Unbreak by updating to tor-browser 9.0.4, from Caspar Schutijser

cf https://blog.torproject.org/new-release-tor-browser-90
based off esr68.4.1, tor-launcher and torbutton were merged into the browser.
Update to 9.0.5 (based off 68.5.0) is in the pipe.

Maintainer timeout

meta/tor-browser/Makefile

@@ -1,17 +1,15 @@
-# $OpenBSD: Makefile,v 1.18 2019/09/02 06:35:42 landry Exp $
+# $OpenBSD: Makefile,v 1.19 2020/02/13 07:41:54 landry Exp $
 
 COMMENT=	Tor Browser meta package
 
 MAINTAINER=	Sean Levy <attila@stalphonsos.com>
 
-PKGNAME=	tor-browser-8.0.9
-ONLY_FOR_ARCHS =	amd64 i386
+PKGNAME=	tor-browser-9.0.4
+ONLY_FOR_ARCHS =	amd64 i386 aarch64
 
-RUN_DEPENDS=	www/tor-browser/browser>=8.0.9 \
-		www/tor-browser/torbutton>=2.0.13 \
-		www/tor-browser/tor-launcher>=0.2.16.6p1 \
-		www/tor-browser/noscript>=10.6.1 \
-		www/tor-browser/https-everywhere>=2019.1.31p0 \
-		net/tor>=0.3.5.8
+RUN_DEPENDS=	www/tor-browser/browser>=9.0.4 \
+		www/tor-browser/noscript>=11.0.11 \
+		www/tor-browser/https-everywhere>=2019.11.7 \
+		net/tor>=0.4.2.5
 
 .include <bsd.port.mk>

www/tor-browser/Makefile

@@ -1,9 +1,7 @@
-# $OpenBSD: Makefile,v 1.1.1.1 2016/11/13 21:15:43 landry Exp $
+# $OpenBSD: Makefile,v 1.2 2020/02/13 07:41:53 landry Exp $
 
     SUBDIR =
     SUBDIR += browser
-    SUBDIR += torbutton
-    SUBDIR += tor-launcher
     SUBDIR += noscript
     SUBDIR += https-everywhere
 

www/tor-browser/Makefile.inc

@@ -1,12 +1,11 @@
-# $OpenBSD: Makefile.inc,v 1.18 2019/07/13 10:59:27 sthen Exp $
+# $OpenBSD: Makefile.inc,v 1.19 2020/02/13 07:41:53 landry Exp $
 
 MAINTAINER ?=		Sean Levy <attila@stalphonsos.com>
 HOMEPAGE ?=		https://www.torproject.org
-MASTER_SITES ?=		https://bits.torbsd.org/pub/OpenBSD/distfiles/
 PERMIT_PACKAGE ?=	Yes
 CATEGORIES =		www
 BROWSER_NAME =		tor-browser
-TB_VERSION =		8.0.9
+TB_VERSION =		9.0.4
 TB_PREFIX =		tb
 
 SUBST_VARS +=		BROWSER_NAME TB_VERSION

www/tor-browser/browser/Makefile

@@ -1,25 +1,26 @@
-# $OpenBSD: Makefile,v 1.37 2019/10/01 04:39:32 semarie Exp $
+# $OpenBSD: Makefile,v 1.38 2020/02/13 07:41:53 landry Exp $
 # Some of this comes from www/firefox-esr as apropos, since Tor
 # browser is a fork of ESR.  It is a good idea to look at that
 # Makefile when editing this one (ESR versions not always the same).
 
 COMMENT =		modified version of Firefox ESR for browsing over Tor
-ONLY_FOR_ARCHS =	amd64 i386
-
-BROKEN =		(unintentionally) broken by lang/rust 1.38.0
+ONLY_FOR_ARCHS =	amd64 i386 aarch64
 
 MOZILLA_VERSION =	${TB_VERSION}
 MOZILLA_PROJECT =	${BROWSER_NAME}
 MOZILLA_CODENAME =	browser
+TL_VERSION =		0.2.20.5
 
-EXTRACT_SUFX =		.tar.gz
+EXTRACT_SUFX =		.tar.xz
 PATCHORIG =		.pat.orig
 
 PKGNAME =		${TB_PREFIX}-browser-${TB_VERSION}
-DISTNAME =		${BROWSER_NAME}-${TB_VERSION}
-REVISION =		1
+DISTNAME =		src-firefox-tor-browser-68.4.1esr-9.0-1-build1
 
-SO_VERSION =		4.0
+DISTFILES +=		${DISTNAME}.tar.xz \
+			src-tor-launcher-${TL_VERSION}.tar.xz
+
+SO_VERSION =		5.0
 MOZILLA_LIBS =		xul clearkey lgpllibs mozavcodec mozavutil mozgtk
 MOZILLA_LIBS +=		freebl3 nss3 nssckbi nssdbm3
 MOZILLA_LIBS +=		nssutil3 smime3 softokn3 ssl3
@@ -28,6 +29,9 @@ MOZILLA_LIBS +=		nspr4 mozsqlite3 plc4 plds4
 # mozilla public license
 PERMIT_PACKAGE=	Yes
 
+MASTER_SITES =		https://dist.torproject.org/torbrowser/${TB_VERSION}/ \
+			https://temp.schutijser.com/~caspar/
+
 MODULES =		www/mozilla lang/python
 
 MODPY_RUNDEP =		No
@@ -39,8 +43,6 @@ MODCLANG_ARCHS =	amd64 i386
 MOZILLA_USE_BUNDLED_LIBEVENT =	Yes
 # firefox >= 46 defaults to gtk+3
 MOZILLA_USE_GTK3 =	 	Yes
-# 56 requires 59.1
-MOZILLA_USE_BUNDLED_ICU =	Yes
 # 59 is broken with system cairo and the option is being dropped
 MOZILLA_USE_BUNDLED_CAIRO = Yes
 # #1460600
@@ -49,19 +51,33 @@ MOZILLA_USE_BUNDLED_HUNSPELL =	Yes
 MOZILLA_USE_BUNDLED_NSPR =	Yes
 MOZILLA_USE_BUNDLED_NSS =	Yes
 MOZILLA_USE_BUNDLED_SQLITE =	Yes
+# 61 requires both versions of python
+BUILD_DEPENDS +=	lang/python/${MODPY_DEFAULT_VERSION_3}
+# 63 requires node because why not #1483595
+BUILD_DEPENDS +=	lang/node
+# 63 requires cbindgen #1478813
+BUILD_DEPENDS +=	devel/cbindgen>=0.9.0
+.if (${MACHINE_ARCH}==amd64) || (${MACHINE_ARCH}==i386)
+# 67 requires nasm for bundled libdav1d
+BUILD_DEPENDS +=	devel/nasm
+.endif
 
 # firefox >= 53 needs rust
 BUILD_DEPENDS +=	lang/rust
 # stylo build needs LLVM
 BUILD_DEPENDS +=	devel/llvm
 
-WANTLIB += X11-xcb Xcursor Xi fribidi intl xcb xcb-shm ${COMPILER_LIBCXX}
+# uses pledge()
+WANTLIB += X11-xcb Xcursor Xi intl xcb xcb-shm ${COMPILER_LIBCXX}
 
 # Regression tests are too hard to adapt to run here
 NO_TEST =		Yes
 
+WRKDIST =		${WRKDIR}/${DISTNAME:S/src-//}
+
 CONFIGURE_STYLE =	simple
 CONFIGURE_ARGS +=	--prefix=${PREFIX}
+MAKE_ENV +=		BUILD_VERBOSE_LOG="1" CARGOFLAGS="-j${MAKE_JOBS}"
 
 # app-name etc. for tor-browser
 CONFIGURE_ARGS +=	--with-app-name=${BROWSER_NAME}			\
@@ -75,13 +91,16 @@ MAKE_ENV +=		BUILD_OPT=1 \
 			XCFLAGS="-I${LOCALBASE}/include ${CFLAGS}"
 BUILD_DEPENDS +=	devel/py-virtualenv
 
-RUN_DEPENDS +=		net/tor>=0.3.4.8
+RUN_DEPENDS +=		net/tor>=0.4.2.5
 
-# bug 857628
-CONFIGURE_ARGS +=	--enable-pie
 CONFIGURE_ARGS +=	--enable-release #1386371
-# rust-simd doesn't work with lang/rust>=1.33
-#CONFIGURE_ARGS +=	--enable-rust-simd #1261841
+CONFIGURE_ARGS +=	--enable-sandbox --enable-content-sandbox
+CONFIGURE_ARGS +=	--with-libclang-path=${LOCALBASE}/lib
+CONFIGURE_ARGS +=	--with-clang-path=${LOCALBASE}/bin/clang
+
+post-extract:
+	mv ${WRKDIR}/tor-launcher-${TL_VERSION}/ \
+		${WRKSRC}/browser/extensions/tor-launcher
 
 post-patch:
 	# hack config/baseconfig.mk to not use MOZ_APP_VERSION in a few places
@@ -90,6 +109,8 @@ post-patch:
 	# drop in sh front end to configure.py so CONFIGURE_STYLE=simple works
 	${SUBST_PROGRAM} ${FILESDIR}/configure ${WRKSRC}/configure
 	${SUBST_PROGRAM} ${FILESDIR}/configure ${WRKSRC}/js/src/configure
+	sed -i 's/"files":{[^}]*}/"files":{}/' \
+		${WRKSRC}/third_party/rust/bindgen/.cargo-checksum.json
 
 BROWSER_DIR = ${PREFIX}/lib/${BROWSER_NAME}
 BROWSER_CFG = ${BROWSER_DIR}/${BROWSER_NAME}.cfg
@@ -124,4 +145,9 @@ post-install:
 	# by non-icccm compliant wm
 	ln -f ${BROWSER_DIR}/browser/chrome/icons/default/default{48,}.png
 
+	# install torrc-defaults for Tor Launcher
+	${INSTALL_DATA_DIR} ${PREFIX}/share/${BROWSER_NAME}
+	${SUBST_DATA} ${FILESDIR}/torrc-defaults \
+		${PREFIX}/share/${BROWSER_NAME}/torrc-defaults
+
 .include <bsd.port.mk>

www/tor-browser/browser/distinfo

@@ -1,2 +1,4 @@
-SHA256 (mozilla/tor-browser-8.0.9.tar.gz) = B2YOSrwnXSihuHRczush6oYeo9LPFSJGNqoTlE3cmAI=
-SIZE (mozilla/tor-browser-8.0.9.tar.gz) = 387604509
+SHA256 (mozilla/src-firefox-tor-browser-68.4.1esr-9.0-1-build1.tar.xz) = ouA8sUkObQXe6P7hw+V2B2BYeBeYerfyVA0b1daLvyg=
+SHA256 (mozilla/src-tor-launcher-0.2.20.5.tar.xz) = LVEbHAxcGf49cC8NF4bVYfFD7k2GA8SX+f+VA5p7L4U=
+SIZE (mozilla/src-firefox-tor-browser-68.4.1esr-9.0-1-build1.tar.xz) = 348398268
+SIZE (mozilla/src-tor-launcher-0.2.20.5.tar.xz) = 210916

www/tor-browser/browser/files/torrc-defaults

@@ -0,0 +1,33 @@
+# If non-zero, try to write to disk less frequently than we would otherwise.
+AvoidDiskWrites 1
+# Where to send logging messages.  Format is minSeverity[-maxSeverity]
+# (stderr|stdout|syslog|file FILENAME).
+Log notice stdout
+# Bind to this address to listen to connections from SOCKS-speaking
+# applications.
+## XXX I think these two directives are actually screwing us over:
+#SocksPort 9150
+#ControlPort 9151
+CookieAuthentication 1
+GeoIPFile ${LOCALBASE}/share/tor/geoip
+GeoIPv6File ${LOCALBASE}/share/tor/geoip6
+
+##
+## N.B. PT not yet done on OpenBSD: 2015-07-21
+##
+
+## fteproxy configuration
+#ClientTransportPlugin fte exec fteproxy --managed
+
+## obfs4proxy configuration
+#ClientTransportPlugin obfs2,obfs3,obfs4,scramblesuit exec obfs4proxy
+
+## flash proxy configuration
+#
+# Change the second number here (9000) to the number of a port that can
+# receive connections from the Internet (the port for which you
+# configured port forwarding).
+#ClientTransportPlugin flashproxy exec flashproxy-client --register :0 :9000
+
+## meek configuration
+#ClientTransportPlugin meek exec meek-client-torbrowser -- meek-client

www/tor-browser/browser/patches/patch-_mozconfig

@@ -1,10 +1,14 @@
-$OpenBSD: patch-_mozconfig,v 1.4 2018/10/04 19:56:38 sthen Exp $
+$OpenBSD: patch-_mozconfig,v 1.5 2020/02/13 07:41:53 landry Exp $
 
 Disable the updater and related stuff.  Does nothing under OpenBSD
+
+Encrypted Media Extensions is not supported on OpenBSD. Apparently this also
+means we can not pass --disable-eme to configure so comment that out.
+
 Index: .mozconfig
 --- .mozconfig.orig
 +++ .mozconfig
-@@ -12,9 +12,9 @@ ac_add_options --enable-official-branding
+@@ -10,9 +10,9 @@ ac_add_options --enable-official-branding
  # Let's support GTK3 for ESR60
  ac_add_options --enable-default-toolkit=cairo-gtk3
  
@@ -17,10 +21,18 @@ Index: .mozconfig
  
  ac_add_options --disable-strip
  ac_add_options --disable-install-strip
-@@ -27,3 +27,6 @@ ac_add_options --disable-webrtc
- ac_add_options --disable-eme
- #ac_add_options --disable-ctypes
+@@ -21,8 +21,11 @@ ac_add_options --disable-debug
+ ac_add_options --disable-crashreporter
+ ac_add_options --disable-webrtc
+ # Let's make sure no preference is enabling either Adobe's or Google's CDM.
+-ac_add_options --disable-eme
++#ac_add_options --disable-eme
  ac_add_options --enable-proxy-bypass-protection
+ 
+ # Disable telemetry
+-ac_add_options MOZ_TELEMETRY_REPORTING=
+\ No newline at end of file
 +
 +# avoid 1.1GB libxul
 +ac_add_options --disable-debug-symbols
++ac_add_options MOZ_TELEMETRY_REPORTING=

www/tor-browser/browser/patches/patch-browser_extensions_tor-launcher_src_components_tl-process_js

@@ -1,11 +1,12 @@
-$OpenBSD: patch-src_components_tl-process_js,v 1.4 2018/10/03 14:57:09 sthen Exp $
+$OpenBSD: patch-browser_extensions_tor-launcher_src_components_tl-process_js,v 1.1 2020/02/13 07:41:53 landry Exp $
 
 Let geoip/geoip6 file paths be set by prefs like everything else and let
 the new getTorFile() deal with it.
-Index: src/components/tl-process.js
---- src/components/tl-process.js.orig
-+++ src/components/tl-process.js
-@@ -374,6 +374,8 @@ TorProcessService.prototype =
+
+Index: browser/extensions/tor-launcher/src/components/tl-process.js
+--- browser/extensions/tor-launcher/src/components/tl-process.js.orig
++++ browser/extensions/tor-launcher/src/components/tl-process.js
+@@ -376,6 +376,8 @@ TorProcessService.prototype =
        var torrcFile = TorLauncherUtil.getTorFile("torrc", true);
        var torrcDefaultsFile =
                      TorLauncherUtil.getTorFile("torrc-defaults", false);
@@ -14,7 +15,7 @@ Index: src/components/tl-process.js
        var hashedPassword = this.mProtocolSvc.TorGetPassword(true);
        var controlIPCFile = this.mProtocolSvc.TorGetControlIPCFile();
        var controlPort = this.mProtocolSvc.TorGetControlPort();
-@@ -399,19 +401,14 @@ TorProcessService.prototype =
+@@ -401,19 +403,14 @@ TorProcessService.prototype =
          return;
        }
  

www/tor-browser/browser/patches/patch-browser_extensions_tor-launcher_src_defaults_preferences_torlauncher-prefs_js

@@ -1,10 +1,11 @@
-$OpenBSD: patch-src_defaults_preferences_prefs_js,v 1.3 2018/10/03 14:57:09 sthen Exp $
+$OpenBSD: patch-browser_extensions_tor-launcher_src_defaults_preferences_torlauncher-prefs_js,v 1.1 2020/02/13 07:41:53 landry Exp $
 
 Set all path-related prefs to minimize patching of tl-util.jsm/tl-process.js
-Index: src/defaults/preferences/prefs.js
---- src/defaults/preferences/prefs.js.orig
-+++ src/defaults/preferences/prefs.js
-@@ -36,14 +36,17 @@ pref("extensions.torlauncher.socks_port_flags", "IPv6T
+
+Index: browser/extensions/tor-launcher/src/defaults/preferences/torlauncher-prefs.js
+--- browser/extensions/tor-launcher/src/defaults/preferences/torlauncher-prefs.js.orig
++++ browser/extensions/tor-launcher/src/defaults/preferences/torlauncher-prefs.js
+@@ -43,14 +43,17 @@ pref("extensions.torlauncher.socks_port_flags", "IPv6T
  // The tor_path is relative to the application directory. On Linux and
  // Windows this is the Browser/ directory that contains the firefox
  // executables, and on Mac OS it is the TorBrowser.app directory.

www/tor-browser/browser/patches/patch-browser_extensions_tor-launcher_src_modules_tl-util_jsm

@@ -1,11 +1,12 @@
-$OpenBSD: patch-src_modules_tl-util_jsm,v 1.3 2018/10/03 14:57:09 sthen Exp $
+$OpenBSD: patch-browser_extensions_tor-launcher_src_modules_tl-util_jsm,v 1.1 2020/02/13 07:41:53 landry Exp $
 
 Force DataOutsideOfAppDir on OpenBSD since it will always be true
 (turned on in ../browser/patches/patch-patch-xpcom_io_TorFileUtils_cpp)
-Index: src/modules/tl-util.jsm
---- src/modules/tl-util.jsm.orig
-+++ src/modules/tl-util.jsm
-@@ -749,7 +749,7 @@ let TLUtilInternal =  // Private
+
+Index: browser/extensions/tor-launcher/src/modules/tl-util.jsm
+--- browser/extensions/tor-launcher/src/modules/tl-util.jsm.orig
++++ browser/extensions/tor-launcher/src/modules/tl-util.jsm
+@@ -810,7 +810,7 @@ let TLUtilInternal =  // Private
    mStringBundle : null,
    mOS : "",
    // mIsUserDataOutsideOfAppDir is true when TorBrowser-Data is used.

www/tor-browser/browser/patches/patch-config_system-headers_mozbuild

@@ -0,0 +1,27 @@
+$OpenBSD: patch-config_system-headers_mozbuild,v 1.1 2020/02/13 07:41:53 landry Exp $
+
+https://hg.mozilla.org/mozilla-central/rev/d3885b9d42d3
+
+Index: config/system-headers.mozbuild
+--- config/system-headers.mozbuild.orig
++++ config/system-headers.mozbuild
+@@ -814,7 +814,6 @@ system_headers = [
+     'synch.h',
+     'syncmgr.h',
+     'sys/atomic_op.h',
+-    'sys/auxv.h',
+     'sys/bitypes.h',
+     'sys/byteorder.h',
+     'syscall.h',
+@@ -1345,6 +1344,11 @@ if CONFIG['MOZ_WAYLAND']:
+         'wayland-client.h',
+         'wayland-egl.h',
+         'wayland-util.h',
++    ]
++
++if CONFIG['OS_TARGET'] in ('Android', 'Linux', 'FreeBSD'):
++    system_headers += [
++        'sys/auxv.h',
+     ]
+ 
+ if CONFIG['OS_TARGET'] == 'Linux' and CONFIG['CPU_ARCH'].startswith('mips'):

www/tor-browser/browser/patches/patch-intl_icu_source_Makefile_in

@@ -1,4 +1,4 @@
-$OpenBSD: patch-intl_icu_source_Makefile_in,v 1.3 2018/10/03 14:55:36 sthen Exp $
+$OpenBSD: patch-intl_icu_source_Makefile_in,v 1.4 2020/02/13 07:41:53 landry Exp $
 
 https://bugzilla.mozilla.org/show_bug.cgi?id=990196
 
@@ -10,10 +10,11 @@ gmake[6]: Leaving directory '/usr/obj/ports/firefox-29.0beta3/build-amd64/js/src
 Makefile:77: recipe for target 'buildicu' failed
 
 Patch taken from www/firefox-esr
+
 Index: intl/icu/source/Makefile.in
 --- intl/icu/source/Makefile.in.orig
 +++ intl/icu/source/Makefile.in
-@@ -331,7 +331,7 @@ $(top_builddir)/config/pkgdataMakefile:
+@@ -337,7 +337,7 @@ $(top_builddir)/config/pkgdataMakefile:
  
  $(top_builddir)/config/icu-config: $(top_builddir)/Makefile $(top_srcdir)/config/icu-config-top $(top_srcdir)/config/icu-config-bottom $(top_builddir)/config/Makefile.inc @platform_make_fragment@ $(top_srcdir)/config/make2sh.sed
  	-$(RMV) $@

www/tor-browser/browser/patches/patch-js_src_jit_ProcessExecutableMemory_cpp

@@ -0,0 +1,29 @@
+$OpenBSD: patch-js_src_jit_ProcessExecutableMemory_cpp,v 1.4 2020/02/13 07:41:53 landry Exp $
+
+Don't ComputeRandomAllocationAddress on OpenBSD
+https://bugzilla.mozilla.org/show_bug.cgi?id=1586912
+
+Index: js/src/jit/ProcessExecutableMemory.cpp
+--- js/src/jit/ProcessExecutableMemory.cpp.orig
++++ js/src/jit/ProcessExecutableMemory.cpp
+@@ -318,6 +318,12 @@ static void DecommitPages(void* addr, size_t bytes) {
+ }
+ #else  // !XP_WIN
+ static void* ComputeRandomAllocationAddress() {
++#ifdef __OpenBSD__
++  // OpenBSD already has random mmap and the idea that all x64 cpus
++  // have 48-bit address space is not correct. Returning nullptr
++  // allows OpenBSD do to the right thing.
++  return nullptr;
++#else
+   uint64_t rand = js::GenerateRandomSeed();
+ 
+ #  ifdef HAVE_64BIT_BUILD
+@@ -337,6 +343,7 @@ static void* ComputeRandomAllocationAddress() {
+   // Ensure page alignment.
+   uintptr_t mask = ~uintptr_t(gc::SystemPageSize() - 1);
+   return (void*)uintptr_t(rand & mask);
++#endif
+ }
+ 
+ static void* ReserveProcessExecutableMemory(size_t bytes) {

www/tor-browser/browser/patches/patch-js_src_jit_ProcessExecutableMemory_h

@@ -1,9 +1,9 @@
-$OpenBSD: patch-js_src_jit_ProcessExecutableMemory_h,v 1.1 2018/09/28 14:54:26 sthen Exp $
+$OpenBSD: patch-js_src_jit_ProcessExecutableMemory_h,v 1.2 2020/02/13 07:41:53 landry Exp $
 
 Index: js/src/jit/ProcessExecutableMemory.h
 --- js/src/jit/ProcessExecutableMemory.h.orig
 +++ js/src/jit/ProcessExecutableMemory.h
-@@ -14,7 +14,7 @@ namespace jit {
+@@ -16,7 +16,7 @@ namespace jit {
  
  // Limit on the number of bytes of executable memory to prevent JIT spraying
  // attacks.
@@ -11,4 +11,4 @@ Index: js/src/jit/ProcessExecutableMemory.h
 +#if JS_BITS_PER_WORD == 32 || defined(__OpenBSD__)
  static const size_t MaxCodeBytesPerProcess = 140 * 1024 * 1024;
  #else
- static const size_t MaxCodeBytesPerProcess = 1 * 1024 * 1024 * 1024;
+ // This is the largest number which satisfies various alignment static

www/tor-browser/browser/patches/patch-security_nss_Makefile

@@ -1,6 +1,7 @@
-$OpenBSD: patch-security_nss_Makefile,v 1.3 2018/10/03 14:55:36 sthen Exp $
+$OpenBSD: patch-security_nss_Makefile,v 1.4 2020/02/13 07:41:53 landry Exp $
 
 Taken from security/nss
+
 Index: security/nss/Makefile
 --- security/nss/Makefile.orig
 +++ security/nss/Makefile

www/tor-browser/browser/patches/patch-security_nss_coreconf_OpenBSD_mk

@@ -1,6 +1,7 @@
-$OpenBSD: patch-security_nss_coreconf_OpenBSD_mk,v 1.2 2017/07/26 20:50:39 sthen Exp $
+$OpenBSD: patch-security_nss_coreconf_OpenBSD_mk,v 1.3 2020/02/13 07:41:53 landry Exp $
 
 Taken from security/nss
+
 Index: security/nss/coreconf/OpenBSD.mk
 --- security/nss/coreconf/OpenBSD.mk.orig
 +++ security/nss/coreconf/OpenBSD.mk

www/tor-browser/browser/patches/patch-security_nss_coreconf_UNIX_mk

@@ -1,6 +1,7 @@
-$OpenBSD: patch-security_nss_coreconf_UNIX_mk,v 1.1.1.1 2016/11/13 21:15:43 landry Exp $
+$OpenBSD: patch-security_nss_coreconf_UNIX_mk,v 1.2 2020/02/13 07:41:53 landry Exp $
 
 Taken from security/nss
+
 --- security/nss/coreconf/UNIX.mk.orig	Fri Sep 11 16:40:39 2015
 +++ security/nss/coreconf/UNIX.mk	Fri Sep 11 16:40:48 2015
 @@ -10,7 +10,7 @@ AR          = ar cr $@

www/tor-browser/browser/patches/patch-security_nss_lib_freebl_blapi_h

@@ -1,10 +1,11 @@
-$OpenBSD: patch-security_nss_lib_freebl_blapi_h,v 1.3 2018/10/03 14:55:36 sthen Exp $
+$OpenBSD: patch-security_nss_lib_freebl_blapi_h,v 1.4 2020/02/13 07:41:53 landry Exp $
 
 Taken from security/nss
+
 Index: security/nss/lib/freebl/blapi.h
 --- security/nss/lib/freebl/blapi.h.orig
 +++ security/nss/lib/freebl/blapi.h
-@@ -1211,6 +1211,8 @@ extern void SHA1_DestroyContext(SHA1Context *cx, PRBoo
+@@ -1215,6 +1215,8 @@ extern void SHA1_DestroyContext(SHA1Context *cx, PRBoo
  */
  extern void SHA1_Begin(SHA1Context *cx);
  

www/tor-browser/browser/patches/patch-storage_mozStorageConnection_cpp

@@ -1,10 +1,14 @@
-$OpenBSD: patch-storage_mozStorageConnection_cpp,v 1.4 2019/07/02 16:48:11 landry Exp $
+$OpenBSD: patch-storage_mozStorageConnection_cpp,v 1.5 2020/02/13 07:41:53 landry Exp $
+
+set secure_delete PRAGMA on by default, instead of using internal sqlite copy
+https://bugzilla.mozilla.org/show_bug.cgi?id=546162
+
+Brought over from www/firefox-esr
 
-Brought over from www/firefox-esr 45.1.1
 Index: storage/mozStorageConnection.cpp
 --- storage/mozStorageConnection.cpp.orig
 +++ storage/mozStorageConnection.cpp
-@@ -754,6 +754,13 @@ nsresult Connection::initializeInternal() {
+@@ -782,6 +782,13 @@ nsresult Connection::initializeInternal() {
      return convertResultCode(srv);
    }
  

www/tor-browser/browser/patches/patch-storage_mozStorageService_cpp

@@ -0,0 +1,17 @@
+$OpenBSD: patch-storage_mozStorageService_cpp,v 1.1 2020/02/13 07:41:53 landry Exp $
+
+dont check for SQLITE_SECURE_DELETE at runtime, we disable it
+
+Cf https://bugzilla.mozilla.org/show_bug.cgi?id=1049920 & https://phabricator.services.mozilla.com/D18057
+
+Index: storage/mozStorageService.cpp
+--- storage/mozStorageService.cpp.orig
++++ storage/mozStorageService.cpp
+@@ -188,7 +188,6 @@ already_AddRefed<Service> Service::getSingleton() {
+   // or newer.  Our configure check ensures we are using a new enough version
+   // at compile time.
+   if (SQLITE_VERSION_NUMBER > ::sqlite3_libversion_number() ||
+-      !::sqlite3_compileoption_used("SQLITE_SECURE_DELETE") ||
+       !::sqlite3_compileoption_used("SQLITE_THREADSAFE=1") ||
+       !::sqlite3_compileoption_used("SQLITE_ENABLE_FTS3") ||
+       !::sqlite3_compileoption_used("SQLITE_ENABLE_UNLOCK_NOTIFY") ||

www/tor-browser/browser/patches/patch-xpcom_io_TorFileUtils_cpp

@@ -1,10 +1,11 @@
-$OpenBSD: patch-xpcom_io_TorFileUtils_cpp,v 1.3 2018/10/03 14:55:36 sthen Exp $
+$OpenBSD: patch-xpcom_io_TorFileUtils_cpp,v 1.4 2020/02/13 07:41:53 landry Exp $
 
 Autoconf is gone now so the old configure patch to add
 --enable-tor-browser-data-in-home-dir will never fly.  Hard-code it on
 for now on OpenBSD and try to get something similar done under the new
 Pyton config regime (encouraged by tbb devs on IRC).  c.f.
 https://trac.torproject.org/projects/tor/ticket/20557
+
 Index: xpcom/io/TorFileUtils.cpp
 --- xpcom/io/TorFileUtils.cpp.orig
 +++ xpcom/io/TorFileUtils.cpp

www/tor-browser/browser/pkg/PLIST

@@ -1,4 +1,8 @@
-@comment $OpenBSD: PLIST,v 1.6 2018/09/28 14:54:26 sthen Exp $
+@comment $OpenBSD: PLIST,v 1.7 2020/02/13 07:41:54 landry Exp $
+@conflict tor-launcher-*
+@conflict torbutton-*
+@pkgpath www/tor-browser/tor-launcher
+@pkgpath www/tor-browser/torbutton
 bin/${BROWSER_NAME}
 lib/${BROWSER_NAME}/
 lib/${BROWSER_NAME}/application.ini
@@ -19,8 +23,6 @@ lib/${BROWSER_NAME}/browser/defaults/preferences/
 lib/${BROWSER_NAME}/browser/defaults/preferences/all-openbsd.js
 lib/${BROWSER_NAME}/browser/defaults/profile/
 lib/${BROWSER_NAME}/browser/defaults/profile/bookmarks.html
-lib/${BROWSER_NAME}/browser/extensions/
-lib/${BROWSER_NAME}/browser/extensions/{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
 lib/${BROWSER_NAME}/browser/features/
 lib/${BROWSER_NAME}/browser/features/onboarding@mozilla.org.xpi
 lib/${BROWSER_NAME}/browser/omni.ja
@@ -29,9 +31,6 @@ lib/${BROWSER_NAME}/defaults/
 lib/${BROWSER_NAME}/defaults/pref/
 lib/${BROWSER_NAME}/defaults/pref/channel-prefs.js
 lib/${BROWSER_NAME}/dependentlibs.list
-lib/${BROWSER_NAME}/dictionaries/
-lib/${BROWSER_NAME}/dictionaries/en-US.aff
-lib/${BROWSER_NAME}/dictionaries/en-US.dic
 lib/${BROWSER_NAME}/distribution/
 lib/${BROWSER_NAME}/distribution/distribution.ini
 lib/${BROWSER_NAME}/gtk2/
@@ -57,7 +56,6 @@ lib/${BROWSER_NAME}/libsoftokn3.chk
 @lib lib/${BROWSER_NAME}/libssl3.so.${LIBssl3_VERSION}
 @lib lib/${BROWSER_NAME}/libxul.so.${LIBxul_VERSION}
 lib/${BROWSER_NAME}/omni.ja
-@bin lib/${BROWSER_NAME}/pingsender
 lib/${BROWSER_NAME}/platform.ini
 @bin lib/${BROWSER_NAME}/plugin-container
 lib/${BROWSER_NAME}/removed-files
@@ -68,3 +66,5 @@ share/applications/${BROWSER_NAME}.desktop
 share/pixmaps/
 @tag update-desktop-database
 share/pixmaps/${BROWSER_NAME}.png
+share/tor-browser/
+share/tor-browser/torrc-defaults

www/tor-browser/https-everywhere/Makefile

@@ -1,8 +1,7 @@
-# $OpenBSD: Makefile,v 1.15 2019/05/09 06:31:17 landry Exp $
+# $OpenBSD: Makefile,v 1.16 2020/02/13 07:41:54 landry Exp $
 
 ADDON_NAME =		https-everywhere
-V =			2019.1.31
-REVISION =		0
+V =			2019.11.7
 COMMENT =		Tor Browser add-on: force https where possible
 HOMEPAGE =		https://www.eff.org/https-everywhere
 MASTER_SITES =		https://www.eff.org/files/

www/tor-browser/https-everywhere/distinfo

@@ -1,2 +1,2 @@
-SHA256 (https-everywhere-2019.1.31-eff.xpi) = UCLTSyny0DAvHSWJPwK8yiGxykJHlM/GROJvfGXERiA=
-SIZE (https-everywhere-2019.1.31-eff.xpi) = 1765652
+SHA256 (https-everywhere-2019.11.7-eff.xpi) = SM2utlaeNqo/ooFMKjk1CzOnyEI1+TVOkPIt8zPrp04=
+SIZE (https-everywhere-2019.11.7-eff.xpi) = 1746491

www/tor-browser/noscript/Makefile

@@ -1,7 +1,7 @@
-# $OpenBSD: Makefile,v 1.16 2019/05/09 06:31:17 landry Exp $
+# $OpenBSD: Makefile,v 1.17 2020/02/13 07:41:54 landry Exp $
 
 ADDON_NAME =		noscript
-V =			10.6.1
+V =			11.0.11
 COMMENT =		Tor Browser add-on: flexible JS blocker
 HOMEPAGE =		http://noscript.net
 MASTER_SITES =		https://secure.informaction.com/download/releases/

www/tor-browser/noscript/distinfo

@@ -1,2 +1,2 @@
-SHA256 (noscript-10.6.1.xpi) = sVBH0ARdEvKLLh5ES9uGgAJXtcpsyPTIAisgxVDNlyc=
-SIZE (noscript-10.6.1.xpi) = 519725
+SHA256 (noscript-11.0.11.xpi) = Gw2qEuG4+8jjDnvbVomxJ3SqqfiDyz6a1XlDqIPOZbU=
+SIZE (noscript-11.0.11.xpi) = 572761

www/tor-browser/noscript/pkg/PLIST

@@ -1,2 +1,3 @@
-@comment $OpenBSD: PLIST,v 1.3 2018/09/28 14:54:26 sthen Exp $
+@comment $OpenBSD: PLIST,v 1.4 2020/02/13 07:41:54 landry Exp $
+${EXTDIR_ROOT}/browser/extensions/
 ${EXTDIR_ROOT}/browser/extensions/${GUID}.xpi

www/tor-browser/tor-launcher/Makefile

@@ -1,17 +0,0 @@
-# $OpenBSD: Makefile,v 1.15 2019/05/09 06:31:17 landry Exp $
-
-ADDON_NAME =		tor-launcher
-V =			0.2.16.6
-REVISION =		1
-COMMENT =		Tor Browser add-on to manage tor instance
-GUID =			tor-launcher@torproject.org
-PKGNAME =		${TB_NAME}
-ALL_TARGET =		package
-USE_GMAKE =		Yes
-
-post-install:
-	${INSTALL_DATA_DIR} ${PREFIX}/share/${BROWSER_NAME}
-	${SUBST_DATA} ${FILESDIR}/torrc-defaults \
-		${PREFIX}/share/${BROWSER_NAME}/torrc-defaults
-
-.include <bsd.port.mk>

www/tor-browser/tor-launcher/distinfo

@@ -1,2 +0,0 @@
-SHA256 (tor-launcher-0.2.16.6.tar.gz) = 3FEPYcSdYRdsKa8DDHVE0IVrQlrcWTwdLvGTTBOFUpQ=
-SIZE (tor-launcher-0.2.16.6.tar.gz) = 257904

www/tor-browser/tor-launcher/pkg/DESCR

@@ -1,9 +0,0 @@
-Tor Browser uses its own instance of the tor daemon and communicates
-with it using the Tor control port on 127.0.0.1; the protocol is
-documented here:
-    https://gitweb.torproject.org/torspec.git/tree/control-spec.txt
-
-tor-launcher is a Firefox extension that uses this protocol to manage
-the tor daemon used by Tor browser.  It provides the control and
-communications glue used by the torbutton add-on to e.g. display the
-nodes in the current circuit, change the tor configuration, etc.

www/tor-browser/tor-launcher/pkg/PLIST

@@ -1,4 +0,0 @@
-@comment $OpenBSD: PLIST,v 1.3 2018/09/28 14:54:26 sthen Exp $
-${EXTDIR_ROOT}/browser/extensions/${GUID}.xpi
-share/${BROWSER_NAME}/
-share/${BROWSER_NAME}/torrc-defaults

www/tor-browser/torbutton/Makefile

@@ -1,12 +0,0 @@
-# $OpenBSD: Makefile,v 1.15 2019/05/09 06:31:18 landry Exp $
-
-ADDON_NAME =		torbutton
-V =			2.0.13
-COMMENT =		Tor Browser add-on for configuring Tor Browser settings
-GUID =			torbutton@torproject.org
-PKGNAME =		${TB_NAME}
-
-do-build:
-	cd ${WRKSRC} && ./makexpi.sh
-
-.include <bsd.port.mk>

www/tor-browser/torbutton/distinfo

@@ -1,2 +0,0 @@
-SHA256 (torbutton-2.0.13.tar.gz) = g5tTfy3LpE7MekZeCVZ8/4a6DDZs/nb4aIJzQMq8DR0=
-SIZE (torbutton-2.0.13.tar.gz) = 669174

www/tor-browser/torbutton/patches/patch-src_chrome_content_popup_xul

@@ -1,20 +0,0 @@
-$OpenBSD: patch-src_chrome_content_popup_xul,v 1.3 2018/10/03 14:57:09 sthen Exp $
-
-Get rid of "Check for Tor Browser Updates" button in UI since it can't
-do anything useful right now.
-Index: src/chrome/content/popup.xul
---- src/chrome/content/popup.xul.orig
-+++ src/chrome/content/popup.xul
-@@ -36,12 +36,6 @@
-                   label="&torbutton.context_menu.networksettings;"
-                   accesskey="&torbutton.context_menu.networksettings.key;"
-                   oncommand="torbutton_open_network_settings()"/>
--        <menuseparator id="torbutton-checkForUpdateSeparator"/>
--        <menuitem id="torbutton-checkForUpdate"
--                  label="&torbutton.context_menu.downloadUpdate;"
--                  accesskey="&torbutton.context_menu.downloadUpdate.key;"
--                  insertafter="context-stop"
--                  oncommand="torbutton_check_for_update()"/>
-       </vbox>
-     </hbox>
-   </panel>

www/tor-browser/torbutton/pkg/DESCR

@@ -1,5 +0,0 @@
-Torbutton is a core component of Tor Browser, a privacy-oriented fork
-of Firefox ESR by the Tor project.  It is a Firefox add-on that
-provides a user interface in the browser to configure and monitor the
-privacy-oriented features of Tor Browser.  You activate it by pressing
-the button that looks like an onion (the Tor logo).

www/tor-browser/torbutton/pkg/PLIST

@@ -1,2 +0,0 @@
-@comment $OpenBSD: PLIST,v 1.3 2018/09/28 14:54:26 sthen Exp $
-${EXTDIR_ROOT}/browser/extensions/${GUID}.xpi