypass-protection ac_add_options --disable-webrtc # Bug 1393901 ac_add_options --disable-tests -ac_add_options --disable-geckodriver # Bug 1489320 # Disable telemetry ac_add_options MOZ_TELEMETRY_REPORTING= diff --git a/projects/firefox/mozconfig-windows-x86_64 b/projects/firefox/mozconfig-windows-x86_64 index ef28c9b..ae5cf67 100644 --- a/projects/firefox/mozconfig-windows-x86_64 +++ b/projects/firefox/mozconfig-windows-x86_64 @@ -38,7 +38,6 @@ ac_add_options --disable-maintenance-service ac_add_options --enable-proxy-bypass-protection ac_add_options --disable-webrtc # Bug 1393901 ac_add_options --disable-tests -ac_add_options --disable-geckodriver # Bug 1489320 # Disable telemetry ac_add_options MOZ_TELEMETRY_REPORTING=

1 0

[tor-browser-build/master] Merge remote-tracking branch 'gk/bug_32700'
by boklm＠torproject.org 30 Jan '20

30 Jan '20

commit b1690c3404c0454cb805a01e94e7d45e74ad17e0 Merge: 4e682a9 40502c9 Author: Nicolas Vigier <boklm(a)torproject.org> Date: Thu Jan 30 14:14:09 2020 +0100 Merge remote-tracking branch 'gk/bug_32700' projects/firefox/mozconfig-windows-i686 | 1 - projects/firefox/mozconfig-windows-x86_64 | 1 - 2 files changed, 2 deletions(-)

1 0