[tor-commits] [meek/master] Bug 18371: symlinks incompatible with Gatekeeper signing
dcf at torproject.org
dcf at torproject.org
Thu Jul 21 22:58:40 UTC 2016
commit f256d56828e7246326fac6cb9b74d8c8c8ef0775
Author: Kathy Brade <brade at pearlcrescent.com>
Date: Mon Mar 7 12:36:28 2016 -0500
Bug 18371: symlinks incompatible with Gatekeeper signing
Use the regular Tor Browser instead of a symlinked copy and pass a
--invisible option to firefox. Tor Browser will be patched to
recognize that flag and hide the Mac OS dock icon as soon as possible.
Also, fix meek-client-torbrowser's embedded paths to match Tor Browser's
new Mac OS directory structure and create the meek-http-helper browser
profile on-the-fly by copying files from a template.
---
meek-client-torbrowser/linux.go | 5 +-
meek-client-torbrowser/mac.go | 11 +--
meek-client-torbrowser/meek-client-torbrowser.go | 105 ++++++++++++++++++++++-
meek-client-torbrowser/windows.go | 5 +-
4 files changed, 115 insertions(+), 11 deletions(-)
diff --git a/meek-client-torbrowser/linux.go b/meek-client-torbrowser/linux.go
index 7a85d82..c95f264 100644
--- a/meek-client-torbrowser/linux.go
+++ b/meek-client-torbrowser/linux.go
@@ -6,6 +6,7 @@
package main
const (
- firefoxPath = "./firefox"
- firefoxProfilePath = "TorBrowser/Data/Browser/profile.meek-http-helper"
+ firefoxPath = "./firefox"
+ firefoxProfilePath = "TorBrowser/Data/Browser/profile.meek-http-helper"
+ profileTemplatePath = ""
)
diff --git a/meek-client-torbrowser/mac.go b/meek-client-torbrowser/mac.go
index 7eee72d..a2be44c 100644
--- a/meek-client-torbrowser/mac.go
+++ b/meek-client-torbrowser/mac.go
@@ -6,9 +6,10 @@
package main
const (
- // The TorBrowser.app.meek-http-helper directory is a special case for
- // the mac bundle. It is a copy of TorBrowser.app that has a modified
- // Info.plist file so that it doesn't show a dock icon.
- firefoxPath = "PluggableTransports/TorBrowser.app.meek-http-helper/Contents/MacOS/firefox"
- firefoxProfilePath = "../Data/Browser/profile.meek-http-helper"
+ // During startup of meek-client-torbrowser, the browser profile is
+ // created under firefoxProfilePath if it does not exist by making a
+ // recursive copy of everything under profileTemplatePath.
+ firefoxPath = "../firefox"
+ firefoxProfilePath = "../../../../TorBrowser-Data/Tor/PluggableTransports/profile.meek-http-helper"
+ profileTemplatePath = "../../Resources/TorBrowser/Tor/PluggableTransports/template-profile.meek-http-helper"
)
diff --git a/meek-client-torbrowser/meek-client-torbrowser.go b/meek-client-torbrowser/meek-client-torbrowser.go
index 605bc85..8a3809d 100644
--- a/meek-client-torbrowser/meek-client-torbrowser.go
+++ b/meek-client-torbrowser/meek-client-torbrowser.go
@@ -32,6 +32,7 @@ import (
"os/signal"
"path/filepath"
"regexp"
+ "strings"
"syscall"
)
@@ -63,15 +64,115 @@ func logSignal(p *os.Process, sig os.Signal) error {
return err
}
+func copyFile(srcPath string, mode os.FileMode, destPath string) error {
+ inFile, err := os.Open(srcPath)
+ if err != nil {
+ return err
+ }
+
+ defer inFile.Close()
+ outFile, err := os.OpenFile(destPath, os.O_CREATE|os.O_WRONLY|os.O_TRUNC, mode)
+ if err != nil {
+ return err
+ }
+
+ // Always close the destination file before returning.
+ defer func() {
+ closeErr := outFile.Close()
+ if err == nil {
+ err = closeErr
+ }
+ }()
+
+ if _, err = io.Copy(outFile, inFile); err != nil {
+ return err
+ }
+ err = outFile.Sync()
+ return err
+}
+
+// Make sure that the browser profile exists. If it does not exist and if
+// profileTemplatePath is not empty, create it by making a recursive copy of
+// all the files and directories under profileTemplatePath. A safe copy is
+// done by first copying the profile files into a temporary directory and
+// then doing an atomic rename of the temporary directory as the last step.
+func ensureProfileExists(profilePath string) error {
+ _, err := os.Stat(profilePath)
+ if err == nil || os.IsExist(err) {
+ return nil // The profile has already been created.
+ }
+
+ // If profileTemplatePath is not set, we are running on a platform that
+ // expects the profile to already exist.
+ if (profileTemplatePath == "") {
+ return err;
+ }
+
+ log.Printf("creating profile by copying files from %s to %s\n", profileTemplatePath, profilePath)
+ tmpPath, err := ioutil.TempDir(filepath.Dir(profilePath), "tmpMeekProfile")
+ if err != nil {
+ return err
+ }
+ err = os.MkdirAll(tmpPath, os.ModePerm)
+ if err != nil {
+ return err
+ }
+
+ // Remove the temporary directory before returning.
+ defer func() {
+ os.RemoveAll(tmpPath);
+ }()
+
+ templatePath, err := filepath.Abs(profileTemplatePath)
+ if err != nil {
+ return err
+ }
+
+ visit := func(path string, info os.FileInfo, err error) error {
+ relativePath := strings.TrimPrefix(path, templatePath)
+ if (relativePath == "") {
+ return nil // skip the root directory
+ }
+
+ // If relativePath is a directory, create it; if it is a file, copy it.
+ destPath := filepath.Join(tmpPath, relativePath);
+ if (info.IsDir()) {
+ err = os.MkdirAll(destPath, info.Mode())
+ } else {
+ err = copyFile(path, info.Mode(), destPath)
+ }
+
+ return err
+ }
+
+ err = filepath.Walk(templatePath, visit)
+ if err != nil {
+ return err
+ }
+
+ return os.Rename(tmpPath, profilePath);
+}
+
+
// Run firefox and return its exec.Cmd and stdout pipe.
func runFirefox() (cmd *exec.Cmd, stdout io.Reader, err error) {
+ // Mac OS X needs absolute paths for firefox and for the profile.
+ var absFirefoxPath string
+ absFirefoxPath, err = filepath.Abs(firefoxPath)
+ if err != nil {
+ return
+ }
var profilePath string
- // Mac OS X needs an absolute profile path.
profilePath, err = filepath.Abs(firefoxProfilePath)
if err != nil {
return
}
- cmd = exec.Command(firefoxPath, "-no-remote", "-profile", profilePath)
+ err = ensureProfileExists(profilePath)
+ if err != nil {
+ return
+ }
+
+ cmd = exec.Command(absFirefoxPath, "--invisible", "-no-remote", "-profile", profilePath)
cmd.Stderr = os.Stderr
stdout, err = cmd.StdoutPipe()
if err != nil {
diff --git a/meek-client-torbrowser/windows.go b/meek-client-torbrowser/windows.go
index cc69bec..5d87973 100644
--- a/meek-client-torbrowser/windows.go
+++ b/meek-client-torbrowser/windows.go
@@ -6,6 +6,7 @@
package main
const (
- firefoxPath = "./firefox.exe"
- firefoxProfilePath = "TorBrowser/Data/Browser/profile.meek-http-helper"
+ firefoxPath = "./firefox.exe"
+ firefoxProfilePath = "TorBrowser/Data/Browser/profile.meek-http-helper"
+ profileTemplatePath = ""
)
More information about the tor-commits
mailing list