10-tbb 7.06 KB
Newer Older
1
2
3
4
5
6
#!/bin/sh

set -eu

echo "Install the Tor Browser"

Tails developers's avatar
Tails developers committed
7
# Get the below with `grep "tor-browser-linux32-.*\.tar.xz" sha256sums.txt`
8
BUNDLES="$(cat <<EOF
Tails developers's avatar
Tails developers committed
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
3a33a3ad31b6d84e3c3aafe3036a6142999cde2d34241284ca39a73231423d34  tor-browser-linux32-4.0-alpha-2_ar.tar.xz
5a4782b36ebbbeb5ee389a02492cee061660621a4a65159e8cd0bebdad5159c3  tor-browser-linux32-4.0-alpha-2_de.tar.xz
79c718c1b0faeff2f0746f38a437de520b2fbae46bf1c799bf59bfa6f28a787e  tor-browser-linux32-4.0-alpha-2_en-US.tar.xz
993fea315635b84b7d42d285426528a4694f80f2e2b72adb9f4014b18a9eb539  tor-browser-linux32-4.0-alpha-2_es-ES.tar.xz
f2c633f7e0c3bb1dbf532aabbd12057a7a4f308827eb1887b8b6670c6e7e165a  tor-browser-linux32-4.0-alpha-2_fa.tar.xz
f147305b1997bcc5a13c724ff94f3a53a887d53541055801d699034798f12169  tor-browser-linux32-4.0-alpha-2_fr.tar.xz
e2df844002e0c0d34c3c6005149bbe8aa12f3a4aac0aab3852a1a07dc09138f4  tor-browser-linux32-4.0-alpha-2_it.tar.xz
909b4a44624a3080a38cd34b4c1a271078611259ecb97ade91725665d4e6f818  tor-browser-linux32-4.0-alpha-2_ko.tar.xz
4a28ea7d086196fb80f20e0cd430455c5b750a95f327f5f537b2bdbe087ef675  tor-browser-linux32-4.0-alpha-2_nl.tar.xz
fb85361495d17c4cc81c63386796116e57820f128c427acdefb7b3f7d6e1d577  tor-browser-linux32-4.0-alpha-2_pl.tar.xz
6f3e5ec7c2ad6e6f26f48f7ba6b5946e2e3add6f7492000671b33941c8679d35  tor-browser-linux32-4.0-alpha-2_pt-PT.tar.xz
8e4158c1d5e6916a8d7514fc94cb995ffcbaab0b3e516dba93d909a9110fb4ec  tor-browser-linux32-4.0-alpha-2_ru.tar.xz
55b91b84f0afc37c695dc89ff057eed7cd415e0c3f28a5a7ed9dd7d2e2d7be0d  tor-browser-linux32-4.0-alpha-2_tr.tar.xz
1e8df88b043b8e3ae610cb560e0d05676be6b5fd27b112317a952e8aa3bf1198  tor-browser-linux32-4.0-alpha-2_vi.tar.xz
323fe636ea4dc0b6b039ec50a812fdeebb2291bcf9dc481dd2cce5ba767b8889  tor-browser-linux32-4.0-alpha-2_zh-CN.tar.xz
24
25
26
27
28
29
30
31
EOF
)"

MAIN_BUNDLE="$(echo "${BUNDLES}" | grep -o "tor-browser-linux32-.*_en-US.tar.xz")"
VERSION="$(echo "${MAIN_BUNDLE}" | sed 's/tor-browser-linux32-\(.*\)_en-US.tar.xz/\1/')"
# Note that we cannot use https here since apt-cacher-ng (used by vagrant)
# gets confused and throws a 403. It doesn't matter, though, since we verify
# the checksums of each file downloaded.
Tails developers's avatar
Tails developers committed
32
33
#TBB_DIST_URL="http://www.torproject.org/dist/torbrowser/${VERSION}/"
TBB_DIST_URL="http://people.torproject.org/~mikeperry/builds/${VERSION}/"
34

35
36
37
38
39
40
41
# Import the TBB_INSTALL, TBB_PROFILE and TBB_EXT variables, which
# contains the paths we will split TBB's actual browser (binaries
# etc), user data and extension into. While this differs from how the
# TBB organizes the files, the end result will be the same, and it's
# practical since when creating a new browser profile we can simply
# copy the profile directory without duplicating all extensions.
. /usr/local/lib/tails-shell-library/tor-browser.sh
42
43
44
mkdir -p "${TBB_INSTALL}" "${TBB_PROFILE}" "${TBB_EXT}"

# Use the builder's caching APT proxy, if any
45
46
APT_PROXY="$(apt-config --format '%v' dump Acquire::http::Proxy)"
if [ -n "${APT_PROXY}" ]; then
47
48
49
50
51
52
53
54
55
56
57
58
    export HTTP_PROXY="${APT_PROXY}"
    export http_proxy="${APT_PROXY}"
    export HTTPS_PROXY="${APT_PROXY}"
    export https_proxy="${APT_PROXY}"
fi

TMP="$(mktemp -d)"

echo "${BUNDLES}" | while read expected_sha256 tarball; do
    (
        cd "${TMP}"
        echo "Fetching ${TBB_DIST_URL}/${tarball} ..."
Tails developers's avatar
Tails developers committed
59
        curl --remote-name "${TBB_DIST_URL}/${tarball}"
60
61
62
63
64
65
66
67
    )
    actual_sha256="$(sha256sum "${TMP}/${tarball}" | cut -d' ' -f1)"
    if [ "${actual_sha256}" != "${expected_sha256}" ]; then
        echo "SHA256 mismatch for ${tarball}" >&2
        exit 1
    fi
done

68
# We'll use the en-US bundle as our basis...
69
tar -xf "${TMP}/${MAIN_BUNDLE}" -C "${TMP}" tor-browser_en-US
70
71
72
73
74
75
76
77
78
79
TBB_PREP="${TMP}"/tor-browser_en-US

# ... only extracting the localization addon from the other ones, which
# we'll put in a global extensions directory that we'll symlink to so
# we don't have to deal with wasteful copies.
for tarball in "${TMP}"/tor-browser-*.tar.xz; do
    locale="$(echo "${tarball}" | sed "s@^.*/tor-browser-.*_\(.*\)\.tar\.xz@\1@")"
    if [ "${locale}" = en-US ]; then
        continue
    fi
Tails developers's avatar
Tails developers committed
80
    xpi="tor-browser_${locale}/Browser/TorBrowser/Data/Browser/profile.default/extensions/langpack-${locale}@firefox.mozilla.org.xpi"
81
82
    (
        cd "${TMP}"
83
        tar -xf "${tarball}" "${xpi}"
84
85
86
87
        mv "${xpi}" "${TBB_EXT}"
    )
done

Tails developers's avatar
Tails developers committed
88
89
90
91
92

# We don't want tor-launcher to be part of the regular browser
# profile. Moreover, for the stand-alone tor-launcher we use, we need
# our patched version. So, the version shipped in the TB really is not
# useful for us.
Tails developers's avatar
Tails developers committed
93
rm "${TBB_PREP}/Browser/TorBrowser/Data/Browser/profile.default/extensions/tor-launcher@torproject.org.xpi"
94
95
96
97

# Remove TBB's torbutton since the "Tor test" will fail and about:tor
# will report an error. We'll install our own Torbutton later, which
# has the extensions.torbutton.test_enabled boolean pref as a workaround.
Tails developers's avatar
Tails developers committed
98
rm "${TBB_PREP}/Browser/TorBrowser/Data/Browser/profile.default/extensions/torbutton@torproject.org.xpi"
99
100
101
102
103

# See comment below why we need the Browser sub-dir
mv "${TBB_PREP}/Browser" "${TBB_INSTALL}"/Browser

# The Tor Browser will fail, complaining about an incomplete profile,
Tails developers's avatar
Tails developers committed
104
105
106
# unless there's a readable Browser/TorBrowser/Data/Browser/Caches
# in the directory where the firefox executable is located.
mkdir -p "${TBB_INSTALL}"/Browser/TorBrowser/Data/Browser/Caches
107
108

# Let's put all the bundled extensions in the global extensions directory
Tails developers's avatar
Tails developers committed
109
110
mv "${TBB_INSTALL}"/Browser/TorBrowser/Data/Browser/profile.default/extensions/* "${TBB_EXT}"
rmdir "${TBB_INSTALL}"/Browser/TorBrowser/Data/Browser/profile.default/extensions
111
112
113
114
115

# Create and install a fake iceweasel package so we can install our
# desired Debian-packaged Iceweasel addons
apt-get install --yes equivs
FAKE_ICEWEASEL_VERSION=$(sed -n 's/^Version=\(.*\)$/\1/p' "${TBB_INSTALL}"/Browser/application.ini)+fake1
116
cat > "${TMP}"/iceweasel.control << EOF
117
118
119
120
121
122
123
124
125
126
127
128
129
130
Section: web
Priority: optional
Homepage: https://tails.boum.org/
Standards-Version: 3.6.2

Package: iceweasel
Version: ${FAKE_ICEWEASEL_VERSION}
Maintainer: Tails developers <amnesia@boum.org>
Architecture: all
Description: (Fake) Iceweasel
 Make it possible to install Debian's Iceweasel addons without having to
 install a real Iceweasel.
EOF
(
131
132
133
    cd "${TMP}"
    equivs-build "${TMP}"/iceweasel.control
    dpkg -i "${TMP}"/iceweasel_"${FAKE_ICEWEASEL_VERSION}"_all.deb
134
135
136
137
138
139
140
141
)

apt-get install --yes xul-ext-adblock-plus xul-ext-foxyproxy-standard xul-ext-torbutton

ln -s /usr/share/xul-ext/adblock-plus/ "${TBB_EXT}"/'{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}'
ln -s /usr/share/xul-ext/foxyproxy-standard/ "${TBB_EXT}"/foxyproxy@eric.h.jung
ln -s /usr/share/xul-ext/torbutton/ "${TBB_EXT}"/torbutton@torproject.org

142
143
144
rsync -a --exclude bookmarks.html --exclude extensions \
    "${TBB_INSTALL}"/Browser/TorBrowser/Data/Browser/profile.default/ \
    "${TBB_PROFILE}"/
Tails developers's avatar
Tails developers committed
145
146
147
148

# Remove TBB's default bridges
sed -i '/extensions\.torlauncher\.default_bridge\./d' "${TBB_PROFILE}"/preferences/extension-overrides.js

149
150
151
152
153
mkdir -p "${TBB_PROFILE}"/extensions
for ext in "${TBB_EXT}"/*; do
    ln -s "${ext}" "${TBB_PROFILE}"/extensions/
done

154
155
chown -R root:root "${TBB_INSTALL}" "${TBB_PROFILE}" "${TBB_EXT}"
chmod -R a+rX "${TBB_INSTALL}" "${TBB_PROFILE}" "${TBB_EXT}"
156

Tails developers's avatar
Tails developers committed
157
rm -r "${TMP}"