rewriting build.sh, add microphone/webcam to permissive .cfg

2021-04-11 22:02:25 +02:00 · 2021-04-11 22:02:25 +02:00 · c789457faa
commit c789457faa
parent 1cc106f950
4 changed files with 116 additions and 110 deletions
--- a/.gitignore
+++ b/.gitignore
@ -5,6 +5,7 @@
 /tor-browser
 /bootstrap.py
 /mozconfig
 /dist
 /tmp.nsi
 /tmp-permissive.nsi
 /tmp-strict.nsi
--- a/artifacts_all.sh
+++ b/artifacts_all.sh
@ -20,25 +20,14 @@ cp -rv settings/* librewolf
 # rename the executable manually
 pushd librewolf ; mv -v firefox$exe librewolf$exe ; popd
 # clean garbage files
-cd librewolf ; rm -rf maintenanceservice* pingsender* firefox.*.xml precomplete removed-files ; cd ..
+cd librewolf ; rm -rf maintenanceservice* pingsender* firefox.*.xml precomplete removed-files uninstall ; cd ..
-
+# copy the windows icon
 # windows: copy the windows icon
 cp -v common/source_files/browser/branding/librewolf/firefox.ico librewolf/librewolf.ico
 # create the final zip/exe artifacts
-if [ -z $strict ]; then
+if [ ! -z $permissive ]; then
    rm -f librewolf-$pkgver.en-US.$ospkg.zip
    zip -qr9 librewolf-$pkgver.en-US.$ospkg.zip librewolf
    if [ $? -ne 0 ]; then exit 1; fi
    # now to try to make the installer
    rm -f librewolf-$pkgver.en-US.win64-setup.exe tmp.nsi
    sed "s/pkg_version/$pkgver/g" < artifacts_win.nsi > tmp.nsi
    makensis-3.01.exe -V1 tmp.nsi
    if [ $? -ne 0 ]; then exit 1; fi
    # patch to permissive config
    if [ ! -z $permissive ]; then
    pushd librewolf
    echo "Applying permissive patches..."
    cp -v ../settings/librewolf.cfg . && cp -v ../settings/distribution/policies.json distribution
@ -52,13 +41,13 @@ if [ -z $strict ]; then
    if [ $? -ne 0 ]; then exit 1; fi
    # now to try to make the installer
-	rm -f librewolf-$pkgver.en-US.win64-permissive-setup.exe tmp-permissive.nsi
+    rm -f librewolf-$pkgver.en-US.win64-permissive-setup.exe tmp.nsi tmp-permissive.nsi
    sed "s/pkg_version/$pkgver/g" < artifacts_win.nsi > tmp.nsi
    sed "s/win64-setup/win64-permissive-setup/g" < tmp.nsi > tmp-permissive.nsi
    makensis-3.01.exe -V1 tmp-permissive.nsi
    if [ $? -ne 0 ]; then exit 1; fi
    fi
-else
+elif [ ! -z $strict ]; then
    # patch to strict config
    pushd librewolf
@ -74,12 +63,24 @@ else
    if [ $? -ne 0 ]; then exit 1; fi
    # now to try to make the installer
-    rm -f librewolf-$pkgver.en-US.win64-strict-setup.exe tmp-strict.nsi
+    rm -f librewolf-$pkgver.en-US.win64-strict-setup.exe tmp.nsi tmp-strict.nsi
    sed "s/pkg_version/$pkgver/g" < artifacts_win.nsi > tmp.nsi
    sed "s/win64-setup/win64-strict-setup/g" < tmp.nsi > tmp-strict.nsi
    makensis-3.01.exe -V1 tmp-strict.nsi
    if [ $? -ne 0 ]; then exit 1; fi
 else
    rm -f librewolf-$pkgver.en-US.$ospkg.zip
    zip -qr9 librewolf-$pkgver.en-US.$ospkg.zip librewolf
    if [ $? -ne 0 ]; then exit 1; fi
    # now to try to make the installer
    rm -f librewolf-$pkgver.en-US.win64-setup.exe tmp.nsi
    sed "s/pkg_version/$pkgver/g" < artifacts_win.nsi > tmp.nsi
    makensis-3.01.exe -V1 tmp.nsi
    if [ $? -ne 0 ]; then exit 1; fi
 fi
 popd
--- a/build.sh
+++ b/build.sh
@ -239,13 +239,17 @@ clean() {
    rm -f librewolf-$pkgver.en-US.win64-setup.exe
    rm -f librewolf-$pkgver.en-US.win64-permissive.zip
    rm -f librewolf-$pkgver.en-US.win64-permissive-setup.exe
-    rm -f tmp.nsi tmp-permissive.nsi
+    rm -f librewolf-$pkgver.en-US.win64-strict.zip
    rm -f librewolf-$pkgver.en-US.win64-strict-setup.exe
    rm -f tmp.nsi tmp-permissive.nsi tmp-strict.nsi
    # linux
    rm -f librewolf-$pkgver.en-US.deb.zip
    rm -f librewolf-$pkgver.en-US.deb-permissive.zip
    rm -f librewolf-$pkgver.en-US.deb-strict.zip
    rm -f librewolf-$pkgver.en-US.rpm.zip
    rm -f librewolf-$pkgver.en-US.rpm-permissive.zip
    rm -f librewolf-$pkgver.en-US.rpm-strict.zip
    echo "clean: done."
 }
@ -297,7 +301,7 @@ git_init() {
 }
-# Permissive configuration options (win10 only at the moment)
+# Permissive/strict configuration options (win10 only at the moment)
 perm_config_diff() {
    pushd settings > /dev/null
@ -340,7 +344,7 @@ strict_policies_diff() {
 }
 #
-# Nightly builds
+# Nightly builds, alternative builds.
 #
 init_mozilla_unified() {
@ -369,11 +373,6 @@ reset_mozilla_unified() {
    echo "reset_mozilla_unified: done."
 }
 # strict
 set_strict() {
    strict=strict
 }
 # tor-browser.. (experimental)
 init_tor_browser() {
    git clone --no-checkout https://git.torproject.org/tor-browser.git
@ -404,22 +403,6 @@ reset_tor_browser() {
 #
 # process commandline arguments and do something
 #
 done_something=0
 # cross-compile actions...
 #
 #   linux_patches    - the 'do_patches' for linux->win crosscompile.
@ -431,6 +414,16 @@ done_something=0
 . ./linux_xcompile.sh
 #
 # process commandline arguments and do something
 #
 done_something=0
 if [[ "$*" == *linux_patches* ]]; then
    linux_patches
    done_something=1
@ -484,13 +477,17 @@ if [[ "$*" == *reset_tor_browser* ]]; then
    reset_tor_browser
    done_something=1
 fi
-if [[ "$*" == *set_strict* ]]; then
+
-    set_strict
+# permissive & strict modes.
-    done_something=1
+if [[ "$*" == *set_perm* ]]; then
    permissive=permissive
 fi
 if [[ "$*" == *set_permissive* ]]; then
    permissive=permissive
 fi
 if [[ "$*" == *set_strict* ]]; then
    strict=strict
 fi
@ -504,7 +501,6 @@ if [[ "$*" == *all* ]]; then
    extract
    do_patches
    build
    permissive=permissive
    artifacts_win
    done_something=1
 fi
@ -568,35 +564,17 @@ fi
 # creating the artifacts...
-if [[ "$*" == *artifacts_perm* ]]; then
+if [[ "$*" == *artifacts_win* ]]; then
    permissive=permissive
    artifacts_win
    done_something=1
 else
    if [[ "$*" == *artifacts_win* ]]; then
 	artifacts_win
 	done_something=1
    fi
 fi
-if [[ "$*" == *artifacts_deb_perm* ]]; then
+if [[ "$*" == *artifacts_deb* ]]; then
    permissive=permissive
    artifacts_deb
    done_something=1
 else
    if [[ "$*" == *artifacts_deb* ]]; then
 	artifacts_deb
 	done_something=1
    fi
 fi
-if [[ "$*" == *artifacts_rpm_perm* ]]; then
+if [[ "$*" == *artifacts_rpm* ]]; then
    permissive=permissive
    artifacts_rpm
    done_something=1
 else
    if [[ "$*" == *artifacts_rpm* ]]; then
 	artifacts_rpm
 	done_something=1
    fi
 fi
 # librewolf.cfg and policies.json differences
@ -613,15 +591,10 @@ if [[ "$*" == *strict_config_diff* ]]; then
    strict_config_diff
    done_something=1
 fi
-if [[ "$*" == *policies_diff* ]]; then
+if [[ "$*" == *strict_policies_diff* ]]; then
    strict_policies_diff
    done_something=1
 fi
 if [[ "$*" == *mach_run_config* ]]; then
    cp -r settings/* $(echo $srcdir/obj-*)/dist/bin
    done_something=1
 fi
 # by default, give help..
@ -635,7 +608,11 @@ Use: ./build.sh clean | all | [other stuff...]
    build            - the actual build.
    artifacts_win    - apply .cfg, build the zip file and NSIS setup.exe installer.
-    artifacts_perm   - package as above, but use the permissive config/policies.
+
 # Basic functionality:
    all                - build all (fetch extract do_patches build artifacts_win)
    clean              - remove generated cruft.
 # Linux related functions:
@ -645,24 +622,29 @@ Use: ./build.sh clean | all | [other stuff...]
    deps_mac            - install dependencies with brew. (experimental)
    artifacts_deb       - apply .cfg, create a dist zip file (for debian10).
    artifacts_deb_perm  - include permissive build.
    artifacts_rpm       - apply .cfg, create a dist zip file (for fedora33).
    artifacts_rpm_perm  - include permissive build.
 # Generic utility functionality:
    all                - build all, produce all artifacts including -permissive.
    clean              - remove generated cruft.
    mach_env           - create mach build environment.
    rustup             - perform a rustup for this user.
    git_subs           - update git submodules.
    perm_config_diff   - diff between my .cfg and dist .cfg file. (win10)
    perm_policies_diff - diff between my policies and the dist policies. (win10)
    git_init           - create .git folder in firefox-87.0 for creating patches.
    mach_run_config    - copy librewolf config/policies to enable 'mach run'.
-There is also a strict_config_diff and strict_policies_diff for the strict version.
+# Strict/permissive config:
    set_perm             - produce permissive artifacts.
    set_strict           - produce strict mode build/artifacts
    perm_config_diff     - diff between -release and -permissive config
    perm_policies_diff   - diff between -release and -permissive policies.json
    strict_config_diff   - diff between -release and -strict config
    strict_policies_diff - diff between -release and -strict policies.json
 The *_diff commands are dangerous (change repo files), win10 specific, and 
 just for internal use. You can use './build set_perm all' to build permissve
 and './build set_strict all' for -strict. This functionality exists because
 we're constantly balancing settings between usability and security.
 # Cross-compile from linux: (experimental)
@ -691,7 +673,7 @@ Copy the zip file in your $HOME folder, then:
    cd librewolf
    ./register-librewolf
-That should give an app icon. You can have it elsewhere and it will work.
+That should give an app icon. You can unzip it elsewhere and it will work.
 # Examples:
--- a/patches/permissive/librewolf-config.patch
+++ b/patches/permissive/librewolf-config.patch
@ -1,8 +1,26 @@
 diff --git a/librewolf.cfg b/librewolf.cfg
-index 1ad0cea..7aa8d33 100644
+index 1ad0cea..7515734 100644
 --- a/librewolf.cfg
 +++ b/librewolf.cfg
-@@ -389,7 +389,7 @@ defaultPref("extensions.ui.experiment.hidden", false);
+@@ -264,11 +264,12 @@ defaultPref("media.gmp-manager.certs.1.commonName", "");
 // User Settings : WebRTC
 // ----------------------
 -defaultPref("media.navigator.enabled", false);
 -defaultPref("media.navigator.video.enabled", false);
 -defaultPref("media.getusermedia.browser.enabled", false);
 -defaultPref("media.getusermedia.screensharing.enabled", false);
 -defaultPref("media.getusermedia.audiocapture.enabled", false);
 +// these 5 are needed to be true for webcam/camera
 +defaultPref("media.navigator.enabled", true);
 +defaultPref("media.navigator.video.enabled", true);
 +defaultPref("media.getusermedia.browser.enabled", true);
 +defaultPref("media.getusermedia.screensharing.enabled", true);
 +defaultPref("media.getusermedia.audiocapture.enabled", true);
 defaultPref("media.peerconnection.use_document_iceservers", false);
 defaultPref("media.peerconnection.identity.enabled", false);
 // 10000 per default
@@ -389,7 +390,7 @@ defaultPref("extensions.ui.experiment.hidden", false);
 lockPref("dom.indexedDB.enabled", true); //default true
 //lockPref("dom.indexedDB.logging.details", false); //default true
 //lockPref("dom.indexedDB.logging.enabled", false); //default true
@ -11,7 +29,7 @@ index 1ad0cea..7aa8d33 100644
 //lockPref("network.http.spdy.enabled", false);
 //lockPref("network.http.spdy.enabled.deps", false);
 //lockPref("network.http.spdy.enabled.http2", false);
-@@ -882,12 +882,12 @@ lockPref("extensions.getAddons.compatOverides.url", "");
+@@ -882,12 +883,12 @@ lockPref("extensions.getAddons.compatOverides.url", "");
 // https://services.addons.mozilla.org/api/v3/addons/compat-override/?guid=%IDS%&lang=%LOCALE%
 // Pref :
@ -26,7 +44,7 @@ index 1ad0cea..7aa8d33 100644
 // Default Value
 // https://services.addons.mozilla.org/api/v3/addons/language-tools/?app=firefox&type=language&appversion=%VERSION%
-@@ -897,12 +897,12 @@ defaultPref("extensions.getAddons.link.url", "");
+@@ -897,12 +898,12 @@ defaultPref("extensions.getAddons.link.url", "");
 // https://addons.mozilla.org/%LOCALE%/firefox/
 // Pref :
@ -41,7 +59,7 @@ index 1ad0cea..7aa8d33 100644
 // Default Value
 // https://addons.mozilla.org/%LOCALE%/firefox/themes/?src=firefox
-@@ -932,7 +932,7 @@ lockPref("browser.newtabpage.activity-stream.fxaccounts.endpoint", "");
+@@ -932,7 +933,7 @@ lockPref("browser.newtabpage.activity-stream.fxaccounts.endpoint", "");
 // https://accounts.firefox.com/
 // Pref :
@ -50,7 +68,7 @@ index 1ad0cea..7aa8d33 100644
 // Default Value
 // https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion=
 // %REQ_VERSION%&id=%ITEM_ID%&version=%ITEM_VERSION%&maxAppVersion=
-@@ -1804,7 +1804,7 @@ lockPref("datareporting.healthreport.uploadEnabled", false);
+@@ -1804,7 +1805,7 @@ lockPref("datareporting.healthreport.uploadEnabled", false);
 lockPref("datareporting.policy.dataSubmissionEnabled", false);
 // Pref : Disable right-click menu manipulation via JavaScript (disabled)
@ -59,7 +77,7 @@ index 1ad0cea..7aa8d33 100644
 // Pref : Disable clipboard event detection (onCut/onCopy/onPaste) via Javascript
 // Disabling clipboard events breaks Ctrl+C/X/V copy/cut/paste functionaility in
-@@ -2773,3 +2773,10 @@ defaultPref("devtools.selfxss.count", 0);
+@@ -2773,3 +2774,14 @@ defaultPref("devtools.selfxss.count", 0);
 // enable HTTPS only mode by default
 defaultPref("dom.security.https_only_mode", true);
 defaultPref("dom.security.https_only_mode_ever_enabled", true);
@ -70,3 +88,7 @@ index 1ad0cea..7aa8d33 100644
 +defaultPref("privacy.clearOnShutdown.cookies", false);
 +defaultPref("privacy.clearOnShutdown.offlineApps", false);
 +defaultPref("network.cookie.lifetimePolicy", 2);
 +
 +// attempting to allow webcam and microphone
 +defaultPref("permissions.default.microphone",1);
 +defaultPref("permissions.default.camera",1);