From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0.migadu.com ([2001:41d0:303:5f26::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms8.migadu.com with LMTPS id sPKGHH9EhGWqJwEAkFu2QA (envelope-from ) for ; Thu, 21 Dec 2023 14:58:23 +0100 Received: from aspmx1.migadu.com ([2001:41d0:403:4876::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0.migadu.com with LMTPS id KCN2Fn9EhGW2QQAAqHPOHw (envelope-from ) for ; Thu, 21 Dec 2023 14:58:23 +0100 X-Envelope-To: larch@yhetil.org Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=lassieur.org header.s=fm1 header.b="h KYsmzm"; dkim=fail ("headers rsa verify failed") header.d=messagingengine.com header.s=fm2 header.b="m 43noQe"; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org"; dmarc=none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1703167103; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding:resent-cc: resent-from:resent-sender:resent-message-id:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=vSuUl9urJLZaR0r95YmtoLEY+F3w8eL7r6/5BAQgi44=; b=m6iLOH4DmGmpA9CSOr61Y1Y/WLnXrbOcsC57BBQOVt3Clw743ObvlVz/ch/5qn9JjWoX74 eUKgAn/D9nJKDpjYX1Kz04d78M99Q1VS3fg2yu2m9lyUE2ucnT9VuUIOAvmU7CjXpiGqIB X78UCIeRVQ+WvpGeQhWbBSKG+ZHhetoucdEjU1LmQucWswHf01bFruf9V7VJyu0KEgDc7H QdpS0bKQKkHO+IXTXrM+SCAxf6iXP34274XQOVvCXAIOu5cgWFktMd7dijarqQPhbRU/wI XZVkRTUdBOIfnOta80f64+yBcrCaYTAT5vOQNVNZt2ykCPwIheaKXx0lXn2BuQ== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=lassieur.org header.s=fm1 header.b="h KYsmzm"; dkim=fail ("headers rsa verify failed") header.d=messagingengine.com header.s=fm2 header.b="m 43noQe"; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org"; dmarc=none ARC-Seal: i=1; s=key1; d=yhetil.org; t=1703167103; a=rsa-sha256; cv=none; b=lcWdOtjix+K+sQGBi/wCZrUz/4Xi5L4UjM0G5ozIYJvWnGT0E1mAGACsNtw6mVKREtLAyX YNAjfxuLPIGhAU1pIFQJepbBiETiCAyVqn9+A+2cWH3WJVSH8rdjRdq/dsvYQ6/JnD6dSV DP6QkJy3c2Aqm2mdTTvBOrvCl/aYcGFav228p+tmxXrlykln4xgeFUNofIXFeaWyEo4NLM ZWdHxOVOGbZYM5ALhGv8OUWuPJ6Zg6Oq23zNMYfcrxAvvXcVQJk72Z3PCRWgeT5ypP/kJ3 7jzc/kk5pX7Hc+0Z9BaXAg9v1Cgbu4tgvRZhPKl7PmOiICFS8QmTilewp015qA== Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 6FF7F584B4 for ; Thu, 21 Dec 2023 14:58:22 +0100 (CET) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rGJYn-0004Vm-P2; Thu, 21 Dec 2023 08:58:01 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rGJYk-0004VI-S9 for guix-patches@gnu.org; Thu, 21 Dec 2023 08:57:59 -0500 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1rGJYk-00049J-DW for guix-patches@gnu.org; Thu, 21 Dec 2023 08:57:58 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1rGJYn-0006gv-U2; Thu, 21 Dec 2023 08:58:01 -0500 X-Loop: help-debbugs@gnu.org Subject: [bug#42380] [PATCH v2] gnu: Add torbrowser. Resent-From: =?UTF-8?Q?Cl=C3=A9ment?= Lassieur Original-Sender: "Debbugs-submit" Resent-CC: clement@lassieur.org, jonathan.brielmaier@web.de, guix-patches@gnu.org Resent-Date: Thu, 21 Dec 2023 13:58:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 42380 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: To: 42380@debbugs.gnu.org, =?UTF-8?Q?Andr=C3=A9?= Batista Cc: =?UTF-8?Q?Cl=C3=A9ment?= Lassieur , =?UTF-8?Q?Cl=C3=A9ment?= Lassieur , Jonathan Brielmaier X-Debbugs-Original-Xcc: =?UTF-8?Q?Cl=C3=A9ment?= Lassieur , Jonathan Brielmaier Received: via spool by 42380-submit@debbugs.gnu.org id=B42380.170316702725641 (code B ref 42380); Thu, 21 Dec 2023 13:58:01 +0000 Received: (at 42380) by debbugs.gnu.org; 21 Dec 2023 13:57:07 +0000 Received: from localhost ([127.0.0.1]:42684 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1rGJXt-0006fU-Up for submit@debbugs.gnu.org; Thu, 21 Dec 2023 08:57:07 -0500 Received: from out5-smtp.messagingengine.com ([66.111.4.29]:48349) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1rGJXq-0006f6-Np for 42380@debbugs.gnu.org; Thu, 21 Dec 2023 08:57:04 -0500 Received: from compute6.internal (compute6.nyi.internal [10.202.2.47]) by mailout.nyi.internal (Postfix) with ESMTP id 5684A5C020F; Thu, 21 Dec 2023 08:56:53 -0500 (EST) Received: from mailfrontend2 ([10.202.2.163]) by compute6.internal (MEProxy); Thu, 21 Dec 2023 08:56:53 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lassieur.org; h= cc:cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to; s=fm1; t=1703167013; x= 1703253413; bh=vSuUl9urJLZaR0r95YmtoLEY+F3w8eL7r6/5BAQgi44=; b=h KYsmzm4gl2ivEFOw1PrmkfRmmHvivZPTeEHhw2/wL50j3UvpOQy5VghXPnilcJ8c 23msdv/es71Ns8ATfCgPdLf82Q+YtpnSYsWFNWDn3u2oyLfyaZzTuBXQik18gzOc Ta+DY2DUxGWgD/v7cHoyVGgPoN7XNAJNVIxTwfGrzXVbMaqQtvHlnJZRt2hSibqR 21b2CmyPUPnTjU4hLSvje7NHk64+1r4v669CIVQk2BwRAjKCbw/yViQSwt+hPywK hnCFY7BPhe8heYLkE3ayCeHMFUq8p2LlEYRfTFFQNYHYSygMLzI2K/9H7STDFtpA WEL+7tfDZhiOm3JYViN7g== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm2; t=1703167013; x= 1703253413; bh=vSuUl9urJLZaR0r95YmtoLEY+F3w8eL7r6/5BAQgi44=; b=m 43noQejKnOTdiDOT6xEJVzF2UXPl5ZMwX6IxL6ilrDXsiqoh0XXWl8WXn+/mztYX ZSjOKh9lEm0YnFudfM9UYwlgJjEfHQNCketeQ6ziRsIB4LeAoGu75TnGxt1fPqju iMP+P8Gb7zphV2tFNEErdFG7j+44mNiMgTUhKjBSby01wrBT96aSMJF6b+dSc2IO Jyy3H3DoWR/yf8Dl5YyA1s0SXWCsaHY5psJL9WZ2dWToOGa3f/ZQnkqlub6atNUL ddOFbaAQWqum76P7rIwKYRi9qe5tZxfif9QidV1lmZOCLEXWKUjt+jagBmHsuImU ec0gidiL+JF6q+voWioMQ== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvkedrvdduhedgfeefucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhephffvvefufffkofgjfhgggfestdekredtredtjeenucfhrhhomhepvehlrohm vghnthcunfgrshhsihgvuhhruceotghlvghmvghntheslhgrshhsihgvuhhrrdhorhhgqe enucggtffrrghtthgvrhhnpefhtdegueejieeiuddugfffheeuteeivdffkeelveeuudej keduhfduveegkeduueenucffohhmrghinhepnhhoshgtrhhiphhtrdhnvghtpdhtohhrph hrohhjvggtthdrohhrghdpmhhoiihilhhlrgdrohhrghdpghhnuhdrohhrghdptghonhht vghnthdrrhgvrggupdhgvghtrgguughonhhsrdhsvggrrhgthhdpghgvthgrugguohhnsh drlhhinhhknecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhho mheptghlvghmvghntheslhgrshhsihgvuhhrrdhorhhg X-ME-Proxy: Feedback-ID: i4c21472a:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Thu, 21 Dec 2023 08:56:51 -0500 (EST) From: =?UTF-8?Q?Cl=C3=A9ment?= Lassieur Date: Thu, 21 Dec 2023 14:56:17 +0100 Message-ID: <45b7d4b41bbd918cc15c4a10fe5c30a40b792947.1703164756.git.clement@lassieur.org> X-Mailer: git-send-email 2.41.0 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: guix-patches-bounces+larch=yhetil.org@gnu.org X-Migadu-Country: US X-Migadu-Flow: FLOW_IN X-Migadu-Spam-Score: -3.83 X-Spam-Score: -3.83 X-Migadu-Queue-Id: 6FF7F584B4 X-Migadu-Scanner: mx10.migadu.com X-TUID: UC3p69iHhUrb * gnu/packages/tor.scm (torbrowser): New variable. (torbrowser-assets): New variable. * gnu/packages/browser-extensions.scm (noscript): New variable. (noscript/icecat): New variable. Change-Id: I73dc53905e4a028108bb34aae07e44256cf16c85 --- gnu/packages/browser-extensions.scm | 26 +++ gnu/packages/gnupg.scm | 3 +- gnu/packages/tor.scm | 285 ++++++++++++++++++++++++++++ 3 files changed, 312 insertions(+), 2 deletions(-) diff --git a/gnu/packages/browser-extensions.scm b/gnu/packages/browser-extensions.scm index 2251011f849a..178bcaae6c90 100644 --- a/gnu/packages/browser-extensions.scm +++ b/gnu/packages/browser-extensions.scm @@ -21,6 +21,7 @@ (define-module (gnu packages browser-extensions) #:use-module (guix gexp) #:use-module (guix packages) + #:use-module (guix download) #:use-module (guix git-download) #:use-module (guix build-system copy) #:use-module (guix build-system gnu) @@ -221,3 +222,28 @@ (define passff (define-public passff/icecat (make-icecat-extension passff)) + +(define noscript + (package + (name "noscript") + (version "11.4.28") + (source (origin + (method url-fetch/zipbomb) + (uri (string-append + "https://noscript.net/download/releases/noscript-" version + ".xpi")) + (sha256 + (base32 + "051wawi0yjyramp743yjawqaz59g3m2gcivm24b44ibd4arpdl2l")))) + (build-system copy-build-system) + (properties '((addon-id . "{73a6fe31-595d-460b-a920-fcc0f8843232}"))) + (arguments + `(#:install-plan '(("." ,(assq-ref properties 'addon-id))))) + (home-page "https://noscript.net") + (synopsis "Software providing extra protection for various browsers.") + (description "The NoScript Security Suite is a software providing extra +protection for web browsers.") + (license license:gpl3+))) + +(define-public noscript/icecat + (make-icecat-extension noscript)) diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm index a5b8587a141c..bec74b3f3f49 100644 --- a/gnu/packages/gnupg.scm +++ b/gnu/packages/gnupg.scm @@ -70,7 +70,6 @@ (define-module (gnu packages gnupg) #:use-module (gnu packages swig) #:use-module (gnu packages texinfo) #:use-module (gnu packages tls) - #:use-module (gnu packages tor) #:use-module (gnu packages web) #:use-module (gnu packages xorg) #:use-module (gnu packages xdisorg) @@ -1124,7 +1123,7 @@ (define-public parcimonie perl-try-tiny perl-type-tiny perl-types-path-tiny - torsocks)) + (@ (gnu packages tor) torsocks))) ;avoid dependency loop (native-inputs (list perl-file-which perl-gnupg-interface diff --git a/gnu/packages/tor.scm b/gnu/packages/tor.scm index 71f32b3f4331..f5efcd25ef25 100644 --- a/gnu/packages/tor.scm +++ b/gnu/packages/tor.scm @@ -36,11 +36,15 @@ (define-module (gnu packages tor) #:use-module (guix utils) #:use-module (guix download) #:use-module (guix git-download) + #:use-module (guix build-system copy) #:use-module (guix build-system gnu) + #:use-module (guix build-system mozilla) #:use-module (guix build-system python) #:use-module (guix build-system pyproject) #:use-module (gnu packages) #:use-module (gnu packages base) + #:use-module (gnu packages bash) + #:use-module (gnu packages browser-extensions) #:use-module (gnu packages libevent) #:use-module (gnu packages linux) #:use-module (gnu packages check) @@ -48,6 +52,7 @@ (define-module (gnu packages tor) #:use-module (gnu packages pcre) #:use-module (gnu packages freedesktop) #:use-module (gnu packages glib) + #:use-module (gnu packages gnuzilla) #:use-module (gnu packages pkg-config) #:use-module (gnu packages python) #:use-module (gnu packages python-check) @@ -483,3 +488,283 @@ (define-public tractor the onion proxy and sets up proxy in user session, so you don't have to mess up with TOR on your system anymore.") (license license:gpl3+))) + +(define torbrowser-assets + ;; This is a prebuilt Torbrowser from which we take the assets we need. + (package + (name "torbrowser-assets") + ;; To find the last version, look at https://www.torproject.org/download/. + (version "13.0.6") + (source + (origin + (method url-fetch) + (uri + (string-append + "https://archive.torproject.org/tor-package-archive/torbrowser/" + version "/tor-browser-linux-x86_64-" version ".tar.xz")) + (sha256 + (base32 + "0d72jgcp9rbpfjivsh6vg6bgbppkhrlficwk4jz0f8h69cj8ygzd")))) + (arguments + (list + #:install-plan + ''(("Browser" "." #:include-regexp + ("^\\./TorBrowser/Data/Tor/torrc-defaults" + "^\\./fonts/" + "^\\./fontconfig/fonts.conf"))))) + (build-system copy-build-system) + (home-page "https://www.torproject.org") + (synopsis "Tor Browser assets") + (description "This package contains fonts and configuration files for Tor +Browser.") + (license license:silofl1.1))) + +;; Must be of the form YYYYMMDDhhmmss as in `date +%Y%m%d%H%M%S`. +(define %moz-build-date "20231219173144") + +(define-public torbrowser + (package + (inherit icecat-minimal) + (name "torbrowser") + ;; To find the last version, browse + ;; https://archive.torproject.org/tor-package-archive/torbrowser/ + ;; ( is the version of the `torbrowser-assets` package). There + ;; should be only one archive that starts with "src-firefox-tor-browser-". + (version "115.5.0esr-13.0-1-build4") + (source + (origin + (method url-fetch) + (uri + (string-append + "https://archive.torproject.org/tor-package-archive/torbrowser/" + (package-version torbrowser-assets) + "/src-firefox-tor-browser-" version ".tar.xz")) + (sha256 + (base32 + "0p0qsfc2l2bicqjr1kxciiij5qz7n8xqyvyn8f13fvk0wyg94c6v")))) + (build-system mozilla-build-system) + (arguments + (substitute-keyword-arguments (package-arguments icecat-minimal) + ((#:configure-flags flags '()) + #~(cons* + "--without-relative-data-dir" ;store is read-only + "--disable-base-browser-update" + ;; Default is "default", which is the same as "nightly". + "--enable-update-channel=release" + "--with-user-appdir=.torbrowser" + "--with-branding=browser/branding/tb-release" + (string-append "--prefix=" #$output) + (string-append "--with-base-browser-version=" + #$(package-version + (this-package-input "torbrowser-assets"))) + #$flags)) + ((#:phases phases) + #~(modify-phases #$phases + (add-before 'configure 'setenv + (lambda _ + (setenv "CONFIG_SHELL" (which "bash")) + ;; Install location is prefix/lib/$MOZ_APP_NAME. Also + ;; $MOZ_APP_NAME is the executable name. Default is + ;; "firefox". + (setenv "MOZ_APP_NAME" "torbrowser") + ;; Profile location (relative to "~/."). Default is + ;; lower($MOZ_APP_VENDOR/$MOZ_APP_BASENAME), which is: + ;; ~/.tor project/firefox. + (setenv "MOZ_APP_PROFILE" "torbrowser/browser") + ;; WM_CLASS (default is "$MOZ_APP_NAME-$MOZ_UPDATE_CHANNEL"). + (setenv "MOZ_APP_REMOTINGNAME" "Tor Browser") + ;; Persistent state directory for the build system (default is + ;; $HOME/.mozbuild). + (setenv "MOZBUILD_STATE_PATH" + (in-vicinity (getcwd) ".mozbuild")) + ;; Make build reproducible. + (setenv "MOZ_BUILD_DATE" #$%moz-build-date))) + (add-before 'configure 'mozconfig + (lambda* (#:key configure-flags #:allow-other-keys) + (with-output-to-file "mozconfig" + (lambda () + (format #t ". $topsrcdir/mozconfig-linux-x86_64~%") + (for-each (lambda (flag) + (format #t "ac_add_options ~a~%" flag)) + configure-flags))))) + (replace 'configure + (lambda _ + (invoke "make" "-C" "tools/torbrowser" "config"))) + (add-before 'build 'fix-addons-placeholder + (lambda _ + (substitute* + "toolkit/locales/en-US/toolkit/about/aboutAddons.ftl" + (("addons.mozilla.org") "gnuzilla.gnu.org")))) + (replace 'build + (lambda _ + (invoke "make" "-C" "tools/torbrowser" "build"))) + (add-after 'install 'deploy-assets + (lambda _ + (let ((assets #$(this-package-input "torbrowser-assets")) + (lib (in-vicinity #$output "lib/torbrowser")) + (tor #$(this-package-input "tor-client"))) + ;; TorBrowser/Data/Tor/torrc-defaults + (copy-recursively (in-vicinity assets "TorBrowser") + (in-vicinity lib "TorBrowser")) + ;; The geoip and geoip6 files are in the same directory as + ;; torrc-defaults. (See TorProcess.sys.mjs.) + (mkdir-p (in-vicinity lib "TorBrowser/Data/Tor")) + (copy-file (in-vicinity tor "share/tor/geoip") + (in-vicinity lib "TorBrowser/Data/Tor/geoip")) + (copy-file (in-vicinity tor "share/tor/geoip6") + (in-vicinity lib "TorBrowser/Data/Tor/geoip6")) + ;; Fonts + (copy-recursively (in-vicinity assets "fontconfig") + (in-vicinity lib "fontconfig")) + (substitute* (in-vicinity lib "fontconfig/fonts.conf") + (("fonts") + (format #f "~a" (in-vicinity lib "fonts")))) + (delete-file-recursively (in-vicinity lib "fonts")) + (copy-recursively (in-vicinity assets "fonts") + (in-vicinity lib "fonts"))))) + (replace 'build-sandbox-whitelist + (lambda* (#:key inputs #:allow-other-keys) + (define (runpath-of lib) + (call-with-input-file lib + (compose elf-dynamic-info-runpath + elf-dynamic-info + parse-elf + get-bytevector-all))) + (define (runpaths-of-input label) + (let* ((dir (string-append (assoc-ref inputs label) "/lib")) + (libs (find-files dir "\\.so$"))) + (append-map runpath-of libs))) + ;; Populate the sandbox read-path whitelist as needed by ffmpeg. + (let* ((whitelist + (map (cut string-append <> "/") + (delete-duplicates + `(,(string-append (assoc-ref inputs "shared-mime-info") + "/share/mime") + ,@(append-map runpaths-of-input + '("mesa" "ffmpeg")))))) + (whitelist-string (string-join whitelist ","))) + (with-output-to-file "whitelist.txt" + (lambda () + (display whitelist-string)))))) + (add-after 'install 'autoconfig + (lambda* (#:key inputs #:allow-other-keys) + (let ((lib (in-vicinity #$output "lib/torbrowser")) + (config-file "tor-browser.cfg")) + (with-output-to-file (in-vicinity + lib "defaults/pref/autoconfig.js") + (lambda () + (format #t "// first line must be a comment~%") + (format #t "pref(~s, ~s);~%" + "general.config.filename" config-file) + (format #t "pref(~s, ~a);~%" + "general.config.obscure_value" "0"))) + (with-output-to-file (in-vicinity lib config-file) + (lambda () + (format #t "// first line must be a comment~%") + (format #t "pref(~s, ~s);~%" + "extensions.torlauncher.torrc-defaults_path" + (in-vicinity + lib "TorBrowser/Data/Tor/torrc-defaults")) + (format #t "pref(~s, ~s);~%" + "extensions.torlauncher.tor_path" + (search-input-file inputs "bin/tor")) + ;; Required for Guix packaged extensions + ;; SCOPE_PROFILE=1, SCOPE_APPLICATION=4, SCOPE_SYSTEM=8 + ;; Default is 5. + (format #t "pref(~s, ~a);~%" + "extensions.enabledScopes" "13") + (format #t "pref(~s, ~s);~%" + "security.sandbox.content.read_path_whitelist" + (call-with-input-file "whitelist.txt" + get-string-all)) + ;; Add-ons pannel (see settings.js in Icecat source). + (format #t "pref(~s, ~s);~%" + "extensions.getAddons.search.browseURL" + "https://gnuzilla.gnu.org/mozzarella") + (format #t "pref(~s, ~s);~%" + "extensions.getAddons.get.url" + "https://gnuzilla.gnu.org/mozzarella") + (format #t "pref(~s, ~s);~%" + "extensions.getAddons.link.url" + "https://gnuzilla.gnu.org/mozzarella") + (format #t "pref(~s, ~s);~%" + "extensions.getAddons.discovery.api_url" + "https://gnuzilla.gnu.org/mozzarella") + (format #t "pref(~s, ~s);~%" + "extensions.getAddons.langpacks.url" + "https://gnuzilla.gnu.org/mozzarella") + (format #t "pref(~s, ~s);~%" + "lightweightThemes.getMoreURL" + "https://gnuzilla.gnu.org/mozzarella")))))) + (replace 'wrap-program + (lambda* (#:key inputs #:allow-other-keys) + (let* ((gtk #$(this-package-input "gtk+")) + (gtk-share (string-append gtk "/share")) + (fonts.conf (in-vicinity + #$output + "lib/torbrowser/fontconfig/fonts.conf")) + (ld-libs '#$(cons + (file-append + (this-package-input "libcanberra") + "/lib/gtk-3.0/modules") + (map + (lambda (label) + (file-append + (this-package-input label) "/lib")) + '("libpng-apng" + "libxscrnsaver" + "mesa" + "pciutils" + "mit-krb5" + "eudev" + "pulseaudio" + "libnotify"))))) + (wrap-program + (in-vicinity #$output "lib/torbrowser/torbrowser") + `("XDG_DATA_DIRS" prefix (,gtk-share)) + `("LD_LIBRARY_PATH" prefix ,ld-libs) + `("FONTCONFIG_FILE" prefix (,fonts.conf)))))) + (replace 'install-desktop-entry + (lambda _ + (let ((apps (in-vicinity #$output "share/applications"))) + (mkdir-p apps) + (make-desktop-entry-file + (in-vicinity apps "torbrowser.desktop") + #:name "Tor Browser" + #:exec + (format #f "~a %u" (in-vicinity #$output "bin/torbrowser")) + #:comment + "Tor Browser is +1 for privacy and -1 for mass surveillance" + #:categories '("Network" "WebBrowser" "Security") + #:startup-w-m-class "Tor Browser" + #:icon "tor-browser")))) + (replace 'install-icons + (lambda* (#:key inputs #:allow-other-keys) + (for-each + (lambda (size) + (let ((oldpath (string-append + "browser/branding/tb-release/default" + size ".png")) + (newpath (string-append #$output + "/share/icons/hicolor/" + size "x" size "/apps"))) + (mkdir-p newpath) + (copy-file oldpath + (in-vicinity newpath "tor-browser.png")))) + '("16" "22" "24" "32" "48" "64" "128" "256")))))))) + (inputs + (modify-inputs (package-inputs icecat-minimal) + (append bash-minimal + tor-client + torbrowser-assets))) + (propagated-inputs + (list noscript/icecat)) + (home-page "https://www.torproject.org") + (synopsis "Anonymous browser derived from Mozilla Firefox") + (description + "Tor Browser is the Tor Project version of Firefox browser. It is the +only recommended way to anonymously browse the web that is supported by the +project. It modifies Firefox in order to avoid many know application level +attacks on the privacy of Tor users.") + (license license:mpl2.0))) ;And others, see + ;toolkit/content/license.html base-commit: bb3ab24a296ffa5273b2e82a02ed057e90c095f3 prerequisite-patch-id: 51e2c2aaf5262d0d9001b0b5c37836060291f55d -- 2.41.0