[tbb-commits] [Git][tpo/applications/tor-browser][tor-browser-115.2.0esr-13.0-1] 3 commits: fixup! Bug 41089: Add tor-browser build scripts + Makefile to tor-browser
Pier Angelo Vendrame (@pierov)
git at gitlab.torproject.org
Tue Sep 5 17:52:16 UTC 2023
Pier Angelo Vendrame pushed to branch tor-browser-115.2.0esr-13.0-1 at The Tor Project / Applications / Tor Browser
Commits:
3fe30891 by clairehurst at 2023-08-31T03:24:27+00:00
fixup! Bug 41089: Add tor-browser build scripts + Makefile to tor-browser
Bug 42035: Update tools/torbrowser/ scripts to support macOS dev environment
- - - - -
a3e812a8 by clairehurst at 2023-08-31T03:24:27+00:00
fixup! Base Browser's .mozconfigs.
Bug 42035: Update mozconfig for macos development
- - - - -
ee028c84 by clairehurst at 2023-08-31T03:24:27+00:00
fixup! TB3: Tor Browser's official .mozconfigs.
Bug 42035: update mozconfig for macos development
- - - - -
5 changed files:
- + mozconfig-macos-dev
- tools/torbrowser/Makefile
- + tools/torbrowser/browser-self-sign-macos.sh
- tools/torbrowser/deploy.sh
- tools/torbrowser/fetch.sh
Changes:
=====================================
mozconfig-macos-dev
=====================================
@@ -0,0 +1,24 @@
+. $topsrcdir/browser/config/mozconfigs/tor-browser
+
+# This mozconfig file is not used in official builds.
+# It is only intended to be used when doing incremental macOS builds
+# during development.
+
+ac_add_options --disable-strip
+ac_add_options --disable-install-strip
+
+# See bug #13379
+ac_add_options --enable-nss-mar
+
+# See bug #41131
+ac_add_options --disable-update-agent
+
+ac_add_options --with-relative-data-dir=../TorBrowser-Data/Browser
+
+#copied from the diff between mozconfig-linux-x86_64 and mozconfig-linux-x86_64-dev
+export MOZILLA_OFFICIAL=
+export MOZ_APP_REMOTINGNAME="Tor Browser Dev"
+
+ac_add_options --with-branding=browser/branding/tb-nightly
+ac_add_options --with-base-browser-version=dev-build
+ac_add_options --disable-base-browser-update
=====================================
tools/torbrowser/Makefile
=====================================
@@ -1,11 +1,30 @@
.DEFAULT_GOAL := all
# https://stackoverflow.com/questions/18136918/how-to-get-current-relative-directory-of-your-makefile
-mkfile_path := $(shell dirname $(realpath $(firstword $(MAKEFILE_LIST))))
-
-DEV_ROOT = $(mkfile_path)/../..
-BINARIES = $(DEV_ROOT)/.binaries
-BUILD_OUTPUT = $(DEV_ROOT)/obj-x86_64-pc-linux-gnu
+mkfile_path := "$(shell dirname $(realpath $(firstword $(MAKEFILE_LIST))))"
+
+DEV_ROOT = "$(mkfile_path)/../.."
+BINARIES = "$(DEV_ROOT)/.binaries"
+ARCHITECTURE = "$(shell uname -m)"
+
+# Correct the architecture naming for ARM to match what mozilla has
+ifeq ($(ARCHITECTURE), "arm64")
+ ARCHITECTURE = "aarch64"
+endif
+
+# Define build output path based on the platform.
+ifeq ("$(shell uname)", "Darwin")
+ BUILD_OUTPUT = "$(DEV_ROOT)/obj-$(ARCHITECTURE)-apple-darwin$(shell uname -r)"
+else
+ BUILD_OUTPUT = "$(DEV_ROOT)/obj-$(ARCHITECTURE)-pc-linux-gnu"
+endif
+
+# Define the run command based on the platform.
+ifeq ("$(shell uname)", "Darwin")
+ RUN_CMD := cd "$(BINARIES)/Tor Browser.app/Contents/MacOS/" && ./firefox
+else
+ RUN_CMD := "$(BINARIES)/dev/Browser/start-tor-browser" -v $(ARGS)
+endif
config:
./config.sh $(DEV_ROOT)
@@ -34,7 +53,7 @@ fat-aar:
all: build deploy
run:
- $(BINARIES)/dev/Browser/start-tor-browser -v $(ARGS)
+ $(RUN_CMD)
jslint:
./jslint.sh $(DEV_ROOT) $(JS)
=====================================
tools/torbrowser/browser-self-sign-macos.sh
=====================================
@@ -0,0 +1,110 @@
+#!/bin/bash
+
+CERTNAME=my-codesign-cert-tor
+BROWSERPATH=.
+
+if [ $# -ge 1 ]
+then
+ BROWSERPATH=$1
+fi
+
+
+security find-certificate -c $CERTNAME > /dev/null
+
+if [ $? -ne 0 ]
+then
+ echo ""
+ echo "ERROR: Self Signing Certificate not found, please create:"
+ echo " 1. In the Keychain Access app on your Mac, choose Keychain Access > Certificate Assistant > Create a Certificate."
+ echo " 2. Enter the name '$CERTNAME' for the certificate"
+ echo " 3. Choose an identity type: Self Signed Root"
+ echo " 4. Certificate Type > Code Signing"
+ echo " 5. Check 'Let me override defaults' & click Continue."
+ echo " 6. Enter a unique Serial Number. (123 is fine)"
+ echo " 7. Enter a big Validity Period (days), like 3560 & click Continue."
+ echo " 8. Fill in your personal information & click Continue."
+ echo " 9. Accept defaults for the rest of the dialog boxes. (Continue several times)"
+ echo " 10. Certificate Created! Click Done."
+ echo ""
+ echo "For additional help see:"
+ echo " https://support.apple.com/en-ca/guide/keychain-access/kyca8916/mac"
+ echo " https://stackoverflow.com/questions/58356844/what-are-the-ways-or-technologies-to-sign-an-executable-application-file-in-mac"
+
+ echo ""
+ read -n 1 -r -s -p $'Press enter to launch "Keychain Access"...\n'
+ open /System/Applications/Utilities/Keychain\ Access.app
+
+ exit -1
+fi
+
+echo "Found $CERTNAME, looking for browser to sign..."
+
+if [ ! -f "$BROWSERPATH/XUL" ]
+then
+ TESTPATH="$BROWSERPATH/Contents/MacOS"
+ if [ -f "$TESTPATH/XUL" ]
+ then
+ BROWSERPATH=$TESTPATH
+ else
+ echo "Error: browser files not detected in $BROWSERPATH!"
+ echo " This script needs to be run in the 'Contents/MacOS' directory of a SomeBrowser.app directory"
+ exit -1
+ fi
+fi
+
+echo "Mozilla based browser found, signing..."
+echo ' Will be asked for password to certificate for all the things that need to be signed. Click "Always Allow" to automate'
+
+cd "$BROWSERPATH"
+
+codesign -s $CERTNAME *.dylib
+codesign -s $CERTNAME plugin-container.app
+
+if [ -d Tor ]
+then
+ codesign -s $CERTNAME Tor/PluggableTransports/*
+ codesign -s $CERTNAME Tor/libevent-2.1.7.dylib
+ if [ -f Tor/tor.real ]
+ then
+ codesign -s $CERTNAME Tor/tor.real
+ fi
+ if [ -f Tor/tor ]
+ then
+ codesign -s $CERTNAME Tor/tor
+ fi
+fi
+
+codesign -s $CERTNAME XUL
+
+if [ -d updater.app ]
+then
+ codesign -s $CERTNAME updater.app
+fi
+
+# mullvadbrowser
+if [ -f mullvadbrowser ]
+then
+ codesign -s $CERTNAME mullvadbrowser
+fi
+
+# BB or TB
+if [ -f firefox ]
+then
+ codesign -s $CERTNAME firefox
+fi
+
+echo ""
+echo "Browser signing step done!"
+echo ""
+
+echo "App still needs one more override to be easily opened with double click in Finder"
+echo "Alternatively you can right click it, select 'Open' and then select 'Open' from the override popup"
+echo "Or to enable it to be double clicked to open perform the following"
+echo ""
+echo "Double click the app and select either 'Ok' or 'Cancel' from the warning popup depending on which you get (Do Not 'Move to Trash')"
+echo 'Go to Preferences -> Security & Privacy and click on padlock to allow changes. '
+echo ' Then in "Allow appications downloaded from" select either:'
+echo ' - App Store and identified developers'
+echo ' - Anywhere'
+echo ' Below that may be a notice about your specific app saying it was blocked because it was not from an identified developer. Click "Open Anyways" and "Open"'
+
=====================================
tools/torbrowser/deploy.sh
=====================================
@@ -1,30 +1,50 @@
#!/bin/bash
set -e
-BINARIES=$1
-BUILD_OUTPUT=$2
-SCRIPT_DIR=$(realpath "$(dirname "$0")")
+BINARIES="$1"
+BUILD_OUTPUT="$2"
+SCRIPT_DIR="$(realpath "$(dirname "$0")")"
+
+RESDIR="$BUILD_OUTPUT/dist/firefox"
+if [ "$(uname)" = "Darwin" ]; then
+ RESDIR="$RESDIR/Tor Browser.app/Contents/Resources"
+fi
# Add built-in bridges
-mkdir -p $BUILD_OUTPUT/_omni/defaults/preferences
-cat $BUILD_OUTPUT/dist/bin/browser/defaults/preferences/000-tor-browser.js $SCRIPT_DIR/bridges.js >> $BUILD_OUTPUT/_omni/defaults/preferences/000-tor-browser.js
-cd $BUILD_OUTPUT/_omni && zip -Xmr $BUILD_OUTPUT/dist/firefox/browser/omni.ja defaults/preferences/000-tor-browser.js
-rm -rf $BUILD_OUTPUT/_omni
+mkdir -p "$BUILD_OUTPUT/_omni/defaults/preferences"
+cat "$BUILD_OUTPUT/dist/bin/browser/defaults/preferences/000-tor-browser.js" "$SCRIPT_DIR/bridges.js" >> "$BUILD_OUTPUT/_omni/defaults/preferences/000-tor-browser.js"
+cd "$BUILD_OUTPUT/_omni"
+zip -Xmr "$RESDIR/browser/omni.ja" "defaults/preferences/000-tor-browser.js"
+rm -rf "$BUILD_OUTPUT/_omni"
# Repackage the manual
# rm -rf $BUILD_OUTPUT/_omni
# mkdir $BUILD_OUTPUT/_omni
# unzip $BINARIES/dev/Browser/browser/omni.ja -d $BUILD_OUTPUT/_omni
-# cd $BUILD_OUTPUT/_omni && zip -Xmr $BUILD_OUTPUT/dist/firefox/browser/omni.ja chrome/browser/content/browser/manual
+# cd $BUILD_OUTPUT/_omni && zip -Xmr $RESDIR/browser/omni.ja chrome/browser/content/browser/manual
# rm -rf $BUILD_OUTPUT/_omni
-# backup the startup script
-mv $BINARIES/dev/Browser/firefox $BINARIES/dev/Browser/firefox.bak
+if [ "$(uname)" = "Darwin" ]; then
+
+ # copy binaries
+ cp -r "$BUILD_OUTPUT/dist/firefox/Tor Browser.app/Contents/"* "$BINARIES/Tor Browser.app/Contents/"
+ rm -rf "$BINARIES/TorBrowser-Data/Browser/Caches/*.default/startupCache"
+
+ # Self sign the Binaries
+ cd "$BINARIES/Tor Browser.app/Contents/MacOS"
+ "$SCRIPT_DIR/browser-self-sign-macos.sh"
+
+ else
+
+ # backup the startup script
+ mv "$BINARIES/dev/Browser/firefox" "$BINARIES/dev/Browser/firefox.bak"
+
+ # copy binaries
+ cp -r "$RESDIR/"* "$BINARIES/dev/Browser"
+ rm -rf "$BINARIES/dev/Browser/TorBrowser/Data/Browser/profile.default/startupCache"
-# copy binaries
-cp -r $BUILD_OUTPUT/dist/firefox/* $BINARIES/dev/Browser
-rm -rf $BINARIES/dev/Browser/TorBrowser/Data/Browser/profile.default/startupCache
+ # shuffle firefox bin around and restore script to match a real deployment
+ mv "$BINARIES/dev/Browser/firefox" "$BINARIES/dev/Browser/firefox.real"
+ mv "$BINARIES/dev/Browser/firefox.bak" "$BINARIES/dev/Browser/firefox"
-# shuffle firefox bin around and restore script to match a real deployment
-mv $BINARIES/dev/Browser/firefox $BINARIES/dev/Browser/firefox.real
-mv $BINARIES/dev/Browser/firefox.bak $BINARIES/dev/Browser/firefox
+fi
=====================================
tools/torbrowser/fetch.sh
=====================================
@@ -1,30 +1,40 @@
#!/bin/sh
set -e
-BINARIES_DIR=$1
+BINARIES_DIR="$1"
# download the current downloads.json
wget https://aus1.torproject.org/torbrowser/update_3/alpha/downloads.json
-# get url for latest alpha linux en_US package
+# get url for latest alpha linux package
TOR_BROWSER_VERSION=$(grep -Eo "\"version\":\"[0-9.a]+\"" downloads.json | grep -Eo "[0-9.a]+")
-TOR_BROWSER_PACKAGE="tor-browser-linux64-${TOR_BROWSER_VERSION}_ALL.tar.xz"
+if [ "$(uname)" = "Darwin" ]; then
+ TOR_BROWSER_PACKAGE="tor-browser-macos-${TOR_BROWSER_VERSION}.dmg"
+ else
+ TOR_BROWSER_PACKAGE="tor-browser-linux-x86_64-${TOR_BROWSER_VERSION}.tar.xz"
+fi
TOR_BROWSER_PACKAGE_URL="https://dist.torproject.org/torbrowser/${TOR_BROWSER_VERSION}/${TOR_BROWSER_PACKAGE}"
# remove download manifest
rm downloads.json
# clear out previous tor-browser and previous package
-rm -rf "${BINARIES_DIR}/dev"
+rm -rf "${BINARIES_DIR}"
rm -f "${TOR_BROWSER_PACKAGE}"
# download
-rm -f "${TOR_BROWSER_PACKAGE}"
wget "${TOR_BROWSER_PACKAGE_URL}"
mkdir -p "${BINARIES_DIR}"
# and extract
-tar -xf ${TOR_BROWSER_PACKAGE} -C "${BINARIES_DIR}"
-mv "${BINARIES_DIR}/tor-browser" "${BINARIES_DIR}/dev"
+if [ "$(uname)" = "Darwin" ]
+ then
+ hdiutil attach "${TOR_BROWSER_PACKAGE}"
+ cp -R "/Volumes/Tor Browser/Tor Browser.app" "${BINARIES_DIR}"
+ hdiutil detach "/Volumes/Tor Browser"
+ else
+ tar -xf "${TOR_BROWSER_PACKAGE}" -C "${BINARIES_DIR}"
+ mv "${BINARIES_DIR}/tor-browser" "${BINARIES_DIR}/dev"
+fi
-# cleanup
+# Final cleanup
rm -f "${TOR_BROWSER_PACKAGE}"
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/7eaa9c282359d8e40a42d39153b4c826d935699d...ee028c84a590a58757bd228ae1cb33d0fba90b8c
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/7eaa9c282359d8e40a42d39153b4c826d935699d...ee028c84a590a58757bd228ae1cb33d0fba90b8c
You're receiving this email because of your account on gitlab.torproject.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tbb-commits/attachments/20230905/17918c49/attachment-0001.htm>
More information about the tbb-commits
mailing list