commit 1d5e9546dac5ae5850756e9b6424e7031c7bf2dc
parent 6cb60358701289240ec6849d21b8768ef4de4215
Author: Pier Angelo Vendrame <pierov@torproject.org>
Date: Mon, 23 May 2022 17:01:24 +0200
Base Browser's .mozconfigs.
Bug 17858: Cannot create incremental MARs for hardened builds.
Define HOST_CFLAGS, etc. to avoid compiling programs such as mbsdiff
(which is part of mar-tools and is not distributed to end-users) with
ASan.
Bug 21849: Don't allow SSL key logging.
Bug 25741 - TBA: Disable features at compile-time
Define MOZ_ANDROID_NETWORK_STATE and MOZ_ANDROID_LOCATION
Bug 27623 - Export MOZILLA_OFFICIAL during desktop builds
This fixes a problem where some preferences had the wrong default value.
Also see bug 27472 where we made a similar fix for Android.
Bug 29859: Disable HLS support for now
Bug 30463: Explicitly disable MOZ_TELEMETRY_REPORTING
Bug 32493: Disable MOZ_SERVICES_HEALTHREPORT
Bug 33734: Set MOZ_NORMANDY to False
Bug 33851: Omit Parental Controls.
Bug 40252: Add --enable-rust-simd to our tor-browser mozconfig files
Bug 41584: Move some configuration options to base-browser level
Diffstat:
25 files changed, 470 insertions(+), 8 deletions(-)
diff --git a/browser/config/mozconfigs/base-browser b/browser/config/mozconfigs/base-browser
@@ -0,0 +1,47 @@
+# Shared build settings and settings to enhance security and privacy.
+
+. $topsrcdir/browser/config/mozconfig
+
+if test -f "$topsrcdir/mozconfig-toolchain"; then
+ . $topsrcdir/mozconfig-toolchain
+fi
+
+mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj-@CONFIG_GUESS@
+
+export MOZILLA_OFFICIAL=1
+
+ac_add_options --enable-optimize
+ac_add_options --enable-rust-simd
+
+ac_add_options --disable-unverified-updates
+
+ac_add_options --enable-bundled-fonts
+
+# See bug #41587
+ac_add_options --disable-updater
+
+ac_add_options --disable-tests
+ac_add_options --disable-debug
+
+ac_add_options --disable-crashreporter
+# Before removing, please notice that WebRTC does not work on mingw (Bug 1393901)
+ac_add_options --disable-webrtc
+ac_add_options --disable-parental-controls
+ac_add_options --enable-proxy-bypass-protection
+# See bugs #30575 and #32418: system policies are harmful either because they
+# could allow proxy bypass, and override a number of other preferences we set
+ac_add_options --disable-system-policies
+
+# See bug #41131
+ac_add_options --disable-backgroundtasks
+
+# Disable telemetry
+ac_add_options MOZ_TELEMETRY_REPORTING=
+
+# Disable the creation of a <something>.default that Firefox by default creates
+# for old version that could not use dedicated profiles. See tor-browser#41542.
+ac_add_options --disable-legacy-profile-creation
+
+if test -z "$WASI_SYSROOT"; then
+ ac_add_options --without-wasm-sandboxed-libraries
+fi
diff --git a/browser/config/mozconfigs/base-browser-android b/browser/config/mozconfigs/base-browser-android
@@ -0,0 +1,61 @@
+# Changes on this file might need to be synchronized with mozconfig-android-all!
+# See also tor-browser#43151.
+
+export MOZILLA_OFFICIAL=1
+
+ac_add_options --enable-optimize
+ac_add_options --enable-rust-simd
+
+ac_add_options --enable-application=mobile/android
+
+CC="clang"
+CXX="clang++"
+ac_add_options --enable-linker=lld
+
+if test -n "$ANDROID_HOME"; then
+ ac_add_options --with-android-sdk=$ANDROID_HOME
+fi
+
+if test -n "$ANDROID_NDK_HOME"; then
+ ac_add_options --with-android-ndk=$ANDROID_NDK_HOME
+fi
+
+if test -n "$GRADLE_HOME"; then
+ ac_add_options --with-gradle=$GRADLE_HOME/bin/gradle
+fi
+# Otherwise (as per /mobile/android/gradle.config) a version will be downloaded by the gradle wrapper when needed
+# so don't use this override, and let it do it's thing
+
+ac_add_options --enable-strip
+ac_add_options --enable-install-strip
+ac_add_options --disable-tests
+ac_add_options --disable-debug
+ac_add_options --disable-rust-debug
+
+ac_add_options --disable-updater
+ac_add_options --disable-crashreporter
+ac_add_options --disable-webrtc
+ac_add_options --disable-parental-controls
+
+ac_add_options --enable-proxy-bypass-protection
+ac_add_options --disable-system-policies
+
+# See tor-browser#41131
+ac_add_options --disable-backgroundtasks
+
+# Disable telemetry
+ac_add_options MOZ_TELEMETRY_REPORTING=
+
+# tor-browser#44220: the minifier produces broken files.
+ac_add_options --enable-minify=properties
+
+if test -n "$LOCAL_DEV_BUILD"; then
+ # You must use the "default" bogus channel for dev builds
+ ac_add_options --enable-update-channel=default
+ ac_add_options --with-base-browser-version=dev-build
+ ac_add_options --disable-minify
+fi
+
+if test -z "$WASI_SYSROOT"; then
+ ac_add_options --without-wasm-sandboxed-libraries
+fi
diff --git a/browser/moz.configure b/browser/moz.configure
@@ -5,12 +5,14 @@
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
imply_option("MOZ_PLACES", True)
-imply_option("MOZ_SERVICES_HEALTHREPORT", True)
+# tor-browser#32493
+imply_option("MOZ_SERVICES_HEALTHREPORT", False)
imply_option("MOZ_SERVICES_SYNC", True)
imply_option("MOZ_DEDICATED_PROFILES", True)
imply_option("MOZ_BLOCK_PROFILE_DOWNGRADE", True)
-imply_option("MOZ_NORMANDY", True)
-imply_option("MOZ_PROFILE_MIGRATOR", True)
+# tor-browser#33734
+imply_option("MOZ_NORMANDY", False)
+imply_option("MOZ_PROFILE_MIGRATOR", False)
imply_option("MOZ_APP_VENDOR", "Mozilla")
@@ -64,7 +66,7 @@ def requires_stub_installer(
"USE_STUB_INSTALLER is not specified in the environment"
)
- return True
+ return False
imply_option("MOZ_STUB_INSTALLER", True, when=requires_stub_installer)
diff --git a/mobile/android/basebrowser.configure b/mobile/android/basebrowser.configure
@@ -0,0 +1,33 @@
+# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*-
+# vim: set filetype=python:
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+# Set Base Browser default config
+# See tor-browser#25741 and tor-browser#41584.
+
+imply_option("MOZ_ANDROID_EXCLUDE_FONTS", False)
+
+# Disable uploading crash reports and dump files to an external server
+# This is still configured in old-configure. Uncomment when this moves
+# to the python config
+# imply_option("MOZ_CRASHREPORTER", False)
+
+# Disable uploading information about the browser configuration and
+# performance to an external server. See tor-browser#32493.
+imply_option("MOZ_SERVICES_HEALTHREPORT", False)
+
+# Disable creating telemetry and data reports that are uploaded to an
+# external server
+# These aren't actually configure options. These are disabled in
+# confvars.sh, but they look like configure options so we'll document
+# them here, as well.
+# XXX: no confvars.sh here
+# imply_option("MOZ_TELEMETRY_REPORTING", False)
+# imply_option("MOZ_DATA_REPORTING", False)
+
+# tor-browser#24796: This controls some permissions in GeckoView's
+# AndroidManifest.xml
+imply_option("MOZ_ANDROID_NETWORK_STATE", False)
+imply_option("MOZ_ANDROID_LOCATION", False)
diff --git a/mobile/android/moz.configure b/mobile/android/moz.configure
@@ -10,10 +10,11 @@ project_flag(
default=True,
)
+# tor-browser#29859
project_flag(
"MOZ_ANDROID_HLS_SUPPORT",
help="Enable HLS (HTTP Live Streaming) support (currently using the ExoPlayer library)",
- default=True,
+ default=False,
)
option(
@@ -131,7 +132,10 @@ set_config("MOZ_ANDROID_DEBUGGABLE", android_debuggable)
imply_option("MOZ_NORMANDY", False)
-imply_option("MOZ_SERVICES_HEALTHREPORT", True)
+# Comment this so we can imply |False| in basebrowser.configure
+# The Build system doesn't allow multiple imply_option()
+# calls with the same key.
+# imply_option("MOZ_SERVICES_HEALTHREPORT", True)
imply_option("MOZ_GECKOVIEW_HISTORY", True)
imply_option("MOZ_APP_UA_NAME", "Firefox")
@@ -168,6 +172,8 @@ def check_target(target):
)
+include("basebrowser.configure")
+
include("../shared/moz.configure")
include("../../toolkit/moz.configure")
include("../../build/moz.configure/android-sdk.configure")
diff --git a/moz.configure b/moz.configure
@@ -952,6 +952,37 @@ with only_when(cross_compiling):
)
set_config("JS_BINARY", depends_if("JS_BINARY")(lambda value: value[0]))
+option(
+ "--with-base-browser-version",
+ nargs=1,
+ help="Set the Base Browser version, e.g., 7.0a1",
+)
+
+
+@depends("--with-base-browser-version")
+def base_browser_version(value):
+ if not value:
+ die(
+ "--with-base-browser-version is required for Base Browser and derived browsers."
+ )
+ return value[0]
+
+
+@depends("--with-base-browser-version")
+def base_browser_version_quoted(value):
+ if not value:
+ die(
+ "--with-base-browser-version is required for Base Browser and derived browsers."
+ )
+ if '"' in value or "\\" in value:
+ die('--with-base-browser-version cannot contain " or \\.')
+ return f'"{value[0]}"'
+
+
+set_define("BASE_BROWSER_VERSION", base_browser_version)
+set_define("BASE_BROWSER_VERSION_QUOTED", base_browser_version_quoted)
+
+
# Please do not add configure checks from here on.
diff --git a/mozconfig-android-aarch64 b/mozconfig-android-aarch64
@@ -0,0 +1,4 @@
+. $topsrcdir/browser/config/mozconfigs/base-browser-android
+
+mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj-aarch64-linux-android
+ac_add_options --target=aarch64-linux-android
diff --git a/mozconfig-android-all b/mozconfig-android-all
@@ -0,0 +1,44 @@
+# Changes on this file might need to be synchronized with
+# browser/config/mozconfigs/base-browser-android!
+# See also tor-browser#43151.
+
+export MOZILLA_OFFICIAL=1
+
+ac_add_options --enable-application=mobile/android
+
+ac_add_options --disable-compile-environment
+
+ac_add_options --with-java-bin-path=$JAVA_HOME/bin
+ac_add_options --with-android-sdk=$ANDROID_HOME
+ac_add_options --with-gradle=$GRADLE_HOME/bin/gradle
+
+# tor-browser#44220: the minifier produces broken files.
+ac_add_options --enable-minify=properties
+
+ac_add_options --disable-tests
+ac_add_options --disable-debug
+
+ac_add_options --disable-updater
+ac_add_options --disable-crashreporter
+ac_add_options --disable-webrtc
+ac_add_options --disable-parental-controls
+
+ac_add_options --enable-proxy-bypass-protection
+ac_add_options --disable-system-policies
+
+# See tor-browser#41131
+ac_add_options --disable-backgroundtasks
+
+# Disable telemetry
+ac_add_options MOZ_TELEMETRY_REPORTING=
+
+if test -n "$LOCAL_DEV_BUILD"; then
+ # You must use the "default" bogus channel for dev builds
+ ac_add_options --enable-update-channel=default
+ ac_add_options --with-base-browser-version=dev-build
+ ac_add_options --disable-minify
+fi
+
+if test -z "$WASI_SYSROOT"; then
+ ac_add_options --without-wasm-sandboxed-libraries
+fi
diff --git a/mozconfig-android-armv7 b/mozconfig-android-armv7
@@ -0,0 +1,4 @@
+. $topsrcdir/browser/config/mozconfigs/base-browser-android
+
+mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj-arm-linux-androideabi
+ac_add_options --target=arm-linux-androideabi
diff --git a/mozconfig-android-x86 b/mozconfig-android-x86
@@ -0,0 +1,4 @@
+. $topsrcdir/browser/config/mozconfigs/base-browser-android
+
+mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj-i386-linux-android
+ac_add_options --target=i686-linux-android
diff --git a/mozconfig-android-x86_64 b/mozconfig-android-x86_64
@@ -0,0 +1,4 @@
+. $topsrcdir/browser/config/mozconfigs/base-browser-android
+
+mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj-x86_64-linux-android
+ac_add_options --target=x86_64-linux-android
diff --git a/mozconfig-linux-aarch64 b/mozconfig-linux-aarch64
@@ -0,0 +1,12 @@
+. $topsrcdir/browser/config/mozconfigs/base-browser
+
+ac_add_options --target=aarch64-unknown-linux-gnu
+
+# Moz switched to lld for all Linux targets in Bug 1839739.
+ac_add_options --enable-linker=lld
+
+ac_add_options --disable-strip
+ac_add_options --disable-install-strip
+
+ac_add_options --enable-default-toolkit=cairo-gtk3
+
diff --git a/mozconfig-linux-aarch64-dev b/mozconfig-linux-aarch64-dev
@@ -0,0 +1,20 @@
+. $topsrcdir/browser/config/mozconfigs/base-browser
+
+# This mozconfig file is not used in official builds.
+# It is only intended to be used when doing incremental Linux builds
+# during development.
+
+# Moz switched to lld for all Linux targets in Bug 1839739.
+ac_add_options --enable-linker=lld
+
+export MOZILLA_OFFICIAL=
+
+ac_add_options --enable-default-toolkit=cairo-gtk3
+
+ac_add_options --disable-strip
+ac_add_options --disable-install-strip
+
+ac_add_options --with-base-browser-version=dev-build
+ac_add_options --disable-base-browser-update
+
+ac_add_options --enable-tests
diff --git a/mozconfig-linux-arm b/mozconfig-linux-arm
@@ -0,0 +1,18 @@
+. $topsrcdir/browser/config/mozconfigs/base-browser
+
+ac_add_options --target=arm-linux-gnueabihf
+
+ac_add_options --enable-default-toolkit=cairo-gtk3
+
+# Bug 31448: ld.gold fails if we don't disable debug-symbols.
+# Also, we keep strip enabled.
+ac_add_options --disable-debug-symbols
+
+# From Arch Linux ARM for Firefox 102.0.1
+# https://github.com/archlinuxarm/PKGBUILDs/blob/6da804f4020487c112f59ea067e6644a309c4338/extra/firefox/PKGBUILD
+ac_add_options --disable-elf-hack
+ac_add_options --disable-av1
+ac_add_options --enable-optimize="-g0 -O2"
+# One of the following two lines (not sure which) prevents "read-only segment has dynamic relocations" linker error.
+export MOZ_DEBUG_FLAGS=" "
+export RUSTFLAGS="-Cdebuginfo=0"
diff --git a/mozconfig-linux-i686 b/mozconfig-linux-i686
@@ -0,0 +1,16 @@
+. $topsrcdir/browser/config/mozconfigs/base-browser
+
+ac_add_options --target=i686-linux-gnu
+
+# Moz switched to lld for all Linux targets in Bug 1839739.
+# Also, gold used not to work with debug symbols (tor-browser#42146).
+ac_add_options --enable-linker=lld
+
+ac_add_options --disable-strip
+ac_add_options --disable-install-strip
+
+ac_add_options --enable-default-toolkit=cairo-gtk3
+
+# Let's make sure no preference is enabling either Adobe's or Google's CDM.
+ac_add_options --disable-eme
+
diff --git a/mozconfig-linux-x86_64 b/mozconfig-linux-x86_64
@@ -0,0 +1,15 @@
+. $topsrcdir/browser/config/mozconfigs/base-browser
+
+# Moz switched to lld for all Linux targets in Bug 1839739.
+ac_add_options --enable-linker=lld
+
+ac_add_options --disable-strip
+ac_add_options --disable-install-strip
+
+ac_add_options --enable-default-toolkit=cairo-gtk3
+
+# Let's make sure no preference is enabling either Adobe's or Google's CDM.
+ac_add_options --disable-eme
+
+# tor-browser#44067: geckodriver has become a host-only tool
+ac_add_options --enable-geckodriver
diff --git a/mozconfig-linux-x86_64-asan b/mozconfig-linux-x86_64-asan
@@ -0,0 +1,26 @@
+. $topsrcdir/browser/config/mozconfigs/base-browser
+
+export CFLAGS="-fsanitize=address -Dxmalloc=myxmalloc"
+export CXXFLAGS="-fsanitize=address -Dxmalloc=myxmalloc"
+# We need to add -ldl explicitely due to bug 1213698
+export LDFLAGS="-fsanitize=address -ldl"
+
+# Define HOST_CFLAGS, etc. to avoid compiling programs such as mbsdiff
+# (which is part of mar-tools and is not distributed to end-users) with
+# ASan. See bug 17858.
+export HOST_CFLAGS=""
+export HOST_CXXFLAGS=""
+export HOST_LDFLAGS="-ldl"
+
+ac_add_options --enable-address-sanitizer
+ac_add_options --disable-jemalloc
+ac_add_options --disable-elf-hack
+
+ac_add_options --enable-default-toolkit=cairo-gtk3
+
+ac_add_options --disable-strip
+ac_add_options --disable-install-strip
+
+# Let's make sure no preference is enabling either Adobe's or Google's CDM.
+ac_add_options --disable-eme
+
diff --git a/mozconfig-linux-x86_64-dev b/mozconfig-linux-x86_64-dev
@@ -0,0 +1,22 @@
+. $topsrcdir/browser/config/mozconfigs/base-browser
+
+# This mozconfig file is not used in official builds.
+# It is only intended to be used when doing incremental Linux builds
+# during development.
+
+# Moz switched to lld for all Linux targets in Bug 1839739.
+ac_add_options --enable-linker=lld
+
+export MOZILLA_OFFICIAL=
+
+ac_add_options --enable-default-toolkit=cairo-gtk3
+
+ac_add_options --disable-strip
+ac_add_options --disable-install-strip
+
+ac_add_options --with-base-browser-version=dev-build
+
+# Let's make sure no preference is enabling either Adobe's or Google's CDM.
+ac_add_options --disable-eme
+
+ac_add_options --enable-tests
diff --git a/mozconfig-macos b/mozconfig-macos
@@ -0,0 +1,12 @@
+. $topsrcdir/browser/config/mozconfigs/base-browser
+
+ac_add_options --enable-strip
+
+# See bug #13379
+ac_add_options --enable-nss-mar
+
+# See bug #41131
+ac_add_options --disable-update-agent
+
+# Let's make sure no preference is enabling either Adobe's or Google's CDM.
+ac_add_options --disable-eme
diff --git a/mozconfig-macos-dev b/mozconfig-macos-dev
@@ -0,0 +1,23 @@
+. $topsrcdir/browser/config/mozconfigs/base-browser
+
+# This mozconfig file is not used in official builds.
+# It is only intended to be used when doing incremental macOS builds
+# during development.
+
+export MOZILLA_OFFICIAL=
+
+ac_add_options --disable-strip
+ac_add_options --disable-install-strip
+
+ac_add_options --with-base-browser-version=dev-build
+
+ac_add_options --disable-base-browser-update
+# See bug #13379
+ac_add_options --enable-nss-mar
+# See bug #41131
+ac_add_options --disable-update-agent
+
+# Let's make sure no preference is enabling either Adobe's or Google's CDM.
+ac_add_options --disable-eme
+
+ac_add_options --enable-tests
diff --git a/mozconfig-windows-i686 b/mozconfig-windows-i686
@@ -0,0 +1,27 @@
+. $topsrcdir/browser/config/mozconfigs/base-browser
+
+ac_add_options --target=i686-w64-mingw32
+ac_add_options --with-toolchain-prefix=i686-w64-mingw32-
+
+ac_add_options --enable-strip
+
+# Bits is Background Intelligent Transfer Service
+ac_add_options --disable-bits-download
+ac_add_options --disable-maintenance-service
+ac_add_options --disable-default-browser-agent
+
+# See bug #13379
+ac_add_options --enable-nss-mar
+
+# See bug #41131
+ac_add_options --disable-update-agent
+
+# Bug 1782837: Not supported because Mozilla (and therefore also us) build
+# libc++ with LIBCXX_ENABLE_FILESYSTEM disabled.
+ac_add_options --disable-notification-server
+
+# Let's make sure no preference is enabling either Adobe's or Google's CDM.
+ac_add_options --disable-eme
+
+# tor-browser#44028: Disable zucchini for now, as it needs SEH.
+ac_add_options --disable-zucchini
diff --git a/mozconfig-windows-x86_64 b/mozconfig-windows-x86_64
@@ -0,0 +1,27 @@
+. $topsrcdir/browser/config/mozconfigs/base-browser
+
+ac_add_options --target=x86_64-w64-mingw32
+ac_add_options --with-toolchain-prefix=x86_64-w64-mingw32-
+
+ac_add_options --enable-strip
+
+# Bits is Background Intelligent Transfer Service
+ac_add_options --disable-bits-download
+ac_add_options --disable-maintenance-service
+ac_add_options --disable-default-browser-agent
+
+# See bug #13379
+ac_add_options --enable-nss-mar
+
+# See bug #41131
+ac_add_options --disable-update-agent
+
+# Bug 1782837: Not supported because Mozilla (and therefore also us) build
+# libc++ with LIBCXX_ENABLE_FILESYSTEM disabled.
+ac_add_options --disable-notification-server
+
+# Let's make sure no preference is enabling either Adobe's or Google's CDM.
+ac_add_options --disable-eme
+
+# tor-browser#44028: Disable zucchini for now, as it needs SEH.
+ac_add_options --disable-zucchini
diff --git a/security/moz.build b/security/moz.build
@@ -93,7 +93,8 @@ gyp_vars["nss_dist_obj_dir"] = "$PRODUCT_DIR/dist/bin"
gyp_vars["disable_tests"] = 1
gyp_vars["disable_dbm"] = 1
gyp_vars["disable_libpkix"] = 1
-gyp_vars["enable_sslkeylogfile"] = 1
+# tor-browser#18885, tor-browser#21849
+gyp_vars["enable_sslkeylogfile"] = 0
# Whether we're using system NSS or Rust nssckbi, we don't need
# to build C nssckbi
gyp_vars["disable_ckbi"] = 1
diff --git a/security/nss/lib/ssl/Makefile b/security/nss/lib/ssl/Makefile
@@ -37,7 +37,8 @@ endif
# Enable key logging by default in debug builds, but not opt builds.
# Logging still needs to be enabled at runtime through env vars.
-NSS_ALLOW_SSLKEYLOGFILE ?= $(if $(BUILD_OPT),0,1)
+# tor-browser#18885, tor-browser#21849
+NSS_ALLOW_SSLKEYLOGFILE ?= 0
ifeq (1,$(NSS_ALLOW_SSLKEYLOGFILE))
DEFINES += -DNSS_ALLOW_SSLKEYLOGFILE=1
endif
diff --git a/toolkit/modules/AppConstants.sys.mjs b/toolkit/modules/AppConstants.sys.mjs
@@ -172,6 +172,8 @@ export var AppConstants = Object.freeze({
MOZ_UPDATE_CHANNEL: "@MOZ_UPDATE_CHANNEL@",
MOZ_WIDGET_TOOLKIT: "@MOZ_WIDGET_TOOLKIT@",
+ BASE_BROWSER_VERSION: "@BASE_BROWSER_VERSION@",
+
DEBUG_JS_MODULES: "@DEBUG_JS_MODULES@",
MOZ_BING_API_CLIENTID: "@MOZ_BING_API_CLIENTID@",
