On Mon, Apr 13, 2020 at 12:01:16PM +0100, Stuart Henderson wrote:
> On 2020/04/12 20:36, Caspar Schutijser wrote:
> > On Fri, Apr 10, 2020 at 09:24:31PM +0200, Caspar Schutijser wrote:
> > > Below is a WIP diff that makes font fingerprinting defense work in
> > > our port of Tor Browser.
> >
> > Thanks for your feedback from both of you. I incorporated sthen@'s
> > feedback in the diff below (and besides that there's some fixes and
> > cleanup compared to the previous diff).
> >
> > I haven't received any test reports yet but as far as I can see, this
> > diff works as advertised. Further feedback is welcome, of course.
>
> Could you change how the js change is done please, normally patches are
> a better idea for non-bulk changes like this, but it results in a line
> containing UTF-8 in the patch context which I think is likely to cause
> some future problems with sending/applying diffs - this should do the
> trick:
>
> sed -i 's/#ifdef XP_LINUX/#if defined(XP_LINUX) ||
> defined(XP_OPENBSD)/' \
> ${WRKSRC}/browser/app/profile/000-tor-browser.js
Yes, of course. The diff below does that. Thanks. Briefly tested on
amd64.
Index: browser/Makefile
===================================================================
RCS file: /cvs/ports/www/tor-browser/browser/Makefile,v
retrieving revision 1.43
diff -u -p -r1.43 Makefile
--- browser/Makefile 9 Apr 2020 21:15:29 -0000 1.43
+++ browser/Makefile 13 Apr 2020 15:06:20 -0000
@@ -16,9 +16,12 @@ PATCHORIG = .pat.orig
PKGNAME = ${TB_PREFIX}-browser-${TB_VERSION}
DISTNAME = src-firefox-tor-browser-68.7.0esr-9.0-2-build1
+REVISION = 0
+FIX_EXTRACT_PERMISSIONS = Yes
DISTFILES += ${DISTNAME}.tar.xz \
- src-tor-launcher-${TL_VERSION}.tar.xz
+ src-tor-launcher-${TL_VERSION}.tar.xz \
+ tor-browser-linux64-${TB_VERSION}_en-US.tar.xz
SO_VERSION = 5.0
MOZILLA_LIBS = xul clearkey lgpllibs mozavcodec mozavutil mozgtk
@@ -99,6 +102,7 @@ CONFIGURE_ARGS += --with-libclang-path=$
CONFIGURE_ARGS += --with-clang-path=${LOCALBASE}/bin/clang
post-extract:
+ mv ${WRKDIR}/tor-browser_en-US ${WRKSRC}
mv ${WRKDIR}/tor-launcher-${TL_VERSION}/ \
${WRKSRC}/browser/extensions/tor-launcher
@@ -112,11 +116,17 @@ post-patch:
${SUBST_CMD}
${WRKSRC}/browser/extensions/tor-launcher/src/defaults/preferences/torlauncher-prefs.js
sed -i 's/"files":{[^}]*}/"files":{}/' \
${WRKSRC}/third_party/rust/bindgen/.cargo-checksum.json
+ # Not using a patch for this; patch context would contain UTF-8
+ sed -i 's/#ifdef XP_LINUX/#if defined(XP_LINUX) ||
defined(XP_OPENBSD)/' \
+ ${WRKSRC}/browser/app/profile/000-tor-browser.js
BROWSER_DIR = ${PREFIX}/lib/${BROWSER_NAME}
+TRUEBROWSER_DIR = ${TRUEPREFIX}/lib/${BROWSER_NAME}
BROWSER_CFG = ${BROWSER_DIR}/${BROWSER_NAME}.cfg
BROWSER_INI = ${BROWSER_DIR}/distribution/distribution.ini
+SUBST_VARS += TRUEBROWSER_DIR
+
post-install:
# install prefs, bookmarks, app config file for Tor browser
${INSTALL_DATA_DIR} ${BROWSER_DIR}/browser/defaults/preferences
@@ -150,5 +160,19 @@ post-install:
${INSTALL_DATA_DIR} ${PREFIX}/share/${BROWSER_NAME}
${SUBST_DATA} ${FILESDIR}/torrc-defaults \
${PREFIX}/share/${BROWSER_NAME}/torrc-defaults
+
+ # install fonts.conf and fonts
+ ${INSTALL_DATA_DIR} ${BROWSER_DIR}/browser/fontconfig
+ ${SUBST_DATA} \
+
${WRKSRC}/tor-browser_en-US/Browser/TorBrowser/Data/fontconfig/fonts.conf \
+ ${BROWSER_DIR}/browser/fontconfig/fonts.conf
+ ${INSTALL_DATA_DIR} ${BROWSER_DIR}/browser/fonts
+ cp ${WRKSRC}/tor-browser_en-US/Browser/fonts/* \
+ ${BROWSER_DIR}/browser/fonts
+
+ # install wrapper script (remove symlink first)
+ rm ${PREFIX}/bin/${BROWSER_NAME}
+ ${SUBST_PROGRAM} ${FILESDIR}/${BROWSER_NAME} \
+ ${PREFIX}/bin/${BROWSER_NAME}
.include <bsd.port.mk>
Index: browser/distinfo
===================================================================
RCS file: /cvs/ports/www/tor-browser/browser/distinfo,v
retrieving revision 1.22
diff -u -p -r1.22 distinfo
--- browser/distinfo 9 Apr 2020 21:15:29 -0000 1.22
+++ browser/distinfo 13 Apr 2020 15:06:20 -0000
@@ -1,4 +1,6 @@
SHA256 (mozilla/src-firefox-tor-browser-68.7.0esr-9.0-2-build1.tar.xz) =
3paD2CYF+AUbO1xO0rAIHXSFqSGQeJmpJzg6F3/I+vg=
SHA256 (mozilla/src-tor-launcher-0.2.20.5.tar.xz) =
LVEbHAxcGf49cC8NF4bVYfFD7k2GA8SX+f+VA5p7L4U=
+SHA256 (mozilla/tor-browser-linux64-9.0.9_en-US.tar.xz) =
z5ELlXfclLz+72D+mQTn+PKSd78ac2BgDDKVYiXQRHM=
SIZE (mozilla/src-firefox-tor-browser-68.7.0esr-9.0-2-build1.tar.xz) =
348594032
SIZE (mozilla/src-tor-launcher-0.2.20.5.tar.xz) = 210916
+SIZE (mozilla/tor-browser-linux64-9.0.9_en-US.tar.xz) = 80156396
Index: browser/files/tor-browser
===================================================================
RCS file: browser/files/tor-browser
diff -N browser/files/tor-browser
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ browser/files/tor-browser 13 Apr 2020 15:06:20 -0000
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+export FONTCONFIG_PATH="${TRUEBROWSER_DIR}/browser/fontconfig/"
+export FONTCONFIG_FILE="fonts.conf"
+
+exec ${TRUEBROWSER_DIR}/${BROWSER_NAME} ${@}
Index: browser/patches/patch-toolkit_moz_configure
===================================================================
RCS file: browser/patches/patch-toolkit_moz_configure
diff -N browser/patches/patch-toolkit_moz_configure
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ browser/patches/patch-toolkit_moz_configure 13 Apr 2020 15:06:20 -0000
@@ -0,0 +1,16 @@
+$OpenBSD$
+
+Required to make font fingerprinting defenses work.
+
+Index: toolkit/moz.configure
+--- toolkit/moz.configure.orig
++++ toolkit/moz.configure
+@@ -1318,7 +1318,7 @@ set_config('MOZ_BITS_DOWNLOAD',
+
+ @depends(target)
+ def bundled_fonts_default(target):
+- return target.os == 'WINNT' or target.kernel == 'Linux'
++ return target.os == 'WINNT' or target.kernel == 'Linux' or target.os ==
'OpenBSD'
+
+ @depends(build_project)
+ def allow_bundled_fonts(project):
Index:
browser/patches/patch-tor-browser_en-US_Browser_TorBrowser_Data_fontconfig_fonts_conf
===================================================================
RCS file:
browser/patches/patch-tor-browser_en-US_Browser_TorBrowser_Data_fontconfig_fonts_conf
diff -N
browser/patches/patch-tor-browser_en-US_Browser_TorBrowser_Data_fontconfig_fonts_conf
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++
browser/patches/patch-tor-browser_en-US_Browser_TorBrowser_Data_fontconfig_fonts_conf
13 Apr 2020 15:06:20 -0000
@@ -0,0 +1,16 @@
+$OpenBSD$
+
+Set path to bundled fonts.
+
+Index: tor-browser_en-US/Browser/TorBrowser/Data/fontconfig/fonts.conf
+--- tor-browser_en-US/Browser/TorBrowser/Data/fontconfig/fonts.conf.orig
++++ tor-browser_en-US/Browser/TorBrowser/Data/fontconfig/fonts.conf
+@@ -34,7 +34,7 @@ PERFORMANCE OF THIS SOFTWARE.
+
+ <!-- Font directory list -->
+
+- <dir>fonts</dir>
++ <dir>${TRUEBROWSER_DIR}/browser/fonts</dir>
+
+ <!--
+ Accept deprecated 'mono' alias, replacing it with 'monospace'
Index: browser/pkg/PLIST
===================================================================
RCS file: /cvs/ports/www/tor-browser/browser/pkg/PLIST,v
retrieving revision 1.7
diff -u -p -r1.7 PLIST
--- browser/pkg/PLIST 13 Feb 2020 07:41:54 -0000 1.7
+++ browser/pkg/PLIST 13 Apr 2020 15:06:20 -0000
@@ -25,6 +25,55 @@ lib/${BROWSER_NAME}/browser/defaults/pro
lib/${BROWSER_NAME}/browser/defaults/profile/bookmarks.html
lib/${BROWSER_NAME}/browser/features/
lib/${BROWSER_NAME}/browser/features/[email protected]
+lib/${BROWSER_NAME}/browser/fontconfig/
+lib/${BROWSER_NAME}/browser/fontconfig/fonts.conf
+lib/${BROWSER_NAME}/browser/fonts/
+lib/${BROWSER_NAME}/browser/fonts/Arimo-Bold.ttf
+lib/${BROWSER_NAME}/browser/fonts/Arimo-BoldItalic.ttf
+lib/${BROWSER_NAME}/browser/fonts/Arimo-Italic.ttf
+lib/${BROWSER_NAME}/browser/fonts/Arimo-Regular.ttf
+lib/${BROWSER_NAME}/browser/fonts/Cousine-Regular.ttf
+lib/${BROWSER_NAME}/browser/fonts/NotoEmoji-Regular.ttf
+lib/${BROWSER_NAME}/browser/fonts/NotoNaskhArabic-Regular.ttf
+lib/${BROWSER_NAME}/browser/fonts/NotoSansArmenian-Regular.ttf
+lib/${BROWSER_NAME}/browser/fonts/NotoSansBengali-Regular.ttf
+lib/${BROWSER_NAME}/browser/fonts/NotoSansBuginese-Regular.ttf
+lib/${BROWSER_NAME}/browser/fonts/NotoSansCanadianAboriginal-Regular.ttf
+lib/${BROWSER_NAME}/browser/fonts/NotoSansCherokee-Regular.ttf
+lib/${BROWSER_NAME}/browser/fonts/NotoSansDevanagari-Regular.ttf
+lib/${BROWSER_NAME}/browser/fonts/NotoSansEthiopic-Regular.ttf
+lib/${BROWSER_NAME}/browser/fonts/NotoSansGeorgian-Regular.ttf
+lib/${BROWSER_NAME}/browser/fonts/NotoSansGujarati-Regular.ttf
+lib/${BROWSER_NAME}/browser/fonts/NotoSansGurmukhi-Regular.ttf
+lib/${BROWSER_NAME}/browser/fonts/NotoSansHebrew-Regular.ttf
+lib/${BROWSER_NAME}/browser/fonts/NotoSansJP-Regular.otf
+lib/${BROWSER_NAME}/browser/fonts/NotoSansKR-Regular.otf
+lib/${BROWSER_NAME}/browser/fonts/NotoSansKannada-Regular.ttf
+lib/${BROWSER_NAME}/browser/fonts/NotoSansKhmer-Regular.ttf
+lib/${BROWSER_NAME}/browser/fonts/NotoSansLao-Regular.ttf
+lib/${BROWSER_NAME}/browser/fonts/NotoSansMalayalam-Regular.ttf
+lib/${BROWSER_NAME}/browser/fonts/NotoSansMongolian-Regular.ttf
+lib/${BROWSER_NAME}/browser/fonts/NotoSansMyanmar-Regular.ttf
+lib/${BROWSER_NAME}/browser/fonts/NotoSansOriya-Regular.ttf
+lib/${BROWSER_NAME}/browser/fonts/NotoSansSC-Regular.otf
+lib/${BROWSER_NAME}/browser/fonts/NotoSansSinhala-Regular.ttf
+lib/${BROWSER_NAME}/browser/fonts/NotoSansTC-Regular.otf
+lib/${BROWSER_NAME}/browser/fonts/NotoSansTamil-Regular.ttf
+lib/${BROWSER_NAME}/browser/fonts/NotoSansTelugu-Regular.ttf
+lib/${BROWSER_NAME}/browser/fonts/NotoSansThaana-Regular.ttf
+lib/${BROWSER_NAME}/browser/fonts/NotoSansThai-Regular.ttf
+lib/${BROWSER_NAME}/browser/fonts/NotoSansTibetan-Regular.ttf
+lib/${BROWSER_NAME}/browser/fonts/NotoSansYi-Regular.ttf
+lib/${BROWSER_NAME}/browser/fonts/NotoSerifArmenian-Regular.ttf
+lib/${BROWSER_NAME}/browser/fonts/NotoSerifKhmer-Regular.ttf
+lib/${BROWSER_NAME}/browser/fonts/NotoSerifLao-Regular.ttf
+lib/${BROWSER_NAME}/browser/fonts/NotoSerifThai-Regular.ttf
+lib/${BROWSER_NAME}/browser/fonts/STIXMath-Regular.otf
+lib/${BROWSER_NAME}/browser/fonts/Tinos-Bold.ttf
+lib/${BROWSER_NAME}/browser/fonts/Tinos-BoldItalic.ttf
+lib/${BROWSER_NAME}/browser/fonts/Tinos-Italic.ttf
+lib/${BROWSER_NAME}/browser/fonts/Tinos-Regular.ttf
+lib/${BROWSER_NAME}/browser/fonts/TwemojiMozilla.ttf
lib/${BROWSER_NAME}/browser/omni.ja
lib/${BROWSER_NAME}/chrome.manifest
lib/${BROWSER_NAME}/defaults/
