Received: by mail.netbsd.org (Postfix, from userid 605) id AB17384D52; Tue, 28 Apr 2020 19:38:50 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 33B7B84D25 for ; Tue, 28 Apr 2020 19:38:50 +0000 (UTC) X-Virus-Scanned: amavisd-new at netbsd.org Received: from mail.netbsd.org ([IPv6:::1]) by localhost (mail.netbsd.org [IPv6:::1]) (amavisd-new, port 10025) with ESMTP id VlTQGqT9hjac for ; Tue, 28 Apr 2020 19:38:49 +0000 (UTC) Received: from cvs.NetBSD.org (ivanova.NetBSD.org [IPv6:2001:470:a085:999:28c:faff:fe03:5984]) by mail.netbsd.org (Postfix) with ESMTP id 6122184CD8 for ; Tue, 28 Apr 2020 19:38:49 +0000 (UTC) Received: by cvs.NetBSD.org (Postfix, from userid 500) id 5A892FB27; Tue, 28 Apr 2020 19:38:49 +0000 (UTC) Content-Transfer-Encoding: 7bit Content-Type: multipart/mixed; boundary="_----------=_15881027297120" MIME-Version: 1.0 Date: Tue, 28 Apr 2020 19:38:49 +0000 From: "Thomas Klausner" Subject: CVS commit: pkgsrc/security/tor-browser To: pkgsrc-changes@NetBSD.org Reply-To: wiz@netbsd.org X-Mailer: log_accum Message-Id: <20200428193849.5A892FB27@cvs.NetBSD.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: pkgsrc-changes.NetBSD.org Precedence: bulk List-Unsubscribe: This is a multi-part message in MIME format. --_----------=_15881027297120 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Module Name: pkgsrc Committed By: wiz Date: Tue Apr 28 19:38:49 UTC 2020 Modified Files: pkgsrc/security/tor-browser: MESSAGE Makefile distinfo pkgsrc/security/tor-browser/patches: patch-xpcom_io_TorFileUtils.cpp Added Files: pkgsrc/security/tor-browser/patches: patch-browser_app_profile_000-tor-browser.js Log Message: tor-browser: update to 9.0.9nb2. Automatically install the noscript extension. (https-everywhere package is ready, but doesn't work.) Change the default path in the home directory to ".tor-browser" to be more similar to other mozilla products. By default, use the standard tor port. No separate instance of tor is started for tor-browser from pkgsrc. To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 pkgsrc/security/tor-browser/MESSAGE cvs rdiff -u -r1.60 -r1.61 pkgsrc/security/tor-browser/Makefile cvs rdiff -u -r1.17 -r1.18 pkgsrc/security/tor-browser/distinfo cvs rdiff -u -r0 -r1.1 \ pkgsrc/security/tor-browser/patches/patch-browser_app_profile_000-tor-browser.js cvs rdiff -u -r1.2 -r1.3 \ pkgsrc/security/tor-browser/patches/patch-xpcom_io_TorFileUtils.cpp Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. --_----------=_15881027297120 Content-Disposition: inline Content-Length: 7132 Content-Transfer-Encoding: binary Content-Type: text/x-diff; charset=us-ascii Modified files: Index: pkgsrc/security/tor-browser/MESSAGE diff -u pkgsrc/security/tor-browser/MESSAGE:1.2 pkgsrc/security/tor-browser/MESSAGE:1.3 --- pkgsrc/security/tor-browser/MESSAGE:1.2 Mon May 27 12:55:38 2019 +++ pkgsrc/security/tor-browser/MESSAGE Tue Apr 28 19:38:49 2020 @@ -1,19 +1,13 @@ =========================================================================== -$NetBSD: MESSAGE,v 1.2 2019/05/27 12:55:38 wiz Exp $ +$NetBSD: MESSAGE,v 1.3 2020/04/28 19:38:49 wiz Exp $ This package provides the Tor Browser. -Be sure to start the Tor daemon before you start Tor Browser. You should install the following extensions to ensure secure Tor connections: HTTPS Everywhere https://addons.mozilla.org/en-US/firefox/addon/https-everywhere/ -NoScript Security Suite -https://addons.mozilla.org/en-US/firefox/addon/noscript/ - -net/tor provides a socks proxy at localhost:9050. However, Tor Browser -assumes a sock proxy at localhost:9150. Be sure to change the port -number in the Tor Browser preferences. +Be sure to start the Tor daemon before you start Tor Browser! =========================================================================== Index: pkgsrc/security/tor-browser/Makefile diff -u pkgsrc/security/tor-browser/Makefile:1.60 pkgsrc/security/tor-browser/Makefile:1.61 --- pkgsrc/security/tor-browser/Makefile:1.60 Sun Apr 12 08:29:11 2020 +++ pkgsrc/security/tor-browser/Makefile Tue Apr 28 19:38:49 2020 @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.60 2020/04/12 08:29:11 adam Exp $ +# $NetBSD: Makefile,v 1.61 2020/04/28 19:38:49 wiz Exp $ DISTNAME= src-firefox-tor-browser-68.7.0esr-9.0-2-build1 PKGNAME= tor-browser-9.0.9 -PKGREVISION= 1 +PKGREVISION= 2 CATEGORIES= security www MASTER_SITES= https://dist.torproject.org/torbrowser/${PKGVERSION_NOREV}/ EXTRACT_SUFX= .tar.xz @@ -16,13 +16,15 @@ LICENSE= mpl-1.1 WRKSRC= ${WRKDIR}/${DISTNAME:S/src-//} DEPENDS+= tor-[0-9]*:../../net/tor - -EXTRACT_USING= bsdtar +#DEPENDS+= tor-browser-https-everywhere-[0-9]*:../../security/tor-browser-https-everywhere +DEPENDS+= tor-browser-noscript-[0-9]*:../../security/tor-browser-noscript # How to update this package: # # replace all patches with the one from the correspoding www/firefox${ESR_RELEASE} -# BUT keep patch-xpcom_io_TorFileUtils.cpp! (and if necessary patch-.mozconfig) +# BUT keep patch-xpcom_io_TorFileUtils.cpp +# AND keep patch-browser_app_profile_000-tor-browser.js +# (AND if necessary patch-.mozconfig) # make the patches apply # # when packaged up, read MESSAGE and test by visiting https://check.torproject.org Index: pkgsrc/security/tor-browser/distinfo diff -u pkgsrc/security/tor-browser/distinfo:1.17 pkgsrc/security/tor-browser/distinfo:1.18 --- pkgsrc/security/tor-browser/distinfo:1.17 Fri Apr 10 19:18:00 2020 +++ pkgsrc/security/tor-browser/distinfo Tue Apr 28 19:38:49 2020 @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.17 2020/04/10 19:18:00 wiz Exp $ +$NetBSD: distinfo,v 1.18 2020/04/28 19:38:49 wiz Exp $ SHA1 (src-firefox-tor-browser-68.7.0esr-9.0-2-build1.tar.xz) = c9be70c6cbbac9d73d1aee930703ea4d013725df RMD160 (src-firefox-tor-browser-68.7.0esr-9.0-2-build1.tar.xz) = 6289e342fa8e99c21098331d153beb6d88bc39b2 @@ -6,6 +6,7 @@ SHA512 (src-firefox-tor-browser-68.7.0es Size (src-firefox-tor-browser-68.7.0esr-9.0-2-build1.tar.xz) = 348594032 bytes SHA1 (patch-.mozconfig) = 66fbb2f113091eee1f022cd656231f845b04b0f8 SHA1 (patch-aa) = 9f7200c411cd2217a80ec10a276c8877bc6b845c +SHA1 (patch-browser_app_profile_000-tor-browser.js) = 545cf6e80f061a6a58b429d2696046de4e34725f SHA1 (patch-browser_app_profile_firefox.js) = 076cc2892547bac07fe907533f4e821f13f5738e SHA1 (patch-dom_base_nsAttrName.h) = ac7ba441a3b27df2855cf2673eea36b1cb44ad49 SHA1 (patch-dom_media_CubebUtils.cpp) = 3cd2c65ab281d802c56216565970450767a3fb24 @@ -38,5 +39,5 @@ SHA1 (patch-toolkit_mozapps_installer_pa SHA1 (patch-toolkit_xre_glxtest.cpp) = 04942938f45f326c7d5c4da3bf8cc2d09b977c69 SHA1 (patch-xpcom_base_nscore.h) = 1ac4d34d3c9e80bc1ac966c6c84cb320bc0fa1ec SHA1 (patch-xpcom_build_BinaryPath.h) = 92461769d2fee8f015b91a5326247f271afeedea -SHA1 (patch-xpcom_io_TorFileUtils.cpp) = c23d867b5a97a4c169198831b816b1bcef8dc630 +SHA1 (patch-xpcom_io_TorFileUtils.cpp) = 3f5c5490a3e4e0117cca3c558de93f2ffea05405 SHA1 (patch-xpcom_reflect_xptcall_md_unix_moz.build) = 6956c90d4c74c71e7e9a5882e4840ba2673160fa Index: pkgsrc/security/tor-browser/patches/patch-xpcom_io_TorFileUtils.cpp diff -u pkgsrc/security/tor-browser/patches/patch-xpcom_io_TorFileUtils.cpp:1.2 pkgsrc/security/tor-browser/patches/patch-xpcom_io_TorFileUtils.cpp:1.3 --- pkgsrc/security/tor-browser/patches/patch-xpcom_io_TorFileUtils.cpp:1.2 Mon Feb 25 15:32:24 2019 +++ pkgsrc/security/tor-browser/patches/patch-xpcom_io_TorFileUtils.cpp Tue Apr 28 19:38:49 2020 @@ -1,4 +1,6 @@ -$NetBSD: patch-xpcom_io_TorFileUtils.cpp,v 1.2 2019/02/25 15:32:24 wiz Exp $ +$NetBSD: patch-xpcom_io_TorFileUtils.cpp,v 1.3 2020/04/28 19:38:49 wiz Exp $ + +Set default directory for configuration files and profiles to $HOME/.tor-browser --- xpcom/io/TorFileUtils.cpp.orig 2019-02-23 20:01:00.000000000 +0000 +++ xpcom/io/TorFileUtils.cpp @@ -14,7 +16,7 @@ $NetBSD: patch-xpcom_io_TorFileUtils.cpp + nsresult rv = NS_NewNativeLocalFile(nsDependentCString(homeDir), true, + getter_AddRefs(tbDataDir)); + NS_ENSURE_SUCCESS(rv, rv); -+ nsAutoCString leafSubdir(NS_LITERAL_CSTRING("TorBrowser-Data")); ++ nsAutoCString leafSubdir(NS_LITERAL_CSTRING(".tor-browser")); + rv = tbDataDir->AppendNative(leafSubdir); + NS_ENSURE_SUCCESS(rv, rv); +#elif TOR_BROWSER_DATA_OUTSIDE_APP_DIR Added files: Index: pkgsrc/security/tor-browser/patches/patch-browser_app_profile_000-tor-browser.js diff -u /dev/null pkgsrc/security/tor-browser/patches/patch-browser_app_profile_000-tor-browser.js:1.1 --- /dev/null Tue Apr 28 19:38:49 2020 +++ pkgsrc/security/tor-browser/patches/patch-browser_app_profile_000-tor-browser.js Tue Apr 28 19:38:49 2020 @@ -0,0 +1,22 @@ +$NetBSD: patch-browser_app_profile_000-tor-browser.js,v 1.1 2020/04/28 19:38:49 wiz Exp $ + +Despite the warning at the top of this file, we change the default for the socks +port in pkgsrc from 9150 to 9050. + +9150 is used for distributions where tor is bundled with tor-browser, so the +standard port can't be used because another tor may already be running there. + +pkgsrc's tor-browser uses the system-wide installation of tor and thus should use +its default port to minimize manual setup steps for the end users. + +--- browser/app/profile/000-tor-browser.js.orig 2020-04-04 03:09:31.000000000 +0000 ++++ browser/app/profile/000-tor-browser.js +@@ -161,7 +161,7 @@ pref("network.predictor.enabled", false) + + // Proxy and proxy security + pref("network.proxy.socks", "127.0.0.1"); +-pref("network.proxy.socks_port", 9150); ++pref("network.proxy.socks_port", 9050); + pref("network.proxy.socks_remote_dns", true); + pref("network.proxy.no_proxies_on", ""); // For fingerprinting and local service vulns (#10419) + pref("network.proxy.allow_hijacking_localhost", true); // Allow proxies for localhost (#31065) --_----------=_15881027297120--