[tor-commits] [tor-browser/tor-browser-78.13.0esr-11.0-2] TB3: Tor Browser's official .mozconfigs.

boklm at torproject.org boklm at torproject.org
Tue Aug 10 19:15:20 UTC 2021


commit 4f3de7df9b0ab2b781d915ae53f4184eba832363
Author: Mike Perry <mikeperry-git at torproject.org>
Date:   Mon May 6 15:51:06 2013 -0700

    TB3: Tor Browser's official .mozconfigs.
    
    Also:
    Bug #9829.1: new .mozconfig file for the new cross-compiler and ESR24
    Changes needed to build Mac in 64bit
    Bug 10715: Enable Webgl for mingw-w64 again.
    Disable ICU when cross-compiling; clean-up.
    Bug 15773: Enable ICU on OS X
    Bug 15990: Don't build the sandbox with mingw-w64
    Bug 12761: Switch to ESR 38 for OS X
    Updating .mozconfig-asan
    Bug 12516: Compile hardenend Tor Browser with -fwrapv
    Bug 18331: Switch to Mozilla's toolchain for building Tor Browser for OS X
    Bug 17858: Cannot create incremental MARs for hardened builds.
    Define HOST_CFLAGS, etc. to avoid compiling programs such as mbsdiff
    (which is part of mar-tools and is not distributed to end-users) with
    ASan.
    Bug 13419: Add back ICU for Windows
    Bug 21239: Use GTK2 for ESR52 Linux builds
    Bug 23025: Add hardening flags for macOS
    Bug 24478: Enable debug assertions and tests in our ASan builds
    --enable-proxy-bypass-protection
    Bug 27597: ASan build option in tor-browser-build is broken
    
    Bug 27623 - Export MOZILLA_OFFICIAL during desktop builds
    
    This fixes a problem where some preferences had the wrong default value.
    Also see bug 27472 where we made a similar fix for Android.
    
    Bug 30463: Explicitly disable MOZ_TELEMETRY_REPORTING
    
    Bug 31450: Set proper BINDGEN_CFLAGS for ASan builds
    
    Add an --enable-tor-browser-data-outside-app-dir configure option
    
    Add --with-tor-browser-version configure option
    
    Bug 21849: Don't allow SSL key logging.
    
    Bug 31457: disable per-installation profiles
    
    The dedicated profiles (per-installation) feature does not interact
    well with our bundled profiles on Linux and Windows, and it also causes
    multiple profiles to be created on macOS under TorBrowser-Data.
    
    Bug 31935: Disable profile downgrade protection.
    
    Since Tor Browser does not support more than one profile, disable
    the prompt and associated code that offers to create one when a
    version downgrade situation is detected.
    
    Bug 32493: Disable MOZ_SERVICES_HEALTHREPORT
    
    Bug 25741 - TBA: Disable features at compile-time
    
    MOZ_NATIVE_DEVICES for casting and the media player
    MOZ_TELEMETRY_REPORTING for telemetry
    MOZ_DATA_REPORTING for all data reporting preferences (crashreport, telemetry, geo)
    
    Bug 25741 - TBA: Add default configure options in dedicated file
    
    Define MOZ_ANDROID_NETWORK_STATE and MOZ_ANDROID_LOCATION
    
    Bug 29859: Disable HLS support for now
    
    Add --disable-tor-launcher build option
    
    Add --enable-tor-browser-update build option
    
    Bug 33734: Set MOZ_NORMANDY to False
    
    Bug 33851: Omit Parental Controls.
    
    Bug 40061: Omit the Windows default browser agent from the build
    
    Bug 40107: Adapt .mozconfig-asan for ESR 78
    
    Bug 40252: Add --enable-rust-simd to our tor-browser mozconfig files
---
 .mozconfig                            | 39 ++++++++++++++++++++++++
 .mozconfig-android                    | 36 ++++++++++++++++++++++
 .mozconfig-asan                       | 45 ++++++++++++++++++++++++++++
 .mozconfig-mac                        | 56 +++++++++++++++++++++++++++++++++++
 .mozconfig-mingw                      | 31 +++++++++++++++++++
 browser/base/moz.build                |  3 ++
 browser/installer/Makefile.in         |  8 +++++
 browser/moz.configure                 |  8 ++---
 build/moz.configure/old.configure     |  6 ++++
 mobile/android/confvars.sh            |  9 ++++++
 mobile/android/geckoview/build.gradle |  1 +
 mobile/android/moz.configure          | 17 +++++++++--
 mobile/android/torbrowser.configure   | 30 +++++++++++++++++++
 old-configure.in                      | 49 ++++++++++++++++++++++++++++++
 security/moz.build                    |  2 +-
 security/nss/lib/ssl/Makefile         |  2 +-
 toolkit/modules/AppConstants.jsm      |  9 ++++++
 toolkit/modules/moz.build             |  3 ++
 18 files changed, 346 insertions(+), 8 deletions(-)

diff --git a/.mozconfig b/.mozconfig
new file mode 100755
index 000000000000..18cd1f9b6487
--- /dev/null
+++ b/.mozconfig
@@ -0,0 +1,39 @@
+. $topsrcdir/browser/config/mozconfig
+
+# This mozconfig file is not used in official Tor Browser builds.
+# It is only intended to be used when doing incremental Linux builds
+# during development. The platform-specific mozconfig configuration
+# files used in official Tor Browser releases can be found in the
+# tor-browser-build repo:
+#   https://gitweb.torproject.org/builders/tor-browser-build.git/
+# under:
+#   tor-browser-build/projects/firefox/mozconfig-$OS-$ARCH
+
+mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj- at CONFIG_GUESS@
+mk_add_options MOZ_APP_DISPLAYNAME="Tor Browser"
+export MOZILLA_OFFICIAL=1
+
+ac_add_options --enable-optimize
+ac_add_options --enable-rust-simd
+ac_add_options --enable-official-branding
+
+# Let's support GTK3 for ESR60
+ac_add_options --enable-default-toolkit=cairo-gtk3
+
+ac_add_options --disable-strip
+ac_add_options --disable-install-strip
+ac_add_options --disable-tests
+ac_add_options --disable-debug
+ac_add_options --disable-crashreporter
+ac_add_options --disable-webrtc
+ac_add_options --disable-parental-controls
+# Let's make sure no preference is enabling either Adobe's or Google's CDM.
+ac_add_options --disable-eme
+ac_add_options --enable-proxy-bypass-protection
+
+# Disable telemetry
+ac_add_options MOZ_TELEMETRY_REPORTING=
+
+ac_add_options --disable-tor-launcher
+ac_add_options --with-tor-browser-version=dev-build
+ac_add_options --disable-tor-browser-update
diff --git a/.mozconfig-android b/.mozconfig-android
new file mode 100755
index 000000000000..50015ec615ef
--- /dev/null
+++ b/.mozconfig-android
@@ -0,0 +1,36 @@
+mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj-arm-linux-androideabi
+mk_add_options MOZ_APP_DISPLAYNAME="Tor Browser"
+export MOZILLA_OFFICIAL=1
+
+ac_add_options --enable-optimize
+ac_add_options --enable-rust-simd
+ac_add_options --enable-official-branding
+
+# Android
+ac_add_options --enable-application=mobile/android
+ac_add_options --target=arm-linux-androideabi
+ac_add_options --with-android-ndk="$NDK_BASE" #Enter the android ndk location(ndk r17b)
+ac_add_options --with-android-sdk="$SDK_BASE" #Enter the android sdk location
+ac_add_options --with-branding=mobile/android/branding/alpha
+
+# Use Mozilla's Clang blobs
+CC="$HOME/.mozbuild/clang/bin/clang"
+CXX="$HOME/.mozbuild/clang/bin/clang++"
+
+#enable ccache to set amount of cache assigned for build.
+ac_add_options --with-ccache
+
+ac_add_options --enable-strip
+ac_add_options --disable-tests
+ac_add_options --disable-debug
+ac_add_options --disable-rust-debug
+
+ac_add_options --disable-updater
+ac_add_options --disable-crashreporter
+ac_add_options --disable-webrtc
+ac_add_options --disable-parental-controls
+
+ac_add_options --enable-proxy-bypass-protection
+
+# Disable telemetry
+ac_add_options MOZ_TELEMETRY_REPORTING=
diff --git a/.mozconfig-asan b/.mozconfig-asan
new file mode 100644
index 000000000000..98ea6ac6f3fe
--- /dev/null
+++ b/.mozconfig-asan
@@ -0,0 +1,45 @@
+. $topsrcdir/browser/config/mozconfig
+
+export CFLAGS="-fsanitize=address -Dxmalloc=myxmalloc"
+export CXXFLAGS="-fsanitize=address -Dxmalloc=myxmalloc"
+# We need to add -ldl explicitely due to bug 1213698
+export LDFLAGS="-fsanitize=address -ldl"
+
+# Define HOST_CFLAGS, etc. to avoid compiling programs such as mbsdiff
+# (which is part of mar-tools and is not distributed to end-users) with
+# ASan. See bug 17858.
+export HOST_CFLAGS=""
+export HOST_CXXFLAGS=""
+export HOST_LDFLAGS="-ldl"
+
+mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj- at CONFIG_GUESS@
+mk_add_options MOZ_APP_DISPLAYNAME="Tor Browser"
+export MOZILLA_OFFICIAL=1
+export BINDGEN_CFLAGS='--gcc-toolchain=/var/tmp/dist/gcc'
+
+ac_add_options --enable-address-sanitizer
+ac_add_options --disable-jemalloc
+ac_add_options --disable-elf-hack
+ac_add_options --with-clang-path=/var/tmp/dist/clang/bin/clang
+
+ac_add_options --enable-optimize
+ac_add_options --enable-rust-simd
+ac_add_options --enable-official-branding
+
+# Let's support GTK3 for ESR60
+ac_add_options --enable-default-toolkit=cairo-gtk3
+
+ac_add_options --enable-tor-browser-update
+
+ac_add_options --disable-strip
+ac_add_options --disable-install-strip
+ac_add_options --disable-tests
+ac_add_options --disable-debug
+ac_add_options --disable-crashreporter
+ac_add_options --disable-webrtc
+ac_add_options --disable-parental-controls
+ac_add_options --disable-eme
+ac_add_options --enable-proxy-bypass-protection
+
+# Disable telemetry
+ac_add_options MOZ_TELEMETRY_REPORTING=
diff --git a/.mozconfig-mac b/.mozconfig-mac
new file mode 100644
index 000000000000..26e2b6b92fdb
--- /dev/null
+++ b/.mozconfig-mac
@@ -0,0 +1,56 @@
+# ld needs libLTO.so from llvm
+mk_add_options "export LD_LIBRARY_PATH=$topsrcdir/clang/lib"
+
+CROSS_CCTOOLS_PATH=$topsrcdir/cctools
+CROSS_SYSROOT=$topsrcdir/MacOSX10.7.sdk
+CROSS_PRIVATE_FRAMEWORKS=$CROSS_SYSROOT/System/Library/PrivateFrameworks
+HARDENING_FLAGS="-Werror=format -Werror=format-security -fstack-protector-strong -D_FORTIFY_SOURCE=2"
+FLAGS="-target x86_64-apple-darwin10 -mlinker-version=136 -B $CROSS_CCTOOLS_PATH/bin -isysroot $CROSS_SYSROOT $HARDENING_FLAGS"
+
+export CC="$topsrcdir/clang/bin/clang $FLAGS"
+export CXX="$topsrcdir/clang/bin/clang++ $FLAGS"
+export CPP="$topsrcdir/clang/bin/clang $FLAGS -E"
+export LLVMCONFIG=$topsrcdir/clang/bin/llvm-config
+export LDFLAGS="-Wl,-syslibroot,$CROSS_SYSROOT -Wl,-dead_strip -Wl,-pie"
+export TOOLCHAIN_PREFIX=$CROSS_CCTOOLS_PATH/bin/x86_64-apple-darwin10-
+#TODO: bug 1184202 - would be nice if these could be detected with TOOLCHAIN_PREFIX automatically
+export AR=${TOOLCHAIN_PREFIX}ar
+export RANLIB=${TOOLCHAIN_PREFIX}ranlib
+export STRIP=${TOOLCHAIN_PREFIX}strip
+export OTOOL=${TOOLCHAIN_PREFIX}otool
+export DSYMUTIL=$topsrcdir/clang/bin/llvm-dsymutil
+
+export HOST_CC="$topsrcdir/clang/bin/clang"
+export HOST_CXX="$topsrcdir/clang/bin/clang++"
+export HOST_CPP="$topsrcdir/clang/bin/clang -E"
+export HOST_CFLAGS="-g"
+export HOST_CXXFLAGS="-g"
+export HOST_LDFLAGS="-g"
+
+ac_add_options --target=x86_64-apple-darwin
+ac_add_options --with-macos-private-frameworks=$CROSS_PRIVATE_FRAMEWORKS
+
+mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj-macos
+mk_add_options MOZ_APP_DISPLAYNAME="Tor Browser"
+export MOZILLA_OFFICIAL=1
+
+ac_add_options --enable-application=browser
+ac_add_options --enable-strip
+ac_add_options --enable-official-branding
+ac_add_options --enable-optimize
+ac_add_options --enable-rust-simd
+ac_add_options --disable-debug
+
+ac_add_options --enable-tor-browser-data-outside-app-dir
+ac_add_options --enable-tor-browser-update
+
+ac_add_options --disable-crashreporter
+ac_add_options --disable-webrtc
+ac_add_options --disable-parental-controls
+ac_add_options --disable-tests
+# Let's make sure no preference is enabling either Adobe's or Google's CDM.
+ac_add_options --disable-eme
+ac_add_options --enable-proxy-bypass-protection
+
+# Disable telemetry
+ac_add_options MOZ_TELEMETRY_REPORTING=
diff --git a/.mozconfig-mingw b/.mozconfig-mingw
new file mode 100644
index 000000000000..3ec6ff18a3e9
--- /dev/null
+++ b/.mozconfig-mingw
@@ -0,0 +1,31 @@
+CROSS_COMPILE=1
+
+ac_add_options --enable-application=browser
+ac_add_options --target=i686-w64-mingw32
+ac_add_options --with-toolchain-prefix=i686-w64-mingw32-
+ac_add_options --enable-default-toolkit=cairo-windows
+mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj-mingw
+mk_add_options MOZ_APP_DISPLAYNAME="Tor Browser"
+export MOZILLA_OFFICIAL=1
+
+ac_add_options --disable-debug
+ac_add_options --enable-optimize
+ac_add_options --enable-rust-simd
+ac_add_options --enable-strip
+ac_add_options --enable-official-branding
+
+ac_add_options --enable-tor-browser-update
+ac_add_options --disable-bits-download
+
+# Let's make sure no preference is enabling either Adobe's or Google's CDM.
+ac_add_options --disable-eme
+ac_add_options --disable-crashreporter
+ac_add_options --disable-maintenance-service
+ac_add_options --disable-webrtc
+ac_add_options --disable-parental-controls
+ac_add_options --disable-tests
+ac_add_options --enable-proxy-bypass-protection
+
+# Disable telemetry
+ac_add_options MOZ_TELEMETRY_REPORTING=
+ac_add_options --disable-default-browser-agent
diff --git a/browser/base/moz.build b/browser/base/moz.build
index e136e0986a3c..ebb4cbf79fd0 100644
--- a/browser/base/moz.build
+++ b/browser/base/moz.build
@@ -71,4 +71,7 @@ if CONFIG['MOZ_WIDGET_TOOLKIT'] in ('windows', 'gtk', 'cocoa'):
 if CONFIG['MOZ_WIDGET_TOOLKIT'] in ('windows', 'gtk'):
     DEFINES['MENUBAR_CAN_AUTOHIDE'] = 1
 
+if CONFIG['TOR_BROWSER_UPDATE']:
+    DEFINES['TOR_BROWSER_UPDATE'] = 1
+
 JAR_MANIFESTS += ['jar.mn']
diff --git a/browser/installer/Makefile.in b/browser/installer/Makefile.in
index b861ad214a64..0325f0ffab9a 100644
--- a/browser/installer/Makefile.in
+++ b/browser/installer/Makefile.in
@@ -82,6 +82,14 @@ endif
 endif
 endif
 
+ifdef TOR_BROWSER_DISABLE_TOR_LAUNCHER
+DEFINES += -DTOR_BROWSER_DISABLE_TOR_LAUNCHER
+endif
+
+ifdef TOR_BROWSER_UPDATE
+DEFINES += -DTOR_BROWSER_UPDATE
+endif
+
 ifneq (,$(filter WINNT Darwin Android,$(OS_TARGET)))
 DEFINES += -DMOZ_SHARED_MOZGLUE=1
 endif
diff --git a/browser/moz.configure b/browser/moz.configure
index a251050feb9b..3b6b377235ca 100644
--- a/browser/moz.configure
+++ b/browser/moz.configure
@@ -5,11 +5,11 @@
 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
 
 imply_option('MOZ_PLACES', True)
-imply_option('MOZ_SERVICES_HEALTHREPORT', True)
+imply_option('MOZ_SERVICES_HEALTHREPORT', False)
 imply_option('MOZ_SERVICES_SYNC', True)
-imply_option('MOZ_DEDICATED_PROFILES', True)
-imply_option('MOZ_BLOCK_PROFILE_DOWNGRADE', True)
-imply_option('MOZ_NORMANDY', True)
+imply_option('MOZ_DEDICATED_PROFILES', False)
+imply_option('MOZ_BLOCK_PROFILE_DOWNGRADE', False)
+imply_option('MOZ_NORMANDY', False)
 
 with only_when(target_is_linux & compile_environment):
     option(env='MOZ_NO_PIE_COMPAT',
diff --git a/build/moz.configure/old.configure b/build/moz.configure/old.configure
index 136abbcafa69..9b663a1bf4f1 100644
--- a/build/moz.configure/old.configure
+++ b/build/moz.configure/old.configure
@@ -248,6 +248,12 @@ def old_configure_options(*options):
     '--with-user-appdir',
     '--x-includes',
     '--x-libraries',
+
+    # Tor additions.
+    '--with-tor-browser-version',
+    '--enable-tor-browser-update',
+    '--enable-tor-browser-data-outside-app-dir',
+    '--enable-tor-launcher',
 )
 def prepare_configure_options(host, target, all_options, *options):
     # old-configure only supports the options listed in @old_configure_options
diff --git a/mobile/android/confvars.sh b/mobile/android/confvars.sh
index 77191834d240..47a6a8dbae1d 100644
--- a/mobile/android/confvars.sh
+++ b/mobile/android/confvars.sh
@@ -30,9 +30,18 @@ MOZ_ANDROID_BROWSER_INTENT_CLASS=org.mozilla.gecko.BrowserApp
 
 MOZ_NO_SMART_CARDS=1
 
+# Adds MIME-type support for raw video
 MOZ_RAW=1
 
 # use custom widget for html:select
 MOZ_USE_NATIVE_POPUP_WINDOWS=1
 
 MOZ_APP_ID={aa3c5121-dab2-40e2-81ca-7ea25febc110}
+
+### Tor Browser for Android ###
+
+# Disable telemetry at compile-time
+unset MOZ_TELEMETRY_REPORTING
+
+# Disable data reporting at compile-time
+unset MOZ_DATA_REPORTING
diff --git a/mobile/android/geckoview/build.gradle b/mobile/android/geckoview/build.gradle
index 82d36c179c92..c1b51537031d 100644
--- a/mobile/android/geckoview/build.gradle
+++ b/mobile/android/geckoview/build.gradle
@@ -92,6 +92,7 @@ android {
         buildConfigField 'String', "MOZ_APP_DISPLAYNAME", "\"${mozconfig.substs.MOZ_APP_DISPLAYNAME}\"";
         buildConfigField 'String', "MOZ_APP_UA_NAME", "\"${mozconfig.substs.MOZ_APP_UA_NAME}\"";
         buildConfigField 'String', "MOZ_UPDATE_CHANNEL", "\"${mozconfig.substs.MOZ_UPDATE_CHANNEL}\"";
+        buildConfigField 'String', "TOR_BROWSER_VERSION", "\"${mozconfig.substs.TOR_BROWSER_VERSION}\"";
 
         // MOZILLA_VERSION is oddly quoted from autoconf, but we don't have to handle it specially in Gradle.
         buildConfigField 'String', "MOZILLA_VERSION", "\"${mozconfig.substs.MOZILLA_VERSION}\"";
diff --git a/mobile/android/moz.configure b/mobile/android/moz.configure
index fa510f0a57d3..f7b4df4ac24a 100644
--- a/mobile/android/moz.configure
+++ b/mobile/android/moz.configure
@@ -10,7 +10,7 @@ project_flag('MOZ_ANDROID_EXCLUDE_FONTS',
 
 project_flag('MOZ_ANDROID_HLS_SUPPORT',
              help='Enable HLS (HTTP Live Streaming) support (currently using the ExoPlayer library)',
-             default=True)
+             default=False)
 
 option(env='FENNEC_NIGHTLY',
        help='Enable experimental code for Fennec Nightly users. NOTE: This is *not* equivalent '
@@ -26,9 +26,12 @@ def fennec_nightly(nightly):
     return bool(nightly)
 
 imply_option('MOZ_NORMANDY', False)
-imply_option('MOZ_SERVICES_HEALTHREPORT', True)
 imply_option('MOZ_ANDROID_HISTORY', True)
 imply_option('--enable-small-chunk-size', True)
+# Comment this so we can imply |False| in torbrowser.configure
+# The Build system doesn't allow multiple imply_option()
+# calls with the same key.
+#imply_option('MOZ_SERVICES_HEALTHREPORT', True)
 
 @depends(target)
 def check_target(target):
@@ -39,6 +42,8 @@ def check_target(target):
             'Build_Instructions/Simple_Firefox_for_Android_build '
             'for more information about the necessary options.')
 
+include('torbrowser.configure')
+
 include('../../toolkit/moz.configure')
 include('../../build/moz.configure/android-sdk.configure')
 include('../../build/moz.configure/java.configure')
@@ -50,3 +55,11 @@ option(env='MOZ_ANDROID_FAT_AAR_ARCHITECTURES',
        help='Comma-separated list of Android CPU architectures like "armeabi-v7a,arm64-v8a,x86,x86_64"')
 
 set_config('MOZ_ANDROID_FAT_AAR_ARCHITECTURES', depends('MOZ_ANDROID_FAT_AAR_ARCHITECTURES')(lambda x: x))
+
+project_flag('MOZ_ANDROID_NETWORK_STATE',
+             help='Include permission for accessing WiFi/network state on Android',
+             default=False)
+
+project_flag('MOZ_ANDROID_LOCATION',
+             help='Include permission for accessing fine and course-grain Location on Android',
+             default=False)
diff --git a/mobile/android/torbrowser.configure b/mobile/android/torbrowser.configure
new file mode 100644
index 000000000000..2ff6215eedc9
--- /dev/null
+++ b/mobile/android/torbrowser.configure
@@ -0,0 +1,30 @@
+# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*-
+# vim: set filetype=python:
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+# Set Tor Browser default config
+
+imply_option('MOZ_ANDROID_EXCLUDE_FONTS', False)
+
+# Disable uploading crash reports and dump files to an external server
+# This is still configured in old-configure. Uncomment when this moves
+# to the python config
+#imply_option('MOZ_CRASHREPORTER', False)
+
+# Disable uploading information about the browser configuration and
+# performance to an external server
+imply_option('MOZ_SERVICES_HEALTHREPORT', False)
+
+# Disable creating telemetry and data reports that are uploaded to an
+# external server
+# These aren't actually configure options. These are disabled in
+# confvars.sh, but they look like configure options so we'll document
+# them here, as well.
+#XXX: no confvars.sh here
+#imply_option('MOZ_TELEMETRY_REPORTING', False)
+#imply_option('MOZ_DATA_REPORTING', False)
+
+imply_option('MOZ_ANDROID_NETWORK_STATE', False);
+imply_option('MOZ_ANDROID_LOCATION', False);
diff --git a/old-configure.in b/old-configure.in
index dfb072b19cfb..2c3308a27657 100644
--- a/old-configure.in
+++ b/old-configure.in
@@ -1966,6 +1966,55 @@ if test -n "$MOZ_UPDATER"; then
     AC_DEFINE(MOZ_UPDATER)
 fi
 
+dnl ========================================================
+dnl Tor additions
+dnl ========================================================
+MOZ_ARG_WITH_STRING(tor-browser-version,
+[  --with-tor-browser-version=VERSION
+                          Set Tor Browser version, e.g., 7.0a1],
+    TOR_BROWSER_VERSION="$withval")
+
+if test -z "$TOR_BROWSER_VERSION"; then
+    AC_MSG_ERROR([--with-tor-browser-version is required for Tor Browser.])
+fi
+
+MOZ_ARG_ENABLE_BOOL(tor-browser-update,
+[  --enable-tor-browser-update
+                          Enable Tor Browser update],
+    TOR_BROWSER_UPDATE=1,
+    TOR_BROWSER_UPDATE= )
+
+if test -n "$TOR_BROWSER_UPDATE"; then
+    AC_DEFINE(TOR_BROWSER_UPDATE)
+fi
+
+MOZ_ARG_ENABLE_BOOL(tor-browser-data-outside-app-dir,
+[  --enable-tor-browser-data-outside-app-dir
+                          Enable Tor Browser data outside of app directory],
+    TOR_BROWSER_DATA_OUTSIDE_APP_DIR=1,
+    TOR_BROWSER_DATA_OUTSIDE_APP_DIR= )
+
+if test -n "$TOR_BROWSER_DATA_OUTSIDE_APP_DIR"; then
+    AC_DEFINE(TOR_BROWSER_DATA_OUTSIDE_APP_DIR)
+fi
+
+AC_DEFINE_UNQUOTED(TOR_BROWSER_VERSION,$TOR_BROWSER_VERSION)
+AC_DEFINE_UNQUOTED(TOR_BROWSER_VERSION_QUOTED,"$TOR_BROWSER_VERSION")
+AC_SUBST(TOR_BROWSER_UPDATE)
+AC_SUBST(TOR_BROWSER_DATA_OUTSIDE_APP_DIR)
+
+MOZ_ARG_DISABLE_BOOL(tor-launcher,
+[  --disable-tor-launcher
+                          Do not include Tor Launcher],
+   TOR_BROWSER_DISABLE_TOR_LAUNCHER=1,
+   TOR_BROWSER_DISABLE_TOR_LAUNCHER=)
+
+if test -n "$TOR_BROWSER_DISABLE_TOR_LAUNCHER"; then
+    AC_DEFINE(TOR_BROWSER_DISABLE_TOR_LAUNCHER)
+fi
+
+AC_SUBST(TOR_BROWSER_DISABLE_TOR_LAUNCHER)
+
 dnl ========================================================
 dnl parental controls (for Windows Vista)
 dnl ========================================================
diff --git a/security/moz.build b/security/moz.build
index dec6f3ef7e21..f00f9fe5d7a7 100644
--- a/security/moz.build
+++ b/security/moz.build
@@ -85,7 +85,7 @@ gyp_vars['nss_dist_obj_dir'] = '$PRODUCT_DIR/dist/bin'
 gyp_vars['disable_tests'] = 1
 gyp_vars['disable_dbm'] = 1
 gyp_vars['disable_libpkix'] = 1
-gyp_vars['enable_sslkeylogfile'] = 1
+gyp_vars['enable_sslkeylogfile'] = 0
 # pkg-config won't reliably find zlib on our builders, so just force it.
 # System zlib is only used for modutil and signtool unless
 # SSL zlib is enabled, which we are disabling immediately below this.
diff --git a/security/nss/lib/ssl/Makefile b/security/nss/lib/ssl/Makefile
index 8a8b06f4b508..90571bb3e256 100644
--- a/security/nss/lib/ssl/Makefile
+++ b/security/nss/lib/ssl/Makefile
@@ -41,7 +41,7 @@ endif
 
 # Enable key logging by default in debug builds, but not opt builds.
 # Logging still needs to be enabled at runtime through env vars.
-NSS_ALLOW_SSLKEYLOGFILE ?= $(if $(BUILD_OPT),0,1)
+NSS_ALLOW_SSLKEYLOGFILE ?= 0
 ifeq (1,$(NSS_ALLOW_SSLKEYLOGFILE))
 DEFINES += -DNSS_ALLOW_SSLKEYLOGFILE=1
 endif
diff --git a/toolkit/modules/AppConstants.jsm b/toolkit/modules/AppConstants.jsm
index 9b035435aed6..cd8ca2659626 100644
--- a/toolkit/modules/AppConstants.jsm
+++ b/toolkit/modules/AppConstants.jsm
@@ -341,6 +341,8 @@ this.AppConstants = Object.freeze({
   MOZ_WIDGET_TOOLKIT: "@MOZ_WIDGET_TOOLKIT@",
   ANDROID_PACKAGE_NAME: "@ANDROID_PACKAGE_NAME@",
 
+  TOR_BROWSER_VERSION: "@TOR_BROWSER_VERSION@",
+
   DEBUG_JS_MODULES: "@DEBUG_JS_MODULES@",
 
   MOZ_BING_API_CLIENTID: "@MOZ_BING_API_CLIENTID@",
@@ -418,4 +420,11 @@ this.AppConstants = Object.freeze({
 #else
     false,
 #endif
+
+  TOR_BROWSER_UPDATE:
+#ifdef TOR_BROWSER_UPDATE
+    true,
+#else
+    false,
+#endif
 });
diff --git a/toolkit/modules/moz.build b/toolkit/modules/moz.build
index e5858122fa1c..f000f35c126f 100644
--- a/toolkit/modules/moz.build
+++ b/toolkit/modules/moz.build
@@ -296,6 +296,9 @@ for var in ('MOZ_ALLOW_ADDON_SIDELOAD',
     if CONFIG[var]:
         DEFINES[var] = True
 
+if CONFIG['TOR_BROWSER_UPDATE']:
+    DEFINES['TOR_BROWSER_UPDATE'] = 1
+
 JAR_MANIFESTS += ['jar.mn']
 
 DEFINES['TOPOBJDIR'] = TOPOBJDIR





More information about the tor-commits mailing list