[pkgsrc/trunk]: pkgsrc/security/tor-browser tor-browser: update to 9.0.9nb2.

[wiz <wiz%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/95718207b2d2
branches:  trunk
changeset: 430216:95718207b2d2
user:      wiz <wiz%pkgsrc.org@localhost>
date:      Tue Apr 28 19:38:49 2020 +0000

description:
tor-browser: update to 9.0.9nb2.

Automatically install the noscript extension.
(https-everywhere package is ready, but doesn't work.)

Change the default path in the home directory to ".tor-browser"
to be more similar to other mozilla products.

By default, use the standard tor port. No separate instance
of tor is started for tor-browser from pkgsrc.

diffstat:

 security/tor-browser/MESSAGE                                              |  10 +---
 security/tor-browser/Makefile                                             |  12 +++--
 security/tor-browser/distinfo                                             |   5 +-
 security/tor-browser/patches/patch-browser_app_profile_000-tor-browser.js |  22 ++++++++++
 security/tor-browser/patches/patch-xpcom_io_TorFileUtils.cpp              |   6 +-
 5 files changed, 38 insertions(+), 17 deletions(-)

diffs (128 lines):

diff -r 9ab3ed73aa12 -r 95718207b2d2 security/tor-browser/MESSAGE
--- a/security/tor-browser/MESSAGE      Tue Apr 28 19:35:19 2020 +0000
+++ b/security/tor-browser/MESSAGE      Tue Apr 28 19:38:49 2020 +0000
@@ -1,19 +1,13 @@
 ===========================================================================
-$NetBSD: MESSAGE,v 1.2 2019/05/27 12:55:38 wiz Exp $
+$NetBSD: MESSAGE,v 1.3 2020/04/28 19:38:49 wiz Exp $
 
 This package provides the Tor Browser.
-Be sure to start the Tor daemon before you start Tor Browser.
 
 You should install the following extensions to ensure secure Tor connections:
 
 HTTPS Everywhere
 https://addons.mozilla.org/en-US/firefox/addon/https-everywhere/
 
-NoScript Security Suite
-https://addons.mozilla.org/en-US/firefox/addon/noscript/
-
-net/tor provides a socks proxy at localhost:9050. However, Tor Browser
-assumes a sock proxy at localhost:9150. Be sure to change the port
-number in the Tor Browser preferences.
+Be sure to start the Tor daemon before you start Tor Browser!
 
 ===========================================================================
diff -r 9ab3ed73aa12 -r 95718207b2d2 security/tor-browser/Makefile
--- a/security/tor-browser/Makefile     Tue Apr 28 19:35:19 2020 +0000
+++ b/security/tor-browser/Makefile     Tue Apr 28 19:38:49 2020 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.60 2020/04/12 08:29:11 adam Exp $
+# $NetBSD: Makefile,v 1.61 2020/04/28 19:38:49 wiz Exp $
 
 DISTNAME=      src-firefox-tor-browser-68.7.0esr-9.0-2-build1
 PKGNAME=       tor-browser-9.0.9
-PKGREVISION=   1
+PKGREVISION=   2
 CATEGORIES=    security www
 MASTER_SITES=  https://dist.torproject.org/torbrowser/${PKGVERSION_NOREV}/
 EXTRACT_SUFX=  .tar.xz
@@ -16,13 +16,15 @@
 WRKSRC=                ${WRKDIR}/${DISTNAME:S/src-//}
 
 DEPENDS+=      tor-[0-9]*:../../net/tor
-
-EXTRACT_USING= bsdtar
+#DEPENDS+=     tor-browser-https-everywhere-[0-9]*:../../security/tor-browser-https-everywhere
+DEPENDS+=      tor-browser-noscript-[0-9]*:../../security/tor-browser-noscript
 
 # How to update this package:
 #
 # replace all patches with the one from the correspoding www/firefox${ESR_RELEASE}
-# BUT keep patch-xpcom_io_TorFileUtils.cpp! (and if necessary patch-.mozconfig)
+# BUT keep patch-xpcom_io_TorFileUtils.cpp
+# AND keep patch-browser_app_profile_000-tor-browser.js
+# (AND if necessary patch-.mozconfig)
 # make the patches apply
 #
 # when packaged up, read MESSAGE and test by visiting https://check.torproject.org
diff -r 9ab3ed73aa12 -r 95718207b2d2 security/tor-browser/distinfo
--- a/security/tor-browser/distinfo     Tue Apr 28 19:35:19 2020 +0000
+++ b/security/tor-browser/distinfo     Tue Apr 28 19:38:49 2020 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.17 2020/04/10 19:18:00 wiz Exp $
+$NetBSD: distinfo,v 1.18 2020/04/28 19:38:49 wiz Exp $
 
 SHA1 (src-firefox-tor-browser-68.7.0esr-9.0-2-build1.tar.xz) = c9be70c6cbbac9d73d1aee930703ea4d013725df
 RMD160 (src-firefox-tor-browser-68.7.0esr-9.0-2-build1.tar.xz) = 6289e342fa8e99c21098331d153beb6d88bc39b2
@@ -6,6 +6,7 @@
 Size (src-firefox-tor-browser-68.7.0esr-9.0-2-build1.tar.xz) = 348594032 bytes
 SHA1 (patch-.mozconfig) = 66fbb2f113091eee1f022cd656231f845b04b0f8
 SHA1 (patch-aa) = 9f7200c411cd2217a80ec10a276c8877bc6b845c
+SHA1 (patch-browser_app_profile_000-tor-browser.js) = 545cf6e80f061a6a58b429d2696046de4e34725f
 SHA1 (patch-browser_app_profile_firefox.js) = 076cc2892547bac07fe907533f4e821f13f5738e
 SHA1 (patch-dom_base_nsAttrName.h) = ac7ba441a3b27df2855cf2673eea36b1cb44ad49
 SHA1 (patch-dom_media_CubebUtils.cpp) = 3cd2c65ab281d802c56216565970450767a3fb24
@@ -38,5 +39,5 @@
 SHA1 (patch-toolkit_xre_glxtest.cpp) = 04942938f45f326c7d5c4da3bf8cc2d09b977c69
 SHA1 (patch-xpcom_base_nscore.h) = 1ac4d34d3c9e80bc1ac966c6c84cb320bc0fa1ec
 SHA1 (patch-xpcom_build_BinaryPath.h) = 92461769d2fee8f015b91a5326247f271afeedea
-SHA1 (patch-xpcom_io_TorFileUtils.cpp) = c23d867b5a97a4c169198831b816b1bcef8dc630
+SHA1 (patch-xpcom_io_TorFileUtils.cpp) = 3f5c5490a3e4e0117cca3c558de93f2ffea05405
 SHA1 (patch-xpcom_reflect_xptcall_md_unix_moz.build) = 6956c90d4c74c71e7e9a5882e4840ba2673160fa
diff -r 9ab3ed73aa12 -r 95718207b2d2 security/tor-browser/patches/patch-browser_app_profile_000-tor-browser.js
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/tor-browser/patches/patch-browser_app_profile_000-tor-browser.js Tue Apr 28 19:38:49 2020 +0000
@@ -0,0 +1,22 @@
+$NetBSD: patch-browser_app_profile_000-tor-browser.js,v 1.1 2020/04/28 19:38:49 wiz Exp $
+
+Despite the warning at the top of this file, we change the default for the socks
+port in pkgsrc from 9150 to 9050.
+
+9150 is used for distributions where tor is bundled with tor-browser, so the
+standard port can't be used because another tor may already be running there.
+
+pkgsrc's tor-browser uses the system-wide installation of tor and thus should use
+its default port to minimize manual setup steps for the end users.
+
+--- browser/app/profile/000-tor-browser.js.orig        2020-04-04 03:09:31.000000000 +0000
++++ browser/app/profile/000-tor-browser.js
+@@ -161,7 +161,7 @@ pref("network.predictor.enabled", false)
+ 
+ // Proxy and proxy security
+ pref("network.proxy.socks", "127.0.0.1");
+-pref("network.proxy.socks_port", 9150);
++pref("network.proxy.socks_port", 9050);
+ pref("network.proxy.socks_remote_dns", true);
+ pref("network.proxy.no_proxies_on", ""); // For fingerprinting and local service vulns (#10419)
+ pref("network.proxy.allow_hijacking_localhost", true); // Allow proxies for localhost (#31065)
diff -r 9ab3ed73aa12 -r 95718207b2d2 security/tor-browser/patches/patch-xpcom_io_TorFileUtils.cpp
--- a/security/tor-browser/patches/patch-xpcom_io_TorFileUtils.cpp      Tue Apr 28 19:35:19 2020 +0000
+++ b/security/tor-browser/patches/patch-xpcom_io_TorFileUtils.cpp      Tue Apr 28 19:38:49 2020 +0000
@@ -1,4 +1,6 @@
-$NetBSD: patch-xpcom_io_TorFileUtils.cpp,v 1.2 2019/02/25 15:32:24 wiz Exp $
+$NetBSD: patch-xpcom_io_TorFileUtils.cpp,v 1.3 2020/04/28 19:38:49 wiz Exp $
+
+Set default directory for configuration files and profiles to $HOME/.tor-browser
 
 --- xpcom/io/TorFileUtils.cpp.orig     2019-02-23 20:01:00.000000000 +0000
 +++ xpcom/io/TorFileUtils.cpp
@@ -14,7 +16,7 @@
 +  nsresult rv = NS_NewNativeLocalFile(nsDependentCString(homeDir), true,
 +                                      getter_AddRefs(tbDataDir));
 +  NS_ENSURE_SUCCESS(rv, rv);
-+  nsAutoCString leafSubdir(NS_LITERAL_CSTRING("TorBrowser-Data"));
++  nsAutoCString leafSubdir(NS_LITERAL_CSTRING(".tor-browser"));
 +  rv = tbDataDir->AppendNative(leafSubdir);
 +  NS_ENSURE_SUCCESS(rv, rv);
 +#elif TOR_BROWSER_DATA_OUTSIDE_APP_DIR