Pier Angelo Vendrame pushed to branch tor-browser-115.2.0esr-13.0-1 at The Tor Project / Applications / Tor Browser
Commits: 3fe30891 by clairehurst at 2023-08-31T03:24:27+00:00 fixup! Bug 41089: Add tor-browser build scripts + Makefile to tor-browser
Bug 42035: Update tools/torbrowser/ scripts to support macOS dev environment
- - - - - a3e812a8 by clairehurst at 2023-08-31T03:24:27+00:00 fixup! Base Browser's .mozconfigs.
Bug 42035: Update mozconfig for macos development
- - - - - ee028c84 by clairehurst at 2023-08-31T03:24:27+00:00 fixup! TB3: Tor Browser's official .mozconfigs.
Bug 42035: update mozconfig for macos development
- - - - -
5 changed files:
- + mozconfig-macos-dev - tools/torbrowser/Makefile - + tools/torbrowser/browser-self-sign-macos.sh - tools/torbrowser/deploy.sh - tools/torbrowser/fetch.sh
Changes:
===================================== mozconfig-macos-dev ===================================== @@ -0,0 +1,24 @@ +. $topsrcdir/browser/config/mozconfigs/tor-browser + +# This mozconfig file is not used in official builds. +# It is only intended to be used when doing incremental macOS builds +# during development. + +ac_add_options --disable-strip +ac_add_options --disable-install-strip + +# See bug #13379 +ac_add_options --enable-nss-mar + +# See bug #41131 +ac_add_options --disable-update-agent + +ac_add_options --with-relative-data-dir=../TorBrowser-Data/Browser + +#copied from the diff between mozconfig-linux-x86_64 and mozconfig-linux-x86_64-dev +export MOZILLA_OFFICIAL= +export MOZ_APP_REMOTINGNAME="Tor Browser Dev" + +ac_add_options --with-branding=browser/branding/tb-nightly +ac_add_options --with-base-browser-version=dev-build +ac_add_options --disable-base-browser-update
===================================== tools/torbrowser/Makefile ===================================== @@ -1,11 +1,30 @@ .DEFAULT_GOAL := all
# https://stackoverflow.com/questions/18136918/how-to-get-current-relative-dir... -mkfile_path := $(shell dirname $(realpath $(firstword $(MAKEFILE_LIST)))) - -DEV_ROOT = $(mkfile_path)/../.. -BINARIES = $(DEV_ROOT)/.binaries -BUILD_OUTPUT = $(DEV_ROOT)/obj-x86_64-pc-linux-gnu +mkfile_path := "$(shell dirname $(realpath $(firstword $(MAKEFILE_LIST))))" + +DEV_ROOT = "$(mkfile_path)/../.." +BINARIES = "$(DEV_ROOT)/.binaries" +ARCHITECTURE = "$(shell uname -m)" + +# Correct the architecture naming for ARM to match what mozilla has +ifeq ($(ARCHITECTURE), "arm64") + ARCHITECTURE = "aarch64" +endif + +# Define build output path based on the platform. +ifeq ("$(shell uname)", "Darwin") + BUILD_OUTPUT = "$(DEV_ROOT)/obj-$(ARCHITECTURE)-apple-darwin$(shell uname -r)" +else + BUILD_OUTPUT = "$(DEV_ROOT)/obj-$(ARCHITECTURE)-pc-linux-gnu" +endif + +# Define the run command based on the platform. +ifeq ("$(shell uname)", "Darwin") + RUN_CMD := cd "$(BINARIES)/Tor Browser.app/Contents/MacOS/" && ./firefox +else + RUN_CMD := "$(BINARIES)/dev/Browser/start-tor-browser" -v $(ARGS) +endif
config: ./config.sh $(DEV_ROOT) @@ -34,7 +53,7 @@ fat-aar: all: build deploy
run: - $(BINARIES)/dev/Browser/start-tor-browser -v $(ARGS) + $(RUN_CMD)
jslint: ./jslint.sh $(DEV_ROOT) $(JS)
===================================== tools/torbrowser/browser-self-sign-macos.sh ===================================== @@ -0,0 +1,110 @@ +#!/bin/bash + +CERTNAME=my-codesign-cert-tor +BROWSERPATH=. + +if [ $# -ge 1 ] +then + BROWSERPATH=$1 +fi + + +security find-certificate -c $CERTNAME > /dev/null + +if [ $? -ne 0 ] +then + echo "" + echo "ERROR: Self Signing Certificate not found, please create:" + echo " 1. In the Keychain Access app on your Mac, choose Keychain Access > Certificate Assistant > Create a Certificate." + echo " 2. Enter the name '$CERTNAME' for the certificate" + echo " 3. Choose an identity type: Self Signed Root" + echo " 4. Certificate Type > Code Signing" + echo " 5. Check 'Let me override defaults' & click Continue." + echo " 6. Enter a unique Serial Number. (123 is fine)" + echo " 7. Enter a big Validity Period (days), like 3560 & click Continue." + echo " 8. Fill in your personal information & click Continue." + echo " 9. Accept defaults for the rest of the dialog boxes. (Continue several times)" + echo " 10. Certificate Created! Click Done." + echo "" + echo "For additional help see:" + echo " https://support.apple.com/en-ca/guide/keychain-access/kyca8916/mac" + echo " https://stackoverflow.com/questions/58356844/what-are-the-ways-or-technologi..." + + echo "" + read -n 1 -r -s -p $'Press enter to launch "Keychain Access"...\n' + open /System/Applications/Utilities/Keychain\ Access.app + + exit -1 +fi + +echo "Found $CERTNAME, looking for browser to sign..." + +if [ ! -f "$BROWSERPATH/XUL" ] +then + TESTPATH="$BROWSERPATH/Contents/MacOS" + if [ -f "$TESTPATH/XUL" ] + then + BROWSERPATH=$TESTPATH + else + echo "Error: browser files not detected in $BROWSERPATH!" + echo " This script needs to be run in the 'Contents/MacOS' directory of a SomeBrowser.app directory" + exit -1 + fi +fi + +echo "Mozilla based browser found, signing..." +echo ' Will be asked for password to certificate for all the things that need to be signed. Click "Always Allow" to automate' + +cd "$BROWSERPATH" + +codesign -s $CERTNAME *.dylib +codesign -s $CERTNAME plugin-container.app + +if [ -d Tor ] +then + codesign -s $CERTNAME Tor/PluggableTransports/* + codesign -s $CERTNAME Tor/libevent-2.1.7.dylib + if [ -f Tor/tor.real ] + then + codesign -s $CERTNAME Tor/tor.real + fi + if [ -f Tor/tor ] + then + codesign -s $CERTNAME Tor/tor + fi +fi + +codesign -s $CERTNAME XUL + +if [ -d updater.app ] +then + codesign -s $CERTNAME updater.app +fi + +# mullvadbrowser +if [ -f mullvadbrowser ] +then + codesign -s $CERTNAME mullvadbrowser +fi + +# BB or TB +if [ -f firefox ] +then + codesign -s $CERTNAME firefox +fi + +echo "" +echo "Browser signing step done!" +echo "" + +echo "App still needs one more override to be easily opened with double click in Finder" +echo "Alternatively you can right click it, select 'Open' and then select 'Open' from the override popup" +echo "Or to enable it to be double clicked to open perform the following" +echo "" +echo "Double click the app and select either 'Ok' or 'Cancel' from the warning popup depending on which you get (Do Not 'Move to Trash')" +echo 'Go to Preferences -> Security & Privacy and click on padlock to allow changes. ' +echo ' Then in "Allow appications downloaded from" select either:' +echo ' - App Store and identified developers' +echo ' - Anywhere' +echo ' Below that may be a notice about your specific app saying it was blocked because it was not from an identified developer. Click "Open Anyways" and "Open"' +
===================================== tools/torbrowser/deploy.sh ===================================== @@ -1,30 +1,50 @@ #!/bin/bash set -e -BINARIES=$1 -BUILD_OUTPUT=$2
-SCRIPT_DIR=$(realpath "$(dirname "$0")") +BINARIES="$1" +BUILD_OUTPUT="$2" +SCRIPT_DIR="$(realpath "$(dirname "$0")")" + +RESDIR="$BUILD_OUTPUT/dist/firefox" +if [ "$(uname)" = "Darwin" ]; then + RESDIR="$RESDIR/Tor Browser.app/Contents/Resources" +fi
# Add built-in bridges -mkdir -p $BUILD_OUTPUT/_omni/defaults/preferences -cat $BUILD_OUTPUT/dist/bin/browser/defaults/preferences/000-tor-browser.js $SCRIPT_DIR/bridges.js >> $BUILD_OUTPUT/_omni/defaults/preferences/000-tor-browser.js -cd $BUILD_OUTPUT/_omni && zip -Xmr $BUILD_OUTPUT/dist/firefox/browser/omni.ja defaults/preferences/000-tor-browser.js -rm -rf $BUILD_OUTPUT/_omni +mkdir -p "$BUILD_OUTPUT/_omni/defaults/preferences" +cat "$BUILD_OUTPUT/dist/bin/browser/defaults/preferences/000-tor-browser.js" "$SCRIPT_DIR/bridges.js" >> "$BUILD_OUTPUT/_omni/defaults/preferences/000-tor-browser.js" +cd "$BUILD_OUTPUT/_omni" +zip -Xmr "$RESDIR/browser/omni.ja" "defaults/preferences/000-tor-browser.js" +rm -rf "$BUILD_OUTPUT/_omni"
# Repackage the manual # rm -rf $BUILD_OUTPUT/_omni # mkdir $BUILD_OUTPUT/_omni # unzip $BINARIES/dev/Browser/browser/omni.ja -d $BUILD_OUTPUT/_omni -# cd $BUILD_OUTPUT/_omni && zip -Xmr $BUILD_OUTPUT/dist/firefox/browser/omni.ja chrome/browser/content/browser/manual +# cd $BUILD_OUTPUT/_omni && zip -Xmr $RESDIR/browser/omni.ja chrome/browser/content/browser/manual # rm -rf $BUILD_OUTPUT/_omni
-# backup the startup script -mv $BINARIES/dev/Browser/firefox $BINARIES/dev/Browser/firefox.bak +if [ "$(uname)" = "Darwin" ]; then + + # copy binaries + cp -r "$BUILD_OUTPUT/dist/firefox/Tor Browser.app/Contents/"* "$BINARIES/Tor Browser.app/Contents/" + rm -rf "$BINARIES/TorBrowser-Data/Browser/Caches/*.default/startupCache" + + # Self sign the Binaries + cd "$BINARIES/Tor Browser.app/Contents/MacOS" + "$SCRIPT_DIR/browser-self-sign-macos.sh" + + else + + # backup the startup script + mv "$BINARIES/dev/Browser/firefox" "$BINARIES/dev/Browser/firefox.bak" + + # copy binaries + cp -r "$RESDIR/"* "$BINARIES/dev/Browser" + rm -rf "$BINARIES/dev/Browser/TorBrowser/Data/Browser/profile.default/startupCache"
-# copy binaries -cp -r $BUILD_OUTPUT/dist/firefox/* $BINARIES/dev/Browser -rm -rf $BINARIES/dev/Browser/TorBrowser/Data/Browser/profile.default/startupCache + # shuffle firefox bin around and restore script to match a real deployment + mv "$BINARIES/dev/Browser/firefox" "$BINARIES/dev/Browser/firefox.real" + mv "$BINARIES/dev/Browser/firefox.bak" "$BINARIES/dev/Browser/firefox"
-# shuffle firefox bin around and restore script to match a real deployment -mv $BINARIES/dev/Browser/firefox $BINARIES/dev/Browser/firefox.real -mv $BINARIES/dev/Browser/firefox.bak $BINARIES/dev/Browser/firefox +fi
===================================== tools/torbrowser/fetch.sh ===================================== @@ -1,30 +1,40 @@ #!/bin/sh set -e
-BINARIES_DIR=$1 +BINARIES_DIR="$1"
# download the current downloads.json wget https://aus1.torproject.org/torbrowser/update_3/alpha/downloads.json -# get url for latest alpha linux en_US package +# get url for latest alpha linux package TOR_BROWSER_VERSION=$(grep -Eo ""version":"[0-9.a]+"" downloads.json | grep -Eo "[0-9.a]+") -TOR_BROWSER_PACKAGE="tor-browser-linux64-${TOR_BROWSER_VERSION}_ALL.tar.xz" +if [ "$(uname)" = "Darwin" ]; then + TOR_BROWSER_PACKAGE="tor-browser-macos-${TOR_BROWSER_VERSION}.dmg" + else + TOR_BROWSER_PACKAGE="tor-browser-linux-x86_64-${TOR_BROWSER_VERSION}.tar.xz" +fi TOR_BROWSER_PACKAGE_URL="https://dist.torproject.org/torbrowser/$%7BTOR_BROWSER_VERSION%7D/$%7BTOR_BR..."
# remove download manifest rm downloads.json
# clear out previous tor-browser and previous package -rm -rf "${BINARIES_DIR}/dev" +rm -rf "${BINARIES_DIR}" rm -f "${TOR_BROWSER_PACKAGE}"
# download -rm -f "${TOR_BROWSER_PACKAGE}" wget "${TOR_BROWSER_PACKAGE_URL}" mkdir -p "${BINARIES_DIR}"
# and extract -tar -xf ${TOR_BROWSER_PACKAGE} -C "${BINARIES_DIR}" -mv "${BINARIES_DIR}/tor-browser" "${BINARIES_DIR}/dev" +if [ "$(uname)" = "Darwin" ] + then + hdiutil attach "${TOR_BROWSER_PACKAGE}" + cp -R "/Volumes/Tor Browser/Tor Browser.app" "${BINARIES_DIR}" + hdiutil detach "/Volumes/Tor Browser" + else + tar -xf "${TOR_BROWSER_PACKAGE}" -C "${BINARIES_DIR}" + mv "${BINARIES_DIR}/tor-browser" "${BINARIES_DIR}/dev" +fi
-# cleanup +# Final cleanup rm -f "${TOR_BROWSER_PACKAGE}"
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/7eaa9c2...