summaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
Diffstat (limited to 'security')
-rw-r--r--security/tor-browser/MESSAGE10
-rw-r--r--security/tor-browser/Makefile12
-rw-r--r--security/tor-browser/distinfo5
-rw-r--r--security/tor-browser/patches/patch-browser_app_profile_000-tor-browser.js22
-rw-r--r--security/tor-browser/patches/patch-xpcom_io_TorFileUtils.cpp6
5 files changed, 38 insertions, 17 deletions
diff --git a/security/tor-browser/MESSAGE b/security/tor-browser/MESSAGE
index 08be899dd04..dbdaa394702 100644
--- a/security/tor-browser/MESSAGE
+++ b/security/tor-browser/MESSAGE
@@ -1,19 +1,13 @@
===========================================================================
-$NetBSD: MESSAGE,v 1.2 2019/05/27 12:55:38 wiz Exp $
+$NetBSD: MESSAGE,v 1.3 2020/04/28 19:38:49 wiz Exp $
This package provides the Tor Browser.
-Be sure to start the Tor daemon before you start Tor Browser.
You should install the following extensions to ensure secure Tor connections:
HTTPS Everywhere
https://addons.mozilla.org/en-US/firefox/addon/https-everywhere/
-NoScript Security Suite
-https://addons.mozilla.org/en-US/firefox/addon/noscript/
-
-net/tor provides a socks proxy at localhost:9050. However, Tor Browser
-assumes a sock proxy at localhost:9150. Be sure to change the port
-number in the Tor Browser preferences.
+Be sure to start the Tor daemon before you start Tor Browser!
===========================================================================
diff --git a/security/tor-browser/Makefile b/security/tor-browser/Makefile
index d0b6d244ac5..e0bfa45c1d5 100644
--- a/security/tor-browser/Makefile
+++ b/security/tor-browser/Makefile
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.60 2020/04/12 08:29:11 adam Exp $
+# $NetBSD: Makefile,v 1.61 2020/04/28 19:38:49 wiz Exp $
DISTNAME= src-firefox-tor-browser-68.7.0esr-9.0-2-build1
PKGNAME= tor-browser-9.0.9
-PKGREVISION= 1
+PKGREVISION= 2
CATEGORIES= security www
MASTER_SITES= https://dist.torproject.org/torbrowser/${PKGVERSION_NOREV}/
EXTRACT_SUFX= .tar.xz
@@ -16,13 +16,15 @@ LICENSE= mpl-1.1
WRKSRC= ${WRKDIR}/${DISTNAME:S/src-//}
DEPENDS+= tor-[0-9]*:../../net/tor
-
-EXTRACT_USING= bsdtar
+#DEPENDS+= tor-browser-https-everywhere-[0-9]*:../../security/tor-browser-https-everywhere
+DEPENDS+= tor-browser-noscript-[0-9]*:../../security/tor-browser-noscript
# How to update this package:
#
# replace all patches with the one from the correspoding www/firefox${ESR_RELEASE}
-# BUT keep patch-xpcom_io_TorFileUtils.cpp! (and if necessary patch-.mozconfig)
+# BUT keep patch-xpcom_io_TorFileUtils.cpp
+# AND keep patch-browser_app_profile_000-tor-browser.js
+# (AND if necessary patch-.mozconfig)
# make the patches apply
#
# when packaged up, read MESSAGE and test by visiting https://check.torproject.org
diff --git a/security/tor-browser/distinfo b/security/tor-browser/distinfo
index c1c4445df63..ac13fa98e43 100644
--- a/security/tor-browser/distinfo
+++ b/security/tor-browser/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.17 2020/04/10 19:18:00 wiz Exp $
+$NetBSD: distinfo,v 1.18 2020/04/28 19:38:49 wiz Exp $
SHA1 (src-firefox-tor-browser-68.7.0esr-9.0-2-build1.tar.xz) = c9be70c6cbbac9d73d1aee930703ea4d013725df
RMD160 (src-firefox-tor-browser-68.7.0esr-9.0-2-build1.tar.xz) = 6289e342fa8e99c21098331d153beb6d88bc39b2
@@ -6,6 +6,7 @@ SHA512 (src-firefox-tor-browser-68.7.0esr-9.0-2-build1.tar.xz) = 6cf582c1eb3092c
Size (src-firefox-tor-browser-68.7.0esr-9.0-2-build1.tar.xz) = 348594032 bytes
SHA1 (patch-.mozconfig) = 66fbb2f113091eee1f022cd656231f845b04b0f8
SHA1 (patch-aa) = 9f7200c411cd2217a80ec10a276c8877bc6b845c
+SHA1 (patch-browser_app_profile_000-tor-browser.js) = 545cf6e80f061a6a58b429d2696046de4e34725f
SHA1 (patch-browser_app_profile_firefox.js) = 076cc2892547bac07fe907533f4e821f13f5738e
SHA1 (patch-dom_base_nsAttrName.h) = ac7ba441a3b27df2855cf2673eea36b1cb44ad49
SHA1 (patch-dom_media_CubebUtils.cpp) = 3cd2c65ab281d802c56216565970450767a3fb24
@@ -38,5 +39,5 @@ SHA1 (patch-toolkit_mozapps_installer_packager.mk) = b2343fbad2556504dfd13601c02
SHA1 (patch-toolkit_xre_glxtest.cpp) = 04942938f45f326c7d5c4da3bf8cc2d09b977c69
SHA1 (patch-xpcom_base_nscore.h) = 1ac4d34d3c9e80bc1ac966c6c84cb320bc0fa1ec
SHA1 (patch-xpcom_build_BinaryPath.h) = 92461769d2fee8f015b91a5326247f271afeedea
-SHA1 (patch-xpcom_io_TorFileUtils.cpp) = c23d867b5a97a4c169198831b816b1bcef8dc630
+SHA1 (patch-xpcom_io_TorFileUtils.cpp) = 3f5c5490a3e4e0117cca3c558de93f2ffea05405
SHA1 (patch-xpcom_reflect_xptcall_md_unix_moz.build) = 6956c90d4c74c71e7e9a5882e4840ba2673160fa
diff --git a/security/tor-browser/patches/patch-browser_app_profile_000-tor-browser.js b/security/tor-browser/patches/patch-browser_app_profile_000-tor-browser.js
new file mode 100644
index 00000000000..51f5cc406ed
--- /dev/null
+++ b/security/tor-browser/patches/patch-browser_app_profile_000-tor-browser.js
@@ -0,0 +1,22 @@
+$NetBSD: patch-browser_app_profile_000-tor-browser.js,v 1.1 2020/04/28 19:38:49 wiz Exp $
+
+Despite the warning at the top of this file, we change the default for the socks
+port in pkgsrc from 9150 to 9050.
+
+9150 is used for distributions where tor is bundled with tor-browser, so the
+standard port can't be used because another tor may already be running there.
+
+pkgsrc's tor-browser uses the system-wide installation of tor and thus should use
+its default port to minimize manual setup steps for the end users.
+
+--- browser/app/profile/000-tor-browser.js.orig 2020-04-04 03:09:31.000000000 +0000
++++ browser/app/profile/000-tor-browser.js
+@@ -161,7 +161,7 @@ pref("network.predictor.enabled", false)
+
+ // Proxy and proxy security
+ pref("network.proxy.socks", "127.0.0.1");
+-pref("network.proxy.socks_port", 9150);
++pref("network.proxy.socks_port", 9050);
+ pref("network.proxy.socks_remote_dns", true);
+ pref("network.proxy.no_proxies_on", ""); // For fingerprinting and local service vulns (#10419)
+ pref("network.proxy.allow_hijacking_localhost", true); // Allow proxies for localhost (#31065)
diff --git a/security/tor-browser/patches/patch-xpcom_io_TorFileUtils.cpp b/security/tor-browser/patches/patch-xpcom_io_TorFileUtils.cpp
index 51eb61ad002..e8c299e38c0 100644
--- a/security/tor-browser/patches/patch-xpcom_io_TorFileUtils.cpp
+++ b/security/tor-browser/patches/patch-xpcom_io_TorFileUtils.cpp
@@ -1,4 +1,6 @@
-$NetBSD: patch-xpcom_io_TorFileUtils.cpp,v 1.2 2019/02/25 15:32:24 wiz Exp $
+$NetBSD: patch-xpcom_io_TorFileUtils.cpp,v 1.3 2020/04/28 19:38:49 wiz Exp $
+
+Set default directory for configuration files and profiles to $HOME/.tor-browser
--- xpcom/io/TorFileUtils.cpp.orig 2019-02-23 20:01:00.000000000 +0000
+++ xpcom/io/TorFileUtils.cpp
@@ -14,7 +16,7 @@ $NetBSD: patch-xpcom_io_TorFileUtils.cpp,v 1.2 2019/02/25 15:32:24 wiz Exp $
+ nsresult rv = NS_NewNativeLocalFile(nsDependentCString(homeDir), true,
+ getter_AddRefs(tbDataDir));
+ NS_ENSURE_SUCCESS(rv, rv);
-+ nsAutoCString leafSubdir(NS_LITERAL_CSTRING("TorBrowser-Data"));
++ nsAutoCString leafSubdir(NS_LITERAL_CSTRING(".tor-browser"));
+ rv = tbDataDir->AppendNative(leafSubdir);
+ NS_ENSURE_SUCCESS(rv, rv);
+#elif TOR_BROWSER_DATA_OUTSIDE_APP_DIR