Also finish including the Linux build of obfsproxy and fteproxy.

Based on gitian/descriptors/windows/gitian-pluggable-transports.yml
from tor-browser-bundle.git.

Georg Koppen authored 7 years ago and boklm committed 7 years ago

This reverts commit cec0a1d7

That's properly fixed in NoScript >= 5.0.7.1, thus removing our
workaround.

Update rbm, fixing a 'git checkout --detach' error due to the lack of
master branch on tor-browser.git.

There is no runc package available on Ubuntu 14.04.

tor-browser-bundle.git author: Georg Koppen <gk@torproject.org>

This fixes bug 22067.

tor-browser-bundle.git author: Georg Koppen <gk@torproject.org>
tor-browser-bundle.git commit: 0437834017c1c7ff168da868d9dcb2f2519fd122

This should allow multiple users to do builds on the same machine.

We bump our GCC compiler to 5.4.0 as this fixes some bugs
in previous versions. It allows us in particular to build
debug builds for Windows with mingw-w64.

tor-browser-bundle.git author: Georg Koppen <gk@torproject.org>

Kathleen Brade authored 7 years ago and boklm committed 7 years ago

Whitelist about:tor so that NoScript does not block its JavaScript.

tor-browser-bundle.git author: David Fifield <david@bamsoftware.com>
tor-browser-bundle.git commit: 26e0cd44f2886bfad1c3d30844ff7a21eb9d0478

Commit message from the tor-browser-bundle.git commit:

Build go-webrtc and snowflake in the mac pluggable-transports descriptor.

I had to apply two tricks to get a reproducible snowflake-client.

The first is to use faketime to eliminate some timestamps. There were 11
variable timestamps in the file. Through experimentation, I found that
10 of them were dependent on the Go runtime (recompiling Go caused them
to change) and 1 was dependent on snowflake-client itself (recompiling
snowflake-client with the same runtime changed only that 1 timestamp).
The underlying issue has to do with clang 3.8.0 on Darwin embedding
timestamps, unsolved in the Go issue tracker as of 13 days ago.
https://github.com/golang/go/issues/9206#issuecomment-310476743

The second is a sed command to clobber embedded paths of the form
/tmp/go-buildXXXXXXXXX and /tmp/go-link-XXXXXXXXX. Their presence is
caused by some combination of Clang and Darwin, and there is as yet no
known workaround upstream.

tor-browser-bundle.git author: David Fifield <david@bamsoftware.com>
tor-browser-bundle.git commit: fcdc2be0a2da32a939e172564300d5a09259b75e

Object files from elsewhere under out/ should never have been included,
because they are not part of webrtc itself, but rather side-effect build
artifacts like gn. Including those extraneous .o files was mostly
harmless (except for library size), because on linux they happened to be
the same architecture as the webrtc.o files. However it won't work for
the mac build (because libwebrtc-magic.a would include a mix of linux
ELF and mac Mach-O objects). Additionally, build_time.o, part of the gn
build, embeds a timestamp with month resolution, causing a failure of
reproducibility, as found at https://bugs.torproject.org/22832.

tor-browser-bundle.git author: David Fifield <david@bamsoftware.com>
tor-browser-bundle.git commit: 781da76f120f849416c772cef45a9a9a103b4eef

tor-browser-bundle.git author: Georg Koppen <gk@torproject.org>
tor-browser-bundle.git commit: 515f9581b36e87d8180d2e74d57a9aed11d7c1e2

tor-browser-bundle.git author: Georg Koppen <gk@torproject.org>
tor-browser-bundle.git commit: 321ad6021df0b3d55625c5bd88dcfc5acdf112f8
tor-browser-bundle.git commit: ade53c43e1230a05e0b138b3ade92914e9d9a279
tor-browser-bundle.git commit: 638da360d67407b2866f0747a5df40d8ae36af78

Georg Koppen authored 7 years ago and boklm committed 7 years ago

Due to a bug in NoScript's XSS filter Tor Browser freezes on some websites.
We disable that filter for now while waiting on a NoScript update.

Those wrappers are no longer necessary to produce PIE binaries.

Georg Koppen authored 7 years ago and boklm committed 7 years ago

We need to allow JavaScript on `about:cache` explicitly. Otherwise it is
broken on higher security levels.

tor-browser-bundle.git author: David Fifield <david@bamsoftware.com>
tor-browser-bundle.git commit: fbe1263eb9601e5d435131aa3d96306b8bfdb465

Remove workaround for fixed upstream bug, GitHub #17732
(__MAC_OS_X_VERSION_MAX_ALLOWED).

I wasn't able to remove the cc-for-target workaround for GitHub #15457
(CC_FOR_TARGET). Even though according to
https://github.com/golang/go/issues/15457 it has been
been fixed, make.bash still seems to lose all but the first argument of
CC_FOR_TARGET somewhere.

tor-browser-bundle.git author: David Fifield <david@bamsoftware.com>
tor-browser-bundle.git commit: 9d546f20ae711e7df9c574d9bdfccf34ddf1b650

This reverts commit dd6349a4.

The problem was the script for recreating the .dmg files after the
code-signing set the permissions wrong. No need to fix anything in the
bundle descriptor.

tor-browser-bundle.git author: Georg Koppen <gk@torproject.org>
tor-browser-bundle.git commit: 082738a4bd83943d97e084fa04045e481772b998

We don't ship the clearkey DRM system yet, thus we don't need to strip
the respective binaries.

tor-browser-bundle.git author: Georg Koppen <gk@torproject.org>
tor-browser-bundle.git commit: e8d869e142439436104b8b1f8b807406fd68e104
tor-browser-bundle.git commit: c18c6f80c49d7da97d006d3fd5201b11f1312bbc

Georg Koppen authored 7 years ago and boklm committed 7 years ago

We need to allow JavaScript on `about:tabcrashed` pages explicitly.
Otherwise are those pages broken on higher security levels.