From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms0.migadu.com with LMTPS id kCXVAZxWuGCwcwEAgWs5BA (envelope-from ) for ; Thu, 03 Jun 2021 06:12:12 +0200 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2 with LMTPS id uP43OZtWuGDBHwAAB5/wlQ (envelope-from ) for ; Thu, 03 Jun 2021 04:12:11 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 1B7F61B2EA for ; Thu, 3 Jun 2021 06:12:10 +0200 (CEST) Received: from localhost ([::1]:35188 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1loeiG-0006ar-NE for larch@yhetil.org; Thu, 03 Jun 2021 00:12:08 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:55338) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1loeiA-0006ai-QF for guix-patches@gnu.org; Thu, 03 Jun 2021 00:12:02 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:58481) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1loeiA-00025W-HT for guix-patches@gnu.org; Thu, 03 Jun 2021 00:12:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1loeiA-0002Se-Ck for guix-patches@gnu.org; Thu, 03 Jun 2021 00:12:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#42380] [PATCH v5 9/9] gnu: Add torbrowser-unbundle. Resent-From: =?UTF-8?Q?Andr=C3=A9?= Batista Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Thu, 03 Jun 2021 04:12:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 42380 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: To: 42380@debbugs.gnu.org Cc: =?UTF-8?Q?Andr=C3=A9?= Batista Received: via spool by 42380-submit@debbugs.gnu.org id=B42380.16226935019431 (code B ref 42380); Thu, 03 Jun 2021 04:12:02 +0000 Received: (at 42380) by debbugs.gnu.org; 3 Jun 2021 04:11:41 +0000 Received: from localhost ([127.0.0.1]:41794 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1loehg-0002Rt-JP for submit@debbugs.gnu.org; Thu, 03 Jun 2021 00:11:41 -0400 Received: from mx1.riseup.net ([198.252.153.129]:58618) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1loehc-0002Re-PL for 42380@debbugs.gnu.org; Thu, 03 Jun 2021 00:11:31 -0400 Received: from fews2.riseup.net (fews2-pn.riseup.net [10.0.1.84]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client CN "*.riseup.net", Issuer "Sectigo RSA Domain Validation Secure Server CA" (not verified)) by mx1.riseup.net (Postfix) with ESMTPS id 4FwXWv0bFbzDq9F for <42380@debbugs.gnu.org>; Wed, 2 Jun 2021 21:11:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak; t=1622693483; bh=67dS5pAUG7pxOX6jgAi+vXfV+Ef5JViUWK8qvmlamM4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=gCTIoDFODsEwQ+QFBrsmzYZTHbAAZxldtgKzSQbe+T0Yb4SnTiTIWCPTCCr5u9daL OK5XdxD4o+XV+NgMbczE67pIoHJjDshdRZTJbmuTasi4BrP7uQbTV4rnCt1POXn3CW /PD6pnb6qEiKKv9RytIS7Cv4CjigMTRVMR0Ty0cI= X-Riseup-User-ID: 4D9E26DF02AB2C464B05DA989E68488147DDBECC58A00EB8121706CB3D3F9024 Received: from [127.0.0.1] (localhost [127.0.0.1]) by fews2.riseup.net (Postfix) with ESMTPSA id 4FwXWs66Klz1y6h; Wed, 2 Jun 2021 21:11:21 -0700 (PDT) From: =?UTF-8?Q?Andr=C3=A9?= Batista Date: Thu, 3 Jun 2021 01:10:35 -0300 Message-Id: <347e91d0ce7f96882f70a081b208c388153cd6b8.1622693271.git.nandre@riseup.net> In-Reply-To: <88c9104dbc255f94f73b0dae2dad41ae23cc3448.1622687706.git.nandre@riseup.net> References: <88c9104dbc255f94f73b0dae2dad41ae23cc3448.1622687706.git.nandre@riseup.net> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: "Guix-patches" X-Migadu-Flow: FLOW_IN ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1622693531; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:resent-cc: resent-from:resent-sender:resent-message-id:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=KYCrn5eWg6Ai+8Xc6ogPuxe4tfxCoATuAwgeUb30T1M=; b=LohI/gITfpJWQF15WXe4gO0FD+l5460Vf3J7LyDFkMv3j8+cDzo0mY4XNdSjhSktTYxAyY szIL6TMS+a2dB2cic2LDWLR6hM/vbk5V6K3rrtMyAVXyMt0GaQUnmmM1Upnrn2zO85T397 mys1wYUAJfLk7R4LOs5PjIJIRodCUyDAffsv9Ejse4Np9JpZLDhUuCQs5RN54Y8a/QC3ys +W/gEah6VN7l2zJSOcOPAiiMa2owsCuYoSkmeshaWwkJffuTnPt8gXYs5Pfwyi4/f18zus eT9Yfmb12JJG4RTOZVag83KH0GJF7snepJ0+OFbfnxp9s9PQzx7CmON8L3wOtQ== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1622693531; a=rsa-sha256; cv=none; b=cmz4WCru6ssh6IHd8gFqxa1hYAs7Nx+MiS8aboENkNMsDRKL0v/RElL6vLPWacNx6BSn54 53IOJEsQeKGMMSPY0eKM8C6RboTwdDanYo0zL1LRWr+2+rqn06/19MOJgkAlP+6P4vOKyO 9xn13QOBz6jC24K4lCiyd2FWuEwFqBWnn+Kj5nYLEEFdw/xQmZa1e2iwiD2k5IcYPXz8ez h8WPblCX9bzsHEUEf26qHmURSlYLJbyPrcfO80frb5gW0TM5aU/K2DlIlJYFX2BXKhNyCz G8PoqjWZOSfXkNuOH1+SHfquovQpJlT1R1qVbg917SyhjqX+MGIaDfAXrLYlQw== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=riseup.net header.s=squak header.b=gCTIoDFO; dmarc=fail reason="SPF not aligned (relaxed)" header.from=riseup.net (policy=none); spf=pass (aspmx1.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org X-Migadu-Spam-Score: -0.33 Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=riseup.net header.s=squak header.b=gCTIoDFO; dmarc=fail reason="SPF not aligned (relaxed)" header.from=riseup.net (policy=none); spf=pass (aspmx1.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org X-Migadu-Queue-Id: 1B7F61B2EA X-Spam-Score: -0.33 X-Migadu-Scanner: scn0.migadu.com X-TUID: SXxrSr6iqhCh * gnu/packages/tor.scm (torbrowser-unbundle): New variable. * gnu/packages/patches/torbrowser-start-desktop.patch: New file. * gnu/packages/patches/torbrowser-start-script.patch: New file. * gnu/local.mk (dist_patch_DATA): Adjust accordingly. create mode 100644 gnu/packages/patches/torbrowser-start-desktop.patch create mode 100644 gnu/packages/patches/torbrowser-start-script.patch diff --git a/gnu/local.mk b/gnu/local.mk index a5820b5827..c5fdb8fc16 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -42,6 +42,7 @@ # Copyright © 2021 Björn Höfling # Copyright © 2021 Philip McGrath # Copyright © 2021 Arun Isaac +# Copyright © 2021 André Batista # # This file is part of GNU Guix. # @@ -1739,6 +1740,8 @@ dist_patch_DATA = \ %D%/packages/patches/tipp10-qt5.patch \ %D%/packages/patches/tk-find-library.patch \ %D%/packages/patches/tla2tools-build-xml.patch \ + %D%/packages/patches/torbrowser-start-desktop.patch \ + %D%/packages/patches/torbrowser-start-script.patch \ %D%/packages/patches/transcode-ffmpeg.patch \ %D%/packages/patches/transmission-honor-localedir.patch \ %D%/packages/patches/ttf2eot-cstddef.patch \ diff --git a/gnu/packages/patches/torbrowser-start-desktop.patch b/gnu/packages/patches/torbrowser-start-desktop.patch new file mode 100644 index 0000000000..6832ed363b --- /dev/null +++ b/gnu/packages/patches/torbrowser-start-desktop.patch @@ -0,0 +1,22 @@ +Change TorBrowser desktop file in order for it to be agnostic to the +path when invoked. + +--- torbrowser-68.10.0esr-9.5-1/tbb-scripts/RelativeLink/start-tor-browser.desktop.orig 2020-07-05 18:47:40.689484877 -0300 ++++ torbrowser-68.10.0esr-9.5-1/tbb-scripts/RelativeLink/start-tor-browser.desktop 2020-07-24 14:36:37.720579884 -0300 +@@ -1,4 +1,4 @@ +-#!/usr/bin/env ./Browser/execdesktop ++#!/usr/bin/env bash + # + # This file is a self-modifying .desktop file that can be run from the shell. + # It preserves arguments and environment for the start-tor-browser script. +@@ -28,7 +28,7 @@ + GenericName=Web Browser + Comment=Tor Browser is +1 for privacy and −1 for mass surveillance + Categories=Network;WebBrowser;Security; +-Exec=sh -c '"$(dirname "$*")"/Browser/start-tor-browser --detach || ([ ! -x "$(dirname "$*")"/Browser/start-tor-browser ] && "$(dirname "$*")"/start-tor-browser --detach)' dummy %k +-X-TorBrowser-ExecShell=./Browser/start-tor-browser --detach +-Icon=web-browser ++Exec=sh -c start-tor-browser ++X-TorBrowser-ExecShell=start-tor-browser --detach ++Icon=torbrowser + StartupWMClass=Tor Browser diff --git a/gnu/packages/patches/torbrowser-start-script.patch b/gnu/packages/patches/torbrowser-start-script.patch new file mode 100644 index 0000000000..b8c8d9a26a --- /dev/null +++ b/gnu/packages/patches/torbrowser-start-script.patch @@ -0,0 +1,181 @@ +Change TorBrowser startup script in order for it to setup needed files +outside guix store. Remove tests which are not needed on guix system. + +--- torbrowser-68.10.0esr-9.5-1/tbb-scripts/RelativeLink/start-tor-browser.orig 2020-07-05 18:47:40.685485004 -0300 ++++ torbrowser-68.10.0esr-9.5-1/tbb-scripts/RelativeLink/start-tor-browser 2020-07-23 18:13:32.426282743 -0300 +@@ -5,6 +5,14 @@ + # + # Copyright 2017 The Tor Project. See LICENSE for licensing information. + ++TBB_HOME="${HOME}/.local/share/torbrowser" ++TBB_LOGFILE="${TBB_HOME}/torbrowser.log" ++TBB_DATA="${TBB_HOME}/Data" ++TBB_PROFILE="${TBB_DATA}/Browser/profile.default" ++TBB_STORE_PATH=$(dirname $(realpath "$0")) ++TBB_STORE_DATA="${TBB_STORE_PATH}/TorBrowser/Data" ++TORRC="${TBB_DATA}/Tor/torrc-defaults" ++ + complain_dialog_title="Tor Browser" + + # First, make sure DISPLAY is set. If it isn't, we're hosed; scream +@@ -134,8 +142,8 @@ + ;; + -l | --log) + if [ -z "$2" -o "${2:0:1}" == "-" ]; then +- printf "Logging Tor Browser debug information to tor-browser.log\n" +- logfile="../tor-browser.log" ++ printf "Logging Tor Browser debug information to torbrowser.log\n" ++ logfile="${TBB_LOGFILE}" + elif [ "${2:0:1}" == "/" -o "${2:0:1}" == "~" ]; then + printf "Logging Tor Browser debug information to %s\n" "$2" + logfile="$2" +@@ -187,41 +195,22 @@ + export XAUTHORITY + fi + +-# If this script is being run through a symlink, we need to know where +-# in the filesystem the script itself is, not where the symlink is. +-myname="$0" +-if [ -L "$myname" ]; then +- # XXX readlink is not POSIX, but is present in GNU coreutils +- # and on FreeBSD. Unfortunately, the -f option (which follows +- # a whole chain of symlinks until it reaches a non-symlink +- # path name) is a GNUism, so we have to have a fallback for +- # FreeBSD. Fortunately, FreeBSD has realpath instead; +- # unfortunately, that's also non-POSIX and is not present in +- # GNU coreutils. +- # +- # If this launcher were a C program, we could just use the +- # realpath function, which *is* POSIX. Too bad POSIX didn't +- # make that function accessible to shell scripts. +- +- # If realpath is available, use it; it Does The Right Thing. +- possibly_my_real_name="`realpath "$myname" 2>/dev/null`" +- if [ "$?" -eq 0 ]; then +- myname="$possibly_my_real_name" +- else +- # realpath is not available; hopefully readlink -f works. +- myname="`readlink -f "$myname" 2>/dev/null`" +- if [ "$?" -ne 0 ]; then +- # Ugh. +- complain "start-tor-browser cannot be run using a symlink on this operating system." +- fi +- fi ++# Try to be agnostic to where we're being started from, check if files are on its ++# default paths and chdir to TBB_HOME ++if [ -e "${TORRC}" ]; then ++ cd "${TBB_HOME}" ++else ++ mkdir -p "${TBB_HOME}" ++ cp -R "${TBB_STORE_DATA}" "${TBB_HOME}" ++ chmod -R 700 "${TBB_HOME}" ++ mkdir -p "${TBB_PROFILE}" ++ echo "user_pref(\"extensions.torlauncher.torrc-defaults_path\", \"${TORRC}\");"\ ++ > "${TBB_PROFILE}/user.js" ++ echo "ClientTransportPlugin meek_lite,obfs2,obfs3,obfs4,scramblesuit exec ${TBB_STORE_PATH}/TorBrowser/Tor/PluggableTransports/obfs4proxy"\ ++ >> "${TORRC}" ++ cd "${TBB_HOME}" + fi + +-# Try to be agnostic to where we're being started from, chdir to where +-# the script is. +-mydir="`dirname "$myname"`" +-test -d "$mydir" && cd "$mydir" +- + # If ${PWD} results in a zero length string, we can try something else... + if [ ! "${PWD}" ]; then + # "hacking around some braindamage" +@@ -236,16 +225,9 @@ + ln -nsf ~/.config/ibus/bus .config/ibus + fi + +-# Fix up .desktop Icon and Exec Paths, and update the .desktop file from the +-# canonical version if it was changed by the updater. +-cp start-tor-browser.desktop ../ +-sed -i -e "s,^Name=.*,Name=Tor Browser,g" ../start-tor-browser.desktop +-sed -i -e "s,^Icon=.*,Icon=$PWD/browser/chrome/icons/default/default128.png,g" ../start-tor-browser.desktop +-sed -i -e "s,^Exec=.*,Exec=sh -c '\"$PWD/start-tor-browser\" --detach || ([ ! -x \"$PWD/start-tor-browser\" ] \&\& \"\$(dirname \"\$*\")\"/Browser/start-tor-browser --detach)' dummy %k,g" ../start-tor-browser.desktop +- + if [ "$register_desktop_app" -eq 1 ]; then + mkdir -p "$HOME/.local/share/applications/" +- cp ../start-tor-browser.desktop "$HOME/.local/share/applications/" ++ cp "${TBB_STORE_PATH}/start-tor-browser.desktop" "$HOME/.local/share/applications/" + update-desktop-database "$HOME/.local/share/applications/" + printf "Tor Browser has been registered as a desktop app for this user in ~/.local/share/applications/\n" + exit 0 +@@ -265,21 +247,6 @@ + HOME="${PWD}" + export HOME + +-SYSARCHITECTURE=$(getconf LONG_BIT) +-TORARCHITECTURE=$(expr "$(file TorBrowser/Tor/tor)" : '.*ELF \([[:digit:]]*\)') +- +-if [ $SYSARCHITECTURE -ne $TORARCHITECTURE ]; then +- complain "Wrong architecture? 32-bit vs. 64-bit." +- exit 1 +-fi +- +-[% IF c("var/asan") -%] +-# We need to disable LSan which is enabled by default now. Otherwise we'll get +-# a crash during shutdown: https://bugs.torproject.org/10599#comment:59 +-ASAN_OPTIONS="detect_leaks=0" +-export ASAN_OPTIONS +-[% END -%] +- + function setControlPortPasswd() { + local ctrlPasswd=$1 + +@@ -342,13 +309,15 @@ + # your password in the following line where the word “secret” is: + setControlPortPasswd ${TOR_CONTROL_PASSWD:='"secret"'} + +-# Set up custom bundled fonts. See fonts-conf(5). +-export FONTCONFIG_PATH="${HOME}/TorBrowser/Data/fontconfig" +-export FONTCONFIG_FILE="fonts.conf" +- + # Avoid overwriting user's dconf values. Fixes #27903. + export GSETTINGS_BACKEND=memory + ++# Set up custom bundled fonts. See fonts-conf(5). ++export FONTCONFIG_FILE="${HOME}/Data/fontconfig/fonts.conf" ++ ++sed -i "${FONTCONFIG_FILE}"\ ++ -e "s,fonts,${TBB_STORE_PATH}/fonts," ++ + cd "${HOME}" + + # We pass all additional command-line arguments we get to Firefox. +@@ -357,23 +326,23 @@ + + if [ "$show_usage" -eq 1 ]; then + # Display Firefox help, then our help +- TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD} ./firefox --class "Tor Browser" \ +- -profile TorBrowser/Data/Browser/profile.default --help 2>/dev/null ++ TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD} ${TBB_STORE_PATH}/firefox --class "Tor Browser" \ ++ -profile Data/Browser/profile.default --help 2>/dev/null + tbb_usage + elif [ "$detach" -eq 1 ] ; then +- TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD} ./firefox --class "Tor Browser" \ +- -profile TorBrowser/Data/Browser/profile.default "${@}" > "$logfile" 2>&1 "$logfile" 2>&1 &1 &1 "$logfile" 2>&1 "$logfile" 2>&1 " + (string-drop hash 8)))) + #t)) + ;; Tor Browser just do a stage-package here and copy files to its places. + (replace 'install + (lambda* (#:key inputs native-inputs outputs + configure-flags #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (applications (string-append out "/share/applications")) + (build "objdir/dist/firefox") + (bin (string-append out "/bin")) + (lib (string-append out "/lib")) + (start-script "tbb-scripts/RelativeLink/start-tor-browser") + (desktop-file "tbb-scripts/RelativeLink/start-tor-browser.desktop")) + (invoke "./mach" "build" "stage-package") + ;; Tor Browser doesn't use those. + ;; See: tor-browser-build.git/projects/firefox/build:167 + (format #t "Deleting spurious files ...~%") + (with-directory-excursion build + (for-each (lambda (file) + (if (file-exists? file) + (delete-file file) + (display (string-append + "Warning: file " file + " not found! Skipping...\n")))) + '("firefox-bin" "fonts/TwemojiMozilla.ttf"))) + (rmdir (string-append build "/fonts")) + (format #t "Creating install dirs ...~%") + (mkdir-p applications) + (mkdir-p lib) + (mkdir bin) + (format #t "Copying files to install dirs ...~%") + (copy-recursively build (string-append lib "/") + #:log (%make-void-port "w")) + (copy-file start-script + (string-append lib "/start-tor-browser")) + (copy-file desktop-file + (string-append lib "/start-tor-browser.desktop")) + (chmod (string-append lib "/start-tor-browser") #o555) + (chmod (string-append lib "/start-tor-browser.desktop") #o555) + (format #t "Linking start-tor-browser script ...~%") + (symlink (string-append lib "/start-tor-browser") + (string-append bin "/start-tor-browser")) + (format #t "Installing desktop file ...~%") + (install-file desktop-file applications)) + #t)) + (add-after 'install 'install-fonts + (lambda* (#:key inputs native-inputs outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (lib (string-append out "/lib/")) + (fonts (string-append (or (assoc-ref native-inputs + "torbrowser-fonts") + (assoc-ref inputs + "torbrowser-fonts")) + "/share"))) + (copy-recursively fonts lib + #:log (%make-void-port "w")) + (symlink (string-append lib "/fonts") + (string-append out "/share/fonts"))) + #t)) + (add-after 'install-fonts 'install-extensions + (lambda* (#:key inputs native-inputs outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (lib (string-append out "/lib")) + (ext (string-append lib "/browser/extensions")) + (torb-ext (string-append lib + "/chrome/torbutton/content/extensions")) + (httpse-id "https-everywhere") + (noscript-id "{73a6fe31-595d-460b-a920-fcc0f8843232}") + (httpse (assoc-ref inputs "https-everywhere")) + (noscript (assoc-ref inputs "noscript"))) + (mkdir-p ext) + (mkdir-p torb-ext) + (copy-file noscript (string-append + ext "/" noscript-id ".xpi")) + (copy-recursively httpse + (string-append torb-ext "/" httpse-id) + #:log (%make-void-port "w")) + (chmod (string-append ext "/" noscript-id ".xpi") #o555) + ;; Make httpse available as a builtin extension. This step is + ;; changing some timestamps and making everything non-deterministic. + ;; To check insert 'resource://torbutton/content/extensions/https-everywhere/' + ;; on the browser address field. Check 'reset-gzip-timestamps' to see what + ;; can be done. + ;; https://gitweb.torproject.org/builders/tor-browser-build.git/tree/projects/\ + ;; tor-browser/build?h=tbb-desktop-10.0.17-build1&id=16fa8c3bf91a9c1a827a7d23be344de599cd10bb#n77g + (with-directory-excursion lib + (make-file-writable "omni.ja") + (for-each (lambda (file) + (invoke "zip" "-X" "omni.ja" file)) + (find-files "chrome" ".*")))) + #t)) + (add-after 'install-extensions 'link-binaries + (lambda* (#:key inputs native-inputs outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (tordir (string-append out "/lib/TorBrowser/Tor")) + (ptdir (string-append tordir "/PluggableTransports")) + (obfs4 (string-append (assoc-ref inputs "obfs4") + "/bin/obfs4proxy")) + (tor (string-append (assoc-ref inputs "tor") + "/bin/tor"))) + (mkdir-p ptdir) + (symlink tor (string-append tordir "/tor")) + (symlink obfs4 (string-append ptdir "/obfs4proxy"))) + #t)) + (add-after 'link-binaries 'copy-bundle-data + (lambda* (#:key inputs native-inputs outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (lib (string-append out "/lib")) + (tbb "tbb-scripts") + (ptconf (string-append tbb "/Bundle-Data/PTConfigs")) + (docs (string-append lib "/TorBrowser/Docs")) + (data (string-append lib "/TorBrowser/Data"))) + (mkdir-p data) + (mkdir docs) + (with-directory-excursion + (string-append tbb "/Bundle-Data/linux/Data") + (for-each (lambda (file) + (copy-recursively file + (string-append data "/" file) + #:log (%make-void-port "w"))) + '("Browser" "fontconfig" "Tor"))) + (copy-file (string-append ptconf "/linux/torrc-defaults-appendix") + (string-append data "/Tor/torrc-defaults-appendix")) + (copy-recursively (string-append tbb "/Bundle-Data/Docs") + (string-append docs "/") + #:log (%make-void-port "w"))) + #t)) + ;; This fixes the file chooser crash that happens with GTK 3 + (replace 'wrap-program + (lambda* (#:key inputs outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (lib (string-append out "/lib")) + (gtk (assoc-ref inputs "gtk+")) + (gtk-share (string-append gtk "/share")) + (mesa (assoc-ref inputs "mesa")) + (mesa-lib (string-append mesa "/lib")) + (pulseaudio (assoc-ref inputs "pulseaudio")) + (pulseaudio-lib (string-append pulseaudio "/lib")) + (libxscrnsaver (assoc-ref inputs "libxscrnsaver")) + (libxscrnsaver-lib (string-append libxscrnsaver "/lib"))) + ;; Only difference to icecat is browser name. + (wrap-program (car (find-files lib "^firefox$")) + `("XDG_DATA_DIRS" prefix (,gtk-share)) + `("LD_LIBRARY_PATH" prefix (,pulseaudio-lib ,mesa-lib + ,libxscrnsaver-lib)))) + #t)))))) + (home-page "https://www.torproject.org") + (synopsis "Anonymous browser derived from Mozilla Firefox") + (description + "Tor Browser is the Tor Project version of Firefox browser. It is the only +recommended way to anonymously browse the web that is supported by the project. +It modifies Firefox in order to avoid many know application level attacks on +the privacy of Tor users. + +WARNING: This is not the official Tor Browser and is currently on testing. Use +at your own risk and please report back on guix channels if you find any +issues.") + (license license:mpl2.0)))) ;and others, see toolkit/content/license.html -- 2.31.1