head 1.2; access; symbols pkgsrc-2023Q4:1.2.0.26 pkgsrc-2023Q4-base:1.2 pkgsrc-2023Q3:1.2.0.24 pkgsrc-2023Q3-base:1.2 pkgsrc-2023Q2:1.2.0.22 pkgsrc-2023Q2-base:1.2 pkgsrc-2023Q1:1.2.0.20 pkgsrc-2023Q1-base:1.2 pkgsrc-2022Q4:1.2.0.18 pkgsrc-2022Q4-base:1.2 pkgsrc-2022Q3:1.2.0.16 pkgsrc-2022Q3-base:1.2 pkgsrc-2022Q2:1.2.0.14 pkgsrc-2022Q2-base:1.2 pkgsrc-2022Q1:1.2.0.12 pkgsrc-2022Q1-base:1.2 pkgsrc-2021Q4:1.2.0.10 pkgsrc-2021Q4-base:1.2 pkgsrc-2021Q3:1.2.0.8 pkgsrc-2021Q3-base:1.2 pkgsrc-2021Q2:1.2.0.6 pkgsrc-2021Q2-base:1.2 pkgsrc-2021Q1:1.2.0.4 pkgsrc-2021Q1-base:1.2 pkgsrc-2020Q4:1.2.0.2 pkgsrc-2020Q4-base:1.2 pkgsrc-2020Q3:1.1.0.6 pkgsrc-2020Q3-base:1.1 pkgsrc-2020Q2:1.1.0.4 pkgsrc-2020Q2-base:1.1 pkgsrc-2020Q1:1.1.0.2 pkgsrc-2020Q1-base:1.1; locks; strict; comment @ * @; 1.2 date 2020.10.07.11.10.35; author wiz; state Exp; branches; next 1.1; commitid F03i79vbPUBBHXqC; 1.1 date 2020.03.13.17.59.27; author wiz; state Exp; branches 1.1.6.1; next ; commitid ExZMuSCgafMeEg0C; 1.1.6.1 date 2020.10.23.17.27.13; author bsiegert; state Exp; branches; next ; commitid sQOyQfnlFM71h3tC; desc @@ 1.2 log @tor-browser: update to 10.0. Tor Browser 10.0 -- September 22 2020 * Windows + OS X + Linux * Update Firefox to 78.3.0esr * Update Tor to 0.4.4.5 * Update Tor Launcher to 0.2.25 * Bug 32174: Replace XUL with * Bug 33890: Rename XUL files to XHTML * Bug 33862: Fix usages of createTransport API * Bug 33906: Fix Tor-Launcher issues for Firefox 75 * Bug 33998: Use CSS grid instead of XUL grid * Bug 34164: Tor Launcher deadlocks during startup (Firefox 77) * Bug 34206: Tor Launcher button labels are missing (Firefox 76) * Bug 40002: After rebasing to 80.0b2 moat is broken [tor-launcher] * Translations update * Update NoScript to 11.0.44 * Bug 40093: Youtube videos on safer produce an error [tor-browser] * Translations update * Bug 10394: Let Tor Browser update HTTPS Everywhere * Bug 11154: Disable TLS 1.0 (and 1.1) by default * Bug 16931: Sanitize the add-on blocklist update URL * Bug 17374: Disable 1024-DH Encryption by default * Bug 21601: Remove unused media.webaudio.enabled pref * Bug 30682: Disable Intermediate CA Preloading * Bug 30812: Exempt about: pages from Resist Fingerprinting * Bug 31918+33533+40024+40037: Rebase Tor Browser esr68 patches for ESR 78 [tor-browser] * Bug 32612: Update MAR_CHANNEL_ID for the alpha * Bug 32886: Separate treatment of @@media interaction features for desktop and android * Bug 33534: Review FF release notes from FF69 to latest (FF78) * Bug 33697: Use old search config based on list.json * Bug 33721: PDF Viewer is not working in the safest security level * Bug 33734: Set MOZ_NORMANDY to False * Bug 33737: Fix aboutDialog.js error for Firefox nightlies * Bug 33848: Disable Enhanced Tracking Protection * Bug 33851: Patch out Parental Controls detection and logging * Bug 33852: Clean up about:logins to not mention Sync * Bug 33856: Set browser.privatebrowsing.forceMediaMemoryCache to True * Bug 33862: Fix usages of createTransport API * Bug 33867: Disable password manager and password generation * Bug 33890: Rename XUL files to XHTML * Bug 33892: Add brandProductName to brand.dtd and brand.properties * Bug 33962: Uplift patch for bug 5741 (dns leak protection) * Bug 34125: API change in protocolProxyService.registerChannelFilter * Bug 40001: Generate tor-browser-brand.ftl when importing translations [torbutton] * Bug 40002: Remove about:pioneer [tor-browser] * Bug 40002: Fix generateNSGetFactory being moved to ComponentUtils [torbutton] * Bug 40003: Adapt code for L10nRegistry API changes [torbutton] * Bug 40005: Initialize the identity UI before setting up the circuit display [torbutton] * Bug 40006: Fix new identity for 81 [torbutton] * Bug 40007: Move SecurityPrefs initialization to the StartupObserver component [torbutton] * Bug 40008: Style fixes for 78 [torbutton] * Bug 40016: Update Snowflake to discover NAT type [tor-browser-build] * Bug 40017: Audit Firefox 68-78 diff for proxy issues [tor-browser] * Bug 40022: Update new icons in Tor Browser branding [tor-browser] * Bug 40025: Revert add-on permissions due to Mozilla's 1560059 [tor-browser] * Bug 40036: Remove product version/update channel from #13379 patch [tor-browser] * Bug 40038: Review RemoteSettings for ESR 78 [tor-browser] * Bug 40048: Disable various ESR78 features via prefs [tor-browser] * Bug 40059: Verify our external helper patch is still working [tor-browser] * Bug 40066: Update existing prefs for ESR 78 [tor-browser] * Bug 40066: Remove default bridge 37.218.240.34 [tor-browser-build] * Bug 40073: Disable remote Public Suffix List fetching [tor-browser] * Bug 40073: Repack omni.ja to include builtin HTTPS Everywhere [tor-browser-build] * Bug 40078: Backport patches for bug 1651680 for now [tor-browser] * Bug 40082: Let JavaScript on safest setting handled by NoScript again [tor-browser] * Bug 40088: Moat "Submit" button does not work * Bug 40090: Disable v3 add-on blocklist for now [tor-browser] * Bug 40091: Load HTTPS Everywhere as a builtin addon [tor-browser] * Bug 40102: Fix UI bugs in Tor Browser 10.0 alpha [tor-browser] * Bug 40106: Cannot install addons in full screen mode [tor-browser] * Bug 40109: Playing video breaks after reloading pages [tor-browser] * Bug 40119: Enable v3 extension blocklisting again [tor-browser] * Windows * Bug 33855: Don't use site's icon as window icon in Windows in private mode * Bug 40061: Omit the Windows default browser agent from the build [tor-browser] * OS X * Bug 32252: Tor Browser does not display correctly in VMWare Fusion on macOS (mojave) * Build System * Windows + OS X + Linux * Bump Go to 1.14.7 * Bug 31845: Bump GCC version to 9.3.0 * Bug 34011: Bump clang to 9.0.1 * Bug 34014: Enable sqlite3 support in Python * Bug 34390: Don't copy DBM libraries anymore * Bug 34391: Remove unused --enable-signmar option * Bug 40004: Adapt Rust project for Firefox 78 ESR [tor-browser-build] * Bug 40005: Adapt Node project for Firefox 78 ESR [tor-browser-build] * Bug 40006: Adapt cbindgen for Firefox 78 ESR [tor-browser-build] * Bug 40037: Move projects over to clang-source [tor-browser-build] * Bug 40026: Fix full .mar creation for esr78 [tor-browser-build] * Bug 40027: Fix incremental .mar creation for esr78 [tor-browser-build] * Bug 40028: Do not reference unset env variables [tor-browser-build] * Bug 40031: Add licenses for kcp-go and smux. [tor-browser-build] * Bug 40045: Fix complete .mar file creation for dmg2mar [tor-browser-build] * Bug 40065: Bump debootstrap-image ubuntu_version to 20.04.1 [tor-browser-build] * Bug 40087: Deterministically add HTTPS Everywhere into omni.ja [tor-browser-build] * Windows * Bug 34230: Update Windows toolchain for Firefox 78 ESR * Bug 40015: Use only 64bit fxc2 [tor-browser-build] * Bug 40017: Enable stripping again on Windows [tor-browser-build] * Bug 40052: Bump NSIS to 3.06.1 [tor-browser-build] * Bug 40061: Omit the Windows default browser agent from the build [tor-browser] * Bug 40071: Be explicit about no SEH with mingw-w64 on 32bit systems [tor-browser-build] * Bug 40077: Don't pass --no-insert-timestamp when building Firefox [tor-browser-build] * Bug 40090: NSIS 3.06.1 based builds are not reproducible anymore [tor-browser-build] * OS X * Bug 34229: Update macOS toolchain for Firefox 78 ESR * Bug 40003: Update cctools version for Firefox 78 ESR [tor-browser-build] * Bug 40018: Add libtapi project for cctools [tor-browser-build] * Bug 40019: Ship our own runtime library for macOS [tor-browser-build] * Linux * Bug 34359: Adapt abicheck.cc to deal with newer GCC version * Bug 34386: Fix up clang compilation on Linux * Bug 40053: Also create the langpacks tarball for non-release builds [tor-browser-build] Tor Browser 10.0a7 -- September 14 2020 * Windows + OS X + Linux * Update Tor Launcher to 0.2.24 * Update NoScript to 11.0.43 * Translations update * Bug 10394: Let Tor Browser update HTTPS Everywhere * Bug 32017: Use ExtensionStorageIDB again * Bug 40006: Fix new identity for 81 [torbutton] * Bug 40007: Move SecurityPrefs initialization to the StartupObserver component [torbutton] * Bug 40008: Style fixes for 78 [torbutton] * Bug 40066: Remove default bridge 37.218.240.34 [tor-browser-build] * Bug 40073: Repack omni.ja to include builtin HTTPS Everywhere [tor-browser-build] * Bug 40091: Load HTTPS Everywhere as a builtin addon [tor-browser] * Bug 40102: Fix UI bugs in Tor Browser 10.0 alpha [tor-browser] * Bug 40109: Playing video breaks after reloading pages [tor-browser] * Big 40119: Enable v3 extension blocklisting again [tor-browser] * Build System * Windows + OS X + Linux * Bump Go to 1.14.7 * Bug 40031: Add licenses for kcp-go and smux. [tor-browser-build] * Bug 40045: Fix complete .mar file creation for dmg2mar [tor-browser-build] * Bug 40065: Bump debootstrap-image ubuntu_version to 20.04.1 [tor-browser-build] * Bug 40087: Deterministically add HTTPS Everywhere into omni.ja [tor-browser-build] * Windows * Bug 40052: Bump NSIS to 3.06.1 [tor-browser-build] * Bug 40071: Be explicit about no SEH with mingw-w64 on 32bit systems [tor-browser-build] * Bug 40077: Don't pass --no-insert-timestamp when building Firefox [tor-browser-build] * Bug 40090: NSIS 3.06.1 based builds are not reproducible anymore [tor-browser-build] Tor Browser 10.0a6 -- August 26 2020 * All Platforms * Update HTTPS Everywhere to 2020.08.13 * Windows + OS X + Linux * Update Firefox to 78.2.0esr * Update Tor Launcher to 0.2.23 * Bug 40002: After rebasing to 80.0b2 moat is broken [tor-launcher] * Translations update * Update NoScript to 11.0.39 * Bug 21601: Remove unused media.webaudio.enabled pref * Bug 40002: Remove about:pioneer [tor-browser] * Bug 40082: Let JavaScript on safest setting handled by NoScript again [tor-browser] * Bug 40088: Moat "Submit" button does not work * Bug 40090: Disable v3 add-on blocklist for now [tor-browser] * OS X * Bug 40015: Tor Browser broken on MacOS 11 Big Sur * Android * Update Firefox to 68.12.0esr * Update NoScript to 11.0.38 * Update Tor to 0.4.4.4-rc * Build System * Windows + OS X + Linux * Bump Go to 1.13.15 * Linux * Bug 40053: Also create the langpacks tarball for non-release builds [tor-browser-build] @ text @$NetBSD: patch-nsprpub_pr_src_pthreads_ptsynch.c,v 1.1 2020/07/30 08:09:28 nia Exp $ firefox: Workaround broken pthread_equal() usage Switch to an internal version of pthread_equal() without sanity checks. Problems detected on NetBSD 9.99.46. --- nsprpub/pr/src/pthreads/ptsynch.c.orig 2020-01-17 21:34:42.000000000 +0000 +++ nsprpub/pr/src/pthreads/ptsynch.c @@@@ -25,6 +25,13 @@@@ static pthread_condattr_t _pt_cvar_attr; extern PTDebug pt_debug; /* this is shared between several modules */ #endif /* defined(DEBUG) */ +/* XXX, pthread_equal() is misused to compare non-valid thread pointers */ +static int +pt_pthread_equal(pthread_t t1, pthread_t t2) +{ + return t1 == t2; +} + #if defined(FREEBSD) /* * On older versions of FreeBSD, pthread_mutex_trylock returns EDEADLK. @@@@ -197,9 +204,9 @@@@ PR_IMPLEMENT(PRStatus) PR_Unlock(PRLock PR_ASSERT(lock != NULL); PR_ASSERT(_PT_PTHREAD_MUTEX_IS_LOCKED(lock->mutex)); PR_ASSERT(PR_TRUE == lock->locked); - PR_ASSERT(pthread_equal(lock->owner, self)); + PR_ASSERT(pt_pthread_equal(lock->owner, self)); - if (!lock->locked || !pthread_equal(lock->owner, self)) { + if (!lock->locked || !pt_pthread_equal(lock->owner, self)) { return PR_FAILURE; } @@@@ -225,7 +232,7 @@@@ PR_IMPLEMENT(void) PR_AssertCurrentThrea * to the correctness of PR_AssertCurrentThreadOwnsLock(), but * this particular order makes the assertion more likely to * catch errors. */ - PR_ASSERT(lock->locked && pthread_equal(lock->owner, pthread_self())); + PR_ASSERT(lock->locked && pt_pthread_equal(lock->owner, pthread_self())); } /**************************************************************/ @@@@ -281,7 +288,7 @@@@ static void pt_PostNotifyToCvar(PRCondVa _PT_Notified *notified = &cvar->lock->notified; PR_ASSERT(PR_TRUE == cvar->lock->locked); - PR_ASSERT(pthread_equal(cvar->lock->owner, pthread_self())); + PR_ASSERT(pt_pthread_equal(cvar->lock->owner, pthread_self())); PR_ASSERT(_PT_PTHREAD_MUTEX_IS_LOCKED(cvar->lock->mutex)); while (1) @@@@ -369,7 +376,7 @@@@ PR_IMPLEMENT(PRStatus) PR_WaitCondVar(PR PR_ASSERT(_PT_PTHREAD_MUTEX_IS_LOCKED(cvar->lock->mutex)); PR_ASSERT(PR_TRUE == cvar->lock->locked); /* and it better be by us */ - PR_ASSERT(pthread_equal(cvar->lock->owner, pthread_self())); + PR_ASSERT(pt_pthread_equal(cvar->lock->owner, pthread_self())); if (_PT_THREAD_INTERRUPTED(thred)) { goto aborted; @@@@ -582,7 +589,7 @@@@ PR_IMPLEMENT(PRIntn) PR_GetMonitorEntryC rv = pthread_mutex_lock(&mon->lock); PR_ASSERT(0 == rv); - if (pthread_equal(mon->owner, self)) { + if (pt_pthread_equal(mon->owner, self)) { count = mon->entryCount; } rv = pthread_mutex_unlock(&mon->lock); @@@@ -598,7 +605,7 @@@@ PR_IMPLEMENT(void) PR_AssertCurrentThrea rv = pthread_mutex_lock(&mon->lock); PR_ASSERT(0 == rv); PR_ASSERT(mon->entryCount != 0 && - pthread_equal(mon->owner, pthread_self())); + pt_pthread_equal(mon->owner, pthread_self())); rv = pthread_mutex_unlock(&mon->lock); PR_ASSERT(0 == rv); #endif @@@@ -614,7 +621,7 @@@@ PR_IMPLEMENT(void) PR_EnterMonitor(PRMon PR_ASSERT(0 == rv); if (mon->entryCount != 0) { - if (pthread_equal(mon->owner, self)) { + if (pt_pthread_equal(mon->owner, self)) { goto done; } while (mon->entryCount != 0) @@@@ -646,8 +653,8 @@@@ PR_IMPLEMENT(PRStatus) PR_ExitMonitor(PR PR_ASSERT(0 == rv); /* the entries should be > 0 and we'd better be the owner */ PR_ASSERT(mon->entryCount > 0); - PR_ASSERT(pthread_equal(mon->owner, self)); - if (mon->entryCount == 0 || !pthread_equal(mon->owner, self)) + PR_ASSERT(pt_pthread_equal(mon->owner, self)); + if (mon->entryCount == 0 || !pt_pthread_equal(mon->owner, self)) { rv = pthread_mutex_unlock(&mon->lock); PR_ASSERT(0 == rv); @@@@ -695,7 +702,7 @@@@ PR_IMPLEMENT(PRStatus) PR_Wait(PRMonitor /* the entries better be positive */ PR_ASSERT(mon->entryCount > 0); /* and it better be owned by us */ - PR_ASSERT(pthread_equal(mon->owner, pthread_self())); + PR_ASSERT(pt_pthread_equal(mon->owner, pthread_self())); /* tuck these away 'till later */ saved_entries = mon->entryCount; @ 1.1 log @tor-browser: update to 9.0.6 This version is now based on firefox68-esr and builds with the current rust in pkgsrc. @ text @d1 1 a1 1 $NetBSD: patch-nsprpub_pr_src_pthreads_ptsynch.c,v 1.1 2020/02/08 22:06:38 kamil Exp $ d3 1 a3 1 Workaround buggy usage of pthread_equal(). d5 5 a9 1 --- nsprpub/pr/src/pthreads/ptsynch.c.orig 2020-01-17 19:27:05.000000000 +0000 d25 1 a25 1 @@@@ -192,9 +199,9 @@@@ PR_IMPLEMENT(PRStatus) PR_Unlock(PRLock d32 2 a33 2 - if (!lock->locked || !pthread_equal(lock->owner, self)) + if (!lock->locked || !pt_pthread_equal(lock->owner, self)) d35 1 d37 2 a38 3 lock->locked = PR_FALSE; @@@@ -217,7 +224,7 @@@@ PR_IMPLEMENT(void) PR_AssertCurrentThrea * to the correctness of PR_AssertCurrentThreadOwnsLock(), but d46 1 a46 1 @@@@ -273,7 +280,7 @@@@ static void pt_PostNotifyToCvar(PRCondVa d55 1 a55 1 @@@@ -356,7 +363,7 @@@@ PR_IMPLEMENT(PRStatus) PR_WaitCondVar(PR d62 3 a64 3 if (_PT_THREAD_INTERRUPTED(thred)) goto aborted; @@@@ -554,7 +561,7 @@@@ PR_IMPLEMENT(PRIntn) PR_GetMonitorEntryC d68 2 a69 2 - if (pthread_equal(mon->owner, self)) + if (pt_pthread_equal(mon->owner, self)) d71 1 d73 1 a73 2 PR_ASSERT(0 == rv); @@@@ -569,7 +576,7 @@@@ PR_IMPLEMENT(void) PR_AssertCurrentThrea d82 1 a82 1 @@@@ -585,7 +592,7 @@@@ PR_IMPLEMENT(void) PR_EnterMonitor(PRMon d86 2 a87 2 - if (pthread_equal(mon->owner, self)) + if (pt_pthread_equal(mon->owner, self)) d89 1 d91 1 a91 2 { @@@@ -616,8 +623,8 @@@@ PR_IMPLEMENT(PRStatus) PR_ExitMonitor(PR d102 1 a102 1 @@@@ -664,7 +671,7 @@@@ PR_IMPLEMENT(PRStatus) PR_Wait(PRMonitor d110 1 a110 1 saved_entries = mon->entryCount; @ 1.1.6.1 log @Pullup ticket #6341 - requested by wiz security/tor-browser: security fix Revisions pulled up: - security/tor-browser/Makefile 1.76 - security/tor-browser/PLIST 1.9 - security/tor-browser/distinfo 1.29 - security/tor-browser/patches/patch-.mozconfig 1.3 - security/tor-browser/patches/patch-aa 1.7 - security/tor-browser/patches/patch-browser_app_profile_firefox.js 1.4 - security/tor-browser/patches/patch-build_moz.configure_rust.configure 1.4 - security/tor-browser/patches/patch-config_gcc-stl-wrapper.template.h 1.2 - security/tor-browser/patches/patch-config_makefiles_rust.mk 1.3 - security/tor-browser/patches/patch-configure.in 1.1 - security/tor-browser/patches/patch-dom_base_nsAttrName.h 1.2 - security/tor-browser/patches/patch-dom_media_CubebUtils.cpp 1.3 - security/tor-browser/patches/patch-dom_webauthn_u2f-hid-rs_src_lib.rs deleted - security/tor-browser/patches/patch-dom_webauthn_u2f-hid-rs_src_netbsd_device.rs deleted - security/tor-browser/patches/patch-dom_webauthn_u2f-hid-rs_src_netbsd_fd.rs deleted - security/tor-browser/patches/patch-dom_webauthn_u2f-hid-rs_src_netbsd_mod.rs deleted - security/tor-browser/patches/patch-dom_webauthn_u2f-hid-rs_src_netbsd_monitor.rs deleted - security/tor-browser/patches/patch-dom_webauthn_u2f-hid-rs_src_netbsd_transaction.rs deleted - security/tor-browser/patches/patch-dom_webauthn_u2f-hid-rs_src_netbsd_uhid.rs deleted - security/tor-browser/patches/patch-gfx_angle_checkout_src_common_third__party_smhasher_src_PMurHash.cpp 1.3 - security/tor-browser/patches/patch-gfx_angle_checkout_src_compiler_translator_InfoSink.h 1.2 - security/tor-browser/patches/patch-gfx_cairo_cairo_src_cairo-type1-subset.c 1.1 - security/tor-browser/patches/patch-gfx_gl_GLContextProviderGLX.cpp deleted - security/tor-browser/patches/patch-gfx_skia_skia_src_core_SkCpu.cpp 1.2 - security/tor-browser/patches/patch-gfx_thebes_gfxPlatform.cpp 1.2 - security/tor-browser/patches/patch-ipc_chromium_src_base_message__pump__libevent.cc 1.4 - security/tor-browser/patches/patch-ipc_chromium_src_base_platform__thread__posix.cc 1.5 - security/tor-browser/patches/patch-ipc_chromium_src_chrome_common_ipc__channel__posix.cc deleted - security/tor-browser/patches/patch-ipc_glue_GeckoChildProcessHost.cpp 1.5 - security/tor-browser/patches/patch-js_src_jsfriendapi.h 1.1 - security/tor-browser/patches/patch-js_src_threading_posix_Thread.cpp deleted - security/tor-browser/patches/patch-js_src_util_NativeStack.cpp 1.5 - security/tor-browser/patches/patch-media_ffvpx_libavutil_arm_bswap.h 1.2 - security/tor-browser/patches/patch-media_libcubeb_gtest_moz.build deleted - security/tor-browser/patches/patch-media_libcubeb_src_cubeb.c deleted - security/tor-browser/patches/patch-media_libcubeb_src_cubeb__alsa.c 1.5 - security/tor-browser/patches/patch-media_libcubeb_src_cubeb__sun.c 1.1 - security/tor-browser/patches/patch-media_libcubeb_src_moz.build 1.6 - security/tor-browser/patches/patch-media_libcubeb_update.sh deleted - security/tor-browser/patches/patch-media_libpng_pngpriv.h 1.5 - security/tor-browser/patches/patch-media_libtheora_lib_info.c 1.4 - security/tor-browser/patches/patch-media_libvorbis_lib_vorbis__info.c 1.1 - security/tor-browser/patches/patch-media_webrtc_trunk_webrtc_modules_video__capture_linux_device__info__linux.cc 1.5 - security/tor-browser/patches/patch-nsprpub_pr_src_pthreads_ptsynch.c 1.2 - security/tor-browser/patches/patch-security_nss_lib_freebl_mpi_mpi.c 1.1 - security/tor-browser/patches/patch-third__party_rust_authenticator_.cargo-checksum.json 1.1 - security/tor-browser/patches/patch-third__party_rust_authenticator_src_lib.rs 1.1 - security/tor-browser/patches/patch-third__party_rust_authenticator_src_netbsd_device.rs 1.1 - security/tor-browser/patches/patch-third__party_rust_authenticator_src_netbsd_fd.rs 1.1 - security/tor-browser/patches/patch-third__party_rust_authenticator_src_netbsd_mod.rs 1.1 - security/tor-browser/patches/patch-third__party_rust_authenticator_src_netbsd_monitor.rs 1.1 - security/tor-browser/patches/patch-third__party_rust_authenticator_src_netbsd_transaction.rs 1.1 - security/tor-browser/patches/patch-third__party_rust_authenticator_src_netbsd_uhid.rs 1.1 - security/tor-browser/patches/patch-third__party_rust_getrandom_src_lib.rs 1.1 - security/tor-browser/patches/patch-third__party_rust_libc_src_unix_bsd_netbsdlike_netbsd_mod.rs 1.1 - security/tor-browser/patches/patch-toolkit_components_terminator_nsTerminator.cpp 1.3 - security/tor-browser/patches/patch-toolkit_library_moz.build deleted - security/tor-browser/patches/patch-toolkit_modules_subprocess_subprocess__shared__unix.js 1.2 - security/tor-browser/patches/patch-toolkit_moz.configure 1.4 - security/tor-browser/patches/patch-toolkit_mozapps_installer_packager.mk 1.3 - security/tor-browser/patches/patch-toolkit_xre_glxtest.cpp deleted - security/tor-browser/patches/patch-widget_gtk_WaylandDMABufSurface.cpp 1.1 - security/tor-browser/patches/patch-xpcom_base_nscore.h 1.5 - security/tor-browser/patches/patch-xpcom_reflect_xptcall_md_unix_moz.build 1.5 --- Module Name: pkgsrc Committed By: wiz Date: Wed Oct 7 11:10:35 UTC 2020 Modified Files: pkgsrc/security/tor-browser: Makefile PLIST distinfo pkgsrc/security/tor-browser/patches: patch-.mozconfig patch-aa patch-browser_app_profile_firefox.js patch-build_moz.configure_rust.configure patch-config_gcc-stl-wrapper.template.h patch-config_makefiles_rust.mk patch-dom_base_nsAttrName.h patch-dom_media_CubebUtils.cpp patch-gfx_angle_checkout_src_common_third__party_smhasher_src_PMurHash.cpp patch-gfx_angle_checkout_src_compiler_translator_InfoSink.h patch-gfx_skia_skia_src_core_SkCpu.cpp patch-gfx_thebes_gfxPlatform.cpp patch-ipc_chromium_src_base_message__pump__libevent.cc patch-ipc_chromium_src_base_platform__thread__posix.cc patch-ipc_glue_GeckoChildProcessHost.cpp patch-js_src_util_NativeStack.cpp patch-media_ffvpx_libavutil_arm_bswap.h patch-media_libcubeb_src_cubeb__alsa.c patch-media_libcubeb_src_moz.build patch-media_libpng_pngpriv.h patch-nsprpub_pr_src_pthreads_ptsynch.c patch-toolkit_components_terminator_nsTerminator.cpp patch-toolkit_modules_subprocess_subprocess__shared__unix.js patch-toolkit_moz.configure patch-toolkit_mozapps_installer_packager.mk patch-xpcom_base_nscore.h patch-xpcom_reflect_xptcall_md_unix_moz.build Added Files: pkgsrc/security/tor-browser/patches: patch-configure.in patch-gfx_cairo_cairo_src_cairo-type1-subset.c patch-js_src_jsfriendapi.h patch-media_libcubeb_src_cubeb__sun.c patch-media_libtheora_lib_info.c patch-media_libvorbis_lib_vorbis__info.c patch-media_webrtc_trunk_webrtc_modules_video__capture_linux_device__info__linux.cc patch-security_nss_lib_freebl_mpi_mpi.c patch-third__party_rust_authenticator_.cargo-checksum.json patch-third__party_rust_authenticator_src_lib.rs patch-third__party_rust_authenticator_src_netbsd_device.rs patch-third__party_rust_authenticator_src_netbsd_fd.rs patch-third__party_rust_authenticator_src_netbsd_mod.rs patch-third__party_rust_authenticator_src_netbsd_monitor.rs patch-third__party_rust_authenticator_src_netbsd_transaction.rs patch-third__party_rust_authenticator_src_netbsd_uhid.rs patch-third__party_rust_getrandom_src_lib.rs patch-third__party_rust_libc_src_unix_bsd_netbsdlike_netbsd_mod.rs patch-widget_gtk_WaylandDMABufSurface.cpp Removed Files: pkgsrc/security/tor-browser/patches: patch-dom_webauthn_u2f-hid-rs_src_lib.rs patch-dom_webauthn_u2f-hid-rs_src_netbsd_device.rs patch-dom_webauthn_u2f-hid-rs_src_netbsd_fd.rs patch-dom_webauthn_u2f-hid-rs_src_netbsd_mod.rs patch-dom_webauthn_u2f-hid-rs_src_netbsd_monitor.rs patch-dom_webauthn_u2f-hid-rs_src_netbsd_transaction.rs patch-dom_webauthn_u2f-hid-rs_src_netbsd_uhid.rs patch-gfx_gl_GLContextProviderGLX.cpp patch-ipc_chromium_src_chrome_common_ipc__channel__posix.cc patch-js_src_threading_posix_Thread.cpp patch-media_libcubeb_gtest_moz.build patch-media_libcubeb_src_cubeb.c patch-media_libcubeb_update.sh patch-toolkit_library_moz.build patch-toolkit_xre_glxtest.cpp Log Message: tor-browser: update to 10.0. Tor Browser 10.0 -- September 22 2020 * Windows + OS X + Linux * Update Firefox to 78.3.0esr * Update Tor to 0.4.4.5 * Update Tor Launcher to 0.2.25 * Bug 32174: Replace XUL with * Bug 33890: Rename XUL files to XHTML * Bug 33862: Fix usages of createTransport API * Bug 33906: Fix Tor-Launcher issues for Firefox 75 * Bug 33998: Use CSS grid instead of XUL grid * Bug 34164: Tor Launcher deadlocks during startup (Firefox 77) * Bug 34206: Tor Launcher button labels are missing (Firefox 76) * Bug 40002: After rebasing to 80.0b2 moat is broken [tor-launcher] * Translations update * Update NoScript to 11.0.44 * Bug 40093: Youtube videos on safer produce an error [tor-browser] * Translations update * Bug 10394: Let Tor Browser update HTTPS Everywhere * Bug 11154: Disable TLS 1.0 (and 1.1) by default * Bug 16931: Sanitize the add-on blocklist update URL * Bug 17374: Disable 1024-DH Encryption by default * Bug 21601: Remove unused media.webaudio.enabled pref * Bug 30682: Disable Intermediate CA Preloading * Bug 30812: Exempt about: pages from Resist Fingerprinting * Bug 31918+33533+40024+40037: Rebase Tor Browser esr68 patches for ESR 78 [tor-browser] * Bug 32612: Update MAR_CHANNEL_ID for the alpha * Bug 32886: Separate treatment of @@media interaction features for desktop and android * Bug 33534: Review FF release notes from FF69 to latest (FF78) * Bug 33697: Use old search config based on list.json * Bug 33721: PDF Viewer is not working in the safest security level * Bug 33734: Set MOZ_NORMANDY to False * Bug 33737: Fix aboutDialog.js error for Firefox nightlies * Bug 33848: Disable Enhanced Tracking Protection * Bug 33851: Patch out Parental Controls detection and logging * Bug 33852: Clean up about:logins to not mention Sync * Bug 33856: Set browser.privatebrowsing.forceMediaMemoryCache to True * Bug 33862: Fix usages of createTransport API * Bug 33867: Disable password manager and password generation * Bug 33890: Rename XUL files to XHTML * Bug 33892: Add brandProductName to brand.dtd and brand.properties * Bug 33962: Uplift patch for bug 5741 (dns leak protection) * Bug 34125: API change in protocolProxyService.registerChannelFilter * Bug 40001: Generate tor-browser-brand.ftl when importing translations [torbutton] * Bug 40002: Remove about:pioneer [tor-browser] * Bug 40002: Fix generateNSGetFactory being moved to ComponentUtils [torbutton] * Bug 40003: Adapt code for L10nRegistry API changes [torbutton] * Bug 40005: Initialize the identity UI before setting up the circuit display [torbutton] * Bug 40006: Fix new identity for 81 [torbutton] * Bug 40007: Move SecurityPrefs initialization to the StartupObserver component [torbutton] * Bug 40008: Style fixes for 78 [torbutton] * Bug 40016: Update Snowflake to discover NAT type [tor-browser-build] * Bug 40017: Audit Firefox 68-78 diff for proxy issues [tor-browser] * Bug 40022: Update new icons in Tor Browser branding [tor-browser] * Bug 40025: Revert add-on permissions due to Mozilla's 1560059 [tor-browser] * Bug 40036: Remove product version/update channel from #13379 patch [tor-browser] * Bug 40038: Review RemoteSettings for ESR 78 [tor-browser] * Bug 40048: Disable various ESR78 features via prefs [tor-browser] * Bug 40059: Verify our external helper patch is still working [tor-browser] * Bug 40066: Update existing prefs for ESR 78 [tor-browser] * Bug 40066: Remove default bridge 37.218.240.34 [tor-browser-build] * Bug 40073: Disable remote Public Suffix List fetching [tor-browser] * Bug 40073: Repack omni.ja to include builtin HTTPS Everywhere [tor-browser-build] * Bug 40078: Backport patches for bug 1651680 for now [tor-browser] * Bug 40082: Let JavaScript on safest setting handled by NoScript again [tor-browser] * Bug 40088: Moat "Submit" button does not work * Bug 40090: Disable v3 add-on blocklist for now [tor-browser] * Bug 40091: Load HTTPS Everywhere as a builtin addon [tor-browser] * Bug 40102: Fix UI bugs in Tor Browser 10.0 alpha [tor-browser] * Bug 40106: Cannot install addons in full screen mode [tor-browser] * Bug 40109: Playing video breaks after reloading pages [tor-browser] * Bug 40119: Enable v3 extension blocklisting again [tor-browser] * Windows * Bug 33855: Don't use site's icon as window icon in Windows in private mode * Bug 40061: Omit the Windows default browser agent from the build [tor-browser] * OS X * Bug 32252: Tor Browser does not display correctly in VMWare Fusion on macOS (mojave) * Build System * Windows + OS X + Linux * Bump Go to 1.14.7 * Bug 31845: Bump GCC version to 9.3.0 * Bug 34011: Bump clang to 9.0.1 * Bug 34014: Enable sqlite3 support in Python * Bug 34390: Don't copy DBM libraries anymore * Bug 34391: Remove unused --enable-signmar option * Bug 40004: Adapt Rust project for Firefox 78 ESR [tor-browser-build] * Bug 40005: Adapt Node project for Firefox 78 ESR [tor-browser-build] * Bug 40006: Adapt cbindgen for Firefox 78 ESR [tor-browser-build] * Bug 40037: Move projects over to clang-source [tor-browser-build] * Bug 40026: Fix full .mar creation for esr78 [tor-browser-build] * Bug 40027: Fix incremental .mar creation for esr78 [tor-browser-build] * Bug 40028: Do not reference unset env variables [tor-browser-build] * Bug 40031: Add licenses for kcp-go and smux. [tor-browser-build] * Bug 40045: Fix complete .mar file creation for dmg2mar [tor-browser-build] * Bug 40065: Bump debootstrap-image ubuntu_version to 20.04.1 [tor-browser-build] * Bug 40087: Deterministically add HTTPS Everywhere into omni.ja [tor-browser-build] * Windows * Bug 34230: Update Windows toolchain for Firefox 78 ESR * Bug 40015: Use only 64bit fxc2 [tor-browser-build] * Bug 40017: Enable stripping again on Windows [tor-browser-build] * Bug 40052: Bump NSIS to 3.06.1 [tor-browser-build] * Bug 40061: Omit the Windows default browser agent from the build [tor-browser] * Bug 40071: Be explicit about no SEH with mingw-w64 on 32bit systems [tor-browser-build] * Bug 40077: Don't pass --no-insert-timestamp when building Firefox [tor-browser-build] * Bug 40090: NSIS 3.06.1 based builds are not reproducible anymore [tor-browser-build] * OS X * Bug 34229: Update macOS toolchain for Firefox 78 ESR * Bug 40003: Update cctools version for Firefox 78 ESR [tor-browser-build] * Bug 40018: Add libtapi project for cctools [tor-browser-build] * Bug 40019: Ship our own runtime library for macOS [tor-browser-build] * Linux * Bug 34359: Adapt abicheck.cc to deal with newer GCC version * Bug 34386: Fix up clang compilation on Linux * Bug 40053: Also create the langpacks tarball for non-release builds [tor-browser-build] Tor Browser 10.0a7 -- September 14 2020 * Windows + OS X + Linux * Update Tor Launcher to 0.2.24 * Update NoScript to 11.0.43 * Translations update * Bug 10394: Let Tor Browser update HTTPS Everywhere * Bug 32017: Use ExtensionStorageIDB again * Bug 40006: Fix new identity for 81 [torbutton] * Bug 40007: Move SecurityPrefs initialization to the StartupObserver component [torbutton] * Bug 40008: Style fixes for 78 [torbutton] * Bug 40066: Remove default bridge 37.218.240.34 [tor-browser-build] * Bug 40073: Repack omni.ja to include builtin HTTPS Everywhere [tor-browser-build] * Bug 40091: Load HTTPS Everywhere as a builtin addon [tor-browser] * Bug 40102: Fix UI bugs in Tor Browser 10.0 alpha [tor-browser] * Bug 40109: Playing video breaks after reloading pages [tor-browser] * Big 40119: Enable v3 extension blocklisting again [tor-browser] * Build System * Windows + OS X + Linux * Bump Go to 1.14.7 * Bug 40031: Add licenses for kcp-go and smux. [tor-browser-build] * Bug 40045: Fix complete .mar file creation for dmg2mar [tor-browser-build] * Bug 40065: Bump debootstrap-image ubuntu_version to 20.04.1 [tor-browser-build] * Bug 40087: Deterministically add HTTPS Everywhere into omni.ja [tor-browser-build] * Windows * Bug 40052: Bump NSIS to 3.06.1 [tor-browser-build] * Bug 40071: Be explicit about no SEH with mingw-w64 on 32bit systems [tor-browser-build] * Bug 40077: Don't pass --no-insert-timestamp when building Firefox [tor-browser-build] * Bug 40090: NSIS 3.06.1 based builds are not reproducible anymore [tor-browser-build] Tor Browser 10.0a6 -- August 26 2020 * All Platforms * Update HTTPS Everywhere to 2020.08.13 * Windows + OS X + Linux * Update Firefox to 78.2.0esr * Update Tor Launcher to 0.2.23 * Bug 40002: After rebasing to 80.0b2 moat is broken [tor-launcher] * Translations update * Update NoScript to 11.0.39 * Bug 21601: Remove unused media.webaudio.enabled pref * Bug 40002: Remove about:pioneer [tor-browser] * Bug 40082: Let JavaScript on safest setting handled by NoScript again [tor-browser] * Bug 40088: Moat "Submit" button does not work * Bug 40090: Disable v3 add-on blocklist for now [tor-browser] * OS X * Bug 40015: Tor Browser broken on MacOS 11 Big Sur * Android * Update Firefox to 68.12.0esr * Update NoScript to 11.0.38 * Update Tor to 0.4.4.4-rc * Build System * Windows + OS X + Linux * Bump Go to 1.13.15 * Linux * Bug 40053: Also create the langpacks tarball for non-release builds [tor-browser-build] @ text @d1 1 a1 1 $NetBSD$ d3 1 a3 1 firefox: Workaround broken pthread_equal() usage d5 1 a5 5 Switch to an internal version of pthread_equal() without sanity checks. Problems detected on NetBSD 9.99.46. --- nsprpub/pr/src/pthreads/ptsynch.c.orig 2020-01-17 21:34:42.000000000 +0000 d21 1 a21 1 @@@@ -197,9 +204,9 @@@@ PR_IMPLEMENT(PRStatus) PR_Unlock(PRLock d28 2 a29 2 - if (!lock->locked || !pthread_equal(lock->owner, self)) { + if (!lock->locked || !pt_pthread_equal(lock->owner, self)) { a30 1 } d32 3 a34 2 @@@@ -225,7 +232,7 @@@@ PR_IMPLEMENT(void) PR_AssertCurrentThrea * to the correctness of PR_AssertCurrentThreadOwnsLock(), but d42 1 a42 1 @@@@ -281,7 +288,7 @@@@ static void pt_PostNotifyToCvar(PRCondVa d51 1 a51 1 @@@@ -369,7 +376,7 @@@@ PR_IMPLEMENT(PRStatus) PR_WaitCondVar(PR d58 3 a60 3 if (_PT_THREAD_INTERRUPTED(thred)) { goto aborted; @@@@ -582,7 +589,7 @@@@ PR_IMPLEMENT(PRIntn) PR_GetMonitorEntryC d64 2 a65 2 - if (pthread_equal(mon->owner, self)) { + if (pt_pthread_equal(mon->owner, self)) { a66 1 } d68 2 a69 1 @@@@ -598,7 +605,7 @@@@ PR_IMPLEMENT(void) PR_AssertCurrentThrea d78 1 a78 1 @@@@ -614,7 +621,7 @@@@ PR_IMPLEMENT(void) PR_EnterMonitor(PRMon d82 2 a83 2 - if (pthread_equal(mon->owner, self)) { + if (pt_pthread_equal(mon->owner, self)) { a84 1 } d86 2 a87 1 @@@@ -646,8 +653,8 @@@@ PR_IMPLEMENT(PRStatus) PR_ExitMonitor(PR d98 1 a98 1 @@@@ -695,7 +702,7 @@@@ PR_IMPLEMENT(PRStatus) PR_Wait(PRMonitor d106 1 a106 1 saved_entries = mon->entryCount; @