tor-browser-build issueshttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues2024-02-05T18:15:26Zhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/41010Create a project to ship tor binaries in an Android-developer friendly way2024-02-05T18:15:26ZrichardCreate a project to ship tor binaries in an Android-developer friendly way`tor-onion-proxy-library` is going away, we need to setup the torrc and populate tor+PTs using the `tor-expert-bundle` project`tor-onion-proxy-library` is going away, we need to setup the torrc and populate tor+PTs using the `tor-expert-bundle` projectSponsor 96: Rapid Expansion of Access to the Uncensored Internet through Tor in China, Hong Kong, & Tibethttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/13770BusyBox-style bundling of Go programs can save space2024-02-01T16:18:17ZDavid Fifielddcf@torproject.orgBusyBox-style bundling of Go programs can save spaceMike suggested that compiling all the Go programs into one executable à la BusyBox could save space because there would be only one static copy of the Go runtime.Mike suggested that compiling all the Go programs into one executable à la BusyBox could save space because there would be only one static copy of the Go runtime.https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/21939start-tor-browser.desktop hack will soon stop working2024-01-30T09:22:28ZMicah Leestart-tor-browser.desktop hack will soon stop workingThe Linux version of Tor Browser is made more usable by a kind of hacky `start-tor-browser.desktop` file. Users can both execute it in a terminal to launch Tor Browser, and also double-click it from a GUI file manager like nautilus.
How...The Linux version of Tor Browser is made more usable by a kind of hacky `start-tor-browser.desktop` file. Users can both execute it in a terminal to launch Tor Browser, and also double-click it from a GUI file manager like nautilus.
However, `.desktop` files can be used to hide malware. See this upstream nautilus bug [1], which has already been resolved. Also see this blog post [2] for more about how this bug allows attackers to compromise Subgraph OS.
Once this patch makes it to the versions of nautilus that Linux users have installed on their computers, the Tor Browser desktop file will break. Instead of saying "Tor Browser" with the Tor icon, it will say "start-tor-browser.desktop" with a default icon, and when the user tries double-clicking it it will pop up an "Untrusted application launcher" warning that the user has to click through.
One possible solution to this problem is to start distributing Tor Browser as a real Linux package that can be installed system-wide, with a `.desktop` file installed to `/usr/share/applications` like other software. I discussed this idea a bit in this thread [3].
[1] https://bugzilla.gnome.org/show_bug.cgi?id=777991
[2] https://micahflee.com/2017/04/breaking-the-security-model-of-subgraph-os/
[3] https://lists.torproject.org/pipermail/tor-meeting/2017-March/000162.htmlhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/41071Customize the GTK default font on Linux2024-01-29T18:31:10ZPier Angelo VendrameCustomize the GTK default font on LinuxThe updater is showing in some serif font (I think Stix Math Two, which fontconfig likes a lot because of the version number).
We could customize the GTK default font to Arimo (our current default font in Tor Browser), which should fix ...The updater is showing in some serif font (I think Stix Math Two, which fontconfig likes a lot because of the version number).
We could customize the GTK default font to Arimo (our current default font in Tor Browser), which should fix this behavior.https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/41069Unify the `start-$browser-browser` and the `$browser` scripts2024-01-25T14:34:45ZPier Angelo VendrameUnify the `start-$browser-browser` and the `$browser` scriptsCurrently, we ship two scripts: one is `start-tor-browser`/`start-mullvad-browser`, the other one is `firefox`/`mullvadbrowser`.
The reason seems to be related to the updater (passing the directory with the `libstdc++6` we ship to `LD_LI...Currently, we ship two scripts: one is `start-tor-browser`/`start-mullvad-browser`, the other one is `firefox`/`mullvadbrowser`.
The reason seems to be related to the updater (passing the directory with the `libstdc++6` we ship to `LD_LIBRARY_PATH` when needed).
However, some users might be launching `firefox` instead of `start-tor-browser` (or even worse, the actual binary - `firefox.real`!).
This is a risk, because they're missing home isolation and especially the fontconfig settings.
Could we do something to unify these scripts instead?
The first course of action would be to test Tor/Mullvad Browser (and the updater) in an old system, to trigger the need to use our libstdc++.https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/41064Update tools/signing/README and add a tools/signing/machines-setup/README2024-01-18T15:05:06ZboklmUpdate tools/signing/README and add a tools/signing/machines-setup/READMEWe should update `tools/signing/README` for latest changes, and also
point to the issue templates for usage information.
We should also create `tools/signing/machines-setup/README` to document
how the setup of the signing machines is done.We should update `tools/signing/README` for latest changes, and also
point to the issue templates for usage information.
We should also create `tools/signing/machines-setup/README` to document
how the setup of the signing machines is done.boklmboklmhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/40955Translate the Windows installer2024-01-12T09:26:02ZPier Angelo VendrameTranslate the Windows installerWe have a few strings in the NSIS installer that we don't translate.
NSIS itself doesn't have a nice way to create translations: we'd need to load strings at build time from a standard language and include them in the script.
See [Crea...We have a few strings in the NSIS installer that we don't translate.
NSIS itself doesn't have a nice way to create translations: we'd need to load strings at build time from a standard language and include them in the script.
See [Creating language files and integrating with MUI](https://nsis.sourceforge.io/Creating_language_files_and_integrating_with_MUI) and [`LangString`](https://nsis.sourceforge.io/Reference/LangString).https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/29318Drop mingw-w64/gcc toolchain2024-01-10T13:32:54ZGeorg KoppenDrop mingw-w64/gcc toolchainThis ticket is the parent ticket for all things related to dropping the mingw-w64/gcc toolchain in favor of our new mingw-w64/clang one.This ticket is the parent ticket for all things related to dropping the mingw-w64/gcc toolchain in favor of our new mingw-w64/clang one.https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/40815Include platform details in some artifact filenames2024-01-10T08:30:59ZPier Angelo VendrameInclude platform details in some artifact filenamesSome artifacts are tied to a certain platform (e.g., Mingw, Rust, etc).
Sometimes knowing it at a glance could be useful (e.g., when reusing these artifacts outside tor-browser-build, e.g., to create a container for local incremental bu...Some artifacts are tied to a certain platform (e.g., Mingw, Rust, etc).
Sometimes knowing it at a glance could be useful (e.g., when reusing these artifacts outside tor-browser-build, e.g., to create a container for local incremental builds).
We could do that when updating the toolchains for the next ESR.
List of artifacts to fix:
- [x] ~~`mingw-w64-clang`~~ -> switched to single package for both 32-bit and 64-bit
- [x] Rust
- [ ] Binutilshttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/41012Create a script to produce a graph representation of dependencies2024-01-09T15:00:54ZPier Angelo VendrameCreate a script to produce a graph representation of dependenciesFrom tpo/community/hackweek#25: we could create a script to produce a visual representation of our dependencies.From tpo/community/hackweek#25: we could create a script to produce a visual representation of our dependencies.Pier Angelo VendramePier Angelo Vendramehttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/41013Add a README to each project2024-01-09T15:00:52ZPier Angelo VendrameAdd a README to each projectPart of tpo/community/hackweek#25.
- [x] android-toolchain
- [x] application-services
- [x] binutils
- [x] browser
- [x] cbindgen
- [x] cctools
- [x] clang
- [x] cmake
- [x] common
- [x] conjure
- [x] container-image
- [x] firefox
- [x]...Part of tpo/community/hackweek#25.
- [x] android-toolchain
- [x] application-services
- [x] binutils
- [x] browser
- [x] cbindgen
- [x] cctools
- [x] clang
- [x] cmake
- [x] common
- [x] conjure
- [x] container-image
- [x] firefox
- [x] firefox-android
- [x] firefox-l10n
- [x] fonts
- [x] fxc2
- [x] gcc
- [x] gcc-source
- [x] geckoview
- [x] glean
- [x] go
- [x] go-bootstrap
- [x] gradle
- [x] hfsplus-tools
- [x] libdmg-hfsplus
- [x] libevent
- [x] libtapi
- [x] llvm-project
- [x] llvm-runtimes
- [ ] lox-wasm --> need info from the AC team
- [x] lyrebird
- [x] macosx-toolchain
- [x] manual
- [x] mar-tools --> need info (maybe from boklm)
- [x] mingw-w64
- [x] mingw-w64-clang
- [x] mmdebstrap
- [x] mmdebstrap-image
- [x] nasm
- [x] ninja
- [x] node
- [x] nsis
- [x] openssl
- [x] osslsigncode
- [x] python
- [x] rcodesign
- [ ] release --> need info (from boklm)
- [x] rust
- [x] snowflake
- [x] tor
- [x] tor-android-service
- [x] tor-expert-bundle
- [x] tor-onion-proxy-library
- [x] translation
- [x] wasi-config
- [x] wasi-libc
- [x] wasi-sysroot
- [ ] wasm-bindgen --> need info (from cohosh)
- [x] webtunnel
- [ ] yubihsm-shell --> need info (maybe from boklm)
- [x] zlib
- [x] zstdPier Angelo VendramePier Angelo Vendramehttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/41040Add configuration to rbm.conf to select channel and platforms2024-01-09T15:00:50ZboklmAdd configuration to rbm.conf to select channel and platformsCurrently we select the channel and platforms of a release with the make
command we use to start the build. I think we could define this
somewhere in `rbm.conf`, so that we can start the build with something
like `make torbrowser` or `ma...Currently we select the channel and platforms of a release with the make
command we use to start the build. I think we could define this
somewhere in `rbm.conf`, so that we can start the build with something
like `make torbrowser` or `make mullvadbrowser`, automatically selecting
the right channel and platforms to build.
The information about which platforms a release is for can also be used
for #40994.
At the same time we can also rename `var/torbrowser_version`,
`var/torbrowser_build`, `var/torbrowser_incremental_from` to remove the
torbrowser part (since this is used in mullvadbrowser too).https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/41035Replace make list_translation_updates-release with make update_translation_gi...2024-01-09T15:00:07ZboklmReplace make list_translation_updates-release with make update_translation_git_hash-release```
* ma1 wonders why make list_translation_updates-release just tells you about the updated hashes rather than patching projects/translations/config directly
< boklm> ma1: I think because it was more work, but that looks like an impro...```
* ma1 wonders why make list_translation_updates-release just tells you about the updated hashes rather than patching projects/translations/config directly
< boklm> ma1: I think because it was more work, but that looks like an improvement we can do
```https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/41032Add command to compare sha256sums-unsigned-build.txt from local build and dow...2024-01-09T14:59:40ZboklmAdd command to compare sha256sums-unsigned-build.txt from local build and downloaded buildFor #40997, in order to make it easier to check that a local build is
matching the published build, we can add some commands that will:
- download published build from archive.tpo
- compare `sha256sums-unsigned-build.txt` and
`sha256su...For #40997, in order to make it easier to check that a local build is
matching the published build, we can add some commands that will:
- download published build from archive.tpo
- compare `sha256sums-unsigned-build.txt` and
`sha256sums-unsigned-build.incrementals.txt` from local and downloaded
builds
- compare signed and unsigned exe files (#41030)
- compare signed and unsigned mar files (#41031)boklmboklmhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/41019Sign dmg files2024-01-09T14:56:01ZboklmSign dmg filesWe are currently signing the content of dmg files, but not the dmg file
itself.We are currently signing the content of dmg files, but not the dmg file
itself.boklmboklmhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/40994Add support in do-all-signing to sign release for some archs only2023-12-07T13:28:57ZboklmAdd support in do-all-signing to sign release for some archs onlyCurrently when we want to sign a release for some of the platforms only,
we need to comment some steps in `do-all-signing`. We should add some
options to make it easier to disable/enable signing of some of the
platforms.Currently when we want to sign a release for some of the platforms only,
we need to comment some steps in `do-all-signing`. We should add some
options to make it easier to disable/enable signing of some of the
platforms.https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/40644How to build on fedora OS2023-12-06T09:41:19ZhenryHow to build on fedora OS## Problem
If I try and build on fedora OS with
```
make torbrowser-nightly-linux-x86_64
```
it fails to complete
```
...
Building project browser - tor-browser-tbb-nightly.2022.10.18-linux-x86_64-7f0811
Building project container-im...## Problem
If I try and build on fedora OS with
```
make torbrowser-nightly-linux-x86_64
```
it fails to complete
```
...
Building project browser - tor-browser-tbb-nightly.2022.10.18-linux-x86_64-7f0811
Building project container-image - container-image_jessie-amd64-59db6374f8fc.tar.gz
Building project mmdebstrap-image - container-image_jessie-amd64-1.tar.gz
Using file [...]/tor-browser-build/out/mmdebstrap/mmdebstrap-src-0.8.6-dff0a4.tar.gz
Using file [...]/tor-browser-build/out/mmdebstrap-image/container-image_ubuntu-base-22.04-base-amd64.tar.gz
Build log: [...]/tor-browser-build/logs/mmdebstrap-image.log
Error running build
```
Looking in `mmdebstrap-image.log` the first error I see is
```
dpkg: error processing archive /var/cache/apt/archives//acl_2.2.52-2_amd64.deb (--install):
cannot get security labeling handle: No such file or directory
```
followed by lots of messages like this:
```
dpkg: regarding .../base-files_8+deb8u11_amd64.deb containing base-files, pre-dependency problem:
base-files pre-depends on awk
awk is not installed.
```
## Expected
Some way to build on fedora OS. We should add this information to `README` or`/doc/BUILD_ERRORS.txt`Sponsor 131 - Phase 5 - Ongoing Maintenanceboklmboklmhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/40997Document how to verify reproducibility of build of a mullvad/tor browser release2023-11-30T11:45:24ZboklmDocument how to verify reproducibility of build of a mullvad/tor browser releaseI think many users don't know that our builds are reproducible, or how
they can rebuild to verify that they get a matching build.
We could generate a `reproducible-build.txt` file in the release
directory containing the following inform...I think many users don't know that our builds are reproducible, or how
they can rebuild to verify that they get a matching build.
We could generate a `reproducible-build.txt` file in the release
directory containing the following informations:
- which git repository to clone
- which commit to checkout
- which command to use to start the build
- which sha256sums to expect after the build finished
- how to remove embedded signatures from exe and mar files we publish
to check that they match the unsigned buildboklmboklmhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/26408Make MAR signature checks clearer when creating incremental MAR files2023-11-30T11:23:52ZGeorg KoppenMake MAR signature checks clearer when creating incremental MAR filesWe have
```
# bug 26054: make sure previous macOS version is code signed
if (($os eq 'osx64') && ! -f "$tmpdir/A/Contents/_CodeSignature/CodeResources") {
exit_error "Missing code signature in $from_version while creating...We have
```
# bug 26054: make sure previous macOS version is code signed
if (($os eq 'osx64') && ! -f "$tmpdir/A/Contents/_CodeSignature/CodeResources") {
exit_error "Missing code signature in $from_version while creating $mar_file";
}
if ($ENV{CHECK_CODESIGNATURE_EXISTS}) {
unless (-f "$tmpdir/A/Contents/_CodeSignature/CodeResources"
&& -f "$tmpdir/B/Contents/_CodeSignature/CodeResources") {
exit_error "Missing code signature while creating $mar_file";
}
}
```
checking twice whether essentially osx64 MAR files are signed. We should simplify that and be more verbose about why we are doing that and what the differences between both checks are. Otherwise this is easily confusing.
For simplification, I guess we don't need two separate if-clauses, rather the `CHECK_CODESIGNATURE_EXISTS` one could be part of the first one, just checking for `$tmpdir/B/Contents/_CodeSignature/CodeResources` (as the first condition is already taken care of by the first if-clause).https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/40988Make tool to compare signed and unsigned dmg2023-11-16T12:21:47ZboklmMake tool to compare signed and unsigned dmgSince macos code signing is modifying binary files to embed code
signatures, it is not easy to check that the dmg from our reproducible
build and the signed dmg we publish are the same apart from the
signatures.
I think we could make a ...Since macos code signing is modifying binary files to embed code
signatures, it is not easy to check that the dmg from our reproducible
build and the signed dmg we publish are the same apart from the
signatures.
I think we could make a tool to compare a signed and unsigned dmg.
It seems there is a `codesign --remove-signature` command that can be
used on macos to remove signatures. I don't know if the same can be done
on linux.
Maybe `rcodesign compute-code-hashes` can also help for that.