[WIP] gnu: Add torbrowser-unbundle.

+++ b/gnu/packages/golang.scm

+

+(define-public go-torproject-org-ptlib

+ (package

+ (name "go-torproject-org-ptlib")

+ (version "1.1.0")

+ (source

+ (origin

+ (method git-fetch)

+ (uri (git-reference

+ (url "https://git.torproject.org/pluggable-transports/goptlib.git")

+ (commit (string-append "v" version))))

+ (file-name (git-file-name name version))

+ (sha256

+ (base32

+ "1lh938194hvkf8pqgnxwf6hvjv9rv0j3kasi07r2ckrj8sxzk4jc"))))

+ (build-system go-build-system)

+ (arguments

+ '(#:import-path "git.torproject.org/pluggable-transports/goptlib.git"))

+ (home-page "https://git.torproject.org/pluggable-transports/goptlib.git")

+ (synopsis "Go library for Tor Pluggable Transports")

+ (description "Library for writing Tor Pluggable Transports in Go. Pluggable

+Transports are a means of connecting to the Tor Network from places where it

+is censored.")

+ (license license:cc0)))

+++ b/gnu/packages/golang.scm

+

+(define-public go-github-com-agl-ed25519

+ (let ((commit "c4161f4c7483313562781c61b9a20aba73daf9de")

+ (revision "0"))

+ (package

+ (name "go-github-com-agl-ed25519")

+ (version (git-version "0.0.0" revision commit))

+ (source

+ (origin

+ (method git-fetch)

+ (uri (git-reference

+ (url "https://github.com/agl/ed25519")

+ (commit commit)))

+ (file-name (string-append name "-" version "-checkout"))

+ (sha256

+ (base32

+ "1wjlbzi0w63rmlzgk3amw274wsl0zhcn4yx2lraffbkhqappahxc"))))

+ (build-system go-build-system)

+ (arguments

+ '(#:import-path "github.com/agl/ed25519"

+ #:phases

+ (modify-phases %standard-phases

+ (add-before 'reset-gzip-timestamps 'make-files-writable

+ (lambda* (#:key outputs #:allow-other-keys)

+ (let ((out (assoc-ref outputs "out")))

+ (for-each (lambda (file) (chmod file #o644))

+ (find-files out "\\.gz"))

+ #t))))))

+ (home-page "https://github.com/agl/ed25519")

+ (synopsis "Go library for ed25519 public-key signatures")

+ (description "This library is a Go implementation of ed25519 public-key

+signature system which was designed to be faster than previous digital signature

+systems without sacrificing security. It is currently used in the

+implementation of obfs4 and should be not be used on newer projects since it

+is unmaintained. Newer software should use x-crypto instead.")

+ ;; License file is referred but it is missing. Probably because the

+ ;; author decided to discontinue the project.

+ (license (license:non-copyleft "file://ed25519.go")))))

+++ b/gnu/packages/golang.scm

+

+(define-public go-github-com-dchest-siphash

+ (let ((commit "34f201214d993633bb24f418ba11736ab8b55aa7")

+ (revision "0"))

+ (package

+ (name "go-github-com-dchest-siphash")

+ (version (git-version "0.0.0" revision commit))

+ (source

+ (origin

+ (method git-fetch)

+ (uri (git-reference

+ (url "https://github.com/dchest/siphash")

+ (commit commit)))

+ (file-name (string-append name "-" version "-checkout"))

+ (sha256

+ (base32

+ "08s076y7vmjqnq7jz0762hkm896r6r31v8b31a3gy0n8rfa01k8k"))))

+ (build-system go-build-system)

+ (arguments

+ '(#:import-path "github.com/dchest/siphash"))

+ (home-page "https://github.com/dchest/siphash")

+ (synopsis "Go library for siphash")

+ (description "Go implementation of SipHash-2-4, a fast short-input

+Pseudo Random Function which is suitable for usage in message authentication

+codes and was based on the design created by Jean-Philippe Aumasson and Daniel

+J. Bernstein. ")

+ (license license:cc0))))

+++ b/gnu/packages/golang.scm

+

+(define-public go-github-com-dchest-uniuri

+ (let ((commit "8902c56451e9b58ff940bbe5fec35d5f9c04584a")

+ (revision "0"))

+ (package

+ (name "go-github-com-dchest-uniuri")

+ (version (git-version "0.0.0" revision commit))

+ (source

+ (origin

+ (method git-fetch)

+ (uri (git-reference

+ (url "https://github.com/dchest/uniuri")

+ (commit commit)))

+ (file-name (string-append name "-" version "-checkout"))

+ (sha256

+ (base32

+ "1x5bsbm1nlphsv96zd0rbclfaa1swpz5bp14x7s5dbxp0awk2gd4"))))

+ (build-system go-build-system)

+ (arguments

+ '(#:import-path "github.com/dchest/uniuri"))

+ (home-page "https://github.com/dchest/uniuri")

+ (synopsis "Go library for random URIs")

+ (description "Package uniuri generates random strings good for use in

+Universal Resource Identifiers to uniquely identify objects.")

+ (license license:cc0))))

+++ b/gnu/packages/golang.scm

+

+(define-public go-github-com-dsnet-compress

+ (let ((commit "cc9eb1d7ad760af14e8f918698f745e80377af4f")

+ (revision "0"))

+ (package

+ (name "go-github-com-dsnet-compress")

+ (version (git-version "0.0.0" revision commit))

+ (source

+ (origin

+ (method git-fetch)

+ (uri (git-reference

+ (url "https://github.com/dsnet/compress")

+ (commit commit)))

+ (file-name (string-append name "-" version "-checkout"))

+ (sha256

+ (base32

+ "159liclywmyb6zx88ga5gn42hfl4cpk1660zss87fkx31hdq9fgx"))))

+ (build-system go-build-system)

+ (arguments

+ '(#:import-path "github.com/dsnet/compress"))

+ (home-page "https://github.com/dsnet/compress")

+ (synopsis "Go library for extended compression")

+ (description "This is a collection of compression related libraries.

+The goal of this project is to provide pure Go implementations for popular

+compression algorithms bey ond what the Go standard library provides.")

+ (license (license:non-copyleft "file://LICENSE.md")))))

+++ b/gnu/packages/golang.scm

+

+(define-public go-schwanenlied-me-yawning-bsaes

+ (let ((commit "26d1add596b6d800bdeeb3bc3b2c7b316c056b6d")

+ (revision "0"))

+ (package

+ (name "go-schwanenlied-me-yawning-bsaes")

+ (version (git-version "0.0.0" revision commit))

+ (source

+ (origin

+ (method git-fetch)

+ (uri (git-reference

+ (url "https://git.schwanenlied.me/yawning/bsaes.git")

+ (commit commit)))

+ (file-name (string-append name "-" version "-checkout"))

+ (sha256

+ (base32

+ "0h4dsyw54n9rcwprqy93wv2v1gcvlq1vfqdp1g7wxdkq457rhvys"))))

+ (build-system go-build-system)

+ (arguments

+ '(#:import-path "git.schwanenlied.me/yawning/bsaes.git"))

+ (home-page "https://git.schwanenlied.me/yawning/bsaes.git")

+ (synopsis "Go AES library")

+ (description "Portable pure-Go constant time Advanced Encryption

+Standard (AES) for eletronic data encryption. This implementation if

+based on code from [BearSSL](https://bearssl.org/). On AMD64 systems

+with hardware support for AES New Instructions (AES-NI) and a

+sufficiently recent Go runtime, it will transparently call crypto/aes

+when NewCipher is invoked.")

+ (license (license:non-copyleft "file://LICENSE.txt")))))

+++ b/gnu/packages/golang.scm

+;;; Copyright © 2020 André Batista <nandre@riseup.net>

+

+(define-public go-gitlab-com-yawning-utls

+ (package

+ (name "go-gitlab-com-yawning-utls")

+ (version "0.0.10-1")

+ (source

+ (origin

+ (method git-fetch)

+ (uri (git-reference

+ (url "https://gitlab.com/yawning/utls.git")

+ (commit (string-append "v" version))))

+ (file-name (git-file-name name version))

+ (sha256

+ (base32

+ "15c46s56r45n22rmq9spnczydnkqrnxff28h5mpnk5yvcqif3lgb"))))

+ (build-system go-build-system)

+ (arguments

+ '(#:tests? #f ;; Tries to connect and fails.

+ #:import-path "gitlab.com/yawning/utls.git"))

+ (propagated-inputs

+ `(("go-schwanenlied-me-yawning-bsaes" ,go-schwanenlied-me-yawning-bsaes)

+ ("go-github-com-dsnet-compress" ,go-github-com-dsnet-compress)

+ ("go-golang-org-x-crypto" ,go-golang-org-x-crypto)))

+ (home-page "https://gitlab.com/yawning/utls.git")

+ (synopsis "Go library for uTLS")

+ (description "This library is a fork of the main Transport Layer Security

+protocol in Go (crypto/tls) which provides ClientHello fingerprinting resistance,

+low level access to handshakes and fake session tickets among other features.

+This fork was made for the specific purpose of improving obfs4proxy's meek_lite

+transport protocol.")

+ (license license:gpl3+)))

+++ b/gnu/packages/golang.scm

+

+(define-public go-github-com-agl-ed25519

+ (let ((commit "c4161f4c7483313562781c61b9a20aba73daf9de")

+ (revision "0"))

+ (package

+ (name "go-github-com-agl-ed25519")

+ (version (git-version "0.0.0" revision commit))

+ (source

+ (origin

+ (method git-fetch)

+ (uri (git-reference

+ (url "https://github.com/agl/ed25519")

+ (commit commit)))

+ (file-name (string-append name "-" version "-checkout"))

+ (sha256

+ (base32

+ "1wjlbzi0w63rmlzgk3amw274wsl0zhcn4yx2lraffbkhqappahxc"))))

+ (build-system go-build-system)

+ (arguments

+ '(#:import-path "github.com/agl/ed25519"

+ #:phases

+ (modify-phases %standard-phases

+ (add-before 'reset-gzip-timestamps 'make-files-writable

+ (lambda* (#:key outputs #:allow-other-keys)

+ (let ((out (assoc-ref outputs "out")))

+ (for-each (lambda (file) (chmod file #o644))

+ (find-files out "\\.gz"))

+ #t))))))

+ (home-page "https://github.com/agl/ed25519")

+ (synopsis "Go library for ed25519 public-key signatures")

+ (description "This library is a Go implementation of ed25519 public-key

+signature system which was designed to be faster than previous digital signature

+systems without sacrificing security. It is currently used in the

+implementation of obfs4 and should be not be used on newer projects since it

+is unmaintained. Newer software should use x-crypto instead.")

+ ;; License file is referred but it is missing. Probably because the

+ ;; author decided to discontinue the project.

+ (license (license:non-copyleft "file://ed25519.go")))))

+++ b/gnu/packages/golang.scm

+;;; Copyright © 2021 André Batista <nandre@riseup.net>

+

+(define-public go-torproject-org-ptlib

+ (package

+ (name "go-torproject-org-ptlib")

+ (version "1.1.0")

+ (source

+ (origin

+ (method git-fetch)

+ (uri (git-reference

+ (url "https://git.torproject.org/pluggable-transports/goptlib.git")

+ (commit (string-append "v" version))))

+ (file-name (git-file-name name version))

+ (sha256

+ (base32

+ "1lh938194hvkf8pqgnxwf6hvjv9rv0j3kasi07r2ckrj8sxzk4jc"))))

+ (build-system go-build-system)

+ (arguments

+ '(#:import-path "git.torproject.org/pluggable-transports/goptlib.git"))

+ (home-page "https://git.torproject.org/pluggable-transports/goptlib.git")

+ (synopsis "Go library for Tor Pluggable Transports")

+ (description "Library for writing Tor Pluggable Transports in Go. Pluggable

+Transports are a means of connecting to the Tor Network from places where it

+is censored.")

+ (license license:cc0)))

+++ b/gnu/packages/golang.scm

+

+(define-public go-github-com-agl-ed25519

+ (let ((commit "c4161f4c7483313562781c61b9a20aba73daf9de")

+ (revision "0"))

+ (package

+ (name "go-github-com-agl-ed25519")

+ (version (git-version "0.0.0" revision commit))

+ (source

+ (origin

+ (method git-fetch)

+ (uri (git-reference

+ (url "https://github.com/agl/ed25519")

+ (commit commit)))

+ (file-name (string-append name "-" version "-checkout"))

+ (sha256

+ (base32

+ "1wjlbzi0w63rmlzgk3amw274wsl0zhcn4yx2lraffbkhqappahxc"))))

+ (build-system go-build-system)

+ (arguments

+ '(#:import-path "github.com/agl/ed25519"

+ #:phases

+ (modify-phases %standard-phases

+ (add-before 'reset-gzip-timestamps 'make-files-writable

+ (lambda* (#:key outputs #:allow-other-keys)

+ (let ((out (assoc-ref outputs "out")))

+ (for-each (lambda (file) (chmod file #o644))

+ (find-files out "\\.gz"))

+ #t))))))

+ (home-page "https://github.com/agl/ed25519")

+ (synopsis "Go library for ed25519 public-key signatures")

+ (description "This library is a Go implementation of ed25519 public-key

+signature system which was designed to be faster than previous digital signature

+systems without sacrificing security. It is currently used in the

+implementation of obfs4 and should be not be used on newer projects since it

+is unmaintained. Newer software should use x-crypto instead.")

+ ;; License file is referred but it is missing. Probably because the

+ ;; author decided to discontinue the project.

+ (license (license:non-copyleft "file://ed25519.go")))))

+++ b/gnu/packages/golang.scm

+

+(define-public go-github-com-dchest-siphash

+ (let ((commit "34f201214d993633bb24f418ba11736ab8b55aa7")

+ (revision "0"))

+ (package

+ (name "go-github-com-dchest-siphash")

+ (version (git-version "0.0.0" revision commit))

+ (source

+ (origin

+ (method git-fetch)

+ (uri (git-reference

+ (url "https://github.com/dchest/siphash")

+ (commit commit)))

+ (file-name (string-append name "-" version "-checkout"))

+ (sha256

+ (base32

+ "08s076y7vmjqnq7jz0762hkm896r6r31v8b31a3gy0n8rfa01k8k"))))

+ (build-system go-build-system)

+ (arguments

+ '(#:import-path "github.com/dchest/siphash"))

+ (home-page "https://github.com/dchest/siphash")

+ (synopsis "Go library for siphash")

+ (description "Go implementation of SipHash-2-4, a fast short-input

+Pseudo Random Function which is suitable for usage in message authentication

+codes and was based on the design created by Jean-Philippe Aumasson and Daniel

+J. Bernstein. ")

+ (license license:cc0))))

+++ b/gnu/packages/golang.scm

+

+(define-public go-github-com-dchest-uniuri

+ (let ((commit "8902c56451e9b58ff940bbe5fec35d5f9c04584a")

+ (revision "0"))

+ (package

+ (name "go-github-com-dchest-uniuri")

+ (version (git-version "0.0.0" revision commit))

+ (source

+ (origin

+ (method git-fetch)

+ (uri (git-reference

+ (url "https://github.com/dchest/uniuri")

+ (commit commit)))

+ (file-name (string-append name "-" version "-checkout"))

+ (sha256

+ (base32

+ "1x5bsbm1nlphsv96zd0rbclfaa1swpz5bp14x7s5dbxp0awk2gd4"))))

+ (build-system go-build-system)

+ (arguments

+ '(#:import-path "github.com/dchest/uniuri"))

+ (home-page "https://github.com/dchest/uniuri")

+ (synopsis "Go library for random URIs")

+ (description "Package uniuri generates random strings good for use in

+Universal Resource Identifiers to uniquely identify objects.")

+ (license license:cc0))))

+++ b/gnu/packages/golang.scm

+

+(define-public go-github-com-dsnet-compress

+ (let ((commit "cc9eb1d7ad760af14e8f918698f745e80377af4f")

+ (revision "0"))

+ (package

+ (name "go-github-com-dsnet-compress")

+ (version (git-version "0.0.0" revision commit))

+ (source

+ (origin

+ (method git-fetch)

+ (uri (git-reference

+ (url "https://github.com/dsnet/compress")

+ (commit commit)))

+ (file-name (string-append name "-" version "-checkout"))

+ (sha256

+ (base32

+ "159liclywmyb6zx88ga5gn42hfl4cpk1660zss87fkx31hdq9fgx"))))

+ (build-system go-build-system)

+ (arguments

+ '(#:import-path "github.com/dsnet/compress"))

+ (home-page "https://github.com/dsnet/compress")

+ (synopsis "Go library for extended compression")

+ (description "This is a collection of compression related libraries.

+The goal of this project is to provide pure Go implementations for popular

+compression algorithms bey ond what the Go standard library provides.")

+ (license (license:non-copyleft "file://LICENSE.md")))))

+++ b/gnu/packages/golang.scm

+

+(define-public go-schwanenlied-me-yawning-bsaes

+ (let ((commit "26d1add596b6d800bdeeb3bc3b2c7b316c056b6d")

+ (revision "0"))

+ (package

+ (name "go-schwanenlied-me-yawning-bsaes")

+ (version (git-version "0.0.0" revision commit))

+ (source

+ (origin

+ (method git-fetch)

+ (uri (git-reference

+ (url "https://git.schwanenlied.me/yawning/bsaes.git")

+ (commit commit)))

+ (file-name (string-append name "-" version "-checkout"))

+ (sha256

+ (base32

+ "0h4dsyw54n9rcwprqy93wv2v1gcvlq1vfqdp1g7wxdkq457rhvys"))))

+ (build-system go-build-system)

+ (arguments

+ '(#:import-path "git.schwanenlied.me/yawning/bsaes.git"))

+ (home-page "https://git.schwanenlied.me/yawning/bsaes.git")

+ (synopsis "Go AES library")

+ (description "Portable pure-Go constant time Advanced Encryption

+Standard (AES) for eletronic data encryption. This implementation if

+based on code from [BearSSL](https://bearssl.org/). On AMD64 systems

+with hardware support for AES New Instructions (AES-NI) and a

+sufficiently recent Go runtime, it will transparently call crypto/aes

+when NewCipher is invoked.")

+ (license (license:non-copyleft "file://LICENSE.txt")))))

+++ b/gnu/packages/golang.scm

+

+(define-public go-gitlab-com-yawning-utls

+ (package

+ (name "go-gitlab-com-yawning-utls")

+ (version "0.0.10-1")

+ (source

+ (origin

+ (method git-fetch)

+ (uri (git-reference

+ (url "https://gitlab.com/yawning/utls.git")

+ (commit (string-append "v" version))))

+ (file-name (git-file-name name version))

+ (sha256

+ (base32

+ "15c46s56r45n22rmq9spnczydnkqrnxff28h5mpnk5yvcqif3lgb"))))

+ (build-system go-build-system)

+ (arguments

+ '(#:tests? #f ;; Tries to connect and fails.

+ #:import-path "gitlab.com/yawning/utls.git"))

+ (propagated-inputs

+ `(("go-schwanenlied-me-yawning-bsaes" ,go-schwanenlied-me-yawning-bsaes)

+ ("go-github-com-dsnet-compress" ,go-github-com-dsnet-compress)

+ ("go-golang-org-x-crypto" ,go-golang-org-x-crypto)))

+ (home-page "https://gitlab.com/yawning/utls.git")

+ (synopsis "Go library for uTLS")

+ (description "This library is a fork of the main Transport Layer Security

+protocol in Go (crypto/tls) which provides ClientHello fingerprinting resistance,

+low level access to handshakes and fake session tickets among other features.

+This fork was made for the specific purpose of improving obfs4proxy's meek_lite

+transport protocol.")

+ (license license:gpl3+)))

+++ b/gnu/packages/tor.scm

+;;; Copyright © 2020, 2021 André Batista <nandre@riseup.net>

+ #:use-module (guix build-system go)

+ #:use-module (gnu packages autotools)

+ #:use-module (gnu packages golang)

+ #:use-module (gnu packages libevent)

+ #:use-module (gnu packages linux)

+

+(define-public obfs4

+ (package

+ (name "obfs4")

+ (version "0.0.11")

+ (source

+ (origin

+ (method git-fetch)

+ (uri (git-reference

+ (url "https://git.torproject.org/pluggable-transports/obfs4.git")

+ (commit (string-append "obfs4proxy-" version))))

+ (file-name (git-file-name name version))

+ (sha256

+ (base32

+ "1y2kjwrk64l1h8b87m4iqsanib5rn68gzkdri1vd132qrlypycjn"))))

+ (build-system go-build-system)

+ (arguments

+ '(#:import-path "git.torproject.org/pluggable-transports/obfs4.git"

+ #:tests? #f ;; No test files

+ #:phases

+ (modify-phases %standard-phases

+ (replace 'build

+ (lambda* (#:key outputs configure-flags #:allow-other-keys)

+ (let ((out (assoc-ref outputs "out")))

+ (copy-recursively

+ "src/git.torproject.org/pluggable-transports/obfs4.git"

+ "src/gitlab.com/yawning/obfs4.git"

+ #:log (%make-void-port "w"))

+ (with-directory-excursion

+ "src/git.torproject.org/pluggable-transports/obfs4.git/obfs4proxy"

+ (invoke "go" "build" "-ldflags" "-s"))

+ #t)))

+ (replace 'install

+ (lambda* (#:key outputs #:allow-other-keys)

+ (let* ((out (assoc-ref outputs "out"))

+ (src "src/git.torproject.org/pluggable-transports/obfs4.git")

+ (bin (string-append out "/bin"))

+ (share (string-append out "/share"))

+ (doc (string-append share "/doc"))

+ (man (string-append share "/man/man1")))

+ (mkdir-p man)

+ (mkdir bin)

+ (mkdir doc)

+ (with-directory-excursion

+ (string-append src "/obfs4proxy")

+ (copy-file "obfs4proxy"

+ (string-append bin "/obfs4proxy")))

+ (with-directory-excursion

+ (string-append src "/doc")

+ (copy-file "obfs4proxy.1"

+ (string-append man "/obfs4proxy.1"))

+ (copy-file "obfs4-spec.txt"

+ (string-append doc "/obfs4-spec.txt")))

+ #t))))))

+ (propagated-inputs

+ `(("go-torproject-org-ptlib" ,go-torproject-org-ptlib)

+ ("go-github-com-agl-ed25519" ,go-github-com-agl-ed25519)

+ ("go-github-com-dchest-siphash" ,go-github-com-dchest-siphash)

+ ("go-github-com-dchest-uniuri" ,go-github-com-dchest-uniuri)

+ ("go-github-com-dsnet-compress" ,go-github-com-dsnet-compress)

+ ("go-schwanenlied-me-yawning-bsaes" ,go-schwanenlied-me-yawning-bsaes)

+ ("go-gitlab-com-yawning-utls" ,go-gitlab-com-yawning-utls)

+ ("go-golang-org-x-net" ,go-golang-org-x-net)

+ ("go-golang-org-x-crypto" ,go-golang-org-x-crypto)

+ ("go-golang-org-x-text" ,go-golang-org-x-text)))

+ (home-page "https://git.torproject.org/pluggable-transports/obfs4.git")

+ (synopsis "Obfs4 implements an obfuscation protocol")

+ (description "This is a look-like nothing obfuscation protocol that

+incorporates ideas and concepts from Philipp Winter's ScrambleSuit protocol.

+The obfs naming was chosen primarily because it was shorter, in terms of

+protocol ancestery obfs4 is much closer to ScrambleSuit than obfs2/obfs3.")

+ (license license:gpl3+)))

+++ b/gnu/local.mk

+# Copyright © 2021 André Batista <nandre@riseup.net>

+ %D%/packages/patches/torbrowser-start-desktop.patch \

+ %D%/packages/patches/torbrowser-start-script.patch \

+++ b/gnu/packages/patches/torbrowser-start-desktop.patch

+Change TorBrowser desktop file in order for it to be agnostic to the

+path when invoked.

+

+--- torbrowser-68.10.0esr-9.5-1/tbb-scripts/RelativeLink/start-tor-browser.desktop.orig 2020-07-05 18:47:40.689484877 -0300

++++ torbrowser-68.10.0esr-9.5-1/tbb-scripts/RelativeLink/start-tor-browser.desktop 2020-07-24 14:36:37.720579884 -0300

+@@ -1,4 +1,4 @@

+-#!/usr/bin/env ./Browser/execdesktop

++#!/usr/bin/env bash

+ #

+ # This file is a self-modifying .desktop file that can be run from the shell.

+ # It preserves arguments and environment for the start-tor-browser script.

+@@ -28,7 +28,7 @@

+ GenericName=Web Browser

+ Comment=Tor Browser is +1 for privacy and −1 for mass surveillance

+ Categories=Network;WebBrowser;Security;

+-Exec=sh -c '"$(dirname "$*")"/Browser/start-tor-browser --detach || ([ ! -x "$(dirname "$*")"/Browser/start-tor-browser ] && "$(dirname "$*")"/start-tor-browser --detach)' dummy %k

+-X-TorBrowser-ExecShell=./Browser/start-tor-browser --detach

+-Icon=web-browser

++Exec=sh -c start-tor-browser

++X-TorBrowser-ExecShell=start-tor-browser --detach

++Icon=torbrowser

+ StartupWMClass=Tor Browser

+++ b/gnu/packages/patches/torbrowser-start-script.patch

+Change TorBrowser startup script in order for it to setup needed files

+outside guix store. Remove tests which are not needed on guix system.

+

+--- torbrowser-68.10.0esr-9.5-1/tbb-scripts/RelativeLink/start-tor-browser.orig 2020-07-05 18:47:40.685485004 -0300

++++ torbrowser-68.10.0esr-9.5-1/tbb-scripts/RelativeLink/start-tor-browser 2020-07-23 18:13:32.426282743 -0300

+@@ -5,6 +5,14 @@

+ #

+ # Copyright 2017 The Tor Project. See LICENSE for licensing information.

+

++TBB_HOME="${HOME}/.local/share/torbrowser"

++TBB_LOGFILE="${TBB_HOME}/torbrowser.log"

++TBB_DATA="${TBB_HOME}/Data"

++TBB_PROFILE="${TBB_DATA}/Browser/profile.default"

++TBB_STORE_PATH=$(dirname $(realpath "$0"))

++TBB_STORE_DATA="${TBB_STORE_PATH}/TorBrowser/Data"

++TORRC="${TBB_DATA}/Tor/torrc-defaults"

++

+ complain_dialog_title="Tor Browser"

+

+ # First, make sure DISPLAY is set. If it isn't, we're hosed; scream

+@@ -134,8 +142,8 @@

+ ;;

+ -l | --log)

+ if [ -z "$2" -o "${2:0:1}" == "-" ]; then

+- printf "Logging Tor Browser debug information to tor-browser.log\n"

+- logfile="../tor-browser.log"

++ printf "Logging Tor Browser debug information to torbrowser.log\n"

++ logfile="${TBB_LOGFILE}"

+ elif [ "${2:0:1}" == "/" -o "${2:0:1}" == "~" ]; then

+ printf "Logging Tor Browser debug information to %s\n" "$2"

+ logfile="$2"

+@@ -187,41 +195,22 @@

+ export XAUTHORITY

+ fi

+

+-# If this script is being run through a symlink, we need to know where

+-# in the filesystem the script itself is, not where the symlink is.

+-myname="$0"

+-if [ -L "$myname" ]; then

+- # XXX readlink is not POSIX, but is present in GNU coreutils

+- # and on FreeBSD. Unfortunately, the -f option (which follows

+- # a whole chain of symlinks until it reaches a non-symlink

+- # path name) is a GNUism, so we have to have a fallback for

+- # FreeBSD. Fortunately, FreeBSD has realpath instead;

+- # unfortunately, that's also non-POSIX and is not present in

+- # GNU coreutils.

+- #

+- # If this launcher were a C program, we could just use the

+- # realpath function, which *is* POSIX. Too bad POSIX didn't

+- # make that function accessible to shell scripts.

+-

+- # If realpath is available, use it; it Does The Right Thing.

+- possibly_my_real_name="`realpath "$myname" 2>/dev/null`"

+- if [ "$?" -eq 0 ]; then

+- myname="$possibly_my_real_name"

+- else

+- # realpath is not available; hopefully readlink -f works.

+- myname="`readlink -f "$myname" 2>/dev/null`"

+- if [ "$?" -ne 0 ]; then

+- # Ugh.

+- complain "start-tor-browser cannot be run using a symlink on this operating system."

+- fi

+- fi

++# Try to be agnostic to where we're being started from, check if files are on its

++# default paths and chdir to TBB_HOME

++if [ -e "${TORRC}" ]; then

++ cd "${TBB_HOME}"

++else

++ mkdir -p "${TBB_HOME}"

++ cp -R "${TBB_STORE_DATA}" "${TBB_HOME}"

++ chmod -R 700 "${TBB_HOME}"

++ mkdir -p "${TBB_PROFILE}"

++ echo "user_pref(\"extensions.torlauncher.torrc-defaults_path\", \"${TORRC}\");"\

++ > "${TBB_PROFILE}/user.js"

++ echo "ClientTransportPlugin meek_lite,obfs2,obfs3,obfs4,scramblesuit exec ${TBB_STORE_PATH}/TorBrowser/Tor/PluggableTransports/obfs4proxy"\

++ >> "${TORRC}"

++ cd "${TBB_HOME}"

+ fi

+

+-# Try to be agnostic to where we're being started from, chdir to where

+-# the script is.

+-mydir="`dirname "$myname"`"

+-test -d "$mydir" && cd "$mydir"

+-

+ # If ${PWD} results in a zero length string, we can try something else...

+ if [ ! "${PWD}" ]; then

+ # "hacking around some braindamage"

+@@ -236,16 +225,9 @@

+ ln -nsf ~/.config/ibus/bus .config/ibus

+ fi

+

+-# Fix up .desktop Icon and Exec Paths, and update the .desktop file from the

+-# canonical version if it was changed by the updater.

+-cp start-tor-browser.desktop ../

+-sed -i -e "s,^Name=.*,Name=Tor Browser,g" ../start-tor-browser.desktop

+-sed -i -e "s,^Icon=.*,Icon=$PWD/browser/chrome/icons/default/default128.png,g" ../start-tor-browser.desktop

+-sed -i -e "s,^Exec=.*,Exec=sh -c '\"$PWD/start-tor-browser\" --detach || ([ ! -x \"$PWD/start-tor-browser\" ] \&\& \"\$(dirname \"\$*\")\"/Browser/start-tor-browser --detach)' dummy %k,g" ../start-tor-browser.desktop

+-

+ if [ "$register_desktop_app" -eq 1 ]; then

+ mkdir -p "$HOME/.local/share/applications/"

+- cp ../start-tor-browser.desktop "$HOME/.local/share/applications/"

++ cp "${TBB_STORE_PATH}/start-tor-browser.desktop" "$HOME/.local/share/applications/"

+ update-desktop-database "$HOME/.local/share/applications/"

+ printf "Tor Browser has been registered as a desktop app for this user in ~/.local/share/applications/\n"

+ exit 0

+@@ -265,21 +247,6 @@

+ HOME="${PWD}"

+ export HOME

+

+-SYSARCHITECTURE=$(getconf LONG_BIT)

+-TORARCHITECTURE=$(expr "$(file TorBrowser/Tor/tor)" : '.*ELF \([[:digit:]]*\)')

+-

+-if [ $SYSARCHITECTURE -ne $TORARCHITECTURE ]; then

+- complain "Wrong architecture? 32-bit vs. 64-bit."

+- exit 1

+-fi

+-

+-[% IF c("var/asan") -%]

+-# We need to disable LSan which is enabled by default now. Otherwise we'll get

+-# a crash during shutdown: https://bugs.torproject.org/10599#comment:59

+-ASAN_OPTIONS="detect_leaks=0"

+-export ASAN_OPTIONS

+-[% END -%]

+-

+ function setControlPortPasswd() {

+ local ctrlPasswd=$1

+

+@@ -342,13 +309,15 @@

+ # your password in the following line where the word “secret” is:

+ setControlPortPasswd ${TOR_CONTROL_PASSWD:='"secret"'}

+

+-# Set up custom bundled fonts. See fonts-conf(5).

+-export FONTCONFIG_PATH="${HOME}/TorBrowser/Data/fontconfig"

+-export FONTCONFIG_FILE="fonts.conf"

+-

+ # Avoid overwriting user's dconf values. Fixes #27903.

+ export GSETTINGS_BACKEND=memory

+

++# Set up custom bundled fonts. See fonts-conf(5).

++export FONTCONFIG_FILE="${HOME}/Data/fontconfig/fonts.conf"

++

++sed -i "${FONTCONFIG_FILE}"\

++ -e "s,<dir>fonts</dir>,<dir>${TBB_STORE_PATH}/fonts</dir>,"

++

+ cd "${HOME}"

+

+ # We pass all additional command-line arguments we get to Firefox.

+@@ -357,23 +326,23 @@

+

+ if [ "$show_usage" -eq 1 ]; then

+ # Display Firefox help, then our help

+- TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD} ./firefox --class "Tor Browser" \

+- -profile TorBrowser/Data/Browser/profile.default --help 2>/dev/null

++ TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD} ${TBB_STORE_PATH}/firefox --class "Tor Browser" \

++ -profile Data/Browser/profile.default --help 2>/dev/null

+ tbb_usage

+ elif [ "$detach" -eq 1 ] ; then

+- TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD} ./firefox --class "Tor Browser" \

+- -profile TorBrowser/Data/Browser/profile.default "${@}" > "$logfile" 2>&1 </dev/null &

++ TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD} ${TBB_STORE_PATH}/firefox --class "Tor Browser" \

++ -profile Data/Browser/profile.default "${@}" > "$logfile" 2>&1 </dev/null &

+ disown "$!"

+ elif [ "$log_output" -eq 1 -a "$show_output" -eq 1 ]; then

+- TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD} ./firefox --class "Tor Browser" \

+- -profile TorBrowser/Data/Browser/profile.default "${@}" 2>&1 </dev/null | \

++ TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD} ${TBB_STORE_PATH}/firefox --class "Tor Browser" \

++ -profile Data/Browser/profile.default "${@}" 2>&1 </dev/null | \

+ tee "$logfile"

+ elif [ "$show_output" -eq 1 ]; then

+- TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD} ./firefox --class "Tor Browser" \

+- -profile TorBrowser/Data/Browser/profile.default "${@}" < /dev/null

++ TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD} ${TBB_STORE_PATH}/firefox --class "Tor Browser" \

++ -profile Data/Browser/profile.default "${@}" < /dev/null

+ else

+- TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD} ./firefox --class "Tor Browser" \

+- -profile TorBrowser/Data/Browser/profile.default "${@}" > "$logfile" 2>&1 </dev/null

++ TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD} ${TBB_STORE_PATH}/firefox --class "Tor Browser" \

++ -profile Data/Browser/profile.default "${@}" > "$logfile" 2>&1 </dev/null

+ fi

+

+ exit $?

+++ b/gnu/packages/tor.scm

+

+;; torbrowser and tor-browser-builder build versions are not always in sync

+(define %torbrowser-version "78.11.0esr-10.0-1")

+(define %tbb-build-version "10.0.17")

+(define %torbrowser-build "build1")

+(define %tbb-build "build1")

+(define %torbrowser-build-id "20210602000000");must be of the form YYYYMMDDhhmmss

+

+;; Fonts for Tor Browser. Avoid downloading 4Gb+ git repo on

+;; https://github.com/googlei18n/noto-fonts.git to use just a handful.

+;; Use the fonts on Tor Browser release tarball.

+(define torbrowser-fonts

+ (package

+ (name "torbrowser-fonts")

+ (version %tbb-build-version)

+ (source

+ (origin

+ (method url-fetch)

+ (uri (string-append "https://archive.torproject.org/tor-package-archive/torbrowser/"

+ version "/tor-browser-linux64-"

+ version "_en-US.tar.xz"))

+ (sha256

+ (base32

+ "13x38n1cvqmxjz0jf2fda8lx2k25szzmg7gvv08z3q5na7109m2m"))))

+ (build-system trivial-build-system)

+ (native-inputs

+ `(("tar" ,tar)

+ ("xz" ,xz)))

+ (arguments

+ `(#:modules ((guix build utils))

+ #:builder (begin

+ (use-modules (guix build utils))

+ (let ((src (assoc-ref %build-inputs "source"))

+ (src-dir "tor-browser_en-US/Browser/fonts")

+ (fonts (string-append %output "/share/fonts"))

+ (tar (assoc-ref %build-inputs "tar"))

+ (xz (assoc-ref %build-inputs "xz")))

+ (mkdir-p fonts)

+ (format #t "Untaring torbrowser ball ...~%")

+ (invoke (string-append tar "/bin/tar") "-xf" src

+ "-C" fonts "--strip-components=3"

+ (string-append "--use-compress-program=" xz "/bin/xz")

+ src-dir)

+ #t))))

+ (home-page "https://github.com/googlei18n/noto-fonts")

+ (synopsis "Tor Browser bundled fonts")

+ (description "Free fonts bundled with Tor Browser. Includes a subset of Noto,

+Arimo, Cousine, Tinos and STIX fonts.")

+ (license license:silofl1.1)))

+

+(define tor-browser-build

+ (let ((commit (string-append "tbb-desktop-" %tbb-build-version

+ "-" %tbb-build)))

+ (package

+ (name "tor-browser-build")

+ (version %tbb-build-version)

+ (source

+ (origin

+ (method git-fetch)

+ (uri (git-reference

+ (url "https://git.torproject.org/builders/tor-browser-build.git")

+ (commit commit)))

+ (file-name (git-file-name name version))

+ (sha256

+ (base32

+ "1qwgghy79wx0w1yz132yyaln4g42s72133n6gbdf07rkf5n44izc"))))

+ (build-system trivial-build-system)

+ (arguments

+ `(#:modules ((guix build utils))

+ #:builder (begin

+ (use-modules (guix build utils))

+ (format #t "Copying build scripts ...~%")

+ (copy-recursively (string-append

+ (assoc-ref %build-inputs "source")

+ "/projects/tor-browser")

+ %output

+ #:log (%make-void-port "w")))))

+ (home-page "https://www.torproject.org")

+ (synopsis "Tor Browser build scripts")

+ (description "Tor Browser runtime scripts.")

+ (license (license:non-copyleft "file://LICENSE")))))

+

+(define tor-launcher

+ (package

+ (name "tor-launcher")

+ (version "0.2.28")

+ (source

+ (origin

+ (method url-fetch)

+ (uri (string-append "https://archive.torproject.org/tor-package-archive/torbrowser/"

+ %tbb-build-version "/src-" name "-"

+ version ".tar.xz"))

+ (sha256

+ (base32

+ "0mbd1q46d8nqisn6n79sp6m29332ymb2pf13xzgq1ml7rfcy6jjy"))))

+ (build-system trivial-build-system)

+ (native-inputs

+ `(("tar" ,tar)

+ ("xz" ,xz)))

+ (arguments

+ `(#:modules ((guix build utils))

+ #:builder (begin

+ (use-modules (guix build utils))

+ (format #t "Extracting source ...~%")

+ (let ((src (assoc-ref %build-inputs "source"))

+ (tar (assoc-ref %build-inputs "tar"))

+ (xz (assoc-ref %build-inputs "xz")))

+ (mkdir-p %output)

+ (format #t "Extracting source ...~%")

+ (invoke (string-append tar "/bin/tar") "-xf" src

+ "-C" %output "--strip-components=1"

+ (string-append "--use-compress-program=" xz "/bin/xz"))))))

+ (home-page "https://www.torproject.org")

+ (synopsis "Tor Browser built-in controler extension")

+ (description "Browser extension that starts the tor process (which

+connects the browser and other applications to the Tor Network), and

+which helps people configure and use @code{tor}. The first window that

+you see when you start Tor Browser is displayed by this extension.")

+ (license (license:non-copyleft "file://src/LICENSE"))))

+

+(define https-everywhere-lib-wasm

+ (let ((commit "45b1622f1240659aca4762fa336aad1322d6d50f"))

+ (package

+ (name "https-everywhere-lib-wasm")

+ (version "2021.4.15")

+ (source

+ (origin

+ (method git-fetch)

+ (uri (git-reference

+ (url "https://github.com/EFForg/https-everywhere-lib-wasm")

+ (commit commit)))

+ (file-name (git-file-name name version))

+ (sha256

+ (base32

+ "1lq62rzypdzmnnzvfns3ccvv1g7p7g9s8jx788zzigr3gnmkpffx"))))

+ (build-system trivial-build-system)

+ (arguments

+ `(#:modules ((guix build utils))

+ #:builder (begin

+ (use-modules (guix build utils))

+ (format #t "Copying source ...~%")

+ (copy-recursively (assoc-ref %build-inputs "source")

+ %output

+ #:log (%make-void-port "w")))))

+ (home-page "https://github.com/EFForg/https-everywhere-lib-wasm")

+ (synopsis "Browser extension for protection against known attacks")

+ (description "Browser extension that protects users from a range of

+known attacks on web browsing activity such as Cross-site scripting, clickjack and

+makes possible for the users to block or choose on a per site basis which remote

+javascript to run while browsing the web.")

+ (license license:gpl2+))))

+

+;; Both https-everywhere and noscript are rellying on some precompiled code for now.

+;; Also read on the work on chromium extensions on gnu/build/chromium-extensions.scm

+;; to see if can be adapted.

+(define-public https-everywhere

+ (package

+ (name "https-everywhere")

+ (version "2021.4.15")

+ (source

+ (origin

+ (method url-fetch)

+ (uri (string-append "https://github.com/EFForg/" name "/archive/"

+ version ".tar.gz"))

+ (file-name (string-append name "-" version ".tar.gz"))

+ (sha256

+ (base32

+ "1bknx8l8gxmpwb13pvn6pdbavknci8q0jhygdaz50ilc1xld89i3"))))

+ (build-system trivial-build-system)

+ (native-inputs

+ `(("bash" ,bash)

+ ("coreutils" ,coreutils)

+ ("findutils" ,findutils)

+ ("git" ,git)

+ ("grep" ,grep)

+ ("gzip" ,gzip)

+ ("https-everywhere-lib-wasm"

+ ,https-everywhere-lib-wasm)

+ ("libxml2" ,libxml2)

+ ("libxslt" ,libxslt)

+ ("openssl" ,openssl)

+ ("python" ,python)

+ ("rsync" ,rsync)

+ ("sed" ,sed)

+ ("tar" ,tar)

+ ("util-linux" ,util-linux) ; for getopt

+ ("xxd" ,xxd)

+ ("which" ,which)

+ ("zip" ,zip)))

+ (arguments

+ `(#:modules ((guix build utils))

+ #:builder (begin

+ (use-modules (guix build utils))

+ (let ((src (assoc-ref %build-inputs "source"))

+ (httpse-libwasm (assoc-ref %build-inputs

+ "https-everywhere-lib-wasm"))

+ (bash (assoc-ref %build-inputs "bash"))

+ (coreutils (assoc-ref %build-inputs "coreutils"))

+ (python (assoc-ref %build-inputs "python"))

+ (openssl (assoc-ref %build-inputs

+++ b/gnu/local.mk

+# Copyright © 2021 André Batista <nandre@riseup.net>

+ %D%/packages/patches/torbrowser-start-desktop.patch \

+ %D%/packages/patches/torbrowser-start-script.patch \

+++ b/gnu/packages/patches/torbrowser-start-desktop.patch

+Change TorBrowser desktop file in order for it to be agnostic to the

+path when invoked.

+

+--- torbrowser-68.10.0esr-9.5-1/tbb-scripts/RelativeLink/start-tor-browser.desktop.orig 2020-07-05 18:47:40.689484877 -0300

++++ torbrowser-68.10.0esr-9.5-1/tbb-scripts/RelativeLink/start-tor-browser.desktop 2020-07-24 14:36:37.720579884 -0300

+@@ -1,4 +1,4 @@

+-#!/usr/bin/env ./Browser/execdesktop

++#!/usr/bin/env bash

+ #

+ # This file is a self-modifying .desktop file that can be run from the shell.

+ # It preserves arguments and environment for the start-tor-browser script.

+@@ -28,7 +28,7 @@

+ GenericName=Web Browser

+ Comment=Tor Browser is +1 for privacy and −1 for mass surveillance

+ Categories=Network;WebBrowser;Security;

+-Exec=sh -c '"$(dirname "$*")"/Browser/start-tor-browser --detach || ([ ! -x "$(dirname "$*")"/Browser/start-tor-browser ] && "$(dirname "$*")"/start-tor-browser --detach)' dummy %k

+-X-TorBrowser-ExecShell=./Browser/start-tor-browser --detach

+-Icon=web-browser

++Exec=sh -c start-tor-browser

++X-TorBrowser-ExecShell=start-tor-browser --detach

++Icon=torbrowser

+ StartupWMClass=Tor Browser

+++ b/gnu/packages/patches/torbrowser-start-script.patch

+Change TorBrowser startup script in order for it to setup needed files

+outside guix store. Remove tests which are not needed on guix system.

+

+--- torbrowser-68.10.0esr-9.5-1/tbb-scripts/RelativeLink/start-tor-browser.orig 2020-07-05 18:47:40.685485004 -0300

++++ torbrowser-68.10.0esr-9.5-1/tbb-scripts/RelativeLink/start-tor-browser 2020-07-23 18:13:32.426282743 -0300

+@@ -5,6 +5,14 @@

+ #

+ # Copyright 2017 The Tor Project. See LICENSE for licensing information.

+

++TBB_HOME="${HOME}/.local/share/torbrowser"

++TBB_LOGFILE="${TBB_HOME}/torbrowser.log"

++TBB_DATA="${TBB_HOME}/Data"

++TBB_PROFILE="${TBB_DATA}/Browser/profile.default"

++TBB_STORE_PATH=$(dirname $(realpath "$0"))

++TBB_STORE_DATA="${TBB_STORE_PATH}/TorBrowser/Data"

++TORRC="${TBB_DATA}/Tor/torrc-defaults"

++

+ complain_dialog_title="Tor Browser"

+

+ # First, make sure DISPLAY is set. If it isn't, we're hosed; scream

+@@ -134,8 +142,8 @@

+ ;;

+ -l | --log)

+ if [ -z "$2" -o "${2:0:1}" == "-" ]; then

+- printf "Logging Tor Browser debug information to tor-browser.log\n"

+- logfile="../tor-browser.log"

++ printf "Logging Tor Browser debug information to torbrowser.log\n"

++ logfile="${TBB_LOGFILE}"

+ elif [ "${2:0:1}" == "/" -o "${2:0:1}" == "~" ]; then

+ printf "Logging Tor Browser debug information to %s\n" "$2"

+ logfile="$2"

+@@ -187,41 +195,22 @@

+ export XAUTHORITY

+ fi

+

+-# If this script is being run through a symlink, we need to know where

+-# in the filesystem the script itself is, not where the symlink is.

+-myname="$0"

+-if [ -L "$myname" ]; then

+- # XXX readlink is not POSIX, but is present in GNU coreutils

+- # and on FreeBSD. Unfortunately, the -f option (which follows

+- # a whole chain of symlinks until it reaches a non-symlink

+- # path name) is a GNUism, so we have to have a fallback for

+- # FreeBSD. Fortunately, FreeBSD has realpath instead;

+- # unfortunately, that's also non-POSIX and is not present in

+- # GNU coreutils.

+- #

+- # If this launcher were a C program, we could just use the

+- # realpath function, which *is* POSIX. Too bad POSIX didn't

+- # make that function accessible to shell scripts.

+-

+- # If realpath is available, use it; it Does The Right Thing.

+- possibly_my_real_name="`realpath "$myname" 2>/dev/null`"

+- if [ "$?" -eq 0 ]; then

+- myname="$possibly_my_real_name"

+- else

+- # realpath is not available; hopefully readlink -f works.

+- myname="`readlink -f "$myname" 2>/dev/null`"

+- if [ "$?" -ne 0 ]; then

+- # Ugh.

+- complain "start-tor-browser cannot be run using a symlink on this operating system."

+- fi

+- fi

++# Try to be agnostic to where we're being started from, check if files are on its

++# default paths and chdir to TBB_HOME

++if [ -e "${TORRC}" ]; then

++ cd "${TBB_HOME}"

++else

++ mkdir -p "${TBB_HOME}"

++ cp -R "${TBB_STORE_DATA}" "${TBB_HOME}"

++ chmod -R 700 "${TBB_HOME}"

++ mkdir -p "${TBB_PROFILE}"

++ echo "user_pref(\"extensions.torlauncher.torrc-defaults_path\", \"${TORRC}\");"\

++ > "${TBB_PROFILE}/user.js"

++ echo "ClientTransportPlugin meek_lite,obfs2,obfs3,obfs4,scramblesuit exec ${TBB_STORE_PATH}/TorBrowser/Tor/PluggableTransports/obfs4proxy"\

++ >> "${TORRC}"

++ cd "${TBB_HOME}"

+ fi

+

+-# Try to be agnostic to where we're being started from, chdir to where

+-# the script is.

+-mydir="`dirname "$myname"`"

+-test -d "$mydir" && cd "$mydir"

+-

+ # If ${PWD} results in a zero length string, we can try something else...

+ if [ ! "${PWD}" ]; then

+ # "hacking around some braindamage"

+@@ -236,16 +225,9 @@

+ ln -nsf ~/.config/ibus/bus .config/ibus

+ fi

+

+-# Fix up .desktop Icon and Exec Paths, and update the .desktop file from the

+-# canonical version if it was changed by the updater.

+-cp start-tor-browser.desktop ../

+-sed -i -e "s,^Name=.*,Name=Tor Browser,g" ../start-tor-browser.desktop

+-sed -i -e "s,^Icon=.*,Icon=$PWD/browser/chrome/icons/default/default128.png,g" ../start-tor-browser.desktop

+-sed -i -e "s,^Exec=.*,Exec=sh -c '\"$PWD/start-tor-browser\" --detach || ([ ! -x \"$PWD/start-tor-browser\" ] \&\& \"\$(dirname \"\$*\")\"/Browser/start-tor-browser --detach)' dummy %k,g" ../start-tor-browser.desktop

+-

+ if [ "$register_desktop_app" -eq 1 ]; then

+ mkdir -p "$HOME/.local/share/applications/"

+- cp ../start-tor-browser.desktop "$HOME/.local/share/applications/"

++ cp "${TBB_STORE_PATH}/start-tor-browser.desktop" "$HOME/.local/share/applications/"

+ update-desktop-database "$HOME/.local/share/applications/"

+ printf "Tor Browser has been registered as a desktop app for this user in ~/.local/share/applications/\n"

+ exit 0

+@@ -265,21 +247,6 @@

+ HOME="${PWD}"

+ export HOME

+

+-SYSARCHITECTURE=$(getconf LONG_BIT)

+-TORARCHITECTURE=$(expr "$(file TorBrowser/Tor/tor)" : '.*ELF \([[:digit:]]*\)')

+-

+-if [ $SYSARCHITECTURE -ne $TORARCHITECTURE ]; then

+- complain "Wrong architecture? 32-bit vs. 64-bit."

+- exit 1

+-fi

+-

+-[% IF c("var/asan") -%]

+-# We need to disable LSan which is enabled by default now. Otherwise we'll get

+-# a crash during shutdown: https://bugs.torproject.org/10599#comment:59

+-ASAN_OPTIONS="detect_leaks=0"

+-export ASAN_OPTIONS

+-[% END -%]

+-

+ function setControlPortPasswd() {

+ local ctrlPasswd=$1

+

+@@ -342,13 +309,15 @@

+ # your password in the following line where the word “secret” is:

+ setControlPortPasswd ${TOR_CONTROL_PASSWD:='"secret"'}

+

+-# Set up custom bundled fonts. See fonts-conf(5).

+-export FONTCONFIG_PATH="${HOME}/TorBrowser/Data/fontconfig"

+-export FONTCONFIG_FILE="fonts.conf"

+-

+ # Avoid overwriting user's dconf values. Fixes #27903.

+ export GSETTINGS_BACKEND=memory

+

++# Set up custom bundled fonts. See fonts-conf(5).

++export FONTCONFIG_FILE="${HOME}/Data/fontconfig/fonts.conf"

++

++sed -i "${FONTCONFIG_FILE}"\

++ -e "s,<dir>fonts</dir>,<dir>${TBB_STORE_PATH}/fonts</dir>,"

++

+ cd "${HOME}"

+

+ # We pass all additional command-line arguments we get to Firefox.

+@@ -357,23 +326,23 @@

+

+ if [ "$show_usage" -eq 1 ]; then

+ # Display Firefox help, then our help

+- TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD} ./firefox --class "Tor Browser" \

+- -profile TorBrowser/Data/Browser/profile.default --help 2>/dev/null

++ TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD} ${TBB_STORE_PATH}/firefox --class "Tor Browser" \

++ -profile Data/Browser/profile.default --help 2>/dev/null

+ tbb_usage

+ elif [ "$detach" -eq 1 ] ; then

+- TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD} ./firefox --class "Tor Browser" \

+- -profile TorBrowser/Data/Browser/profile.default "${@}" > "$logfile" 2>&1 </dev/null &

++ TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD} ${TBB_STORE_PATH}/firefox --class "Tor Browser" \

++ -profile Data/Browser/profile.default "${@}" > "$logfile" 2>&1 </dev/null &

+ disown "$!"

+ elif [ "$log_output" -eq 1 -a "$show_output" -eq 1 ]; then

+- TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD} ./firefox --class "Tor Browser" \

+- -profile TorBrowser/Data/Browser/profile.default "${@}" 2>&1 </dev/null | \

++ TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD} ${TBB_STORE_PATH}/firefox --class "Tor Browser" \

++ -profile Data/Browser/profile.default "${@}" 2>&1 </dev/null | \

+ tee "$logfile"

+ elif [ "$show_output" -eq 1 ]; then

+- TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD} ./firefox --class "Tor Browser" \

+- -profile TorBrowser/Data/Browser/profile.default "${@}" < /dev/null

++ TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD} ${TBB_STORE_PATH}/firefox --class "Tor Browser" \

++ -profile Data/Browser/profile.default "${@}" < /dev/null

+ else

+- TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD} ./firefox --class "Tor Browser" \

+- -profile TorBrowser/Data/Browser/profile.default "${@}" > "$logfile" 2>&1 </dev/null

++ TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD} ${TBB_STORE_PATH}/firefox --class "Tor Browser" \

++ -profile Data/Browser/profile.default "${@}" > "$logfile" 2>&1 </dev/null

+ fi

+

+ exit $?

+++ b/gnu/packages/tor.scm

+ #:use-module (guix gexp)

+ #:use-module (guix monads)

+ #:use-module (guix store)

+ #:use-module (guix build-system cargo)

+ #:use-module (guix build-system gnu)

+ #:use-module (guix build-system trivial)

+ #:use-module (gnu packages admin)

+ #:use-module (gnu packages assembly)

+ #:use-module (gnu packages audio)

+ #:use-module (gnu packages bash)

+ #:use-module (gnu packages cups)

+ #:use-module (gnu packages databases)

+ #:use-module (gnu packages fontutils)

+ #:use-module (gnu packages gl)

+ #:use-module (gnu packages glib)

+ #:use-module (gnu packages gnome)

+ #:use-module (gnu packages gtk)

+ #:use-module (gnu packages gnuzilla)

+ #:use-module (gnu packages icu4c)

+ #:use-module (gnu packages image)

+ #:use-module (gnu packages kerberos)

+ #:use-module (gnu packages libcanberra)

+ #:use-module (gnu packages libffi)

+ #:use-module (gnu packages llvm)

+ #:use-module (gnu packages node)

+ #:use-module (gnu packages nss)

+ #:use-module (gnu packages perl)

+ #:use-module (gnu packages pulseaudio)

+ #:use-module (gnu packages readline)

+ #:use-module (gnu packages rsync) ; for httpse

+ #:use-module (gnu packages rust)

+ #:use-module (gnu packages rust-apps)

+ #:use-module (gnu packages sqlite)

+ #:use-module (gnu packages version-control)

+ #:use-module (gnu packages video)

+ #:use-module (gnu packages vim) ; for xxd

+ #:use-module (gnu packages w3m)

+ #:use-module (gnu packages xdisorg)

+ #:use-module (gnu packages xiph)

+ #:use-module (gnu packages xorg)

+ #:use-module (gnu packages xml) ; for httpse

+ #:use-module (ice-9 match)

+ #:use-module ((srfi srfi-1) #:hide (zip)))

+

+;; torbrowser and tor-browser-builder build versions are not always in sync

+(define %torbrowser-version "78.11.0esr-10.0-1")

+(define %tbb-build-version "10.0.17")

+(define %torbrowser-build "build1")

+(define %tbb-build "build1")

+(define %torbrowser-build-id "20210602000000");must be of the form YYYYMMDDhhmmss

+

+;; Fonts for Tor Browser. Avoid downloading 4Gb+ git repo on

+;; https://github.com/googlei18n/noto-fonts.git to use just a handful.

+;; Use the fonts on Tor Browser release tarball.

+(define torbrowser-fonts

+ (package

+ (name "torbrowser-fonts")

+ (version %tbb-build-version)

+ (source

+ (origin

+ (method url-fetch)

+ (uri (string-append "https://archive.torproject.org/tor-package-archive/torbrowser/"

+ version "/tor-browser-linux64-"

+ version "_en-US.tar.xz"))

+ (sha256

+ (base32

+ "13x38n1cvqmxjz0jf2fda8lx2k25szzmg7gvv08z3q5na7109m2m"))))

+ (build-system trivial-build-system)

+ (native-inputs

+ `(("tar" ,tar)

+ ("xz" ,xz)))

+ (arguments

+ `(#:modules ((guix build utils))

+ #:builder (begin

+ (use-modules (guix build utils))

+ (let ((src (assoc-ref %build-inputs "source"))

+ (src-dir "tor-browser_en-US/Browser/fonts")

+ (fonts (string-append %output "/share/fonts"))

+ (tar (assoc-ref %build-inputs "tar"))

+ (xz (assoc-ref %build-inputs "xz")))

+ (mkdir-p fonts)

+ (format #t "Untaring torbrowser ball ...~%")

+ (invoke (string-append tar "/bin/tar") "-xf" src

+ "-C" fonts "--strip-components=3"

+ (string-append "--use-compress-program=" xz "/bin/xz")

+ src-dir)

+ #t))))

+ (home-page "https://github.com/googlei18n/noto-fonts")

+ (synopsis "Tor Browser bundled fonts")

+ (description "Free fonts bundled with Tor Browser. Includes a subset of Noto,

+Arimo, Cousine, Tinos and STIX fonts.")

+ (license license:silofl1.1)))

+

+(define tor-browser-build

+ (let ((commit (string-append "tbb-desktop-" %tbb-build-version

+ "-" %tbb-build)))

+ (package

+ (name "tor-browser-build")

+ (version %tbb-build-version)

+ (source

+ (origin

+ (method git-fetch)

+ (uri (git-reference

+ (url "https://git.torproject.org/builders/tor-browser-build.git")

+ (commit commit)))

+ (file-name (git-file-name name version))

+ (sha256

+ (base32

+ "1qwgghy79wx0w1yz132yyaln4g42s72133n6gbdf07rkf5n44izc"))))

+ (build-system trivial-build-system)

+ (arguments

+ `(#:modules ((guix build utils))

+ #:builder (begin

+ (use-modules (guix build utils))

+ (format #t "Copying build scripts ...~%")

+ (copy-recursively (string-append

+ (assoc-ref %build-inputs "source")

+ "/projects/tor-browser")

+ %output

+ #:log (%make-void-port "w")))))

+ (home-page "https://www.torproject.org")

+ (synopsis "Tor Browser build scripts")

+ (description "Tor Browser runtime scripts.")

+ (license (license:non-copyleft "file://LICENSE")))))

+

+(define tor-launcher

+ (package

+ (name "tor-launcher")

+ (version "0.2.28")

+ (source

+ (origin

+ (method url-fetch)

+ (uri (string-append "https://archive.torproject.org/tor-package-archive/torbrowser/"

+ %tbb-build-version "/src-" name "-"

+ version ".tar.xz"))

+ (sha256

+ (base32

+ "0mbd1q46d8nqisn6n79sp6m29332ymb2pf13xzgq1ml7rfcy6jjy"))))

+ (build-system trivial-build-system)

+ (native-inputs

+ `(("tar" ,tar)

+ ("xz" ,xz)))

+ (arguments

+ `(#:modules ((guix build utils))

+ #:builder (begin

+ (use-modules (guix build utils))

+ (format #t "Extracting source ...~%")

+ (let ((src (assoc-ref %build-inputs "source"))

+ (tar (assoc-ref %build-inputs "tar"))

+ (xz (assoc-ref %build-inputs "xz")))

+ (mkdir-p %output)

+ (format #t "Extracting source ...~%")

+ (invoke (string-append tar "/bin/tar") "-xf" src

+ "-C" %output "--strip-components=1"

+ (string-append "--use-compress-program=" xz "/bin/xz"))))))

+ (home-page "https://www.torproject.org")

+ (synopsis "Tor Browser built-in controler extension")

+ (description "Browser extension that starts the tor process (which

+connects the browser and other applications to the Tor Network), and

+which helps people configure and use @code{tor}. The first window that

+you see when you start Tor Browser is displayed by this extension.")

+ (license (license:non-copyleft "file://src/LICENSE"))))

+

+(define https-everywhere-lib-wasm

+ (let ((commit "45b1622f1240659aca4762fa336aad1322d6d50f"))

+ (package

+ (name "https-everywhere-lib-wasm")

+ (version "2021.4.15")

+ (source

+ (origin

+ (method git-fetch)

+ (uri (git-reference

+ (url "https://github.com/EFForg/https-everywhere-lib-wasm")

+ (commit commit)))

+ (file-name (git-file-name name version))

+ (sha256

+ (base32

+ "1lq62rzypdzmnnzvfns3ccvv1g7p7g9s8jx788zzigr3gnmkpffx"))))

+ (build-system trivial