[tor-commits] [tor-messenger-build/updater] Update patch for #9173 and add patch for #4234 (Firefox update)

sukhbir at torproject.org sukhbir at torproject.org
Fri Jul 29 17:20:47 UTC 2016


commit 770a2829ba7a84bc0ed910b6ce503d152221f684
Author: Sukhbir Singh <sukhbir at torproject.org>
Date:   Mon Jul 18 12:36:28 2016 -0400

    Update patch for #9173 and add patch for #4234 (Firefox update)
---
 ...ault-Firefox-profile-director-bug-9173.mozpatch |  451 ++++
 .../Firefox-update-process-bug-4234.mozpatch       | 2156 ++++++++++++++++++++
 2 files changed, 2607 insertions(+)

diff --git a/projects/instantbird/Change-the-default-Firefox-profile-director-bug-9173.mozpatch b/projects/instantbird/Change-the-default-Firefox-profile-director-bug-9173.mozpatch
new file mode 100644
index 0000000..4447c70
--- /dev/null
+++ b/projects/instantbird/Change-the-default-Firefox-profile-director-bug-9173.mozpatch
@@ -0,0 +1,451 @@
+From 48068e88b66ba37c725850331d099f10f9d34c90 Mon Sep 17 00:00:00 2001
+From: Kathy Brade <brade at pearlcrescent.com>
+Date: Fri, 18 Oct 2013 15:20:06 -0400
+Subject: Bug #9173: Change the default Firefox profile directory to be
+ TBB-relative.
+
+This should eliminate our need to rely on a wrapper script that
+sets $HOME and launches Firefox with -profile.
+
+diff --git a/toolkit/xre/nsXREDirProvider.cpp b/toolkit/xre/nsXREDirProvider.cpp
+index a828d33..831a373 100644
+--- a/toolkit/xre/nsXREDirProvider.cpp
++++ b/toolkit/xre/nsXREDirProvider.cpp
+@@ -32,6 +32,7 @@
+ #include "nsArrayEnumerator.h"
+ #include "nsEnumeratorUtils.h"
+ #include "nsReadableUtils.h"
++#include "nsXPCOMPrivate.h"  // for XPCOM_FILE_PATH_SEPARATOR
+ #include "mozilla/Services.h"
+ #include "mozilla/Omnijar.h"
+ #include "mozilla/Preferences.h"
+@@ -200,9 +201,6 @@ nsXREDirProvider::GetUserProfilesRootDir(nsIFile** aResult,
+                                      aProfileName, aAppName, aVendorName);
+ 
+   if (NS_SUCCEEDED(rv)) {
+-#if !defined(XP_UNIX) || defined(XP_MACOSX)
+-    rv = file->AppendNative(NS_LITERAL_CSTRING("Profiles"));
+-#endif
+     // We must create the profile directory here if it does not exist.
+     nsresult tmp = EnsureDirectoryExists(file);
+     if (NS_FAILED(tmp)) {
+@@ -225,9 +223,6 @@ nsXREDirProvider::GetUserProfilesLocalDir(nsIFile** aResult,
+                                      aProfileName, aAppName, aVendorName);
+ 
+   if (NS_SUCCEEDED(rv)) {
+-#if !defined(XP_UNIX) || defined(XP_MACOSX)
+-    rv = file->AppendNative(NS_LITERAL_CSTRING("Profiles"));
+-#endif
+     // We must create the profile directory here if it does not exist.
+     nsresult tmp = EnsureDirectoryExists(file);
+     if (NS_FAILED(tmp)) {
+@@ -1245,90 +1240,45 @@ nsresult
+ nsXREDirProvider::GetUserDataDirectoryHome(nsIFile** aFile, bool aLocal)
+ {
+   // Copied from nsAppFileLocationProvider (more or less)
+-  nsresult rv;
++  NS_ENSURE_ARG_POINTER(aFile);
+   nsCOMPtr<nsIFile> localDir;
+ 
+-#if defined(XP_MACOSX)
+-  FSRef fsRef;
+-  OSType folderType;
+-  if (aLocal) {
+-    folderType = kCachedDataFolderType;
+-  } else {
+-#ifdef MOZ_THUNDERBIRD
+-    folderType = kDomainLibraryFolderType;
+-#else
+-    folderType = kApplicationSupportFolderType;
+-#endif
+-  }
+-  OSErr err = ::FSFindFolder(kUserDomain, folderType, kCreateFolder, &fsRef);
+-  NS_ENSURE_FALSE(err, NS_ERROR_FAILURE);
+-
+-  rv = NS_NewNativeLocalFile(EmptyCString(), true, getter_AddRefs(localDir));
++  nsresult rv = GetAppDir()->Clone(getter_AddRefs(localDir));
+   NS_ENSURE_SUCCESS(rv, rv);
+ 
+-  nsCOMPtr<nsILocalFileMac> dirFileMac = do_QueryInterface(localDir);
+-  NS_ENSURE_TRUE(dirFileMac, NS_ERROR_UNEXPECTED);
++  int levelsToRemove = 0; // In FF21+, appDir points to browser subdirectory.
++#if defined(XP_MACOSX)
++  levelsToRemove += 1;
++#endif
++  while (localDir && (levelsToRemove > 0)) {
++    // When crawling up the hierarchy, components named "." do not count.
++    nsAutoCString removedName;
++    rv = localDir->GetNativeLeafName(removedName);
++    NS_ENSURE_SUCCESS(rv, rv);
++    bool didRemove = !removedName.Equals(".");
+ 
+-  rv = dirFileMac->InitWithFSRef(&fsRef);
+-  NS_ENSURE_SUCCESS(rv, rv);
++    // Remove a directory component.
++    nsCOMPtr<nsIFile> parentDir;
++    rv = localDir->GetParent(getter_AddRefs(parentDir));
++    NS_ENSURE_SUCCESS(rv, rv);
++    localDir = parentDir;
+ 
+-  localDir = do_QueryInterface(dirFileMac, &rv);
+-#elif defined(XP_IOS)
+-  nsAutoCString userDir;
+-  if (GetUIKitDirectory(aLocal, userDir)) {
+-    rv = NS_NewNativeLocalFile(userDir, true, getter_AddRefs(localDir));
+-  } else {
+-    rv = NS_ERROR_FAILURE;
+-  }
+-  NS_ENSURE_SUCCESS(rv, rv);
+-#elif defined(XP_WIN)
+-  nsString path;
+-  if (aLocal) {
+-    rv = GetShellFolderPath(CSIDL_LOCAL_APPDATA, path);
+-    if (NS_FAILED(rv))
+-      rv = GetRegWindowsAppDataFolder(aLocal, path);
+-  }
+-  if (!aLocal || NS_FAILED(rv)) {
+-    rv = GetShellFolderPath(CSIDL_APPDATA, path);
+-    if (NS_FAILED(rv)) {
+-      if (!aLocal)
+-        rv = GetRegWindowsAppDataFolder(aLocal, path);
+-    }
++    if (didRemove)
++      --levelsToRemove;
+   }
+-  NS_ENSURE_SUCCESS(rv, rv);
+ 
+-  rv = NS_NewLocalFile(path, true, getter_AddRefs(localDir));
+-#elif defined(MOZ_WIDGET_GONK)
+-  rv = NS_NewNativeLocalFile(NS_LITERAL_CSTRING("/data/b2g"), true,
+-                             getter_AddRefs(localDir));
+-#elif defined(XP_UNIX)
+-  const char* homeDir = getenv("HOME");
+-  if (!homeDir || !*homeDir)
++  if (!localDir)
+     return NS_ERROR_FAILURE;
+ 
+-#ifdef ANDROID /* We want (ProfD == ProfLD) on Android. */
+-  aLocal = false;
+-#endif
++  rv = localDir->AppendRelativeNativePath(NS_LITERAL_CSTRING("TorBrowser"
++                                     XPCOM_FILE_PATH_SEPARATOR "Data"
++                                     XPCOM_FILE_PATH_SEPARATOR "Browser"));
++  NS_ENSURE_SUCCESS(rv, rv);
+ 
+   if (aLocal) {
+-    // If $XDG_CACHE_HOME is defined use it, otherwise use $HOME/.cache.
+-    const char* cacheHome = getenv("XDG_CACHE_HOME");
+-    if (cacheHome && *cacheHome) {
+-      rv = NS_NewNativeLocalFile(nsDependentCString(cacheHome), true,
+-                                 getter_AddRefs(localDir));
+-    } else {
+-      rv = NS_NewNativeLocalFile(nsDependentCString(homeDir), true,
+-                                 getter_AddRefs(localDir));
+-      if (NS_SUCCEEDED(rv))
+-        rv = localDir->AppendNative(NS_LITERAL_CSTRING(".cache"));
+-    }
+-  } else {
+-    rv = NS_NewNativeLocalFile(nsDependentCString(homeDir), true,
+-                               getter_AddRefs(localDir));
++    rv = localDir->AppendNative(NS_LITERAL_CSTRING("Caches"));
++    NS_ENSURE_SUCCESS(rv, rv);
+   }
+-#else
+-#error "Don't know how to get product dir on your platform"
+-#endif
+ 
+   NS_IF_ADDREF(*aFile = localDir);
+   return rv;
+@@ -1541,48 +1491,25 @@ nsXREDirProvider::AppendProfilePath(nsIFile* aFile,
+   }
+ 
+   nsAutoCString profile;
+-  nsAutoCString appName;
+-  nsAutoCString vendor;
+   if (aProfileName && !aProfileName->IsEmpty()) {
+     profile = *aProfileName;
+-  } else if (aAppName) {
+-    appName = *aAppName;
+-    if (aVendorName) {
+-      vendor = *aVendorName;
+-    }
+   } else if (gAppData->profile) {
+     profile = gAppData->profile;
+-  } else {
+-    appName = gAppData->name;
+-    vendor = gAppData->vendor;
+   }
+ 
+-  nsresult rv;
++  nsresult rv = NS_ERROR_FAILURE;
+ 
+ #if defined (XP_MACOSX)
+   if (!profile.IsEmpty()) {
+     rv = AppendProfileString(aFile, profile.get());
++    NS_ENSURE_SUCCESS(rv, rv);
+   }
+-  else {
+-    // Note that MacOS ignores the vendor when creating the profile hierarchy -
+-    // all application preferences directories live alongside one another in
+-    // ~/Library/Application Support/
+-    rv = aFile->AppendNative(appName);
+-  }
+-  NS_ENSURE_SUCCESS(rv, rv);
+ 
+ #elif defined(XP_WIN)
+   if (!profile.IsEmpty()) {
+     rv = AppendProfileString(aFile, profile.get());
++    NS_ENSURE_SUCCESS(rv, rv);
+   }
+-  else {
+-    if (!vendor.IsEmpty()) {
+-      rv = aFile->AppendNative(vendor);
+-      NS_ENSURE_SUCCESS(rv, rv);
+-    }
+-    rv = aFile->AppendNative(appName);
+-  }
+-  NS_ENSURE_SUCCESS(rv, rv);
+ 
+ #elif defined(ANDROID)
+   // The directory used for storing profiles
+@@ -1594,12 +1521,6 @@ nsXREDirProvider::AppendProfilePath(nsIFile* aFile,
+   rv = aFile->AppendNative(nsDependentCString("mozilla"));
+   NS_ENSURE_SUCCESS(rv, rv);
+ #elif defined(XP_UNIX)
+-  nsAutoCString folder;
+-  // Make it hidden (by starting with "."), except when local (the
+-  // profile is already under ~/.cache or XDG_CACHE_HOME).
+-  if (!aLocal)
+-    folder.Assign('.');
+-
+   if (!profile.IsEmpty()) {
+     // Skip any leading path characters
+     const char* profileStart = profile.get();
+@@ -1608,31 +1529,17 @@ nsXREDirProvider::AppendProfilePath(nsIFile* aFile,
+ 
+     // On the off chance that someone wanted their folder to be hidden don't
+     // let it become ".."
+-    if (*profileStart == '.' && !aLocal)
++    if (*profileStart == '.')
+       profileStart++;
+ 
++    // Make it hidden (by starting with ".").
++    nsAutoCString folder(".");
+     folder.Append(profileStart);
+     ToLowerCase(folder);
+ 
+     rv = AppendProfileString(aFile, folder.BeginReading());
++    NS_ENSURE_SUCCESS(rv, rv);
+   }
+-  else {
+-    if (!vendor.IsEmpty()) {
+-      folder.Append(vendor);
+-      ToLowerCase(folder);
+-
+-      rv = aFile->AppendNative(folder);
+-      NS_ENSURE_SUCCESS(rv, rv);
+-
+-      folder.Truncate();
+-    }
+-
+-    folder.Append(appName);
+-    ToLowerCase(folder);
+-
+-    rv = aFile->AppendNative(folder);
+-  }
+-  NS_ENSURE_SUCCESS(rv, rv);
+ 
+ #else
+ #error "Don't know how to get profile path on your platform"
+diff --git a/toolkit/xre/nsXREDirProvider.h b/toolkit/xre/nsXREDirProvider.h
+index eb27ed2..1985f66 100644
+--- a/toolkit/xre/nsXREDirProvider.h
++++ b/toolkit/xre/nsXREDirProvider.h
+@@ -56,16 +56,16 @@ public:
+ 
+   nsresult GetProfileDefaultsDir(nsIFile* *aResult);
+ 
+-  static nsresult GetUserAppDataDirectory(nsIFile* *aFile) {
++  nsresult GetUserAppDataDirectory(nsIFile* *aFile) {
+     return GetUserDataDirectory(aFile, false, nullptr, nullptr, nullptr);
+   }
+-  static nsresult GetUserLocalDataDirectory(nsIFile* *aFile) {
++  nsresult GetUserLocalDataDirectory(nsIFile* *aFile) {
+     return GetUserDataDirectory(aFile, true, nullptr, nullptr, nullptr);
+   }
+ 
+   // By default GetUserDataDirectory gets profile path from gAppData,
+   // but that can be overridden by using aProfileName/aAppName/aVendorName.
+-  static nsresult GetUserDataDirectory(nsIFile** aFile, bool aLocal,
++  nsresult GetUserDataDirectory(nsIFile** aFile, bool aLocal,
+                                        const nsACString* aProfileName,
+                                        const nsACString* aAppName,
+                                        const nsACString* aVendorName);
+@@ -102,8 +102,8 @@ public:
+ 
+ protected:
+   nsresult GetFilesInternal(const char* aProperty, nsISimpleEnumerator** aResult);
+-  static nsresult GetUserDataDirectoryHome(nsIFile* *aFile, bool aLocal);
+-  static nsresult GetSysUserExtensionsDirectory(nsIFile* *aFile);
++  nsresult GetUserDataDirectoryHome(nsIFile* *aFile, bool aLocal);
++  nsresult GetSysUserExtensionsDirectory(nsIFile* *aFile);
+ #if defined(XP_UNIX) || defined(XP_MACOSX)
+   static nsresult GetSystemExtensionsDirectory(nsIFile** aFile);
+ #endif
+diff --git a/xpcom/io/moz.build b/xpcom/io/moz.build
+index 45732e4..bc62f71 100644
+--- a/xpcom/io/moz.build
++++ b/xpcom/io/moz.build
+@@ -134,4 +134,7 @@ FINAL_LIBRARY = 'xul'
+ if CONFIG['OS_ARCH'] == 'Linux' and 'lib64' in CONFIG['libdir']:
+     DEFINES['HAVE_USR_LIB64_DIR'] = True
+ 
+-LOCAL_INCLUDES += ['!..']
++LOCAL_INCLUDES += [
++    '!..',
++    '../build',
++]
+diff --git a/xpcom/io/nsAppFileLocationProvider.cpp b/xpcom/io/nsAppFileLocationProvider.cpp
+index 1211c39..039a89e 100644
+--- a/xpcom/io/nsAppFileLocationProvider.cpp
++++ b/xpcom/io/nsAppFileLocationProvider.cpp
+@@ -15,6 +15,7 @@
+ #include "nsISimpleEnumerator.h"
+ #include "prenv.h"
+ #include "nsCRT.h"
++#include "nsXPCOMPrivate.h"  // for XPCOM_FILE_PATH_SEPARATOR
+ 
+ #if defined(MOZ_WIDGET_COCOA)
+ #include <Carbon/Carbon.h>
+@@ -281,9 +282,8 @@ nsAppFileLocationProvider::CloneMozBinDirectory(nsIFile** aLocalFile)
+ //----------------------------------------------------------------------------------------
+ // GetProductDirectory - Gets the directory which contains the application data folder
+ //
+-// UNIX   : ~/.mozilla/
+-// WIN    : <Application Data folder on user's machine>\Mozilla
+-// Mac    : :Documents:Mozilla:
++// UNIX and WIN   : <App Folder>/TorBrowser/Data/Browser
++// Mac            : <App Folder>/../../TorBrowser/Data/Browser
+ //----------------------------------------------------------------------------------------
+ NS_METHOD
+ nsAppFileLocationProvider::GetProductDirectory(nsIFile** aLocalFile,
+@@ -297,48 +297,45 @@ nsAppFileLocationProvider::GetProductDirectory(nsIFile** aLocalFile,
+   bool exists;
+   nsCOMPtr<nsIFile> localDir;
+ 
+-#if defined(MOZ_WIDGET_COCOA)
+-  FSRef fsRef;
+-  OSType folderType = aLocal ? (OSType)kCachedDataFolderType :
+-                               (OSType)kDomainLibraryFolderType;
+-  OSErr err = ::FSFindFolder(kUserDomain, folderType, kCreateFolder, &fsRef);
+-  if (err) {
+-    return NS_ERROR_FAILURE;
++  rv = CloneMozBinDirectory(getter_AddRefs(localDir));
++  NS_ENSURE_SUCCESS(rv, rv);
++
++  int levelsToRemove = 0; // In FF21+, bin dir points to browser subdirectory.
++#if defined(XP_MACOSX)
++  levelsToRemove += 1;
++#endif
++  while (localDir && (levelsToRemove > 0)) {
++    // When crawling up the hierarchy, components named "." do not count.
++    nsAutoCString removedName;
++    rv = localDir->GetNativeLeafName(removedName);
++    NS_ENSURE_SUCCESS(rv, rv);
++    bool didRemove = !removedName.Equals(".");
++
++    // Remove a directory component.
++    nsCOMPtr<nsIFile> parentDir;
++    rv = localDir->GetParent(getter_AddRefs(parentDir));
++    NS_ENSURE_SUCCESS(rv, rv);
++    localDir = parentDir;
++
++    if (didRemove) {
++      --levelsToRemove;
++    }
+   }
+-  NS_NewLocalFile(EmptyString(), true, getter_AddRefs(localDir));
++
+   if (!localDir) {
+     return NS_ERROR_FAILURE;
+   }
+-  nsCOMPtr<nsILocalFileMac> localDirMac(do_QueryInterface(localDir));
+-  rv = localDirMac->InitWithFSRef(&fsRef);
+-  if (NS_FAILED(rv)) {
+-    return rv;
+-  }
+-#elif defined(XP_WIN)
+-  nsCOMPtr<nsIProperties> directoryService =
+-    do_GetService(NS_DIRECTORY_SERVICE_CONTRACTID, &rv);
+-  if (NS_FAILED(rv)) {
+-    return rv;
+-  }
+-  const char* prop = aLocal ? NS_WIN_LOCAL_APPDATA_DIR : NS_WIN_APPDATA_DIR;
+-  rv = directoryService->Get(prop, NS_GET_IID(nsIFile), getter_AddRefs(localDir));
+-  if (NS_FAILED(rv)) {
+-    return rv;
+-  }
+-#elif defined(XP_UNIX)
+-  rv = NS_NewNativeLocalFile(nsDependentCString(PR_GetEnv("HOME")), true,
+-                             getter_AddRefs(localDir));
+-  if (NS_FAILED(rv)) {
+-    return rv;
+-  }
+-#else
+-#error dont_know_how_to_get_product_dir_on_your_platform
+-#endif
+ 
+-  rv = localDir->AppendRelativeNativePath(DEFAULT_PRODUCT_DIR);
+-  if (NS_FAILED(rv)) {
+-    return rv;
++  rv = localDir->AppendRelativeNativePath(NS_LITERAL_CSTRING("TorBrowser"
++                                        XPCOM_FILE_PATH_SEPARATOR "Data"
++                                        XPCOM_FILE_PATH_SEPARATOR "Browser"));
++  NS_ENSURE_SUCCESS(rv, rv);
++
++  if (aLocal) {
++    rv = localDir->AppendNative(NS_LITERAL_CSTRING("Caches"));
++    NS_ENSURE_SUCCESS(rv, rv);
+   }
++
+   rv = localDir->Exists(&exists);
+ 
+   if (NS_SUCCEEDED(rv) && !exists) {
+@@ -357,10 +354,6 @@ nsAppFileLocationProvider::GetProductDirectory(nsIFile** aLocalFile,
+ 
+ //----------------------------------------------------------------------------------------
+ // GetDefaultUserProfileRoot - Gets the directory which contains each user profile dir
+-//
+-// UNIX   : ~/.mozilla/
+-// WIN    : <Application Data folder on user's machine>\Mozilla\Profiles
+-// Mac    : :Documents:Mozilla:Profiles:
+ //----------------------------------------------------------------------------------------
+ NS_METHOD
+ nsAppFileLocationProvider::GetDefaultUserProfileRoot(nsIFile** aLocalFile,
+@@ -378,23 +371,6 @@ nsAppFileLocationProvider::GetDefaultUserProfileRoot(nsIFile** aLocalFile,
+     return rv;
+   }
+ 
+-#if defined(MOZ_WIDGET_COCOA) || defined(XP_WIN)
+-  // These 3 platforms share this part of the path - do them as one
+-  rv = localDir->AppendRelativeNativePath(NS_LITERAL_CSTRING("Profiles"));
+-  if (NS_FAILED(rv)) {
+-    return rv;
+-  }
+-
+-  bool exists;
+-  rv = localDir->Exists(&exists);
+-  if (NS_SUCCEEDED(rv) && !exists) {
+-    rv = localDir->Create(nsIFile::DIRECTORY_TYPE, 0775);
+-  }
+-  if (NS_FAILED(rv)) {
+-    return rv;
+-  }
+-#endif
+-
+   localDir.forget(aLocalFile);
+ 
+   return rv;
+-- 
+cgit v0.10.2
+
diff --git a/projects/instantbird/Firefox-update-process-bug-4234.mozpatch b/projects/instantbird/Firefox-update-process-bug-4234.mozpatch
new file mode 100644
index 0000000..a02d80b
--- /dev/null
+++ b/projects/instantbird/Firefox-update-process-bug-4234.mozpatch
@@ -0,0 +1,2156 @@
+From 3f8110f69e1ddfc762a7c7dba4d06b537a785a9c Mon Sep 17 00:00:00 2001
+From: Kathy Brade <brade at pearlcrescent.com>
+Date: Thu, 4 Sep 2014 15:45:23 +0000
+Subject: Bug #4234: Use the Firefox Update Process for Tor Browser.
+
+New configure options:
+  --with-tor-browser-version=VERSION # Pass TB version throughout build.
+  --enable-tor-browser-update        # Enable bundle update behavior.
+The following files are never updated:
+  TorBrowser/Data/Browser/profiles.ini
+  TorBrowser/Data/Browser/profile.default/bookmarks.html
+  TorBrowser/Data/Tor/torrc
+Mac OS: Store update metadata under TorBrowser/UpdateInfo.
+Removed the %OS_VERSION% component from the update URL (13047) and
+  added support for minSupportedOSVersion, an attribute of the
+  <update> element that may be used to trigger Firefox's
+  "unsupported platform" behavior.
+Windows: disable "runas" code path in updater (15201).
+Windows: avoid writing to the registry (16236).
+Also includes fixes for tickets 13047, 13301, 13356, 13594, 15406,
+  16014, and 16909.
+
+diff --git a/browser/components/moz.build b/browser/components/moz.build
+index 431d505..bf7a40c 100644
+--- a/browser/components/moz.build
++++ b/browser/components/moz.build
+@@ -38,11 +38,8 @@ XPIDL_MODULE = 'browsercompsbase'
+ 
+ EXTRA_PP_COMPONENTS += [
+     'BrowserComponents.manifest',
+-    'nsBrowserGlue.js',
+-]
+-
+-EXTRA_COMPONENTS += [
+     'nsBrowserContentHandler.js',
++    'nsBrowserGlue.js',
+ ]
+ 
+ EXTRA_JS_MODULES += [
+diff --git a/browser/components/nsBrowserContentHandler.js b/browser/components/nsBrowserContentHandler.js
+index e89004d..b892eaf 100644
+--- a/browser/components/nsBrowserContentHandler.js
++++ b/browser/components/nsBrowserContentHandler.js
+@@ -45,6 +45,10 @@ const NS_BINDING_ABORTED = Components.results.NS_BINDING_ABORTED;
+ const NS_ERROR_WONT_HANDLE_CONTENT = 0x805d0001;
+ const NS_ERROR_ABORT = Components.results.NS_ERROR_ABORT;
+ 
++#ifdef TOR_BROWSER_VERSION
++const kTBSavedVersionPref = "browser.startup.homepage_override.torbrowser.version";
++#endif
++
+ function shouldLoadURI(aURI) {
+   if (aURI && !aURI.schemeIs("chrome"))
+     return true;
+@@ -96,7 +100,8 @@ const OVERRIDE_NEW_BUILD_ID = 3;
+  * Returns:
+  *  OVERRIDE_NEW_PROFILE if this is the first run with a new profile.
+  *  OVERRIDE_NEW_MSTONE if this is the first run with a build with a different
+- *                      Gecko milestone (i.e. right after an upgrade).
++ *                      Gecko milestone or Tor Browser version (i.e. right
++ *                      after an upgrade).
+  *  OVERRIDE_NEW_BUILD_ID if this is the first run with a new build ID of the
+  *                        same Gecko milestone (i.e. after a nightly upgrade).
+  *  OVERRIDE_NONE otherwise.
+@@ -112,6 +117,15 @@ function needHomepageOverride(prefb) {
+ 
+   var mstone = Services.appinfo.platformVersion;
+ 
++#ifdef TOR_BROWSER_VERSION
++#expand const TOR_BROWSER_VERSION = __TOR_BROWSER_VERSION__;
++
++  var savedTBVersion = null;
++  try {
++    savedTBVersion = prefb.getCharPref(kTBSavedVersionPref);
++  } catch (e) {}
++#endif
++
+   var savedBuildID = null;
+   try {
+     savedBuildID = prefb.getCharPref("browser.startup.homepage_override.buildID");
+@@ -129,9 +143,30 @@ function needHomepageOverride(prefb) {
+     
+     prefb.setCharPref("browser.startup.homepage_override.mstone", mstone);
+     prefb.setCharPref("browser.startup.homepage_override.buildID", buildID);
++#ifdef TOR_BROWSER_VERSION
++    prefb.setCharPref(kTBSavedVersionPref, TOR_BROWSER_VERSION);
++
++    // After an upgrade from an older release of Tor Browser (<= 5.5a1), the
++    // savedmstone will be undefined because those releases included the
++    // value "ignore" for the browser.startup.homepage_override.mstone pref.
++    // To correctly detect an upgrade vs. a new profile, we check for the
++    // presence of the "app.update.postupdate" pref.
++    var updated = prefb.prefHasUserValue("app.update.postupdate");
++    return (savedmstone || updated) ? OVERRIDE_NEW_MSTONE
++                                    : OVERRIDE_NEW_PROFILE;
++#else
+     return (savedmstone ? OVERRIDE_NEW_MSTONE : OVERRIDE_NEW_PROFILE);
++#endif
+   }
+ 
++#ifdef TOR_BROWSER_VERSION
++  if (TOR_BROWSER_VERSION != savedTBVersion) {
++    prefb.setCharPref("browser.startup.homepage_override.buildID", buildID);
++    prefb.setCharPref(kTBSavedVersionPref, TOR_BROWSER_VERSION);
++    return OVERRIDE_NEW_MSTONE;
++  }
++#endif
++
+   if (buildID != savedBuildID) {
+     prefb.setCharPref("browser.startup.homepage_override.buildID", buildID);
+     return OVERRIDE_NEW_BUILD_ID;
+@@ -515,6 +550,15 @@ nsBrowserContentHandler.prototype = {
+       try {
+         old_mstone = Services.prefs.getCharPref("browser.startup.homepage_override.mstone");
+       } catch (ex) {}
++
++#ifdef TOR_BROWSER_VERSION
++      // We do the same for the Tor Browser version.
++      var old_tbversion = null;
++      try {
++        old_tbversion = prefb.getCharPref(kTBSavedVersionPref);
++      } catch (e) {}
++#endif
++
+       override = needHomepageOverride(prefb);
+       if (override != OVERRIDE_NONE) {
+         switch (override) {
+@@ -538,6 +582,10 @@ nsBrowserContentHandler.prototype = {
+               overridePage = getPostUpdateOverridePage(overridePage);
+ 
+             overridePage = overridePage.replace("%OLD_VERSION%", old_mstone);
++#ifdef TOR_BROWSER_VERSION
++            overridePage = overridePage.replace("%OLD_TOR_BROWSER_VERSION%",
++                                                old_tbversion);
++#endif
+             break;
+         }
+       }
+diff --git a/browser/confvars.sh b/browser/confvars.sh
+index 6935e05..ed93deb 100755
+--- a/browser/confvars.sh
++++ b/browser/confvars.sh
+@@ -8,22 +8,6 @@ MOZ_APP_VENDOR=Mozilla
+ MOZ_UPDATER=1
+ MOZ_PHOENIX=1
+ 
+-if test "$OS_ARCH" = "WINNT"; then
+-  MOZ_MAINTENANCE_SERVICE=1
+-  if ! test "$HAVE_64BIT_BUILD"; then
+-    if test "$MOZ_UPDATE_CHANNEL" = "nightly" -o \
+-            "$MOZ_UPDATE_CHANNEL" = "aurora" -o \
+-            "$MOZ_UPDATE_CHANNEL" = "beta" -o \
+-            "$MOZ_UPDATE_CHANNEL" = "beta-dev" -o \
+-            "$MOZ_UPDATE_CHANNEL" = "release" -o \
+-            "$MOZ_UPDATE_CHANNEL" = "release-dev"; then
+-      if ! test "$MOZ_DEBUG"; then
+-        MOZ_STUB_INSTALLER=1
+-      fi
+-    fi
+-  fi
+-fi
+-
+ # Enable building ./signmar and running libmar signature tests
+ MOZ_ENABLE_SIGNMAR=1
+ 
+@@ -51,9 +35,9 @@ MOZ_APP_ID={ec8030f7-c20a-464f-9b0e-13a3a9e97384}
+ # This should usually be the same as the value MAR_CHANNEL_ID.
+ # If more than one ID is needed, then you should use a comma separated list
+ # of values.
+-ACCEPTED_MAR_CHANNEL_IDS=firefox-mozilla-esr
++ACCEPTED_MAR_CHANNEL_IDS=torbrowser-torproject-release
+ # The MAR_CHANNEL_ID must not contain the following 3 characters: ",\t "
+-MAR_CHANNEL_ID=firefox-mozilla-esr
++MAR_CHANNEL_ID=torbrowser-torproject-release
+ MOZ_PROFILE_MIGRATOR=1
+ MOZ_APP_STATIC_INI=1
+ MOZ_WEBAPP_RUNTIME=1
+diff --git a/browser/installer/Makefile.in b/browser/installer/Makefile.in
+index bb91b4a..ecab9ad 100644
+--- a/browser/installer/Makefile.in
++++ b/browser/installer/Makefile.in
+@@ -72,6 +72,10 @@ endif
+ endif
+ endif
+ 
++ifdef TOR_BROWSER_UPDATE
++DEFINES += -DTOR_BROWSER_UPDATE
++endif
++
+ ifneq (,$(filter WINNT Darwin Android,$(OS_TARGET)))
+ DEFINES += -DMOZ_SHARED_MOZGLUE=1
+ endif
+diff --git a/config/createprecomplete.py b/config/createprecomplete.py
+index 3241d52..be571be 100644
+--- a/config/createprecomplete.py
++++ b/config/createprecomplete.py
+@@ -5,13 +5,22 @@
+ # update instructions which is used to remove files and directories that are no
+ # longer present in a complete update. The current working directory is used for
+ # the location to enumerate and to create the precomplete file.
++# For symlinks, remove instructions are always generated.
+ 
+ import sys
+ import os
+ 
++# TODO When TOR_BROWSER_DATA_OUTSIDE_APP_DIR is used on all platforms,
++# we should remove all lines in this file that contain:
++#      TorBrowser/Data
++
+ def get_build_entries(root_path):
+     """ Iterates through the root_path, creating a list for each file and
+         directory. Excludes any file paths ending with channel-prefs.js.
++        To support Tor Browser updates, excludes:
++          TorBrowser/Data/Browser/profiles.ini
++          TorBrowser/Data/Browser/profile.default/bookmarks.html
++          TorBrowser/Data/Tor/torrc
+     """
+     rel_file_path_set = set()
+     rel_dir_path_set = set()
+@@ -22,6 +31,9 @@ def get_build_entries(root_path):
+             rel_path_file = rel_path_file.replace("\\", "/")
+             if not (rel_path_file.endswith("channel-prefs.js") or
+                     rel_path_file.endswith("update-settings.ini") or
++                    rel_path_file == "TorBrowser/Data/Browser/profiles.ini" or
++                    rel_path_file == "TorBrowser/Data/Browser/profile.default/bookmarks.html" or
++                    rel_path_file == "TorBrowser/Data/Tor/torrc" or
+                     rel_path_file.find("distribution/") != -1):
+                 rel_file_path_set.add(rel_path_file)
+ 
+@@ -30,7 +42,10 @@ def get_build_entries(root_path):
+             rel_path_dir = os.path.join(parent_dir_rel_path, dir_name)
+             rel_path_dir = rel_path_dir.replace("\\", "/")+"/"
+             if rel_path_dir.find("distribution/") == -1:
+-                rel_dir_path_set.add(rel_path_dir)
++                if (os.path.islink(rel_path_dir[:-1])):
++                    rel_file_path_set.add(rel_path_dir[:-1])
++                else:
++                    rel_dir_path_set.add(rel_path_dir)
+ 
+     rel_file_path_list = list(rel_file_path_set)
+     rel_file_path_list.sort(reverse=True)
+diff --git a/configure.in b/configure.in
+index 38df30e..e9fb038 100644
+--- a/configure.in
++++ b/configure.in
+@@ -3369,15 +3369,12 @@ AC_SUBST(GRE_MILESTONE)
+ # set RELEASE_BUILD and NIGHTLY_BUILD variables depending on the cycle we're in
+ # The logic works like this:
+ # - if we have "a1" in GRE_MILESTONE, we're building Nightly (define NIGHTLY_BUILD)
+-# - otherwise, if we have "a" in GRE_MILESTONE, we're building Nightly or Aurora
+ # - otherwise, we're building Release/Beta (define RELEASE_BUILD)
+ case "$GRE_MILESTONE" in
+   *a1*)
+       NIGHTLY_BUILD=1
+       AC_DEFINE(NIGHTLY_BUILD)
+       ;;
+-  *a*)
+-      ;;
+   *)
+       RELEASE_BUILD=1
+       AC_DEFINE(RELEASE_BUILD)
+@@ -6521,6 +6518,31 @@ MOZ_ARG_ENABLE_BOOL(update-packaging,
+ AC_SUBST(MOZ_UPDATE_PACKAGING)
+ 
+ dnl ========================================================
++dnl Tor Additions
++dnl ========================================================
++MOZ_ARG_WITH_STRING(eor-browser-version,
++[  --with-tor-browser-version=VERSION
++                          Set Tor Browser version, e.g., 4.0b1],
++    TOR_BROWSER_VERSION="$withval")
++
++MOZ_ARG_ENABLE_BOOL(tor-browser-update,
++[  --enable-tor-browser-update
++                          Enable Tor Browser update],
++    TOR_BROWSER_UPDATE=1,
++    TOR_BROWSER_UPDATE= )
++
++if test -n "$TOR_BROWSER_UPDATE"; then
++    if test -z "$TOR_BROWSER_VERSION"; then
++        AC_MSG_ERROR([--enable-tor-browser-update requires --with-tor-browser-version.])
++    fi
++    AC_DEFINE(TOR_BROWSER_UPDATE)
++fi
++
++AC_DEFINE_UNQUOTED(TOR_BROWSER_VERSION,"$TOR_BROWSER_VERSION")
++AC_SUBST(TOR_BROWSER_VERSION)
++AC_SUBST(TOR_BROWSER_UPDATE)
++
++dnl ========================================================
+ dnl build the tests by default
+ dnl ========================================================
+ MOZ_ARG_DISABLE_BOOL(tests,
+@@ -9068,7 +9090,7 @@ if test "$MOZ_DEBUG"; then
+     A11Y_LOG=1
+ fi
+ case "$MOZ_UPDATE_CHANNEL" in
+-aurora|beta|release|esr)
++aurora|alpha|beta|hardened|release|esr)
+     ;;
+ *)
+     A11Y_LOG=1
+diff --git a/js/src/configure.in b/js/src/configure.in
+index 25b4ae8..7fae8a4 100644
+--- a/js/src/configure.in
++++ b/js/src/configure.in
+@@ -2691,15 +2691,12 @@ AC_SUBST(GRE_MILESTONE)
+ dnl set RELEASE_BUILD and NIGHTLY_BUILD variables depending on the cycle we're in
+ dnl The logic works like this:
+ dnl - if we have "a1" in GRE_MILESTONE, we're building Nightly (define NIGHTLY_BUILD)
+-dnl - otherwise, if we have "a" in GRE_MILESTONE, we're building Nightly or Aurora
+ dnl - otherwise, we're building Release/Beta (define RELEASE_BUILD)
+ case "$GRE_MILESTONE" in
+   *a1*)
+       NIGHTLY_BUILD=1
+       AC_DEFINE(NIGHTLY_BUILD)
+       ;;
+-  *a*)
+-      ;;
+   *)
+       RELEASE_BUILD=1
+       AC_DEFINE(RELEASE_BUILD)
+diff --git a/toolkit/modules/UpdateUtils.jsm b/toolkit/modules/UpdateUtils.jsm
+index b943467..4638c8e 100644
+--- a/toolkit/modules/UpdateUtils.jsm
++++ b/toolkit/modules/UpdateUtils.jsm
+@@ -20,6 +20,9 @@ const PREF_APP_B2G_VERSION                = "b2g.version";
+ const PREF_APP_UPDATE_CUSTOM              = "app.update.custom";
+ const PREF_APP_UPDATE_IMEI_HASH           = "app.update.imei_hash";
+ 
++#ifdef TOR_BROWSER_VERSION
++#expand const TOR_BROWSER_VERSION = __TOR_BROWSER_VERSION__;
++#endif
+ 
+ this.UpdateUtils = {
+   /**
+@@ -70,7 +73,11 @@ this.UpdateUtils = {
+    */
+   formatUpdateURL(url) {
+     url = url.replace(/%PRODUCT%/g, Services.appinfo.name);
++#ifdef TOR_BROWSER_UPDATE
++    url = url.replace(/%VERSION%/g, TOR_BROWSER_VERSION);
++#else
+     url = url.replace(/%VERSION%/g, Services.appinfo.version);
++#endif
+     url = url.replace(/%BUILD_ID%/g, Services.appinfo.appBuildID);
+     url = url.replace(/%BUILD_TARGET%/g, Services.appinfo.OS + "_" + this.ABI);
+     url = url.replace(/%OS_VERSION%/g, this.OSVersion);
+diff --git a/toolkit/modules/debug.js b/toolkit/modules/debug.js
+index ba59c65..486105e 100644
+--- a/toolkit/modules/debug.js
++++ b/toolkit/modules/debug.js
+@@ -41,6 +41,8 @@ this.NS_ASSERT = function NS_ASSERT(condition, message) {
+     switch (defB.getCharPref("app.update.channel")) {
+       case "nightly":
+       case "aurora":
++      case "alpha":
++      case "hardened":
+       case "beta":
+       case "default":
+         releaseBuild = false;
+diff --git a/toolkit/modules/moz.build b/toolkit/modules/moz.build
+index 0600b82..81125d1 100644
+--- a/toolkit/modules/moz.build
++++ b/toolkit/modules/moz.build
+@@ -72,7 +72,6 @@ EXTRA_JS_MODULES += [
+     'Task.jsm',
+     'Timer.jsm',
+     'Troubleshoot.jsm',
+-    'UpdateUtils.jsm',
+     'WebChannel.jsm',
+     'WindowDraggingUtils.jsm',
+     'ZipUtils.jsm',
+@@ -87,6 +86,7 @@ if not CONFIG['TOR_BROWSER_VERSION']:
+ EXTRA_PP_JS_MODULES += [
+     'AppConstants.jsm',
+     'SessionRecorder.jsm',
++    'UpdateUtils.jsm',
+ ]
+ 
+ if 'Android' != CONFIG['OS_TARGET']:
+diff --git a/toolkit/mozapps/extensions/AddonManager.jsm b/toolkit/mozapps/extensions/AddonManager.jsm
+index ab63c3d..a453062 100644
+--- a/toolkit/mozapps/extensions/AddonManager.jsm
++++ b/toolkit/mozapps/extensions/AddonManager.jsm
+@@ -23,7 +23,7 @@ if ("@mozilla.org/xre/app-info;1" in Cc) {
+ 
+ Cu.import("resource://gre/modules/AppConstants.jsm");
+ 
+-const MOZ_COMPATIBILITY_NIGHTLY = !['aurora', 'beta', 'release', 'esr'].includes(AppConstants.MOZ_UPDATE_CHANNEL);
++const MOZ_COMPATIBILITY_NIGHTLY = !['aurora', 'alpha', 'beta', 'hardened', 'release', 'esr'].includes(AppConstants.MOZ_UPDATE_CHANNEL);
+ 
+ const PREF_BLOCKLIST_PINGCOUNTVERSION = "extensions.blocklist.pingCountVersion";
+ const PREF_DEFAULT_PROVIDERS_ENABLED  = "extensions.defaultProviders.enabled";
+diff --git a/toolkit/mozapps/update/content/updates.js b/toolkit/mozapps/update/content/updates.js
+index 48f8bad..40e76c8 100644
+--- a/toolkit/mozapps/update/content/updates.js
++++ b/toolkit/mozapps/update/content/updates.js
+@@ -3,6 +3,8 @@
+  * License, v. 2.0. If a copy of the MPL was not distributed with this
+  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+ 
++#filter substitution
++
+ 'use strict';
+ 
+ // Firefox's macBrowserOverlay.xul includes scripts that define Cc, Ci, and Cr
+@@ -51,6 +53,11 @@ const CERT_ATTR_CHECK_FAILED_NO_UPDATE  = 100;
+ const CERT_ATTR_CHECK_FAILED_HAS_UPDATE = 101;
+ const BACKGROUNDCHECK_MULTIPLE_FAILURES = 110;
+ 
++#ifdef TOR_BROWSER_VERSION
++# Add double-quotes back on (stripped by JarMaker.py).
++#expand const TOR_BROWSER_VERSION = "__TOR_BROWSER_VERSION__";
++#endif
++
+ var gLogEnabled = false;
+ var gUpdatesFoundPageId;
+ 
+@@ -510,8 +517,13 @@ var gUpdates = {
+       return;
+     }
+ 
++#ifdef TOR_BROWSER_UPDATE
++    var appVersion = TOR_BROWSER_VERSION;
++#else
++    var appVersion = Services.appinfo.version;
++#endif
+     if (!this.update.appVersion ||
+-        Services.vc.compare(this.update.appVersion, Services.appinfo.version) == 0) {
++        Services.vc.compare(this.update.appVersion, appVersion) == 0) {
+       aCallback(false);
+       return;
+     }
+@@ -523,6 +535,11 @@ var gUpdates = {
+ 
+     var self = this;
+     AddonManager.getAllAddons(function(addons) {
++#ifdef TOR_BROWSER_UPDATE
++      let compatVersion = self.update.platformVersion;
++#else
++      let compatVersion = self.update.appVersion;
++#endif
+       self.addons = [];
+       addons.forEach(function(addon) {
+         // Protect against code that overrides the add-ons manager and doesn't
+@@ -551,7 +568,7 @@ var gUpdates = {
+               !addon.appDisabled && !addon.userDisabled &&
+               addon.scope != AddonManager.SCOPE_APPLICATION &&
+               addon.isCompatible &&
+-              !addon.isCompatibleWith(self.update.appVersion,
++              !addon.isCompatibleWith(compatVersion,
+                                       self.update.platformVersion))
+             self.addons.push(addon);
+         }
+@@ -821,9 +838,14 @@ var gIncompatibleCheckPage = {
+     this._totalCount = gUpdates.addons.length;
+ 
+     this._pBar.mode = "normal";
++#ifdef TOR_BROWSER_UPDATE
++    let compatVersion = gUpdates.update.platformVersion;
++#else
++    let compatVersion = gUpdates.update.appVersion;
++#endif
+     gUpdates.addons.forEach(function(addon) {
+       addon.findUpdates(this, AddonManager.UPDATE_WHEN_NEW_APP_DETECTED,
+-                        gUpdates.update.appVersion,
++                        compatVersion,
+                         gUpdates.update.platformVersion);
+     }, this);
+   },
+@@ -848,8 +870,13 @@ var gIncompatibleCheckPage = {
+     // the add-on will become incompatible.
+     let bs = CoC["@mozilla.org/extensions/blocklist;1"].
+              getService(CoI.nsIBlocklistService);
++#ifdef TOR_BROWSER_UPDATE
++    let compatVersion = gUpdates.update.platformVersion;
++#else
++    let compatVersion = gUpdates.update.appVersion;
++#endif
+     if (bs.isAddonBlocklisted(addon,
+-                              gUpdates.update.appVersion,
++                              compatVersion,
+                               gUpdates.update.platformVersion))
+       return;
+ 
+diff --git a/toolkit/mozapps/update/jar.mn b/toolkit/mozapps/update/jar.mn
+index 9bb5d2d..5347123 100644
+--- a/toolkit/mozapps/update/jar.mn
++++ b/toolkit/mozapps/update/jar.mn
+@@ -7,6 +7,6 @@ toolkit.jar:
+   content/mozapps/update/history.xul                            (content/history.xul)
+   content/mozapps/update/history.js                             (content/history.js)
+   content/mozapps/update/updates.css                            (content/updates.css)
+-  content/mozapps/update/updates.js                             (content/updates.js)
++* content/mozapps/update/updates.js                             (content/updates.js)
+   content/mozapps/update/updates.xml                            (content/updates.xml)
+   content/mozapps/update/updates.xul                            (content/updates.xul)
+diff --git a/toolkit/mozapps/update/moz.build b/toolkit/mozapps/update/moz.build
+index 3824b88..c93100a 100644
+--- a/toolkit/mozapps/update/moz.build
++++ b/toolkit/mozapps/update/moz.build
+@@ -18,11 +18,14 @@ XPIDL_SOURCES += [
+ TEST_DIRS += ['tests']
+ 
+ EXTRA_COMPONENTS += [
+-    'nsUpdateService.js',
+     'nsUpdateService.manifest',
+     'nsUpdateServiceStub.js',
+ ]
+ 
++EXTRA_PP_COMPONENTS += [
++    'nsUpdateService.js',
++]
++
+ EXTRA_JS_MODULES += [
+     'UpdateTelemetry.jsm',
+ ]
+diff --git a/toolkit/mozapps/update/nsUpdateService.js b/toolkit/mozapps/update/nsUpdateService.js
+index 489d085..e12636d 100644
+--- a/toolkit/mozapps/update/nsUpdateService.js
++++ b/toolkit/mozapps/update/nsUpdateService.js
+@@ -12,7 +12,9 @@ Cu.import("resource://gre/modules/XPCOMUtils.jsm", this);
+ Cu.import("resource://gre/modules/FileUtils.jsm", this);
+ Cu.import("resource://gre/modules/AddonManager.jsm", this);
+ Cu.import("resource://gre/modules/Services.jsm", this);
++#ifdef XP_WIN
+ Cu.import("resource://gre/modules/ctypes.jsm", this);
++#endif
+ Cu.import("resource://gre/modules/UpdateTelemetry.jsm", this);
+ Cu.import("resource://gre/modules/AppConstants.jsm", this);
+ 
+@@ -66,6 +68,10 @@ const KEY_EXECUTABLE      = "XREExeF";
+ // Gonk only
+ const KEY_UPDATE_ARCHIVE_DIR = "UpdArchD";
+ 
++#ifdef TOR_BROWSER_VERSION
++#expand const TOR_BROWSER_VERSION = __TOR_BROWSER_VERSION__;
++#endif
++
+ const DIR_UPDATED         = "updated";
+ const DIR_UPDATED_APP     = "Updated.app";
+ const DIR_UPDATES         = "updates";
+@@ -701,8 +707,13 @@ function getUpdatesDirInApplyToDir() {
+   if (AppConstants.platform == "macosx") {
+     dir = dir.parent.parent; // the bundle directory
+     dir.append(DIR_UPDATED_APP);
++#if defined(TOR_BROWSER_UPDATE) && !defined(TOR_BROWSER_DATA_OUTSIDE_APP_DIR)
++    dir.append("TorBrowser");
++    dir.append("UpdateInfo");
++#else
+     dir.append("Contents");
+     dir.append("MacOS");
++#endif
+   } else {
+     dir.append(DIR_UPDATED);
+   }
+@@ -1521,7 +1532,17 @@ function Update(update) {
+     this._patches.push(patch);
+   }
+ 
+-  if (this._patches.length == 0 && !update.hasAttribute("unsupported")) {
++  if (update.hasAttribute("unsupported")) {
++    this.unsupported = ("true" == update.getAttribute("unsupported"));
++  } else if (update.hasAttribute("minSupportedOSVersion")) {
++    let minOSVersion = update.getAttribute("minSupportedOSVersion");
++    try {
++      let osVersion = Services.sysinfo.getProperty("version");
++      this.unsupported = (Services.vc.compare(osVersion, minOSVersion) < 0);
++    } catch (e) {}
++  }
++
++  if (this._patches.length == 0 && !this.unsupported) {
+     throw Cr.NS_ERROR_ILLEGAL_VALUE;
+   }
+ 
+@@ -1574,15 +1595,13 @@ function Update(update) {
+       if(!isNaN(attr.value)) {
+         this.promptWaitTime = parseInt(attr.value);
+       }
+-    } else if (attr.name == "unsupported") {
+-      this.unsupported = attr.value == "true";
+     } else if (attr.name == "version") {
+       // Prevent version from replacing displayVersion if displayVersion is
+       // present in the update xml.
+       if (!this.displayVersion) {
+         this.displayVersion = attr.value;
+       }
+-    } else {
++    } else if (attr.name != "unsupported") {
+       this[attr.name] = attr.value;
+ 
+       switch (attr.name) {
+@@ -2408,9 +2427,14 @@ UpdateService.prototype = {
+     updates.forEach(function(aUpdate) {
+       // Ignore updates for older versions of the application and updates for
+       // the same version of the application with the same build ID.
+-      if (vc.compare(aUpdate.appVersion, Services.appinfo.version) < 0 ||
+-          vc.compare(aUpdate.appVersion, Services.appinfo.version) == 0 &&
+-          aUpdate.buildID == Services.appinfo.appBuildID) {
++#ifdef TOR_BROWSER_UPDATE
++      var compatVersion = TOR_BROWSER_VERSION;
++#else
++      var compatVersion = Services.appinfo.version;
++#endif
++      var rc = vc.compare(aUpdate.appVersion, compatVersion);
++      if (rc < 0 || ((rc == 0) &&
++                     (aUpdate.buildID == Services.appinfo.appBuildID))) {
+         LOG("UpdateService:selectUpdate - skipping update because the " +
+             "update's application version is less than the current " +
+             "application version");
+@@ -2574,8 +2598,13 @@ UpdateService.prototype = {
+     }
+ 
+     // Only check add-on compatibility when the version changes.
++#ifdef TOR_BROWSER_UPDATE
++    var compatVersion = TOR_BROWSER_VERSION;
++#else
++    var compatVersion = Services.appinfo.version;
++#endif
+     if (update.appVersion &&
+-        Services.vc.compare(update.appVersion, Services.appinfo.version) != 0) {
++        Services.vc.compare(update.appVersion, compatVersion) != 0) {
+       this._update = update;
+       this._checkAddonCompatibility();
+     }
+@@ -2606,6 +2635,11 @@ UpdateService.prototype = {
+     // Get all the installed add-ons
+     var self = this;
+     AddonManager.getAllAddons(function(addons) {
++#ifdef TOR_BROWSER_UPDATE
++      let compatVersion = self._update.platformVersion;
++#else
++      let compatVersion = self._update.appVersion;
++#endif
+       self._incompatibleAddons = [];
+       addons.forEach(function(addon) {
+         // Protect against code that overrides the add-ons manager and doesn't
+@@ -2635,7 +2669,7 @@ UpdateService.prototype = {
+               !addon.appDisabled && !addon.userDisabled &&
+               addon.scope != AddonManager.SCOPE_APPLICATION &&
+               addon.isCompatible &&
+-              !addon.isCompatibleWith(self._update.appVersion,
++              !addon.isCompatibleWith(compatVersion,
+                                       self._update.platformVersion)) {
+             self._incompatibleAddons.push(addon);
+           }
+@@ -2671,7 +2705,7 @@ UpdateService.prototype = {
+ 
+         self._incompatibleAddons.forEach(function(addon) {
+           addon.findUpdates(this, AddonManager.UPDATE_WHEN_NEW_APP_DETECTED,
+-                            this._update.appVersion, this._update.platformVersion);
++                            compatVersion, this._update.platformVersion);
+         }, self);
+       }
+       else {
+@@ -2707,7 +2741,12 @@ UpdateService.prototype = {
+     // If the new version of this add-on is blocklisted for the new application
+     // then it isn't a valid update and the user should still be warned that
+     // the add-on will become incompatible.
+-    if (Services.blocklist.isAddonBlocklisted(addon, this._update.appVersion,
++#ifdef TOR_BROWSER_UPDATE
++    let compatVersion = this._update.platformVersion;
++#else
++    let compatVersion = this._update.appVersion;
++#endif
++    if (Services.blocklist.isAddonBlocklisted(addon, compatVersion,
+                                               this._update.platformVersion)) {
+       return;
+     }
+@@ -2819,14 +2858,24 @@ UpdateService.prototype = {
+     // current application's version or the update's version is the same as the
+     // application's version and the build ID is the same as the application's
+     // build ID.
++#ifdef TOR_BROWSER_UPDATE
++    var compatVersion = TOR_BROWSER_VERSION;
++#else
++    var compatVersion = Services.appinfo.version;
++#endif
+     if (update.appVersion &&
+-        (Services.vc.compare(update.appVersion, Services.appinfo.version) < 0 ||
++        (Services.vc.compare(update.appVersion, compatVersion) < 0 ||
+          update.buildID && update.buildID == Services.appinfo.appBuildID &&
+-         update.appVersion == Services.appinfo.version)) {
++         update.appVersion == compatVersion)) {
+       LOG("UpdateService:downloadUpdate - canceling download of update since " +
+           "it is for an earlier or same application version and build ID.\n" +
+-          "current application version: " + Services.appinfo.version + "\n" +
++#ifdef TOR_BROWSER_UPDATE
++          "current Tor Browser version: " + compatVersion + "\n" +
++          "update Tor Browser version : " + update.appVersion + "\n" +
++#else
++          "current application version: " + compatVersion + "\n" +
+           "update application version : " + update.appVersion + "\n" +
++#endif
+           "current build ID: " + Services.appinfo.appBuildID + "\n" +
+           "update build ID : " + update.buildID);
+       cleanupActiveUpdate();
+@@ -2859,7 +2908,7 @@ UpdateService.prototype = {
+       }
+     }
+     // Set the previous application version prior to downloading the update.
+-    update.previousAppVersion = Services.appinfo.version;
++    update.previousAppVersion = compatVersion;
+     this._downloader = new Downloader(background, this);
+     return this._downloader.downloadUpdate(update);
+   },
+diff --git a/toolkit/mozapps/update/updater/updater.cpp b/toolkit/mozapps/update/updater/updater.cpp
+index 6ef82a1..f362292 100644
+--- a/toolkit/mozapps/update/updater/updater.cpp
++++ b/toolkit/mozapps/update/updater/updater.cpp
+@@ -25,7 +25,7 @@
+  *  updatev3.manifest
+  *  -----------------
+  *  method   = "add" | "add-if" | "add-if-not" | "patch" | "patch-if" |
+- *             "remove" | "rmdir" | "rmrfdir" | type
++ *             "remove" | "rmdir" | "rmrfdir" | "addsymlink" | type
+  *
+  *  'add-if-not' adds a file if it doesn't exist.
+  *
+@@ -403,10 +403,12 @@ get_full_path(const NS_tchar *relpath)
+  *         The line from the manifest that contains the path.
+  * @param  isdir
+  *         Whether the path is a directory path. Defaults to false.
++ * @param  islinktarget
++ *         Whether the path is a symbolic link target. Defaults to false.
+  * @return valid filesystem path or nullptr if the path checks fail.
+  */
+ static NS_tchar*
+-get_valid_path(NS_tchar **line, bool isdir = false)
++get_valid_path(NS_tchar **line, bool isdir = false, bool islinktarget = false)
+ {
+   NS_tchar *path = mstrtok(kQuote, line);
+   if (!path) {
+@@ -441,10 +443,12 @@ get_valid_path(NS_tchar **line, bool isdir = false)
+     path[NS_tstrlen(path) - 1] = NS_T('\0');
+   }
+ 
+-  // Don't allow relative paths that resolve to a parent directory.
+-  if (NS_tstrstr(path, NS_T("..")) != nullptr) {
+-    LOG(("get_valid_path: paths must not contain '..': " LOG_S, path));
+-    return nullptr;
++  if (!islinktarget) {
++    // Don't allow relative paths that resolve to a parent directory.
++    if (NS_tstrstr(path, NS_T("..")) != nullptr) {
++      LOG(("get_valid_path: paths must not contain '..': " LOG_S, path));
++      return nullptr;
++    }
+   }
+ 
+   return path;
+@@ -479,7 +483,8 @@ static void ensure_write_permissions(const NS_tchar *path)
+   (void) _wchmod(path, _S_IREAD | _S_IWRITE);
+ #else
+   struct stat fs;
+-  if (!stat(path, &fs) && !(fs.st_mode & S_IWUSR)) {
++  if (!lstat(path, &fs) && !S_ISLNK(fs.st_mode)
++      && !(fs.st_mode & S_IWUSR)) {
+     (void)chmod(path, fs.st_mode | S_IWUSR);
+   }
+ #endif
+@@ -680,11 +685,9 @@ static int ensure_copy(const NS_tchar *path, const NS_tchar *dest)
+     return READ_ERROR;
+   }
+ 
+-#ifdef XP_UNIX
+   if (S_ISLNK(ss.st_mode)) {
+     return ensure_copy_symlink(path, dest);
+   }
+-#endif
+ 
+ #if MAYBE_USE_HARD_LINKS
+   if (sUseHardLinks) {
+@@ -780,7 +783,7 @@ static int ensure_copy_recursive(const NS_tchar *path, const NS_tchar *dest,
+     return READ_ERROR;
+   }
+ 
+-#ifdef XP_UNIX
++#ifndef XP_WIN
+   if (S_ISLNK(sInfo.st_mode)) {
+     return ensure_copy_symlink(path, dest);
+   }
+@@ -839,14 +842,19 @@ static int rename_file(const NS_tchar *spath, const NS_tchar *dpath,
+     return rv;
+ 
+   struct NS_tstat_t spathInfo;
+-  rv = NS_tstat(spath, &spathInfo);
++  rv = NS_tlstat(spath, &spathInfo); // Get info about file or symlink.
+   if (rv) {
+     LOG(("rename_file: failed to read file status info: " LOG_S ", " \
+          "err: %d", spath, errno));
+     return READ_ERROR;
+   }
+ 
+-  if (!S_ISREG(spathInfo.st_mode)) {
++#ifdef XP_WIN
++  if (!S_ISREG(spathInfo.st_mode))
++#else
++  if (!S_ISREG(spathInfo.st_mode) && !S_ISLNK(spathInfo.st_mode))
++#endif
++  {
+     if (allowDirs && !S_ISDIR(spathInfo.st_mode)) {
+       LOG(("rename_file: path present, but not a file: " LOG_S ", err: %d",
+            spath, errno));
+@@ -856,7 +864,12 @@ static int rename_file(const NS_tchar *spath, const NS_tchar *dpath,
+     }
+   }
+ 
+-  if (!NS_taccess(dpath, F_OK)) {
++#ifdef XP_WIN
++  if (!NS_taccess(dpath, F_OK))
++#else
++  if (!S_ISLNK(spathInfo.st_mode) && !NS_taccess(dpath, F_OK))
++#endif
++  {
+     if (ensure_remove(dpath)) {
+       LOG(("rename_file: destination file exists and could not be " \
+            "removed: " LOG_S, dpath));
+@@ -873,7 +886,7 @@ static int rename_file(const NS_tchar *spath, const NS_tchar *dpath,
+   return OK;
+ }
+ 
+-#ifdef XP_WIN
++#if defined(XP_WIN) && !defined(TOR_BROWSER_UPDATE)
+ // Remove the directory pointed to by path and all of its files and
+ // sub-directories. If a file is in use move it to the tobedeleted directory
+ // and attempt to schedule removal of the file on reboot
+@@ -960,7 +973,18 @@ static int backup_restore(const NS_tchar *path)
+   NS_tsnprintf(backup, sizeof(backup)/sizeof(backup[0]),
+                NS_T("%s") BACKUP_EXT, path);
+ 
+-  if (NS_taccess(backup, F_OK)) {
++  bool isLink = false;
++#ifndef XP_WIN
++  struct stat linkInfo;
++  int rv = lstat(path, &linkInfo);
++  if (!rv) {
++    LOG(("backup_restore: cannot get info for backup file: " LOG_S, backup));
++    return OK;
++  }
++  isLink = S_ISLNK(linkInfo.st_mode);
++#endif
++
++  if (!isLink && NS_taccess(backup, F_OK)) {
+     LOG(("backup_restore: backup file doesn't exist: " LOG_S, backup));
+     return OK;
+   }
+@@ -975,8 +999,18 @@ static int backup_discard(const NS_tchar *path)
+   NS_tsnprintf(backup, sizeof(backup)/sizeof(backup[0]),
+                NS_T("%s") BACKUP_EXT, path);
+ 
++  bool isLink = false;
++#ifndef XP_WIN
++  struct stat linkInfo;
++  int rv2 = lstat(backup, &linkInfo);
++  if (rv2) {
++    return OK;  // File does not exist; nothing to do.
++  }
++  isLink = S_ISLNK(linkInfo.st_mode);
++#endif
++
+   // Nothing to discard
+-  if (NS_taccess(backup, F_OK)) {
++  if (!isLink && NS_taccess(backup, F_OK)) {
+     return OK;
+   }
+ 
+@@ -991,6 +1025,8 @@ static int backup_discard(const NS_tchar *path)
+            backup, path));
+       return WRITE_ERROR_DELETE_BACKUP;
+     }
++
++#if !defined(TOR_BROWSER_UPDATE)
+     // The MoveFileEx call to remove the file on OS reboot will fail if the
+     // process doesn't have write access to the HKEY_LOCAL_MACHINE registry key
+     // but this is ok since the installer / uninstaller will delete the
+@@ -1003,6 +1039,7 @@ static int backup_discard(const NS_tchar *path)
+       LOG(("backup_discard: failed to schedule OS reboot removal of " \
+            "file: " LOG_S, path));
+     }
++#endif
+   }
+ #else
+   if (rv)
+@@ -1056,7 +1093,7 @@ private:
+ class RemoveFile : public Action
+ {
+ public:
+-  RemoveFile() : mFile(nullptr), mSkip(0) { }
++  RemoveFile() : mFile(nullptr), mSkip(0), mIsLink(0) { }
+ 
+   int Parse(NS_tchar *line);
+   int Prepare();
+@@ -1066,6 +1103,7 @@ public:
+ private:
+   const NS_tchar *mFile;
+   int mSkip;
++  int mIsLink;
+ };
+ 
+ int
+@@ -1083,28 +1121,39 @@ RemoveFile::Parse(NS_tchar *line)
+ int
+ RemoveFile::Prepare()
+ {
+-  // Skip the file if it already doesn't exist.
+-  int rv = NS_taccess(mFile, F_OK);
+-  if (rv) {
+-    mSkip = 1;
+-    mProgressCost = 0;
+-    return OK;
++  int rv;
++#ifndef XP_WIN
++  struct stat linkInfo;
++  rv = lstat(mFile, &linkInfo);
++  mIsLink = ((0 == rv) && S_ISLNK(linkInfo.st_mode));
++#endif
++
++  if (!mIsLink) {
++    // Skip the file if it already doesn't exist.
++    rv = NS_taccess(mFile, F_OK);
++    if (rv) {
++      mSkip = 1;
++      mProgressCost = 0;
++      return OK;
++    }
+   }
+ 
+   LOG(("PREPARE REMOVEFILE " LOG_S, mFile));
+ 
+-  // Make sure that we're actually a file...
+-  struct NS_tstat_t fileInfo;
+-  rv = NS_tstat(mFile, &fileInfo);
+-  if (rv) {
+-    LOG(("failed to read file status info: " LOG_S ", err: %d", mFile,
+-         errno));
+-    return READ_ERROR;
+-  }
++  if (!mIsLink) {
++    // Make sure that we're actually a file...
++    struct NS_tstat_t fileInfo;
++    rv = NS_tstat(mFile, &fileInfo);
++    if (rv) {
++      LOG(("failed to read file status info: " LOG_S ", err: %d", mFile,
++           errno));
++      return READ_ERROR;
++    }
+ 
+-  if (!S_ISREG(fileInfo.st_mode)) {
+-    LOG(("path present, but not a file: " LOG_S, mFile));
+-    return DELETE_ERROR_EXPECTED_FILE;
++    if (!S_ISREG(fileInfo.st_mode)) {
++      LOG(("path present, but not a file: " LOG_S, mFile));
++      return DELETE_ERROR_EXPECTED_FILE;
++    }
+   }
+ 
+   NS_tchar *slash = (NS_tchar *) NS_tstrrchr(mFile, NS_T('/'));
+@@ -1134,7 +1183,13 @@ RemoveFile::Execute()
+ 
+   // The file is checked for existence here and in Prepare since it might have
+   // been removed by a separate instruction: bug 311099.
+-  int rv = NS_taccess(mFile, F_OK);
++  int rv = 0;
++  if (mIsLink) {
++    struct NS_tstat_t linkInfo;
++    rv = NS_tlstat(mFile, &linkInfo);
++  } else {
++    rv = NS_taccess(mFile, F_OK);
++  }
+   if (rv) {
+     LOG(("file cannot be removed because it does not exist; skipping"));
+     mSkip = 1;
+@@ -1814,6 +1869,97 @@ PatchIfFile::Finish(int status)
+   PatchFile::Finish(status);
+ }
+ 
++#ifndef XP_WIN
++class AddSymlink : public Action
++{
++public:
++  AddSymlink() : mLinkName(NULL)
++               , mTarget(NULL)
++               , mAdded(false)
++            { }
++
++  virtual int Parse(NS_tchar *line);
++  virtual int Prepare();
++  virtual int Execute();
++  virtual void Finish(int status);
++
++private:
++  const NS_tchar *mLinkName;
++  const NS_tchar *mTarget;
++  bool mAdded;
++};
++
++int
++AddSymlink::Parse(NS_tchar *line)
++{
++  // format "<linkname>" "target"
++
++  mLinkName = get_valid_path(&line);
++  if (!mLinkName)
++    return PARSE_ERROR;
++
++  // consume whitespace between args
++  NS_tchar *q = mstrtok(kQuote, &line);
++  if (!q)
++    return PARSE_ERROR;
++
++  mTarget = get_valid_path(&line, false, true);
++  if (!mTarget)
++    return PARSE_ERROR;
++
++  return OK;
++}
++
++int
++AddSymlink::Prepare()
++{
++  LOG(("PREPARE ADDSYMLINK " LOG_S " -> " LOG_S, mLinkName, mTarget));
++
++  return OK;
++}
++
++int
++AddSymlink::Execute()
++{
++  LOG(("EXECUTE ADDSYMLINK " LOG_S " -> " LOG_S, mLinkName, mTarget));
++
++  // First make sure that we can actually get rid of any existing file or link.
++  struct stat linkInfo;
++  int rv = lstat(mLinkName, &linkInfo);
++  if ((0 == rv) && !S_ISLNK(linkInfo.st_mode)) {
++    rv = NS_taccess(mLinkName, F_OK);
++  }
++  if (rv == 0) {
++    rv = backup_create(mLinkName);
++    if (rv)
++      return rv;
++  } else {
++    rv = ensure_parent_dir(mLinkName);
++    if (rv)
++      return rv;
++  }
++
++  // Create the link.
++  rv = symlink(mTarget, mLinkName);
++  if (!rv) {
++    mAdded = true;
++  }
++
++  return rv;
++}
++
++void
++AddSymlink::Finish(int status)
++{
++  LOG(("FINISH ADDSYMLINK " LOG_S " -> " LOG_S, mLinkName, mTarget));
++  // When there is an update failure and a link has been added it is removed
++  // here since there might not be a backup to replace it.
++  if (status && mAdded)
++    NS_tremove(mLinkName);
++  backup_finish(mLinkName, status);
++}
++#endif
++
+ //-----------------------------------------------------------------------------
+ 
+ #ifdef XP_WIN
+@@ -2115,14 +2261,29 @@ static int
+ CopyInstallDirToDestDir()
+ {
+   // These files should not be copied over to the updated app
+-#ifdef XP_WIN
+-#define SKIPLIST_COUNT 3
+-#elif XP_MACOSX
+-#define SKIPLIST_COUNT 0
++#if defined(TOR_BROWSER_UPDATE) && !defined(TOR_BROWSER_DATA_OUTSIDE_APP_DIR)
++  #ifdef XP_WIN
++  #define SKIPLIST_COUNT 6
++  #else
++  #define SKIPLIST_COUNT 5
++  #endif
+ #else
+-#define SKIPLIST_COUNT 2
++  #ifdef XP_WIN
++  #define SKIPLIST_COUNT 3
++  #elif XP_MACOSX
++  #define SKIPLIST_COUNT 0
++  #else
++  #define SKIPLIST_COUNT 2
++  #endif
+ #endif
+   copy_recursive_skiplist<SKIPLIST_COUNT> skiplist;
++#if defined(TOR_BROWSER_UPDATE) && !defined(TOR_BROWSER_DATA_OUTSIDE_APP_DIR)
++#ifdef XP_MACOSX
++  skiplist.append(0, gInstallDirPath, NS_T("Updated.app"));
++  skiplist.append(1, gInstallDirPath, NS_T("TorBrowser/UpdateInfo/updates/0"));
++#endif
++#endif
++
+ #ifndef XP_MACOSX
+   skiplist.append(0, gInstallDirPath, NS_T("updated"));
+   skiplist.append(1, gInstallDirPath, NS_T("updates/0"));
+@@ -2131,6 +2292,23 @@ CopyInstallDirToDestDir()
+ #endif
+ #endif
+ 
++#if defined(TOR_BROWSER_UPDATE) && !defined(TOR_BROWSER_DATA_OUTSIDE_APP_DIR)
++#ifdef XP_WIN
++  skiplist.append(SKIPLIST_COUNT - 3, gInstallDirPath,
++                  NS_T("TorBrowser/Data/Browser/profile.default/parent.lock"));
++  skiplist.append(SKIPLIST_COUNT - 2, gInstallDirPath,
++         NS_T("TorBrowser/Data/Browser/profile.meek-http-helper/parent.lock"));
++#else
++  skiplist.append(SKIPLIST_COUNT - 3, gInstallDirPath,
++                  NS_T("TorBrowser/Data/Browser/profile.default/.parentlock"));
++  skiplist.append(SKIPLIST_COUNT - 2, gInstallDirPath,
++         NS_T("TorBrowser/Data/Browser/profile.meek-http-helper/.parentlock"));
++#endif
++
++skiplist.append(SKIPLIST_COUNT - 1, gInstallDirPath,
++                NS_T("TorBrowser/Data/Tor/lock"));
++#endif
++
+   return ensure_copy_recursive(gInstallDirPath, gWorkingDirPath, skiplist);
+ }
+ 
+@@ -2251,16 +2429,52 @@ ProcessReplaceRequest()
+     if (NS_taccess(deleteDir, F_OK)) {
+       NS_tmkdir(deleteDir, 0755);
+     }
++#if !defined(TOR_BROWSER_UPDATE)
+     remove_recursive_on_reboot(tmpDir, deleteDir);
+ #endif
++#endif
+   }
+ 
+ #ifdef XP_MACOSX
+   // On OS X, we we need to remove the staging directory after its Contents
+   // directory has been moved.
+   NS_tchar updatedAppDir[MAXPATHLEN];
++#if defined(TOR_BROWSER_UPDATE) && !defined(TOR_BROWSER_DATA_OUTSIDE_APP_DIR)
++  NS_tsnprintf(updatedAppDir, sizeof(updatedAppDir)/sizeof(updatedAppDir[0]),
++               NS_T("%s/Updated.app"), gInstallDirPath);
++  // For Tor Browser on OS X, we also need to copy everything else that is inside Updated.app.
++  NS_tDIR *dir = NS_topendir(updatedAppDir);
++  if (dir) {
++    NS_tdirent *entry;
++    while ((entry = NS_treaddir(dir)) != 0) {
++      if (NS_tstrcmp(entry->d_name, NS_T(".")) &&
++          NS_tstrcmp(entry->d_name, NS_T(".."))) {
++        NS_tchar childSrcPath[MAXPATHLEN];
++        NS_tsnprintf(childSrcPath, sizeof(childSrcPath)/sizeof(childSrcPath[0]),
++                     NS_T("%s/%s"), updatedAppDir, entry->d_name);
++        NS_tchar childDstPath[MAXPATHLEN];
++        NS_tsnprintf(childDstPath, sizeof(childDstPath)/sizeof(childDstPath[0]),
++                     NS_T("%s/%s"), gInstallDirPath, entry->d_name);
++        ensure_remove_recursive(childDstPath);
++        rv = rename_file(childSrcPath, childDstPath, true);
++        if (rv) {
++          LOG(("Moving " LOG_S " to " LOG_S " failed, err: %d",
++              childSrcPath, childDstPath, errno));
++        }
++      }
++    }
++
++    NS_tclosedir(dir);
++  } else {
++    LOG(("Updated.app dir can't be found: " LOG_S ", err: %d",
++         updatedAppDir, errno));
++  }
++#else
+   NS_tsnprintf(updatedAppDir, sizeof(updatedAppDir)/sizeof(updatedAppDir[0]),
+                NS_T("%s/Updated.app"), gPatchDirPath);
++#endif
++
++  // Remove the Updated.app directory.
+   ensure_remove_recursive(updatedAppDir);
+ #endif
+ 
+@@ -2998,6 +3212,26 @@ int NS_main(int argc, NS_tchar **argv)
+       // using the service is because we are testing.
+       if (!useService && !noServiceFallback &&
+           updateLockFileHandle == INVALID_HANDLE_VALUE) {
++#ifdef TOR_BROWSER_UPDATE
++#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR
++        // Because the TorBrowser-Data directory that contains the user's
++        // profile is a sibling of the Tor Browser installation directory,
++        // the user probably has permission to apply updates. Therefore, to
++        // avoid potential security issues such as CVE-2015-0833, do not
++        // attempt to elevate privileges. Instead, write a "failed" message
++        // to the update status file (this function will return immediately
++        // after the CloseHandle(elevatedFileHandle) call below).
++#else
++        // Because the user profile is contained within the Tor Browser
++        // installation directory, the user almost certainly has permission to
++        // apply updates. Therefore, to avoid potential security issues such
++        // as CVE-2015-0833, do not attempt to elevate privileges. Instead,
++        // write a "failed" message to the update status file (this function
++        // will return immediately after the CloseHandle(elevatedFileHandle)
++        // call below).
++#endif
++        WriteStatusFile(WRITE_ERROR_ACCESS_DENIED);
++#else
+         SHELLEXECUTEINFO sinfo;
+         memset(&sinfo, 0, sizeof(SHELLEXECUTEINFO));
+         sinfo.cbSize       = sizeof(SHELLEXECUTEINFO);
+@@ -3019,6 +3253,7 @@ int NS_main(int argc, NS_tchar **argv)
+         } else {
+           WriteStatusFile(ELEVATION_CANCELED);
+         }
++#endif
+       }
+ 
+       if (argc > callbackIndex) {
+@@ -3310,6 +3545,7 @@ int NS_main(int argc, NS_tchar **argv)
+   if (!sStagedUpdate && !sReplaceRequest && _wrmdir(DELETE_DIR)) {
+     LOG(("NS_main: unable to remove directory: " LOG_S ", err: %d",
+          DELETE_DIR, errno));
++#if !defined(TOR_BROWSER_UPDATE)
+     // The directory probably couldn't be removed due to it containing files
+     // that are in use and will be removed on OS reboot. The call to remove the
+     // directory on OS reboot is done after the calls to remove the files so the
+@@ -3326,6 +3562,7 @@ int NS_main(int argc, NS_tchar **argv)
+       LOG(("NS_main: failed to schedule OS reboot removal of " \
+            "directory: " LOG_S, DELETE_DIR));
+     }
++#endif
+   }
+ #endif /* XP_WIN */
+ 
+@@ -3376,7 +3613,7 @@ int NS_main(int argc, NS_tchar **argv)
+   LogFinish();
+ 
+   if (argc > callbackIndex) {
+-#if defined(XP_WIN)
++#if defined(XP_WIN) && !defined(TOR_BROWSER_UPDATE)
+     if (gSucceeded) {
+       if (!LaunchWinPostProcess(gInstallDirPath, gPatchDirPath)) {
+         fprintf(stderr, "The post update process was not launched");
+@@ -4005,6 +4242,11 @@ int DoUpdate()
+     else if (NS_tstrcmp(token, NS_T("patch-if")) == 0) { // Patch if exists
+       action = new PatchIfFile();
+     }
++#ifndef XP_WIN
++    else if (NS_tstrcmp(token, NS_T("addsymlink")) == 0) {
++      action = new AddSymlink();
++    }
++#endif
+     else {
+       LOG(("DoUpdate: unknown token: " LOG_S, token));
+       return PARSE_ERROR;
+diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp
+index 6d04d46..a3a2857 100644
+--- a/toolkit/xre/nsAppRunner.cpp
++++ b/toolkit/xre/nsAppRunner.cpp
+@@ -4051,12 +4051,20 @@ XREMain::XRE_mainStartup(bool* aExitFlag)
+   NS_ENSURE_SUCCESS(rv, 1);
+   rv = exeFile->GetParent(getter_AddRefs(exeDir));
+   NS_ENSURE_SUCCESS(rv, 1);
++#ifdef TOR_BROWSER_UPDATE
++  nsAutoCString compatVersion(TOR_BROWSER_VERSION);
++#endif
+   ProcessUpdates(mDirProvider.GetGREDir(),
+                  exeDir,
+                  updRoot,
+                  gRestartArgc,
+                  gRestartArgv,
+-                 mAppData->version);
++#ifdef TOR_BROWSER_UPDATE
++                 compatVersion.get()
++#else
++                 mAppData->version
++#endif
++                 );
+   if (EnvHasValue("MOZ_TEST_PROCESS_UPDATES")) {
+     SaveToEnv("MOZ_TEST_PROCESS_UPDATES=");
+     *aExitFlag = true;
+diff --git a/toolkit/xre/nsUpdateDriver.cpp b/toolkit/xre/nsUpdateDriver.cpp
+index 83002ca..ee60aee 100644
+--- a/toolkit/xre/nsUpdateDriver.cpp
++++ b/toolkit/xre/nsUpdateDriver.cpp
+@@ -39,6 +39,7 @@
+ # include <windows.h>
+ # include <shlwapi.h>
+ # include "nsWindowsHelpers.h"
++# include "prprf.h"
+ # define getcwd(path, size) _getcwd(path, size)
+ # define getpid() GetCurrentProcessId()
+ #elif defined(XP_UNIX)
+@@ -168,6 +169,46 @@ GetInstallDirPath(nsIFile *appDir, nsACString& installDirPath)
+   return NS_OK;
+ }
+ 
++#if defined(TOR_BROWSER_UPDATE) && defined(XP_WIN)
++#define PATH_SEPARATOR ";"
++
++// In Tor Browser, updater.exe depends on some DLLs that are located in the
++// app directory.  To allow the updater to run when it has been copied into
++// the update directory, we append the app directory to the PATH.
++static nsresult
++AdjustPathForUpdater(nsIFile *appDir)
++{
++  nsAutoCString appPath;
++  nsresult rv = appDir->GetNativePath(appPath);
++  NS_ENSURE_SUCCESS(rv, rv);
++
++  char *s = nullptr;
++  char *pathValue = PR_GetEnv("PATH");
++  if ((nullptr == pathValue) || ('\0' == *pathValue)) {
++    s = PR_smprintf("PATH=%s", appPath.get());
++  } else {
++    s = PR_smprintf("PATH=%s" PATH_SEPARATOR "%s", pathValue, appPath.get());
++  }
++
++  // We intentionally leak the value that is passed into PR_SetEnv() because
++  // the environment will hold a pointer to it.
++  if ((nullptr == s) || (PR_SUCCESS != PR_SetEnv(s)))
++    return NS_ERROR_FAILURE;
++
++  return NS_OK;
++}
++#endif
++
++#ifdef DEBUG
++static void
++dump_argv(const char *aPrefix, char **argv, int argc)
++{
++  printf("%s - %d args\n", aPrefix, argc);
++  for (int i = 0; i < argc; ++i)
++    printf("  %d: %s\n", i, argv[i]);
++}
++#endif
++
+ #if defined(XP_MACOSX)
+ // This is a copy of OS X's XRE_GetBinaryPath from nsAppRunner.cpp with the
+ // gBinaryPath check removed so that the updater can reload the stub executable
+@@ -255,6 +296,33 @@ typedef enum {
+   eAppliedService
+ } UpdateStatus;
+ 
++#ifdef DEBUG
++static const char *
++UpdateStatusToString(UpdateStatus aStatus)
++{
++  const char *rv = "unknown";
++  switch (aStatus) {
++    case eNoUpdateAction:
++      rv = "NoUpdateAction";
++      break;
++    case ePendingUpdate:
++      rv = "PendingUpdate";
++      break;
++    case ePendingService:
++      rv = "PendingService";
++      break;
++    case eAppliedUpdate:
++      rv = "AppliedUpdate";
++      break;
++    case eAppliedService:
++      rv = "AppliedService";
++      break;
++  }
++
++  return rv;
++}
++#endif
++
+ /**
+  * Returns a value indicating what needs to be done in order to handle an update.
+  *
+@@ -323,12 +391,44 @@ IsOlderVersion(nsIFile *versionFile, const char *appVersion)
+   if (strncmp(buf, kNull, sizeof(kNull) - 1) == 0)
+     return false;
+ 
++#ifdef DEBUG
++  printf("IsOlderVersion checking appVersion %s against updateVersion %s\n",
++         appVersion, buf);
++#endif
++
+   if (mozilla::Version(appVersion) > buf)
+     return true;
+ 
+   return false;
+ }
+ 
++#ifndef TOR_BROWSER_DATA_OUTSIDE_APP_DIR
++#if defined(TOR_BROWSER_UPDATE) && defined(XP_MACOSX)
++static nsresult
++GetUpdateDirFromAppDir(nsIFile *aAppDir, nsIFile* *aResult)
++{
++  // On Mac OSX, we stage the update to an Updated.app directory that is
++  // directly below the main Tor Browser.app directory (two levels up from
++  // the appDir).
++  NS_ENSURE_ARG_POINTER(aAppDir);
++  NS_ENSURE_ARG_POINTER(aResult);
++  nsCOMPtr<nsIFile> parentDir1, parentDir2;
++  nsresult rv = aAppDir->GetParent(getter_AddRefs(parentDir1));
++  NS_ENSURE_SUCCESS(rv, rv);
++  rv = parentDir1->GetParent(getter_AddRefs(parentDir2));
++  NS_ENSURE_SUCCESS(rv, rv);
++
++  nsCOMPtr<nsIFile> updatedDir;
++  if (!GetFile(parentDir2, NS_LITERAL_CSTRING("Updated.app"), updatedDir)) {
++    return NS_ERROR_FAILURE;
++  }
++
++  updatedDir.forget(aResult);
++  return NS_OK;
++}
++#endif
++#endif
++
+ static bool
+ CopyFileIntoUpdateDir(nsIFile *parentDir, const nsACString& leaf, nsIFile *updateDir)
+ {
+@@ -541,7 +641,12 @@ SwitchToUpdatedApp(nsIFile *greDir, nsIFile *updateDir,
+   nsAutoCString applyToDir;
+   nsCOMPtr<nsIFile> updatedDir;
+ #ifdef XP_MACOSX
++#if defined(TOR_BROWSER_UPDATE) && !defined(TOR_BROWSER_DATA_OUTSIDE_APP_DIR)
++  rv = GetUpdateDirFromAppDir(appDir, getter_AddRefs(updatedDir));
++  if (NS_FAILED(rv)) {
++#else
+   if (!GetFile(updateDir, NS_LITERAL_CSTRING("Updated.app"), updatedDir)) {
++#endif
+ #else
+   if (!GetFile(appDir, NS_LITERAL_CSTRING("updated"), updatedDir)) {
+ #endif
+@@ -632,6 +737,13 @@ SwitchToUpdatedApp(nsIFile *greDir, nsIFile *updateDir,
+   AppendToLibPath(installDirPath.get());
+ #endif
+ 
++#if defined(TOR_BROWSER_UPDATE) && defined(XP_WIN)
++  nsresult rv2 = AdjustPathForUpdater(appDir);
++  if (NS_FAILED(rv2)) {
++    LOG(("SwitchToUpdatedApp -- AdjustPathForUpdater failed (0x%x)\n", rv2));
++  }
++#endif
++
+   LOG(("spawning updater process for replacing [%s]\n", updaterPath.get()));
+ 
+ #if defined(USE_EXECV)
+@@ -807,7 +919,12 @@ ApplyUpdate(nsIFile *greDir, nsIFile *updateDir, nsIFile *statusFile,
+     applyToDir.Assign(installDirPath);
+   } else {
+ #ifdef XP_MACOSX
++#if defined(TOR_BROWSER_UPDATE) && !defined(TOR_BROWSER_DATA_OUTSIDE_APP_DIR)
++    rv = GetUpdateDirFromAppDir(appDir, getter_AddRefs(updatedDir));
++    if (NS_FAILED(rv)) {
++#else
+     if (!GetFile(updateDir, NS_LITERAL_CSTRING("Updated.app"), updatedDir)) {
++#endif
+ #else
+     if (!GetFile(appDir, NS_LITERAL_CSTRING("updated"), updatedDir)) {
+ #endif
+@@ -911,6 +1028,14 @@ ApplyUpdate(nsIFile *greDir, nsIFile *updateDir, nsIFile *statusFile,
+   if (isOSUpdate) {
+     PR_SetEnv("MOZ_OS_UPDATE=1");
+   }
++
++#if defined(TOR_BROWSER_UPDATE) && defined(XP_WIN)
++  nsresult rv2 = AdjustPathForUpdater(appDir);
++  if (NS_FAILED(rv2)) {
++    LOG(("ApplyUpdate -- AdjustPathForUpdater failed (0x%x)\n", rv2));
++  }
++#endif
++
+ #if defined(MOZ_WIDGET_GONK)
+   // We want the updater to be CPU friendly and not subject to being killed by
+   // the low memory killer, so we pass in some preferences to allow it to
+@@ -933,6 +1058,9 @@ ApplyUpdate(nsIFile *greDir, nsIFile *updateDir, nsIFile *statusFile,
+ #endif
+ 
+   LOG(("spawning updater process [%s]\n", updaterPath.get()));
++#ifdef DEBUG
++  dump_argv("ApplyUpdate updater", argv, argc);
++#endif
+ 
+ #if defined(USE_EXECV)
+   // Don't use execv when staging updates.
+@@ -956,6 +1084,9 @@ ApplyUpdate(nsIFile *greDir, nsIFile *updateDir, nsIFile *statusFile,
+   // LaunchChildMac uses posix_spawnp and prefers the current
+   // architecture when launching. It doesn't require a
+   // null-terminated string but it doesn't matter if we pass one.
++#ifdef DEBUG
++  dump_argv("ApplyUpdate after SetupMacCommandLine", argv, argc);
++#endif
+   LaunchChildMac(argc, argv, 0, outpid);
+   if (restart) {
+     exit(0);
+@@ -994,9 +1125,29 @@ ProcessUpdates(nsIFile *greDir, nsIFile *appDir, nsIFile *updRootDir,
+                bool restart, bool isOSUpdate, nsIFile *osApplyToDir,
+                ProcessType *pid)
+ {
++#if defined(XP_WIN) && defined(TOR_BROWSER_UPDATE)
++  // Try to remove the "tobedeleted" directory which, if present, contains
++  // files that could not be removed during a previous update (e.g., DLLs
++  // that were in use and therefore locked by Windows).
++  nsCOMPtr<nsIFile> deleteDir;
++  nsresult winrv = appDir->Clone(getter_AddRefs(deleteDir));
++  if (NS_SUCCEEDED(winrv)) {
++    winrv = deleteDir->AppendNative(NS_LITERAL_CSTRING("tobedeleted"));
++    if (NS_SUCCEEDED(winrv)) {
++      winrv = deleteDir->Remove(true);
++    }
++  }
++#endif
++
+   nsresult rv;
+ 
+   nsCOMPtr<nsIFile> updatesDir;
++#ifdef DEBUG
++  nsAutoCString path;
++  updRootDir->GetNativePath(path);
++  printf("ProcessUpdates updateRootDir: %s appVersion: %s\n",
++         path.get(), appVersion);
++#endif
+   rv = updRootDir->Clone(getter_AddRefs(updatesDir));
+   if (NS_FAILED(rv))
+     return rv;
+@@ -1022,6 +1173,12 @@ ProcessUpdates(nsIFile *greDir, nsIFile *appDir, nsIFile *updRootDir,
+ 
+   nsCOMPtr<nsIFile> statusFile;
+   UpdateStatus status = GetUpdateStatus(updatesDir, statusFile);
++#ifdef DEBUG
++  printf("ProcessUpdates status: %s (%d)\n",
++         UpdateStatusToString(status), status);
++  updatesDir->GetNativePath(path);
++  printf("ProcessUpdates updatesDir: %s\n", path.get());
++#endif
+   switch (status) {
+   case ePendingUpdate:
+   case ePendingService: {
+@@ -1104,7 +1261,11 @@ nsUpdateProcessor::ProcessUpdate(nsIUpdate* aUpdate)
+     if (NS_FAILED(rv))
+       appDir = dirProvider->GetAppDir();
+ 
++#ifdef TOR_BROWSER_UPDATE
++    appVersion = TOR_BROWSER_VERSION;
++#else
+     appVersion = gAppData->version;
++#endif
+     argc = gRestartArgc;
+     argv = gRestartArgv;
+   } else {
+@@ -1134,6 +1295,8 @@ nsUpdateProcessor::ProcessUpdate(nsIUpdate* aUpdate)
+                  getter_AddRefs(updRoot));
+     NS_ASSERTION(NS_SUCCEEDED(rv), "Can't get the UpdRootD dir");
+ 
++    // To support Tor Browser updates from xpcshell, modify the following
++    // code to use TOR_BROWSER_VERSION from the configure process.
+     nsCOMPtr<nsIXULAppInfo> appInfo =
+       do_GetService("@mozilla.org/xre/app-info;1");
+     if (appInfo) {
+diff --git a/toolkit/xre/nsXREDirProvider.cpp b/toolkit/xre/nsXREDirProvider.cpp
+index 831a373..403e820 100644
+--- a/toolkit/xre/nsXREDirProvider.cpp
++++ b/toolkit/xre/nsXREDirProvider.cpp
+@@ -1066,6 +1066,31 @@ nsXREDirProvider::GetUpdateRootDir(nsIFile* *aResult)
+   NS_ENSURE_SUCCESS(rv, rv);
+ 
+ #ifdef XP_MACOSX
++#ifdef TOR_BROWSER_UPDATE
++#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR
++  // For Tor Browser, we cannot store update history, etc. under the user's
++  // home directory. Instead, we place it under
++  // Tor Browser.app/../TorBrowser-Data/UpdateInfo/
++  nsCOMPtr<nsIFile> appRootDir;
++  rv = GetAppRootDir(getter_AddRefs(appRootDir));
++  NS_ENSURE_SUCCESS(rv, rv);
++  nsCOMPtr<nsIFile> localDir;
++  rv = appRootDir->GetParent(getter_AddRefs(localDir));
++  NS_ENSURE_SUCCESS(rv, rv);
++  rv = localDir->AppendRelativeNativePath(NS_LITERAL_CSTRING("TorBrowser-Data"
++                                     XPCOM_FILE_PATH_SEPARATOR "UpdateInfo"));
++#else
++  // For Tor Browser, we cannot store update history, etc. under the user's home directory.
++  // Instead, we place it under Tor Browser.app/TorBrowser/UpdateInfo/
++  nsCOMPtr<nsIFile> localDir;
++  rv = GetAppRootDir(getter_AddRefs(localDir));
++  NS_ENSURE_SUCCESS(rv, rv);
++  rv = localDir->AppendNative(NS_LITERAL_CSTRING("TorBrowser"));
++  NS_ENSURE_SUCCESS(rv, rv);
++  rv = localDir->AppendNative(NS_LITERAL_CSTRING("UpdateInfo"));
++#endif
++  NS_ENSURE_SUCCESS(rv, rv);
++#else
+   nsCOMPtr<nsIFile> appRootDirFile;
+   nsCOMPtr<nsIFile> localDir;
+   nsAutoString appDirPath;
+@@ -1096,6 +1121,7 @@ nsXREDirProvider::GetUpdateRootDir(nsIFile* *aResult)
+       NS_FAILED(localDir->AppendRelativePath(appDirPath))) {
+     return NS_ERROR_FAILURE;
+   }
++#endif
+ 
+   localDir.forget(aResult);
+   return NS_OK;
+@@ -1243,33 +1269,8 @@ nsXREDirProvider::GetUserDataDirectoryHome(nsIFile** aFile, bool aLocal)
+   NS_ENSURE_ARG_POINTER(aFile);
+   nsCOMPtr<nsIFile> localDir;
+ 
+-  nsresult rv = GetAppDir()->Clone(getter_AddRefs(localDir));
++  nsresult rv = GetAppRootDir(getter_AddRefs(localDir));
+   NS_ENSURE_SUCCESS(rv, rv);
+-
+-  int levelsToRemove = 0; // In FF21+, appDir points to browser subdirectory.
+-#if defined(XP_MACOSX)
+-  levelsToRemove += 1;
+-#endif
+-  while (localDir && (levelsToRemove > 0)) {
+-    // When crawling up the hierarchy, components named "." do not count.
+-    nsAutoCString removedName;
+-    rv = localDir->GetNativeLeafName(removedName);
+-    NS_ENSURE_SUCCESS(rv, rv);
+-    bool didRemove = !removedName.Equals(".");
+-
+-    // Remove a directory component.
+-    nsCOMPtr<nsIFile> parentDir;
+-    rv = localDir->GetParent(getter_AddRefs(parentDir));
+-    NS_ENSURE_SUCCESS(rv, rv);
+-    localDir = parentDir;
+-
+-    if (didRemove)
+-      --levelsToRemove;
+-  }
+-
+-  if (!localDir)
+-    return NS_ERROR_FAILURE;
+-
+   rv = localDir->AppendRelativeNativePath(NS_LITERAL_CSTRING("TorBrowser"
+                                      XPCOM_FILE_PATH_SEPARATOR "Data"
+                                      XPCOM_FILE_PATH_SEPARATOR "Browser"));
+@@ -1376,6 +1377,44 @@ nsXREDirProvider::GetUserDataDirectory(nsIFile** aFile, bool aLocal,
+ }
+ 
+ nsresult
++nsXREDirProvider::GetAppRootDir(nsIFile* *aFile)
++{
++  NS_ENSURE_ARG_POINTER(aFile);
++  nsCOMPtr<nsIFile> appRootDir;
++
++  nsresult rv = GetAppDir()->Clone(getter_AddRefs(appRootDir));
++  NS_ENSURE_SUCCESS(rv, rv);
++
++  int levelsToRemove = 0; // In FF21+, appDir points to browser subdirectory.
++#if defined(XP_MACOSX)
++  levelsToRemove += 1;
++#endif
++  while (appRootDir && (levelsToRemove > 0)) {
++    // When crawling up the hierarchy, components named "." do not count.
++    nsAutoCString removedName;
++    rv = appRootDir->GetNativeLeafName(removedName);
++    NS_ENSURE_SUCCESS(rv, rv);
++    bool didRemove = !removedName.Equals(".");
++
++    // Remove a directory component.
++    nsCOMPtr<nsIFile> parentDir;
++    rv = appRootDir->GetParent(getter_AddRefs(parentDir));
++    NS_ENSURE_SUCCESS(rv, rv);
++    appRootDir = parentDir;
++
++    if (didRemove)
++      --levelsToRemove;
++  }
++
++  if (!appRootDir)
++    return NS_ERROR_FAILURE;
++
++  appRootDir.forget(aFile);
++  return NS_OK;
++}
++
++
++nsresult
+ nsXREDirProvider::EnsureDirectoryExists(nsIFile* aDirectory)
+ {
+   bool exists;
+diff --git a/toolkit/xre/nsXREDirProvider.h b/toolkit/xre/nsXREDirProvider.h
+index 1985f66..b86cc68 100644
+--- a/toolkit/xre/nsXREDirProvider.h
++++ b/toolkit/xre/nsXREDirProvider.h
+@@ -107,6 +107,7 @@ protected:
+ #if defined(XP_UNIX) || defined(XP_MACOSX)
+   static nsresult GetSystemExtensionsDirectory(nsIFile** aFile);
+ #endif
++  nsresult GetAppRootDir(nsIFile* *aFile);
+   static nsresult EnsureDirectoryExists(nsIFile* aDirectory);
+   void EnsureProfileFileExists(nsIFile* aFile);
+ 
+diff --git a/tools/update-packaging/common.sh b/tools/update-packaging/common.sh
+index eb35880..96bfa43 100755
+--- a/tools/update-packaging/common.sh
++++ b/tools/update-packaging/common.sh
+@@ -8,7 +8,13 @@
+ # Author: Darin Fisher
+ #
+ 
++# TODO When TOR_BROWSER_DATA_OUTSIDE_APP_DIR is used on all platforms,
++# we should remove all lines in this file that contain:
++#      TorBrowser/Data
++
+ # -----------------------------------------------------------------------------
++QUIET=0
++
+ # By default just assume that these tools exist on our path
+ MAR=${MAR:-mar}
+ BZIP2=${BZIP2:-bzip2}
+@@ -21,6 +27,12 @@ notice() {
+   echo "$*" 1>&2
+ }
+ 
++verbose_notice() {
++  if [ $QUIET -eq 0 ]; then
++    notice "$*"
++  fi
++}
++
+ get_file_size() {
+   info=($(ls -ln "$1"))
+   echo ${info[4]}
+@@ -54,22 +66,10 @@ make_add_instruction() {
+     forced=
+   fi
+ 
+-  is_extension=$(echo "$f" | grep -c 'distribution/extensions/.*/')
+-  if [ $is_extension = "1" ]; then
+-    # Use the subdirectory of the extensions folder as the file to test
+-    # before performing this add instruction.
+-    testdir=$(echo "$f" | sed 's/\(.*distribution\/extensions\/[^\/]*\)\/.*/\1/')
+-    notice "     add-if \"$testdir\" \"$f\""
+-    echo "add-if \"$testdir\" \"$f\"" >> $filev2
+-    if [ ! $filev3 = "" ]; then
+-      echo "add-if \"$testdir\" \"$f\"" >> $filev3
+-    fi
+-  else
+-    notice "        add \"$f\"$forced"
+-    echo "add \"$f\"" >> $filev2
+-    if [ ! $filev3 = "" ]; then
+-      echo "add \"$f\"" >> $filev3
+-    fi
++  verbose_notice "        add \"$f\"$forced"
++  echo "add \"$f\"" >> "$filev2"
++  if [ ! "$filev3" = "" ]; then
++    echo "add \"$f\"" >> "$filev3"
+   fi
+ }
+ 
+@@ -100,8 +100,19 @@ make_add_if_not_instruction() {
+   f="$1"
+   filev3="$2"
+ 
+-  notice " add-if-not \"$f\" \"$f\""
+-  echo "add-if-not \"$f\" \"$f\"" >> $filev3
++  verbose_notice " add-if-not \"$f\" \"$f\""
++  echo "add-if-not \"$f\" \"$f\"" >> "$filev3"
++}
++
++make_addsymlink_instruction() {
++  link="$1"
++  target="$2"
++  filev2="$3"
++  filev3="$4"
++
++  verbose_notice "        addsymlink: $link -> $target"
++  echo "addsymlink \"$link\" \"$target\"" >> "$filev2"
++  echo "addsymlink \"$link\" \"$target\"" >> "$filev3"
+ }
+ 
+ make_patch_instruction() {
+@@ -109,19 +120,9 @@ make_patch_instruction() {
+   filev2="$2"
+   filev3="$3"
+ 
+-  is_extension=$(echo "$f" | grep -c 'distribution/extensions/.*/')
+-  if [ $is_extension = "1" ]; then
+-    # Use the subdirectory of the extensions folder as the file to test
+-    # before performing this add instruction.
+-    testdir=$(echo "$f" | sed 's/\(.*distribution\/extensions\/[^\/]*\)\/.*/\1/')
+-    notice "   patch-if \"$testdir\" \"$f.patch\" \"$f\""
+-    echo "patch-if \"$testdir\" \"$f.patch\" \"$f\"" >> $filev2
+-    echo "patch-if \"$testdir\" \"$f.patch\" \"$f\"" >> $filev3
+-  else
+-    notice "      patch \"$f.patch\" \"$f\""
+-    echo "patch \"$f.patch\" \"$f\"" >> $filev2
+-    echo "patch \"$f.patch\" \"$f\"" >> $filev3
+-  fi
++  verbose_notice "      patch \"$f.patch\" \"$f\""
++  echo "patch \"$f.patch\" \"$f\"" >> "$filev2"
++  echo "patch \"$f.patch\" \"$f\"" >> "$filev3"
+ }
+ 
+ append_remove_instructions() {
+@@ -148,19 +149,19 @@ append_remove_instructions() {
+         # Exclude comments
+         if [ ! $(echo "$f" | grep -c '^#') = 1 ]; then
+           if [ $(echo "$f" | grep -c '\/$') = 1 ]; then
+-            notice "      rmdir \"$f\""
+-            echo "rmdir \"$f\"" >> $filev2
+-            echo "rmdir \"$f\"" >> $filev3
++            verbose_notice "      rmdir \"$f\""
++            echo "rmdir \"$f\"" >> "$filev2"
++            echo "rmdir \"$f\"" >> "$filev3"
+           elif [ $(echo "$f" | grep -c '\/\*$') = 1 ]; then
+             # Remove the *
+             f=$(echo "$f" | sed -e 's:\*$::')
+-            notice "    rmrfdir \"$f\""
+-            echo "rmrfdir \"$f\"" >> $filev2
+-            echo "rmrfdir \"$f\"" >> $filev3
++            verbose_notice "    rmrfdir \"$f\""
++            echo "rmrfdir \"$f\"" >> "$filev2"
++            echo "rmrfdir \"$f\"" >> "$filev3"
+           else
+-            notice "     remove \"$f\""
+-            echo "remove \"$f\"" >> $filev2
+-            echo "remove \"$f\"" >> $filev3
++            verbose_notice "     remove \"$f\""
++            echo "remove \"$f\"" >> "$filev2"
++            echo "remove \"$f\"" >> "$filev3"
+           fi
+         fi
+       fi
+@@ -170,6 +171,10 @@ append_remove_instructions() {
+ 
+ # List all files in the current directory, stripping leading "./"
+ # Pass a variable name and it will be filled as an array.
++# To support Tor Browser updates, skip the following files:
++#    TorBrowser/Data/Browser/profiles.ini
++#    TorBrowser/Data/Browser/profile.default/bookmarks.html
++#    TorBrowser/Data/Tor/torrc
+ list_files() {
+   count=0
+ 
+@@ -182,6 +187,11 @@ list_files() {
+     | sed 's/\.\/\(.*\)/\1/' \
+     | sort -r > "temp-filelist"
+   while read file; do
++    if [ "$file" = "TorBrowser/Data/Browser/profiles.ini" -o                   \
++         "$file" = "TorBrowser/Data/Browser/profile.default/bookmarks.html" -o \
++         "$file" = "TorBrowser/Data/Tor/torrc" ]; then
++      continue;
++    fi
+     eval "${1}[$count]=\"$file\""
+     (( count++ ))
+   done < "temp-filelist"
+@@ -203,3 +213,19 @@ list_dirs() {
+   done < "temp-dirlist"
+   rm "temp-dirlist"
+ }
++
++# List all symbolic links in the current directory, stripping leading "./"
++list_symlinks() {
++  count=0
++
++  find . -type l \
++    | sed 's/\.\/\(.*\)/\1/' \
++    | sort -r > "temp-symlinklist"
++  while read symlink; do
++    target=$(readlink "$symlink")
++    eval "${1}[$count]=\"$symlink\""
++    eval "${2}[$count]=\"$target\""
++    (( count++ ))
++  done < "temp-symlinklist"
++  rm "temp-symlinklist"
++}
+diff --git a/tools/update-packaging/make_full_update.sh b/tools/update-packaging/make_full_update.sh
+index f046614..f0bd7f6 100755
+--- a/tools/update-packaging/make_full_update.sh
++++ b/tools/update-packaging/make_full_update.sh
+@@ -28,10 +28,16 @@ if [ $1 = -h ]; then
+   notice ""
+   notice "Options:"
+   notice "  -h  show this help text"
++  notice "  -q  be less verbose"
+   notice ""
+   exit 1
+ fi
+ 
++if [ $1 = -q ]; then
++  QUIET=1
++  shift
++fi
++
+ # -----------------------------------------------------------------------------
+ 
+ archive="$1"
+@@ -63,17 +69,46 @@ if [ ! -f "precomplete" ]; then
+ fi
+ 
+ list_files files
++list_symlinks symlinks symlink_targets
++
++# TODO When TOR_BROWSER_DATA_OUTSIDE_APP_DIR is used on all platforms,
++# we should remove the following lines:
++# Make sure we delete the pre 5.1.0 HTTPS Everywhere as well in case it
++# exists. The extension ID got changed with the version bump to 5.1.0.
++ext_path='TorBrowser/Data/Browser/profile.default/extensions'
++if [ -d "$ext_dir" ]; then
++  directories_to_remove="$ext_path/https-everywhere at eff.org $ext_path/https-everywhere-eff at eff.org"
++else
++  directories_to_remove=""
++fi
++# END TOR_BROWSER_DATA_OUTSIDE_APP_DIR removal
+ 
+ popd
+ 
+ # Add the type of update to the beginning of the update manifests.
+-> $updatemanifestv2
+-> $updatemanifestv3
++> "$updatemanifestv2"
++> "$updatemanifestv3"
+ notice ""
+ notice "Adding type instruction to update manifests"
+ notice "       type complete"
+-echo "type \"complete\"" >> $updatemanifestv2
+-echo "type \"complete\"" >> $updatemanifestv3
++echo "type \"complete\"" >> "$updatemanifestv2"
++echo "type \"complete\"" >> "$updatemanifestv3"
++
++# TODO When TOR_BROWSER_DATA_OUTSIDE_APP_DIR is used on all platforms,
++# we should remove the following lines:
++# If removal of any old, existing directories is desired, emit the appropriate
++# rmrfdir commands.
++notice ""
++notice "Adding directory removal instructions to update manifests"
++for dir_to_remove in $directories_to_remove; do
++  # rmrfdir requires a trailing slash; if slash is missing, add one.
++  if ! [[ "$dir_to_remove" =~ /$ ]]; then
++   dir_to_remove="${dir_to_remove}/"
++  fi
++  echo "rmrfdir \"$dir_to_remove\"" >> "$updatemanifestv2"
++  echo "rmrfdir \"$dir_to_remove\"" >> "$updatemanifestv3"
++done
++# END TOR_BROWSER_DATA_OUTSIDE_APP_DIR removal
+ 
+ notice ""
+ notice "Adding file add instructions to update manifests"
+@@ -99,6 +134,15 @@ for ((i=0; $i<$num_files; i=$i+1)); do
+   targetfiles="$targetfiles \"$f\""
+ done
+ 
++notice ""
++notice "Adding symlink add instructions to update manifests"
++num_symlinks=${#symlinks[*]}
++for ((i=0; $i<$num_symlinks; i=$i+1)); do
++  link="${symlinks[$i]}"
++  target="${symlink_targets[$i]}"
++  make_addsymlink_instruction "$link" "$target" "$updatemanifestv2" "$updatemanifestv3"
++done
++
+ # Append remove instructions for any dead files.
+ notice ""
+ notice "Adding file and directory remove instructions from file 'removed-files'"
+diff --git a/tools/update-packaging/make_incremental_update.sh b/tools/update-packaging/make_incremental_update.sh
+index 592b7ab..15af172 100755
+--- a/tools/update-packaging/make_incremental_update.sh
++++ b/tools/update-packaging/make_incremental_update.sh
+@@ -21,6 +21,7 @@ print_usage() {
+   notice "  -h  show this help text"
+   notice "  -f  clobber this file in the installation"
+   notice "      Must be a path to a file to clobber in the partial update."
++  notice "  -q  be less verbose"
+   notice ""
+ }
+ 
+@@ -61,6 +62,21 @@ check_for_forced_update() {
+       ## "true" *giggle*
+       return 0;
+     fi
++
++# TODO When TOR_BROWSER_DATA_OUTSIDE_APP_DIR is used on all platforms,
++# we should remove the following lines:
++    # If the file in the skip list ends with /*, do a prefix match.
++    # This allows TorBrowser/Data/Browser/profile.default/extensions/https-everywhere-eff at eff.org/*
++    # to be used to force all HTTPS Everywhere files to be updated.
++    f_suffix=${f##*/}
++    if [[ $f_suffix = "*" ]]; then
++      f_prefix="${f%\/\*}";
++      if [[ $forced_file_chk == $f_prefix* ]]; then
++        ## 0 means "true"
++        return 0;
++      fi
++    fi
++# END TOR_BROWSER_DATA_OUTSIDE_APP_DIR removal
+   done
+   ## 'false'... because this is bash. Oh yay!
+   return 1;
+@@ -71,13 +87,18 @@ if [ $# = 0 ]; then
+   exit 1
+ fi
+ 
+-requested_forced_updates='Contents/MacOS/firefox'
++# Firefox uses requested_forced_updates='Contents/MacOS/firefox' due to
++# 770996 but in Tor Browser we do not need that fix.
++requested_forced_updates=""
++directories_to_remove=""
+ 
+-while getopts "hf:" flag
++while getopts "hqf:" flag
+ do
+    case "$flag" in
+       h) print_usage; exit 0
+       ;;
++      q) QUIET=1
++      ;;
+       f) requested_forced_updates="$requested_forced_updates $OPTARG"
+       ;;
+       ?) print_usage; exit 1
+@@ -104,6 +125,46 @@ updatemanifestv2="$workdir/updatev2.manifest"
+ updatemanifestv3="$workdir/updatev3.manifest"
+ archivefiles="updatev2.manifest updatev3.manifest"
+ 
++# TODO When TOR_BROWSER_DATA_OUTSIDE_APP_DIR is used on all platforms,
++# we should remove the following lines:
++# If the NoScript or HTTPS Everywhere extensions have changed between
++# releases, add them to the "force updates" list.
++ext_path='TorBrowser/Data/Browser/profile.default/extensions'
++if [ -d "$newdir/$ext_path" ]; then
++  https_everywhere='https-everywhere-eff at eff.org'
++  noscript='{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi'
++
++  # NoScript is a packed extension, so we simply compare the old and the new
++  # .xpi files.
++  noscript_path="$ext_path/$noscript"
++  diff -a "$olddir/$noscript_path" "$newdir/$noscript_path" > /dev/null
++  rc=$?
++  if [ $rc -gt 1 ]; then
++    notice "Unexpected exit $rc from $noscript_path diff command"
++    exit 2
++  elif [ $rc -eq 1 ]; then
++    requested_forced_updates="$requested_forced_updates $noscript_path"
++  fi
++
++  # HTTPS Everywhere is an unpacked extension, so we need to determine if any of
++  # the unpacked files have changed. Since that is messy, we simply compare the
++  # old extension's install.rdf file to the new one.
++  https_everywhere_install_rdf="$ext_path/$https_everywhere/install.rdf"
++  diff "$olddir/$https_everywhere_install_rdf"     \
++        "$newdir/$https_everywhere_install_rdf" > /dev/null
++  rc=$?
++  if [ $rc -gt 1 -a -e "$olddir/$https_everywhere_install_rdf" ]; then
++    notice "Unexpected exit $rc from $https_everywhere_install_rdf diff command"
++    exit 2
++  elif [ $rc -ge 1 ]; then
++    requested_forced_updates="$requested_forced_updates $ext_path/$https_everywhere/*"
++    # Make sure we delete the pre 5.1.0 HTTPS Everywhere as well in case it
++    # exists. The extension ID got changed with the version bump to 5.1.0.
++    directories_to_remove="$directories_to_remove $ext_path/https-everywhere at eff.org $ext_path/$https_everywhere"
++  fi
++fi
++# END TOR_BROWSER_DATA_OUTSIDE_APP_DIR removal
++
+ mkdir -p "$workdir"
+ 
+ # Generate a list of all files in the target directory.
+@@ -113,6 +174,7 @@ if test $? -ne 0 ; then
+ fi
+ 
+ list_files oldfiles
++list_symlinks oldsymlinks oldsymlink_targets
+ list_dirs olddirs
+ 
+ popd
+@@ -131,17 +193,34 @@ fi
+ 
+ list_dirs newdirs
+ list_files newfiles
++list_symlinks newsymlinks newsymlink_targets
+ 
+ popd
+ 
+ # Add the type of update to the beginning of the update manifests.
+ notice ""
+ notice "Adding type instruction to update manifests"
+-> $updatemanifestv2
+-> $updatemanifestv3
++> "$updatemanifestv2"
++> "$updatemanifestv3"
+ notice "       type partial"
+-echo "type \"partial\"" >> $updatemanifestv2
+-echo "type \"partial\"" >> $updatemanifestv3
++echo "type \"partial\"" >> "$updatemanifestv2"
++echo "type \"partial\"" >> "$updatemanifestv3"
++
++# TODO When TOR_BROWSER_DATA_OUTSIDE_APP_DIR is used on all platforms,
++# we should remove the following lines:
++# If removal of any old, existing directories is desired, emit the appropriate
++# rmrfdir commands.
++notice ""
++notice "Adding directory removal instructions to update manifests"
++for dir_to_remove in $directories_to_remove; do
++  # rmrfdir requires a trailing slash, so add one if missing.
++  if ! [[ "$dir_to_remove" =~ /$ ]]; then
++    dir_to_remove="${dir_to_remove}/"
++  fi
++  echo "rmrfdir \"$dir_to_remove\"" >> "$updatemanifestv2"
++  echo "rmrfdir \"$dir_to_remove\"" >> "$updatemanifestv3"
++done
++# END TOR_BROWSER_DATA_OUTSIDE_APP_DIR removal
+ 
+ notice ""
+ notice "Adding file patch and add instructions to update manifests"
+@@ -234,6 +313,24 @@ for ((i=0; $i<$num_oldfiles; i=$i+1)); do
+   fi
+ done
+ 
++# Remove and re-add symlinks
++notice ""
++notice "Adding symlink remove/add instructions to update manifests"
++num_oldsymlinks=${#oldsymlinks[*]}
++for ((i=0; $i<$num_oldsymlinks; i=$i+1)); do
++  link="${oldsymlinks[$i]}"
++  verbose_notice "        remove: $link"
++  echo "remove \"$link\"" >> "$updatemanifestv2"
++  echo "remove \"$link\"" >> "$updatemanifestv3"
++done
++
++num_newsymlinks=${#newsymlinks[*]}
++for ((i=0; $i<$num_newsymlinks; i=$i+1)); do
++  link="${newsymlinks[$i]}"
++  target="${newsymlink_targets[$i]}"
++  make_addsymlink_instruction "$link" "$target" "$updatemanifestv2" "$updatemanifestv3"
++done
++
+ # Newly added files
+ notice ""
+ notice "Adding file add instructions to update manifests"
+@@ -270,8 +367,8 @@ notice "Adding file remove instructions to update manifests"
+ for ((i=0; $i<$num_removes; i=$i+1)); do
+   f="${remove_array[$i]}"
+   notice "     remove \"$f\""
+-  echo "remove \"$f\"" >> $updatemanifestv2
+-  echo "remove \"$f\"" >> $updatemanifestv3
++  echo "remove \"$f\"" >> "$updatemanifestv2"
++  echo "remove \"$f\"" >> "$updatemanifestv3"
+ done
+ 
+ # Add remove instructions for any dead files.
+@@ -288,8 +385,8 @@ for ((i=0; $i<$num_olddirs; i=$i+1)); do
+   # If this dir doesn't exist in the new directory remove it.
+   if [ ! -d "$newdir/$f" ]; then
+     notice "      rmdir $f/"
+-    echo "rmdir \"$f/\"" >> $updatemanifestv2
+-    echo "rmdir \"$f/\"" >> $updatemanifestv3
++    echo "rmdir \"$f/\"" >> "$updatemanifestv2"
++    echo "rmdir \"$f/\"" >> "$updatemanifestv3"
+   fi
+ done
+ 
+-- 
+cgit v0.10.2
+





More information about the tor-commits mailing list