Mullvad Browser support

[fyqwbdzsfjh]

Hello!

I tried using this script to download and install Mullvad Browser and at a glance it appears to work with fairly minimal changes (same signers, same structure, possibly the same release process as well). Separate changes will of course need to be made to tb-starter as well.

I could be interested in working on a pull request, if that's something there's interest in, though some assistance will likely be necessary.

Here are some relevant links

• https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/blob/main/projects/firefox/config#L91
• https://cdn.mullvad.net/browser/update_responses/update_1/release/downloads.json
• • Did not find an onion for this
• https://dist.torproject.org/mullvadbrowser

[adrelanos]

That would be interesting.

There used to be [1] something similar (update-i2pbrowser) but with less changes required.

update-torbrowser allows environment variables to be overwritten exactly to support such use cases.

Would it be possible to add a /usr/bin/update-mullvadbrowser which just modifies the environment variables as required?

Maybe update-torbrowser would need slight modifications too in case some variables cannot be adjusted yet as environment variables.

That would seem to be a clean design.

---

The only unclean but probably out-of-scope for this ticket would be a minor imperfection. update-torbrowser would have a privileged position. It downloads Tor Browser, gets its variables from its own script and doesn't require a wrapper. An even cleaner design would be if update-torbrowser would also just be a wrapper script with "equal rights" comparable to update-i2pbrowser, update-mullvadbrowser. That would ensure the long term stability of this solution that no code changes break the wrappers without getting noticed.

---

[1] Not sure that is still tested, maintained.

[fyqwbdzsfjh]

That would be interesting.

There used to be [1] something similar (update-i2pbrowser) but with less changes required.

update-torbrowser allows environment variables to be overwritten exactly to support such use cases.

Would it be possible to add a /usr/bin/update-mullvadbrowser which just modifies the environment variables as required?

Yep, that goes pretty far. I did use update-i2pbrowser as a reference.

Maybe update-torbrowser would need slight modifications too in case some variables cannot be adjusted yet as environment variables.

That would seem to be a clean design.

Yep, such cases are at least

• $TBB_VERSIONS_FILE_LINK, so that --alpha works

  tb-updater/usr/bin/update-torbrowser

  Line 900 in 79cb878

  [ -n "$TBB_VERSIONS_FILE_LINK" ] || TBB_VERSIONS_FILE_LINK="https://aus1.torproject.org/torbrowser/update_3/${TBB_RELEASE_CHANNEL}/downloads.json"

• $TBB_SIG_FILENAME and $TBB_PACKAGE_FILENAME

  tb-updater/usr/bin/update-torbrowser

  Lines 1429 to 1430 in 79cb878

  	[ -n "$TBB_SIG_FILENAME" ] || TBB_SIG_FILENAME="tor-browser-${ARCH_DOWNLOAD}-${tbb_version}.tar.xz.asc"
  	[ -n "$TBB_PACKAGE_FILENAME" ] || TBB_PACKAGE_FILENAME="tor-browser-${ARCH_DOWNLOAD}-${tbb_version}.tar.xz"

Would checks like these (before the last "fallback") be okay for those?:

if [ -n "$TBB_SIG_FILENAME" ] && [ "$tb_browser_name" = "mullvad-browser" ]; then
    TBB_SIG_FILENAME="mullvad-browser-${ARCH_DOWNLOAD}-${tbb_version}.tar.xz.asc"
fi

The only unclean but probably out-of-scope for this ticket would be a minor imperfection. update-torbrowser would have a privileged position. It downloads Tor Browser, gets its variables from its own script and doesn't require a wrapper. An even cleaner design would be if update-torbrowser would also just be a wrapper script with "equal rights" comparable to update-i2pbrowser, update-mullvadbrowser. That would ensure the long term stability of this solution that no code changes break the wrappers without getting noticed.

Sounds good, but indeed probably out-of-scope for this.

[adrelanos]

Yep, such cases are at least

• $TBB_VERSIONS_FILE_LINK, so that --alpha works

  tb-updater/usr/bin/update-torbrowser

  Line 900 in 79cb878

  [ -n "$TBB_VERSIONS_FILE_LINK" ] || TBB_VERSIONS_FILE_LINK="https://aus1.torproject.org/torbrowser/update_3/${TBB_RELEASE_CHANNEL}/downloads.json"

• $TBB_SIG_FILENAME and $TBB_PACKAGE_FILENAME

  tb-updater/usr/bin/update-torbrowser

  Lines 1429 to 1430 in 79cb878

  	[ -n "$TBB_SIG_FILENAME" ] || TBB_SIG_FILENAME="tor-browser-${ARCH_DOWNLOAD}-${tbb_version}.tar.xz.asc"
  	[ -n "$TBB_PACKAGE_FILENAME" ] || TBB_PACKAGE_FILENAME="tor-browser-${ARCH_DOWNLOAD}-${tbb_version}.tar.xz"

Would checks like these (before the last "fallback") be okay for those?:

if [ -n "$TBB_SIG_FILENAME" ] && [ "$tb_browser_name" = "mullvad-browser" ]; then
    TBB_SIG_FILENAME="mullvad-browser-${ARCH_DOWNLOAD}-${tbb_version}.tar.xz.asc"
fi

In that case it seems scripting can be avoided by using more variables.

If you need to change tor-browser to mullvad-browser in TBB_SIG_FILENAME then please make these strings are variable that can be overwritten too?

TBB_SIG_FILENAME="${tb_browser_download_name}-${ARCH_DOWNLOAD}-${tbb_version}.tar.xz.asc"

script default in update-torbrowser would be:

[ -n "$tb_browser_download_name" ] || tb_browser_download_name="tor-browser" 

and update-mullvadbrowser wrapper would set:

[ -n "$tb_browser_download_name" ] || tb_browser_download_name="mullvad-browser" 

[adrelanos]

I would appreciate a PR for the things which can be done without scripting. Only overwriting variables and variablizing where neeed.

Just leave the more complex things that might require scripting if any. Can be looked into after getting this started.

[adrelanos]

Now that tb-updater support was merged, any chance you could contribute the tb-starter modifications too please?

[adrelanos]

This was done.