librewolf-bot/windows
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

rewriting build.sh, add microphone/webcam to permissive .cfg

Browse source
This commit is contained in:
Bert van der Weerd 2021-04-11 22:02:25 +02:00
parent 1cc106f950
commit c789457faa
No known key found for this signature in database
GPG key ID: 4CFABB96ADE0F5B1
4 changed files with 116 additions and 110 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored
View file

@ -5,6 +5,7 @@
/tor-browser
/bootstrap.py
/mozconfig
/dist
/tmp.nsi
/tmp-permissive.nsi
/tmp-strict.nsi

69
artifacts_all.sh
View file

@ -20,45 +20,34 @@ cp -rv settings/* librewolf
# rename the executable manually
pushd librewolf ; mv -v firefox$exe librewolf$exe ; popd
# clean garbage files
cd librewolf ; rm -rf maintenanceservice* pingsender* firefox.*.xml precomplete removed-files ; cd ..
# windows: copy the windows icon
cd librewolf ; rm -rf maintenanceservice* pingsender* firefox.*.xml precomplete removed-files uninstall ; cd ..
# copy the windows icon
cp -v common/source_files/browser/branding/librewolf/firefox.ico librewolf/librewolf.ico
# create the final zip/exe artifacts
if [ -z $strict ]; then
rm -f librewolf-$pkgver.en-US.$ospkg.zip
zip -qr9 librewolf-$pkgver.en-US.$ospkg.zip librewolf
if [ $? -ne 0 ]; then exit 1; fi
# now to try to make the installer
rm -f librewolf-$pkgver.en-US.win64-setup.exe tmp.nsi
sed "s/pkg_version/$pkgver/g" < artifacts_win.nsi > tmp.nsi
makensis-3.01.exe -V1 tmp.nsi
if [ $? -ne 0 ]; then exit 1; fi
if [ ! -z $permissive ]; then
# patch to permissive config
if [ ! -z $permissive ]; then
pushd librewolf
echo "Applying permissive patches..."
cp -v ../settings/librewolf.cfg . && cp -v ../settings/distribution/policies.json distribution
patch -p1 -i ../patches/permissive/librewolf-config.patch
patch -p1 -i ../patches/permissive/librewolf-policies.patch
popd
# create the final zip artifact
rm -f librewolf-$pkgver.en-US.$ospkg-permissive.zip
zip -qr9 librewolf-$pkgver.en-US.$ospkg-permissive.zip librewolf
if [ $? -ne 0 ]; then exit 1; fi
# now to try to make the installer
rm -f librewolf-$pkgver.en-US.win64-permissive-setup.exe tmp-permissive.nsi
sed "s/win64-setup/win64-permissive-setup/g" < tmp.nsi > tmp-permissive.nsi
makensis-3.01.exe -V1 tmp-permissive.nsi
if [ $? -ne 0 ]; then exit 1; fi
fi
pushd librewolf
echo "Applying permissive patches..."
cp -v ../settings/librewolf.cfg . && cp -v ../settings/distribution/policies.json distribution
patch -p1 -i ../patches/permissive/librewolf-config.patch
patch -p1 -i ../patches/permissive/librewolf-policies.patch
popd
else
# create the final zip artifact
rm -f librewolf-$pkgver.en-US.$ospkg-permissive.zip
zip -qr9 librewolf-$pkgver.en-US.$ospkg-permissive.zip librewolf
if [ $? -ne 0 ]; then exit 1; fi
# now to try to make the installer
rm -f librewolf-$pkgver.en-US.win64-permissive-setup.exe tmp.nsi tmp-permissive.nsi
sed "s/pkg_version/$pkgver/g" < artifacts_win.nsi > tmp.nsi
sed "s/win64-setup/win64-permissive-setup/g" < tmp.nsi > tmp-permissive.nsi
makensis-3.01.exe -V1 tmp-permissive.nsi
if [ $? -ne 0 ]; then exit 1; fi
elif [ ! -z $strict ]; then
# patch to strict config
pushd librewolf
@ -74,12 +63,24 @@ else
if [ $? -ne 0 ]; then exit 1; fi
# now to try to make the installer
rm -f librewolf-$pkgver.en-US.win64-strict-setup.exe tmp-strict.nsi
rm -f librewolf-$pkgver.en-US.win64-strict-setup.exe tmp.nsi tmp-strict.nsi
sed "s/pkg_version/$pkgver/g" < artifacts_win.nsi > tmp.nsi
sed "s/win64-setup/win64-strict-setup/g" < tmp.nsi > tmp-strict.nsi
makensis-3.01.exe -V1 tmp-strict.nsi
if [ $? -ne 0 ]; then exit 1; fi
else
rm -f librewolf-$pkgver.en-US.$ospkg.zip
zip -qr9 librewolf-$pkgver.en-US.$ospkg.zip librewolf
if [ $? -ne 0 ]; then exit 1; fi
# now to try to make the installer
rm -f librewolf-$pkgver.en-US.win64-setup.exe tmp.nsi
sed "s/pkg_version/$pkgver/g" < artifacts_win.nsi > tmp.nsi
makensis-3.01.exe -V1 tmp.nsi
if [ $? -ne 0 ]; then exit 1; fi
fi
popd

120
build.sh
View file

@ -239,13 +239,17 @@ clean() {
rm -f librewolf-$pkgver.en-US.win64-setup.exe
rm -f librewolf-$pkgver.en-US.win64-permissive.zip
rm -f librewolf-$pkgver.en-US.win64-permissive-setup.exe
rm -f tmp.nsi tmp-permissive.nsi
rm -f librewolf-$pkgver.en-US.win64-strict.zip
rm -f librewolf-$pkgver.en-US.win64-strict-setup.exe
rm -f tmp.nsi tmp-permissive.nsi tmp-strict.nsi
# linux
rm -f librewolf-$pkgver.en-US.deb.zip
rm -f librewolf-$pkgver.en-US.deb-permissive.zip
rm -f librewolf-$pkgver.en-US.deb-strict.zip
rm -f librewolf-$pkgver.en-US.rpm.zip
rm -f librewolf-$pkgver.en-US.rpm-permissive.zip
rm -f librewolf-$pkgver.en-US.rpm-strict.zip
echo "clean: done."
}
@ -297,7 +301,7 @@ git_init() {
}
# Permissive configuration options (win10 only at the moment)
# Permissive/strict configuration options (win10 only at the moment)
perm_config_diff() {
pushd settings > /dev/null
@ -340,7 +344,7 @@ strict_policies_diff() {
}
#
# Nightly builds
# Nightly builds, alternative builds.
#
init_mozilla_unified() {
@ -369,11 +373,6 @@ reset_mozilla_unified() {
echo "reset_mozilla_unified: done."
}
# strict
set_strict() {
strict=strict
}
# tor-browser.. (experimental)
init_tor_browser() {
git clone --no-checkout https://git.torproject.org/tor-browser.git
@ -404,22 +403,6 @@ reset_tor_browser() {
#
# process commandline arguments and do something
#
done_something=0
# cross-compile actions...
#
# linux_patches - the 'do_patches' for linux->win crosscompile.
@ -431,6 +414,16 @@ done_something=0
. ./linux_xcompile.sh
#
# process commandline arguments and do something
#
done_something=0
if [[ "$*" == *linux_patches* ]]; then
linux_patches
done_something=1
@ -484,13 +477,17 @@ if [[ "$*" == *reset_tor_browser* ]]; then
reset_tor_browser
done_something=1
fi
if [[ "$*" == *set_strict* ]]; then
set_strict
done_something=1
# permissive & strict modes.
if [[ "$*" == *set_perm* ]]; then
permissive=permissive
fi
if [[ "$*" == *set_permissive* ]]; then
permissive=permissive
fi
if [[ "$*" == *set_strict* ]]; then
strict=strict
fi
@ -504,7 +501,6 @@ if [[ "$*" == *all* ]]; then
extract
do_patches
build
permissive=permissive
artifacts_win
done_something=1
fi
@ -568,35 +564,17 @@ fi
# creating the artifacts...
if [[ "$*" == *artifacts_perm* ]]; then
permissive=permissive
if [[ "$*" == *artifacts_win* ]]; then
artifacts_win
done_something=1
else
if [[ "$*" == *artifacts_win* ]]; then
artifacts_win
done_something=1
fi
fi
if [[ "$*" == *artifacts_deb_perm* ]]; then
permissive=permissive
if [[ "$*" == *artifacts_deb* ]]; then
artifacts_deb
done_something=1
else
if [[ "$*" == *artifacts_deb* ]]; then
artifacts_deb
done_something=1
fi
fi
if [[ "$*" == *artifacts_rpm_perm* ]]; then
permissive=permissive
if [[ "$*" == *artifacts_rpm* ]]; then
artifacts_rpm
done_something=1
else
if [[ "$*" == *artifacts_rpm* ]]; then
artifacts_rpm
done_something=1
fi
fi
# librewolf.cfg and policies.json differences
@ -613,15 +591,10 @@ if [[ "$*" == *strict_config_diff* ]]; then
strict_config_diff
done_something=1
fi
if [[ "$*" == *policies_diff* ]]; then
if [[ "$*" == *strict_policies_diff* ]]; then
strict_policies_diff
done_something=1
fi
if [[ "$*" == *mach_run_config* ]]; then
cp -r settings/* $(echo $srcdir/obj-*)/dist/bin
done_something=1
fi
# by default, give help..
@ -635,7 +608,11 @@ Use: ./build.sh clean | all | [other stuff...]
build - the actual build.
artifacts_win - apply .cfg, build the zip file and NSIS setup.exe installer.
artifacts_perm - package as above, but use the permissive config/policies.
# Basic functionality:
all - build all (fetch extract do_patches build artifacts_win)
clean - remove generated cruft.
# Linux related functions:
@ -645,24 +622,29 @@ Use: ./build.sh clean | all | [other stuff...]
deps_mac - install dependencies with brew. (experimental)
artifacts_deb - apply .cfg, create a dist zip file (for debian10).
artifacts_deb_perm - include permissive build.
artifacts_rpm - apply .cfg, create a dist zip file (for fedora33).
artifacts_rpm_perm - include permissive build.
# Generic utility functionality:
all - build all, produce all artifacts including -permissive.
clean - remove generated cruft.
mach_env - create mach build environment.
rustup - perform a rustup for this user.
git_subs - update git submodules.
perm_config_diff - diff between my .cfg and dist .cfg file. (win10)
perm_policies_diff - diff between my policies and the dist policies. (win10)
git_init - create .git folder in firefox-87.0 for creating patches.
mach_run_config - copy librewolf config/policies to enable 'mach run'.
There is also a strict_config_diff and strict_policies_diff for the strict version.
# Strict/permissive config:
set_perm - produce permissive artifacts.
set_strict - produce strict mode build/artifacts
perm_config_diff - diff between -release and -permissive config
perm_policies_diff - diff between -release and -permissive policies.json
strict_config_diff - diff between -release and -strict config
strict_policies_diff - diff between -release and -strict policies.json
The *_diff commands are dangerous (change repo files), win10 specific, and
just for internal use. You can use './build set_perm all' to build permissve
and './build set_strict all' for -strict. This functionality exists because
we're constantly balancing settings between usability and security.
# Cross-compile from linux: (experimental)
@ -691,7 +673,7 @@ Copy the zip file in your $HOME folder, then:
cd librewolf
./register-librewolf
That should give an app icon. You can have it elsewhere and it will work.
That should give an app icon. You can unzip it elsewhere and it will work.
# Examples:

36
patches/permissive/librewolf-config.patch
View file

@ -1,8 +1,26 @@
diff --git a/librewolf.cfg b/librewolf.cfg
index 1ad0cea..7aa8d33 100644
index 1ad0cea..7515734 100644
--- a/librewolf.cfg
+++ b/librewolf.cfg
@@ -389,7 +389,7 @@ defaultPref("extensions.ui.experiment.hidden", false);
@@ -264,11 +264,12 @@ defaultPref("media.gmp-manager.certs.1.commonName", "");
// User Settings : WebRTC
// ----------------------
-defaultPref("media.navigator.enabled", false);
-defaultPref("media.navigator.video.enabled", false);
-defaultPref("media.getusermedia.browser.enabled", false);
-defaultPref("media.getusermedia.screensharing.enabled", false);
-defaultPref("media.getusermedia.audiocapture.enabled", false);
+// these 5 are needed to be true for webcam/camera
+defaultPref("media.navigator.enabled", true);
+defaultPref("media.navigator.video.enabled", true);
+defaultPref("media.getusermedia.browser.enabled", true);
+defaultPref("media.getusermedia.screensharing.enabled", true);
+defaultPref("media.getusermedia.audiocapture.enabled", true);
defaultPref("media.peerconnection.use_document_iceservers", false);
defaultPref("media.peerconnection.identity.enabled", false);
// 10000 per default
@@ -389,7 +390,7 @@ defaultPref("extensions.ui.experiment.hidden", false);
lockPref("dom.indexedDB.enabled", true); //default true
//lockPref("dom.indexedDB.logging.details", false); //default true
//lockPref("dom.indexedDB.logging.enabled", false); //default true
@ -11,7 +29,7 @@ index 1ad0cea..7aa8d33 100644
//lockPref("network.http.spdy.enabled", false);
//lockPref("network.http.spdy.enabled.deps", false);
//lockPref("network.http.spdy.enabled.http2", false);
@@ -882,12 +882,12 @@ lockPref("extensions.getAddons.compatOverides.url", "");
@@ -882,12 +883,12 @@ lockPref("extensions.getAddons.compatOverides.url", "");
// https://services.addons.mozilla.org/api/v3/addons/compat-override/?guid=%IDS%&lang=%LOCALE%
// Pref :
@ -26,7 +44,7 @@ index 1ad0cea..7aa8d33 100644
// Default Value
// https://services.addons.mozilla.org/api/v3/addons/language-tools/?app=firefox&type=language&appversion=%VERSION%
@@ -897,12 +897,12 @@ defaultPref("extensions.getAddons.link.url", "");
@@ -897,12 +898,12 @@ defaultPref("extensions.getAddons.link.url", "");
// https://addons.mozilla.org/%LOCALE%/firefox/
// Pref :
@ -41,7 +59,7 @@ index 1ad0cea..7aa8d33 100644
// Default Value
// https://addons.mozilla.org/%LOCALE%/firefox/themes/?src=firefox
@@ -932,7 +932,7 @@ lockPref("browser.newtabpage.activity-stream.fxaccounts.endpoint", "");
@@ -932,7 +933,7 @@ lockPref("browser.newtabpage.activity-stream.fxaccounts.endpoint", "");
// https://accounts.firefox.com/
// Pref :
@ -50,7 +68,7 @@ index 1ad0cea..7aa8d33 100644
// Default Value
// https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion=
// %REQ_VERSION%&id=%ITEM_ID%&version=%ITEM_VERSION%&maxAppVersion=
@@ -1804,7 +1804,7 @@ lockPref("datareporting.healthreport.uploadEnabled", false);
@@ -1804,7 +1805,7 @@ lockPref("datareporting.healthreport.uploadEnabled", false);
lockPref("datareporting.policy.dataSubmissionEnabled", false);
// Pref : Disable right-click menu manipulation via JavaScript (disabled)
@ -59,7 +77,7 @@ index 1ad0cea..7aa8d33 100644
// Pref : Disable clipboard event detection (onCut/onCopy/onPaste) via Javascript
// Disabling clipboard events breaks Ctrl+C/X/V copy/cut/paste functionaility in
@@ -2773,3 +2773,10 @@ defaultPref("devtools.selfxss.count", 0);
@@ -2773,3 +2774,14 @@ defaultPref("devtools.selfxss.count", 0);
// enable HTTPS only mode by default
defaultPref("dom.security.https_only_mode", true);
defaultPref("dom.security.https_only_mode_ever_enabled", true);
@ -70,3 +88,7 @@ index 1ad0cea..7aa8d33 100644
+defaultPref("privacy.clearOnShutdown.cookies", false);
+defaultPref("privacy.clearOnShutdown.offlineApps", false);
+defaultPref("network.cookie.lifetimePolicy", 2);
+
+// attempting to allow webcam and microphone
+defaultPref("permissions.default.microphone",1);
+defaultPref("permissions.default.camera",1);