commit cf36a69e207ba169e34995afd17d9994665f30d5 Author: Sebastian Hahn <sebastian@torproject.org> Date: Wed Feb 1 21:00:47 2012 +0100 Remove everything pointing to polipo --- build-scripts/INSTALL | 47 +------ build-scripts/config/polipo-Makefile | 144 ------------------ build-scripts/config/polipo.conf | 161 --------------------- build-scripts/config/vidalia.conf.ff+pidgin | 2 - build-scripts/config/vidalia.conf.ff+pidgin-linux | 2 - build-scripts/linux.mk | 14 +-- build-scripts/osx.mk | 2 +- build-scripts/windows.mk | 1 - docs/traces.txt | 2 +- src/osx-sandboxes/polipo-sandbox/polipo-10.5.sb | 70 --------- src/osx-sandboxes/polipo-sandbox/polipo-wrapper | 70 --------- src/osx-sandboxes/polipo-sandbox/polipo.sb | 71 --------- 12 files changed, 4 insertions(+), 582 deletions(-) diff --git a/build-scripts/INSTALL b/build-scripts/INSTALL index a73bfa8..d54ced1 100644 --- a/build-scripts/INSTALL +++ b/build-scripts/INSTALL @@ -21,7 +21,6 @@ Contents - Install Qt - Install msysDTK - Install WinRAR -- Building Polipo - Building zlib - Building OpenSSL - Building libevent @@ -38,11 +37,10 @@ An Introduction to Building Tor Browser Bundle To build Tor Browser Bundle, you need to have built: Vidalia (in /c/build/vidalia-<version> by default) Tor (in /c/build/tor-<version> by default) - Polipo (in /c/build/polipo-<version> by default) and have uncompressed Firefox Portable or produce a custom build Firefox FirefoxPortable (in /c/build/FirefoxPortable by default) -Instructions for building Vidalia, Polipo and Tor are included below. +Instructions for building Vidalia, and Tor are included below. As a prerequisite for all builds, we'll need a build directory: @@ -247,49 +245,6 @@ Extract the .tar.gz like so in your MSYS console: tar -C / -xvjf /c/Documents\ and\ Settings/Administrator/Desktop/msys-autoconf-2.59.tar.bz2 -Building Polipo -=============== - -In order to enable the forbiddenFile functionality, the GNU Regex -library is required. Download the -bin and -dev tarballs from: - - http://sourceforge.net/project/showfiles.php?group_id=2435&package_id=73286&... - -Extract them both into you MinGW directory, e.g. - - tar -C /c/MinGW/ -xvzf /c/Documents\ and\ Settings/Administrator/Desktop/mingw-libgnurx-2.5.1-bin.tar.gz - tar -C /c/MinGW/ -xvzf /c/Documents\ and\ Settings/Administrator/Desktop/mingw-libgnurx-2.5.1-dev.tar.gz - -Download Polipo sources: - - http://www.pps.jussieu.fr/~jch/software/files/polipo/polipo-1.0.4.1.tar.gz - http://www.pps.jussieu.fr/~jch/software/files/polipo/polipo-1.0.4.1.tar.gz.a... - -Verify the PGP signature of the above files by following the developer directions: - - http://www.pps.jussieu.fr/~jch/software/pgp-validating.html - -Unpack the Polipo source code into /c/build/polipo-1.0.4.1/ : - - cd /c/build/ - tar -C . -vxzf /c/Documents\ and\ Settings/Administrator/Desktop/polipo-1.0.4.1.tar.gz - -Download a Tor contributed Polipo specific Makefile: - - https://svn.torproject.org/svn/tor/trunk/contrib/polipo/Makefile.mingw - -Replace the stock Polipo Makefile with the one above: - - mv Makefile Makefile-dist-unused - mv /c/Documents\ and\ Settings/Administrator/Desktop/Makefile.mingw Makefile - -Now build Polipo: - - make - -You should have a working binary. If you don't have gcc, it means your path is -broken. Ensure you applied the aforementioned /etc/fstab suggestion. - Building zlib ============= diff --git a/build-scripts/config/polipo-Makefile b/build-scripts/config/polipo-Makefile deleted file mode 100644 index 82e01fe..0000000 --- a/build-scripts/config/polipo-Makefile +++ /dev/null @@ -1,144 +0,0 @@ -BINDIR = $(PREFIX)/bin -MANDIR = $(PREFIX)/man -INFODIR = $(PREFIX)/info -LOCAL_ROOT = $(PREFIX)/usr/share/polipo/www -DISK_CACHE_ROOT = $(PREFIX)/var/cache/polipo - -# To compile with Unix CC: - -# CDEBUGFLAGS=-O - -# To compile with GCC: - -# CC = gcc -# CDEBUGFLAGS = -Os -g -Wall -std=gnu99 -CDEBUGFLAGS = -Os -g -Wall -# CDEBUGFLAGS = -Os -Wall -# CDEBUGFLAGS = -g -Wall - -# To compile on a pure POSIX system: - -# CC = c89 -# CC = c99 -# CDEBUGFLAGS=-O - -# To compile with icc 7, you need -restrict. (Their bug.) - -# CC=icc -# CDEBUGFLAGS = -O -restrict - -# On System V (Solaris, HP/UX) you need the following: - -# PLATFORM_DEFINES = -DSVR4 - -# On Solaris, you need the following: - -# LDLIBS = -lsocket -lnsl -lresolv - -# On mingw, you need - -# EXE=.exe -# LDLIBS = -lwsock32 - -FILE_DEFINES = -DLOCAL_ROOT=\"$(LOCAL_ROOT)/\" \ - -DNO_DISK_CACHE - -# You may optionally also add any of the following to DEFINES: -# -# -DNO_DISK_CACHE to compile out the on-disk cache and local web server; -# -DNO_IPv6 to avoid using the RFC 3493 API and stick to stock -# Berkeley sockets; -# -DHAVE_IPv6 to force the use of the RFC 3493 API on systems other -# than GNU/Linux and BSD (let me know if it works); -# -DNO_FANCY_RESOLVER to compile out the asynchronous name resolution -# code; -# -DNO_STANDARD_RESOLVER to compile out the code that falls back to -# gethostbyname/getaddrinfo when DNS requests fail; -# -DNO_TUNNEL to compile out the code that handles CONNECT requests; -# -DNO_SOCKS to compile out the SOCKS gateway code. -# -DNO_FORBIDDEN to compile out the all of the forbidden URL code -# -DNO_REDIRECTOR to compile out the Squid-style redirector code -# -DNO_SYSLOG to compile out logging to syslog - -DEFINES = $(FILE_DEFINES) $(PLATFORM_DEFINES) - -CFLAGS = $(MD5INCLUDES) $(CDEBUGFLAGS) $(DEFINES) $(EXTRA_DEFINES) - -SRCS = util.c event.c io.c chunk.c atom.c object.c log.c diskcache.c main.c \ - config.c local.c http.c client.c server.c auth.c tunnel.c \ - http_parse.c parse_time.c dns.c forbidden.c \ - md5import.c md5.c ftsimport.c fts_compat.c socks.c mingw.c - -OBJS = util.o event.o io.o chunk.o atom.o object.o log.o diskcache.o main.o \ - config.o local.o http.o client.o server.o auth.o tunnel.o \ - http_parse.o parse_time.o dns.o forbidden.o \ - md5import.o ftsimport.o socks.o mingw.o - -polipo$(EXE): $(OBJS) - $(CC) $(CFLAGS) $(LDFLAGS) -o polipo$(EXE) $(OBJS) $(MD5LIBS) $(LDLIBS) - -ftsimport.o: ftsimport.c fts_compat.c - -md5import.o: md5import.c md5.c - -.PHONY: all install install.binary install.man - -all: polipo$(EXE) polipo.info html/index.html localindex.html - -install: install.binary install.man - -install.binary: all - mkdir -p $(TARGET)$(BINDIR) - mkdir -p $(TARGET)$(LOCAL_ROOT) - mkdir -p $(TARGET)$(LOCAL_ROOT)/doc - rm -f $(TARGET)$(BINDIR)/polipo - cp -f polipo $(TARGET)$(BINDIR)/ - cp -f html/* $(TARGET)$(LOCAL_ROOT)/doc - cp -f localindex.html $(TARGET)$(LOCAL_ROOT)/index.html - -install.man: all - mkdir -p $(TARGET)$(MANDIR)/man1 - mkdir -p $(TARGET)$(INFODIR) - cp -f polipo.man $(TARGET)$(MANDIR)/man1/polipo.1 - cp polipo.info $(TARGET)$(INFODIR)/ - install-info --info-dir=$(TARGET)$(INFODIR) polipo.info - - -polipo.info: polipo.texi - makeinfo polipo.texi - -html/index.html: polipo.texi - mkdir -p html - makeinfo --html -o html polipo.texi - -polipo.html: polipo.texi - makeinfo --html --no-split --no-headers -o polipo.html polipo.texi - -polipo.pdf: polipo.texi - texi2pdf polipo.texi - -polipo.ps.gz: polipo.ps - gzip -c polipo.ps > polipo.ps.gz - -polipo.ps: polipo.dvi - dvips -Pwww -o polipo.ps polipo.dvi - -polipo.dvi: polipo.texi - texi2dvi polipo.texi - -polipo.man.html: polipo.man - groff -man -Thtml polipo.man > polipo.man.html - -TAGS: $(SRCS) - etags $(SRCS) - -.PHONY: clean - -clean: - -rm -f polipo$(EXE) *.o *~ core TAGS gmon.out - -rm -f polipo.cp polipo.fn polipo.log polipo.vr - -rm -f polipo.cps polipo.info* polipo.pg polipo.toc polipo.vrs - -rm -f polipo.aux polipo.dvi polipo.ky polipo.ps polipo.tp - -rm -f polipo.dvi polipo.ps polipo.ps.gz polipo.pdf polipo.html - -rm -rf ./html/ - -rm -f polipo.man.html diff --git a/build-scripts/config/polipo.conf b/build-scripts/config/polipo.conf deleted file mode 100644 index 32850f6..0000000 --- a/build-scripts/config/polipo.conf +++ /dev/null @@ -1,161 +0,0 @@ -### Basic configuration -### ******************* - -# Uncomment one of these if you want to allow remote clients to -# connect: - -# proxyAddress = "::0" # both IPv4 and IPv6 -# proxyAddress = "0.0.0.0" # IPv4 only - -proxyAddress = "127.0.0.1" -proxyPort = 8118 - -# If you do that, you'll want to restrict the set of hosts allowed to -# connect: - -# allowedClients = "127.0.0.1, 134.157.168.57" -# allowedClients = "127.0.0.1, 134.157.168.0/24" - -allowedClients = 127.0.0.1 -allowedPorts = 1-65535 - -# Uncomment this if you want your Polipo to identify itself by -# something else than the host name: - -proxyName = "localhost" - -# Uncomment this if there's only one user using this instance of Polipo: - -cacheIsShared = false - -# Uncomment this if you want to use a parent proxy: - -# parentProxy = "squid.example.org:3128" - -# Uncomment this if you want to use a parent SOCKS proxy: - -socksParentProxy = "localhost:9050" -socksProxyType = socks5 - - -### Memory -### ****** - -# Uncomment this if you want Polipo to use a ridiculously small amount -# of memory (a hundred C-64 worth or so): - -# chunkHighMark = 819200 -# objectHighMark = 128 - -# Uncomment this if you've got plenty of memory: - -# chunkHighMark = 50331648 -# objectHighMark = 16384 - -chunkHighMark = 67108864 - -### On-disk data -### ************ - -# Uncomment this if you want to disable the on-disk cache: - -diskCacheRoot = "" - -# Uncomment this if you want to put the on-disk cache in a -# non-standard location: - -# diskCacheRoot = "~/.polipo-cache/" - -# Uncomment this if you want to disable the local web server: - -localDocumentRoot = "" - -# Uncomment this if you want to enable the pages under /polipo/index? -# and /polipo/servers?. This is a serious privacy leak if your proxy -# is shared. - -# disableIndexing = false -# disableServersList = false - -disableLocalInterface = true -disableConfiguration = true - -### Domain Name System -### ****************** - -# Uncomment this if you want to contact IPv4 hosts only (and make DNS -# queries somewhat faster): -# -# dnsQueryIPv6 = no - -# Uncomment this if you want Polipo to prefer IPv4 to IPv6 for -# double-stack hosts: -# -# dnsQueryIPv6 = reluctantly - -# Uncomment this to disable Polipo's DNS resolver and use the system's -# default resolver instead. If you do that, Polipo will freeze during -# every DNS query: - -dnsUseGethostbyname = yes - - -### HTTP -### **** - -# Uncomment this if you want to enable detection of proxy loops. -# This will cause your hostname (or whatever you put into proxyName -# above) to be included in every request: - -disableVia = true - -# Uncomment this if you want to slightly reduce the amount of -# information that you leak about yourself: - -# censoredHeaders = from, accept-language -# censorReferer = maybe - -censoredHeaders = from,accept-language,x-pad,link -censorReferer = maybe - -# Uncomment this if you're paranoid. This will break a lot of sites, -# though: - -# censoredHeaders = set-cookie, cookie, cookie2, from, accept-language -# censorReferer = true - -# Uncomment this if you want to use Poor Man's Multiplexing; increase -# the sizes if you're on a fast line. They should each amount to a few -# seconds' worth of transfer; if pmmSize is small, you'll want -# pmmFirstSize to be larger. - -# Note that PMM is somewhat unreliable. - -# pmmFirstSize = 16384 -# pmmSize = 8192 - -# Uncomment this if your user-agent does something reasonable with -# Warning headers (most don't): - -# relaxTransparency = maybe - -# Uncomment this if you never want to revalidate instances for which -# data is available (this is not a good idea): - -# relaxTransparency = yes - -# Uncomment this if you have no network: - -# proxyOffline = yes - -# Uncomment this if you want to avoid revalidating instances with a -# Vary header (this is not a good idea): - -# mindlesslyCacheVary = true - -# Suggestions from Incognito configuration -maxConnectionAge = 5m -maxConnectionRequests = 120 -serverMaxSlots = 8 -serverSlots = 2 -tunnelAllowedPorts = 1-65535 diff --git a/build-scripts/config/vidalia.conf.ff+pidgin b/build-scripts/config/vidalia.conf.ff+pidgin index d5d4a9b..43cb0f2 100644 --- a/build-scripts/config/vidalia.conf.ff+pidgin +++ b/build-scripts/config/vidalia.conf.ff+pidgin @@ -3,8 +3,6 @@ BrowserDirectory=FirefoxPortable BrowserExecutable=tbb-firefox.exe IMExecutable=PidginPortable\\PidginPortable.exe LanguageCode=en -ProxyExecutable=.\\App\\polipo.exe -ProxyExecutableArguments=-c .\\Data\\Polipo\\polipo.conf RunProxyAtStart=true [Tor] diff --git a/build-scripts/config/vidalia.conf.ff+pidgin-linux b/build-scripts/config/vidalia.conf.ff+pidgin-linux index 8354f0b..59d81bd 100644 --- a/build-scripts/config/vidalia.conf.ff+pidgin-linux +++ b/build-scripts/config/vidalia.conf.ff+pidgin-linux @@ -3,8 +3,6 @@ BrowserDirectory=. BrowserExecutable=firefox LanguageCode=en IMExecutable=./App/pidgin -ProxyExecutable=./App/polipo -ProxyExecutableArguments=-c Data/Polipo/polipo.conf RunProxyAtStart=true [Tor] diff --git a/build-scripts/linux.mk b/build-scripts/linux.mk index fb5c7c2..18ce2ba 100644 --- a/build-scripts/linux.mk +++ b/build-scripts/linux.mk @@ -103,14 +103,6 @@ build-tor: build-zlib build-openssl build-libevent $(TOR_DIR) cd $(TOR_DIR) && make install touch build-tor -## Polipo doesn't use autoconf, so we just have to hack their Makefile -## This probably needs to be updated if Polipo ever updates their Makefile -POLIPO_DIR=$(FETCH_DIR)/polipo-$(POLIPO_VER) -POLIPO_MAKEFILE=config/polipo-Makefile -build-polipo: - cp $(POLIPO_MAKEFILE) $(POLIPO_DIR)/Makefile - cd $(POLIPO_DIR) && make && PREFIX=$(FETCH_DIR)/built/ make install.binary - build-pidgin: echo "We're not building pidgin yet!" @@ -143,7 +135,6 @@ QT=$(COMPILED_LIBS) ZLIB=$(COMPILED_LIBS) ## Location of binary bundle components -POLIPO=$(COMPILED_BINS)/polipo TOR=$(COMPILED_BINS)/tor VIDALIA=$(BUILT_DIR)/usr/local/bin/vidalia ## Someday, this will be our custom Firefox @@ -322,7 +313,7 @@ ifeq ($(USE_PIDGIN),1) cp -R $(PIDGIN) $(APPDIR) endif -## Configure Firefox, Vidalia, Polipo and Tor +## Configure Firefox, Vidalia, and Tor configure-apps: ## Configure Firefox preferences mkdir -p $(DEST)/Data/profile/extensions @@ -340,8 +331,6 @@ ifeq ($(USE_PIDGIN),1) else cp config/vidalia.conf.ff-linux $(DEST)/Data/Vidalia/vidalia.conf endif - ## Configure Polipo - #cp config/polipo.conf $(DEST)/Data/Polipo/polipo.conf ## Configure Tor cp config/torrc-linux $(DEST)/Data/Tor/torrc cp $(TOR_DIR)/src/config/geoip $(DEST)/Data/Tor/geoip @@ -354,7 +343,6 @@ launcher: strip-it-stripper: strip $(APPDIR)/tor - #strip $(APPDIR)/polipo strip $(APPDIR)/vidalia strip $(LIBSDIR)/*.so* strip $(LIBSDIR)/libz/*.so* diff --git a/build-scripts/osx.mk b/build-scripts/osx.mk index 8050092..82e0a1b 100644 --- a/build-scripts/osx.mk +++ b/build-scripts/osx.mk @@ -294,7 +294,7 @@ install-docs: install-firefox: cp -R $(FIREFOX) $(APPDIR) -## Configure Firefox, Vidalia, Polipo and Tor +## Configure Firefox, Vidalia, and Tor configure-apps: ## Configure Firefox preferences #mkdir -p $(DEST)/.mozilla/Firefox/firefox.default diff --git a/build-scripts/windows.mk b/build-scripts/windows.mk index ccb7354..28521f0 100644 --- a/build-scripts/windows.mk +++ b/build-scripts/windows.mk @@ -282,7 +282,6 @@ directory-structure: ## Filenames extracted using Dependency Walker <http://www.dependencywalker.com/> install-binaries: cp $(MING)/mingwm10.dll $(APPDIR) - cp $(MING)/libgnurx-0.dll $(APPDIR) cp $(QT_LIB)/QtCore4.dll $(QT_LIB)/QtGui4.dll $(QT_LIB)/QtNetwork4.dll $(QT_LIB)/QtXml4.dll $(QT_LIB)/libgcc_s_dw2-1.dll $(APPDIR) cp $(OPENSSL_LIB)/ssleay32.dll $(APPDIR) cp $(OPENSSL_LIB)/libeay32.dll $(APPDIR) diff --git a/docs/traces.txt b/docs/traces.txt index 1a9b9ca..f81c0cf 100644 --- a/docs/traces.txt +++ b/docs/traces.txt @@ -62,7 +62,7 @@ modified by Tor Browser Bundle. On a Windows XP installation, with Firefox installed, only one registry key is modified: HKLM\Software\Microsoft\Cryptography\RNG\Seed (by vidalia.exe, -tor.exe, FirefoxPortable.exe, firefox.exe, polipo.exe) +tor.exe, FirefoxPortable.exe, firefox.exe) Without Firefox installed, there appears to be no difference, although it is difficult to be certain since Windows makes changes to a large diff --git a/src/osx-sandboxes/polipo-sandbox/polipo-10.5.sb b/src/osx-sandboxes/polipo-sandbox/polipo-10.5.sb deleted file mode 100755 index a1bf44e..0000000 --- a/src/osx-sandboxes/polipo-sandbox/polipo-10.5.sb +++ /dev/null @@ -1,70 +0,0 @@ -;; MacOSX Sandbox profile for bundled polipo -;; -;; Copyright 2010 Robert Malmgren AB. All rights reserved. -;; -;; Redistribution and use in source and binary forms, with or without modification, are -;; permitted provided that the following conditions are met: -;; -;; 1. Redistributions of source code must retain the above copyright notice, this list of -;; conditions and the following disclaimer. -;; -;; 2. Redistributions in binary form must reproduce the above copyright notice, this list -;; of conditions and the following disclaimer in the documentation and/or other materials -;; provided with the distribution. -;; -;; THIS SOFTWARE IS PROVIDED BY Robert Malmgren AB ``AS IS'' AND ANY EXPRESS OR IMPLIED -;; WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND -;; FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> OR -;; CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -;; CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -;; SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON -;; ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING -;; NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF -;; ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -;; -;; The views and conclusions contained in the software and documentation are those of the -;; authors and should not be interpreted as representing official policies, either expressed -;; or implied, of Robert Malmgren AB. -;; -;; Written by andreas@romab.com -(version 1) - -(deny default) -(debug deny) - -(allow file-read-data - (literal "POLIPODIR/Contents/Resources/Data/Polipo/polipo.conf") - (literal "/dev/dtracehelper") - (literal "/dev/null") - (literal "/dev/urandom") - (literal "/private/var/run/resolv.conf") - (regex "^/usr/share/.*")) - -(allow file-read-metadata - (literal "/etc") - (literal "/private/etc/localtime") - (literal "/private/etc/resolv.conf") - (literal "/var") - (regex "^/usr/lib/*")) - -(allow file-write-data - (literal "/dev/dtracehelper")) - -(allow ipc-posix-shm) - -(allow mach-lookup - (global-name "com.apple.system.DirectoryService.libinfo_v1") - (global-name "com.apple.system.DirectoryService.membership_v1") - (global-name "com.apple.system.notification_center")) - -(allow network-inbound) - ; doesnt work for some reason. - ;(to tcp "localhost:8118")) - -(allow network-outbound - (to tcp "localhost:9050")) - -(allow process-exec - (literal "POLIPODIR/Contents/MacOS/polipo-bin")) - -(allow sysctl-read) diff --git a/src/osx-sandboxes/polipo-sandbox/polipo-wrapper b/src/osx-sandboxes/polipo-sandbox/polipo-wrapper deleted file mode 100755 index 8ae61dc..0000000 --- a/src/osx-sandboxes/polipo-sandbox/polipo-wrapper +++ /dev/null @@ -1,70 +0,0 @@ -#!/bin/bash -# Startup script, MacOSX Sandbox profile for tor -# -# Copyright 2010 Robert Malmgren AB. All rights reserved. -# -# Redistribution and use in source and binary forms, with or without modification, are -# permitted provided that the following conditions are met: -# -# 1. Redistributions of source code must retain the above copyright notice, this list of -# conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright notice, this list -# of conditions and the following disclaimer in the documentation and/or other materials -# provided with the distribution. -# -# THIS SOFTWARE IS PROVIDED BY Robert Malmgren AB ``AS IS'' AND ANY EXPRESS OR IMPLIED -# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND -# FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> OR -# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON -# ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING -# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF -# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -# -# The views and conclusions contained in the software and documentation are those of the -# authors and should not be interpreted as representing official policies, either expressed -# or implied, of Robert Malmgren AB. -# written by andreas@romab.com - -# tbb launchit script. -# this script launches polipo within the macosx sandbox. -# as we do not know where the user will install the tbb, we need -# to do some search and replace. -# -# Also, we will need to accept arguments comming from vidalia. -# -SW_VERS=/usr/bin/sw_vers -CUT=/usr/bin/cut -LSOF=/usr/sbin/lsof -AWK=/usr/bin/awk -TAIL=/usr/bin/tail -SED=/usr/bin/sed - -#find out osx version. - -VERSION=`$SW_VERS -productVersion| $CUT -f1,2 -d .` -DIR=`$LSOF -p $$|$TAIL -1| $AWK '{ print $NF }' | $SED s/[^/]*$//` -TDIR=`echo $DIR| $SED -e 's=Contents/MacOS/==g'` -TORAPPDIR=`echo $TDIR | $SED -e 's/\/$//g'` - -if [ "$VERSION"x = "10.6"x ]; then - #we know we use 10.6 fix the sandbox, do some search and replace - #and find current dir and the rebuild the sandbox - - #determine current dir. - #nuke the old sandbox - echo > $DIR/polipo-sandbox/polipo-bin.sb - #fix some stuff in the sandbox - $SED -e "s=POLIPODIR=$TORAPPDIR=g" $DIR/polipo-sandbox/polipo.sb >> $DIR/polipo-sandbox/polipo-bin.sb - /usr/bin/sandbox-exec -f $DIR/polipo-sandbox/polipo-bin.sb ${DIR}/polipo-bin $@ -fi - -if [ "$VERSION"x = "10.5"x ]; then - #10.5 use the policy written for 10.5 - #nuke the old sandbox - echo > $DIR/polipo-sandbox/polipo-bin.sb - $SED -e "s=POLIPODIR=$TORAPPDIR=g" $DIR/polipo-sandbox/polipo-10.5.sb >> $DIR/polipo-sandbox/polipo-bin.sb - /usr/bin/sandbox-exec -f $DIR/polipo-sandbox/polipo-bin.sb ${DIR}/polipo-bin $@ -fi diff --git a/src/osx-sandboxes/polipo-sandbox/polipo.sb b/src/osx-sandboxes/polipo-sandbox/polipo.sb deleted file mode 100644 index 3676c8e..0000000 --- a/src/osx-sandboxes/polipo-sandbox/polipo.sb +++ /dev/null @@ -1,71 +0,0 @@ -;; MacOSX Sandbox profile for bundled polipo -;; -;; Copyright 2010 Robert Malmgren AB. All rights reserved. -;; -;; Redistribution and use in source and binary forms, with or without modification, are -;; permitted provided that the following conditions are met: -;; -;; 1. Redistributions of source code must retain the above copyright notice, this list of -;; conditions and the following disclaimer. -;; -;; 2. Redistributions in binary form must reproduce the above copyright notice, this list -;; of conditions and the following disclaimer in the documentation and/or other materials -;; provided with the distribution. -;; -;; THIS SOFTWARE IS PROVIDED BY Robert Malmgren AB ``AS IS'' AND ANY EXPRESS OR IMPLIED -;; WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND -;; FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> OR -;; CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -;; CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -;; SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON -;; ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING -;; NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF -;; ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -;; -;; The views and conclusions contained in the software and documentation are those of the -;; authors and should not be interpreted as representing official policies, either expressed -;; or implied, of Robert Malmgren AB. -;; -;; Written by andreas@romab.com -(version 1) - -(deny default) - -(allow file-ioctl - (literal "/dev/dtracehelper")) - -(allow file-read-data - (literal "POLIPODIR/Contents/Resources/Data/Polipo/polipo.conf") - (literal "/dev/dtracehelper") - (literal "/dev/null") - (literal "/dev/urandom") - (literal "/private/var/run/resolv.conf") - (subpath "/usr/share")) - -(allow file-read-metadata - (literal "/etc") - (literal "/private/etc/localtime") - (literal "/private/etc/resolv.conf") - (literal "/var") - (subpath "/usr/lib")) - -(allow file-write-data - (literal "/dev/dtracehelper")) - -(allow ipc-posix-shm) - -(allow mach-lookup - (global-name "com.apple.system.DirectoryService.libinfo_v1") - (global-name "com.apple.system.DirectoryService.membership_v1") - (global-name "com.apple.system.notification_center")) - -(allow network-inbound - (local tcp "localhost:8118")) - -(allow network-outbound - (remote tcp "localhost:9050")) - -(allow process-exec - (literal "POLIPODIR/Contents/MacOS/polipo-bin")) - -(allow sysctl-read)