fixup! Bug 41089: Add tor-browser build scripts + Makefile to tor-browser

.DEFAULT_GOAL := all

# https://stackoverflow.com/questions/18136918/how-to-get-current-relative-directory-of-your-makefile

mkfile_path := $(shell dirname $(realpath $(firstword $(MAKEFILE_LIST))))

DEV_ROOT = $(mkfile_path)/../..

BINARIES = $(DEV_ROOT)/.binaries

BUILD_OUTPUT = $(DEV_ROOT)/obj-x86_64-pc-linux-gnu

mkfile_path := "$(shell dirname $(realpath $(firstword $(MAKEFILE_LIST))))"

DEV_ROOT = "$(mkfile_path)/../.."

BINARIES = "$(DEV_ROOT)/.binaries"

ARCHITECTURE = "$(shell uname -m)"

# Correct the architecture naming for ARM to match what mozilla has

ifeq ($(ARCHITECTURE), "arm64")

  ARCHITECTURE = "aarch64"

endif

# Define build output path based on the platform.

ifeq ("$(shell uname)", "Darwin")

  BUILD_OUTPUT = "$(DEV_ROOT)/obj-$(ARCHITECTURE)-apple-darwin$(shell uname -r)"

else

  BUILD_OUTPUT = "$(DEV_ROOT)/obj-$(ARCHITECTURE)-pc-linux-gnu"

endif

# Define the run command based on the platform.

ifeq ("$(shell uname)", "Darwin")

  RUN_CMD := cd "$(BINARIES)/Tor Browser.app/Contents/MacOS/" && ./firefox

else

  RUN_CMD := "$(BINARIES)/dev/Browser/start-tor-browser" -v $(ARGS)

endif

config:

	./config.sh $(DEV_ROOT)

all: build deploy

run:

	$(BINARIES)/dev/Browser/start-tor-browser -v $(ARGS)

	$(RUN_CMD)

jslint:

	./jslint.sh $(DEV_ROOT) $(JS)

#!/bin/bash

CERTNAME=my-codesign-cert-tor

BROWSERPATH=.

if [ $# -ge 1 ]

then

  BROWSERPATH=$1

fi

security find-certificate -c $CERTNAME > /dev/null

if [ $? -ne 0 ]

then

  echo ""

  echo "ERROR: Self Signing Certificate not found, please create:"

  echo "  1. In the Keychain Access app on your Mac, choose Keychain Access > Certificate Assistant > Create a Certificate."

  echo "  2. Enter the name '$CERTNAME' for the certificate"

  echo "  3. Choose an identity type:  Self Signed Root"

  echo "  4. Certificate Type > Code Signing"

  echo "  5. Check 'Let me override defaults' & click Continue."

  echo "  6. Enter a unique Serial Number. (123 is fine)"

  echo "  7. Enter a big Validity Period (days), like 3560 & click Continue."

  echo "  8. Fill in your personal information & click Continue."

  echo "  9. Accept defaults for the rest of the dialog boxes. (Continue several times)"

  echo "  10. Certificate Created! Click Done."

  echo ""

  echo "For additional help see:"

  echo "  https://support.apple.com/en-ca/guide/keychain-access/kyca8916/mac"

  echo "  https://stackoverflow.com/questions/58356844/what-are-the-ways-or-technologies-to-sign-an-executable-application-file-in-mac"

  echo ""

  read -n 1 -r -s -p $'Press enter to launch "Keychain Access"...\n'

  open /System/Applications/Utilities/Keychain\ Access.app

  exit -1

fi

echo "Found $CERTNAME, looking for browser to sign..."

if [ ! -f "$BROWSERPATH/XUL" ]

then

  TESTPATH="$BROWSERPATH/Contents/MacOS"

  if [ -f "$TESTPATH/XUL" ]

  then

      BROWSERPATH=$TESTPATH

  else

    echo "Error: browser files not detected in $BROWSERPATH!"

    echo "  This script needs to be run in the 'Contents/MacOS' directory of a SomeBrowser.app directory"

    exit -1

  fi

fi

echo "Mozilla based browser found, signing..."

echo '  Will be asked for password to certificate for all the things that need to be signed. Click "Always Allow" to automate'

cd "$BROWSERPATH"

codesign -s $CERTNAME *.dylib

codesign -s $CERTNAME plugin-container.app

if [ -d Tor ]

then

  codesign -s $CERTNAME Tor/PluggableTransports/*

  codesign -s $CERTNAME Tor/libevent-2.1.7.dylib

  if [ -f Tor/tor.real ]

  then

    codesign -s $CERTNAME Tor/tor.real

  fi

  if [ -f Tor/tor ]

  then

    codesign -s $CERTNAME Tor/tor

  fi

fi

codesign -s $CERTNAME XUL

if [ -d updater.app ]

then

  codesign -s $CERTNAME updater.app

fi

# mullvadbrowser

if [ -f mullvadbrowser ]

then

  codesign -s $CERTNAME mullvadbrowser

fi

# BB or TB

if [ -f firefox ]

then

  codesign -s $CERTNAME firefox

fi

echo ""

echo "Browser signing step done!"

echo ""

echo "App still needs one more override to be easily opened with double click in Finder"

echo "Alternatively you can right click it, select 'Open' and then select 'Open' from the override popup"

echo "Or to enable it to be double clicked to open perform the following"

echo ""

echo "Double click the app and select either 'Ok' or 'Cancel' from the warning popup depending on which you get (Do Not 'Move to Trash')"

echo 'Go to Preferences -> Security & Privacy and click on padlock to allow changes. '

echo '  Then in "Allow appications downloaded from" select either:'

echo '    - App Store and identified developers'

echo '    - Anywhere'

echo '  Below that may be a notice about your specific app saying it was blocked because it was not from an identified developer. Click "Open Anyways" and "Open"'

#!/bin/bash

set -e

BINARIES=$1

BUILD_OUTPUT=$2

SCRIPT_DIR=$(realpath "$(dirname "$0")")

BINARIES="$1"

BUILD_OUTPUT="$2"

SCRIPT_DIR="$(realpath "$(dirname "$0")")"

RESDIR="$BUILD_OUTPUT/dist/firefox"

if [ "$(uname)" = "Darwin" ]; then 

    RESDIR="$RESDIR/Tor Browser.app/Contents/Resources"

fi

# Add built-in bridges

mkdir -p $BUILD_OUTPUT/_omni/defaults/preferences

cat $BUILD_OUTPUT/dist/bin/browser/defaults/preferences/000-tor-browser.js $SCRIPT_DIR/bridges.js >> $BUILD_OUTPUT/_omni/defaults/preferences/000-tor-browser.js

cd $BUILD_OUTPUT/_omni && zip -Xmr $BUILD_OUTPUT/dist/firefox/browser/omni.ja defaults/preferences/000-tor-browser.js

rm -rf $BUILD_OUTPUT/_omni

mkdir -p "$BUILD_OUTPUT/_omni/defaults/preferences"

cat "$BUILD_OUTPUT/dist/bin/browser/defaults/preferences/000-tor-browser.js" "$SCRIPT_DIR/bridges.js" >> "$BUILD_OUTPUT/_omni/defaults/preferences/000-tor-browser.js"

cd "$BUILD_OUTPUT/_omni"

zip -Xmr "$RESDIR/browser/omni.ja" "defaults/preferences/000-tor-browser.js"

rm -rf "$BUILD_OUTPUT/_omni"

# Repackage the manual

# rm -rf $BUILD_OUTPUT/_omni

# mkdir $BUILD_OUTPUT/_omni

# unzip $BINARIES/dev/Browser/browser/omni.ja -d $BUILD_OUTPUT/_omni

# cd $BUILD_OUTPUT/_omni && zip -Xmr $BUILD_OUTPUT/dist/firefox/browser/omni.ja chrome/browser/content/browser/manual

# cd $BUILD_OUTPUT/_omni && zip -Xmr $RESDIR/browser/omni.ja chrome/browser/content/browser/manual

# rm -rf $BUILD_OUTPUT/_omni

if [ "$(uname)" = "Darwin" ]; then

    # copy binaries

    cp -r "$BUILD_OUTPUT/dist/firefox/Tor Browser.app/Contents/"* "$BINARIES/Tor Browser.app/Contents/"

    rm -rf "$BINARIES/TorBrowser-Data/Browser/Caches/*.default/startupCache"

    # Self sign the Binaries

    cd "$BINARIES/Tor Browser.app/Contents/MacOS"

    "$SCRIPT_DIR/browser-self-sign-macos.sh"

  else

    # backup the startup script

mv $BINARIES/dev/Browser/firefox $BINARIES/dev/Browser/firefox.bak

    mv "$BINARIES/dev/Browser/firefox" "$BINARIES/dev/Browser/firefox.bak"

    # copy binaries 

cp -r $BUILD_OUTPUT/dist/firefox/* $BINARIES/dev/Browser

rm -rf $BINARIES/dev/Browser/TorBrowser/Data/Browser/profile.default/startupCache

    cp -r "$RESDIR/"* "$BINARIES/dev/Browser"

    rm -rf "$BINARIES/dev/Browser/TorBrowser/Data/Browser/profile.default/startupCache"

    # shuffle firefox bin around and restore script to match a real deployment

mv $BINARIES/dev/Browser/firefox $BINARIES/dev/Browser/firefox.real

mv $BINARIES/dev/Browser/firefox.bak $BINARIES/dev/Browser/firefox

    mv "$BINARIES/dev/Browser/firefox" "$BINARIES/dev/Browser/firefox.real"

    mv "$BINARIES/dev/Browser/firefox.bak" "$BINARIES/dev/Browser/firefox"

fi

#!/bin/sh

set -e

BINARIES_DIR=$1

BINARIES_DIR="$1"

# download the current downloads.json

wget https://aus1.torproject.org/torbrowser/update_3/alpha/downloads.json

# get url for latest alpha linux en_US package

# get url for latest alpha linux package

TOR_BROWSER_VERSION=$(grep -Eo "\"version\":\"[0-9.a]+\"" downloads.json | grep -Eo "[0-9.a]+")

TOR_BROWSER_PACKAGE="tor-browser-linux64-${TOR_BROWSER_VERSION}_ALL.tar.xz"

if [ "$(uname)" = "Darwin" ]; then

    TOR_BROWSER_PACKAGE="tor-browser-macos-${TOR_BROWSER_VERSION}.dmg"

  else

    TOR_BROWSER_PACKAGE="tor-browser-linux-x86_64-${TOR_BROWSER_VERSION}.tar.xz"

fi

TOR_BROWSER_PACKAGE_URL="https://dist.torproject.org/torbrowser/${TOR_BROWSER_VERSION}/${TOR_BROWSER_PACKAGE}"

# remove download manifest

rm downloads.json

# clear out previous tor-browser and previous package

rm -rf "${BINARIES_DIR}/dev"

rm -rf "${BINARIES_DIR}"

rm -f "${TOR_BROWSER_PACKAGE}"

# download

rm -f "${TOR_BROWSER_PACKAGE}"

wget "${TOR_BROWSER_PACKAGE_URL}"

mkdir -p "${BINARIES_DIR}"

# and extract

tar -xf ${TOR_BROWSER_PACKAGE} -C "${BINARIES_DIR}"

if [ "$(uname)" = "Darwin" ]

  then

    hdiutil attach "${TOR_BROWSER_PACKAGE}"

    cp -R "/Volumes/Tor Browser/Tor Browser.app" "${BINARIES_DIR}"

    hdiutil detach "/Volumes/Tor Browser"

  else

    tar -xf "${TOR_BROWSER_PACKAGE}" -C "${BINARIES_DIR}"

    mv "${BINARIES_DIR}/tor-browser" "${BINARIES_DIR}/dev"

fi

# cleanup

# Final cleanup

rm -f "${TOR_BROWSER_PACKAGE}"