richard pushed to branch main at The Tor Project / Applications / tor-browser-build
Commits:
-
995029fd
by Richard Pospesel at 2023-09-28T18:51:26+00:00
13 changed files:
- − projects/browser/Bundle-Data/PTConfigs/bridge_prefs.js
- − projects/browser/Bundle-Data/PTConfigs/linux/torrc-defaults-appendix
- − projects/browser/Bundle-Data/PTConfigs/mac/torrc-defaults-appendix
- − projects/browser/Bundle-Data/PTConfigs/windows/torrc-defaults-appendix
- projects/browser/build
- projects/browser/config
- − projects/common/bridges_list.meek-azure.txt
- − projects/common/bridges_list.obfs4.txt
- − projects/common/bridges_list.snowflake.txt
- projects/tor-android-service/build
- projects/tor-android-service/config
- projects/tor-expert-bundle/build
- projects/tor-expert-bundle/config
Changes:
1 | -# Tor Launcher preferences (default bridges):
|
|
2 | -pref("extensions.torlauncher.default_bridge_recommended_type", "obfs4"); |
1 | -## lyrebird configuration
|
|
2 | -ClientTransportPlugin meek_lite,obfs2,obfs3,obfs4,scramblesuit exec ./TorBrowser/Tor/PluggableTransports/lyrebird
|
|
3 | - |
|
4 | -## snowflake configuration
|
|
5 | -ClientTransportPlugin snowflake exec ./TorBrowser/Tor/PluggableTransports/snowflake-client
|
|
6 | - |
|
7 | -## webtunnel configuration
|
|
8 | -ClientTransportPlugin webtunnel exec ./TorBrowser/Tor/PluggableTransports/webtunnel-client
|
|
9 | - |
|
10 | -## conjure configuration
|
|
11 | -ClientTransportPlugin conjure exec ./TorBrowser/Tor/PluggableTransports/conjure-client -registerURL https://registration.refraction.network/api |
1 | -## lyrebird configuration
|
|
2 | -ClientTransportPlugin meek_lite,obfs2,obfs3,obfs4,scramblesuit exec PluggableTransports/lyrebird
|
|
3 | - |
|
4 | -## snowflake configuration
|
|
5 | -ClientTransportPlugin snowflake exec PluggableTransports/snowflake-client
|
|
6 | - |
|
7 | -## webtunnel configuration
|
|
8 | -ClientTransportPlugin webtunnel exec PluggableTransports/webtunnel-client
|
|
9 | - |
|
10 | -## conjure configuration
|
|
11 | -ClientTransportPlugin conjure exec PluggableTransports/conjure-client -registerURL https://registration.refraction.network/api |
1 | -## lyrebird configuration
|
|
2 | -ClientTransportPlugin meek_lite,obfs2,obfs3,obfs4,scramblesuit exec TorBrowser\Tor\PluggableTransports\lyrebird.exe
|
|
3 | - |
|
4 | -## snowflake configuration
|
|
5 | -ClientTransportPlugin snowflake exec TorBrowser\Tor\PluggableTransports\snowflake-client.exe
|
|
6 | - |
|
7 | -## webtunnel configuration
|
|
8 | -ClientTransportPlugin webtunnel exec TorBrowser\Tor\PluggableTransports\webtunnel-client.exe
|
|
9 | - |
|
10 | -## conjure configuration
|
|
11 | -ClientTransportPlugin conjure exec TorBrowser\Tor\PluggableTransports\conjure-client.exe -registerURL https://registration.refraction.network/api |
... | ... | @@ -15,7 +15,7 @@ mkdir -p $OUTDIR |
15 | 15 | # directory named tor-browser (instead of tor-browser_en-US). Therefore we
|
16 | 16 | # stage everything under tor-browser-stage to avoid a conflict.
|
17 | 17 | TB_STAGE_DIR=$distdir/tor-browser-stage
|
18 | -GENERATEDPREFSPATH=$rootdir/Bundle-Data/PTConfigs/generated-prefs.js
|
|
18 | +GENERATEDPREFSPATH=$rootdir/Bundle-Data/generated-prefs.js
|
|
19 | 19 | # Create initially empty prefs file where we can dump our conditionally included/genetered prefs
|
20 | 20 | touch "$GENERATEDPREFSPATH"
|
21 | 21 | |
... | ... | @@ -100,10 +100,10 @@ mv [% c('input_files_by_name/noscript') %] "$TBDIR/$EXTSPATH/{73a6fe31-595d-460b |
100 | 100 | mkdir -p "$TBDIR/$TORCONFIGPATH" [% IF c("var/macos_universal") %]"$TBDIR_AARCH64/$TORCONFIGPATH"[% END %]
|
101 | 101 | mv_tbdir data/{geoip,geoip6} "$TORCONFIGPATH"
|
102 | 102 | |
103 | - # Bridge lists will be consumed later in `bridges_conf`
|
|
104 | - mv tor/pluggable_transports/bridges_list.*.txt tor/pluggable_transports/pt_config.json $rootdir
|
|
103 | + # pt_config.json will be consumed later in `bridges_conf`
|
|
104 | + mv tor/pluggable_transports/pt_config.json $rootdir
|
|
105 | 105 | [% IF c("var/macos_universal") %]
|
106 | - rm -f aarch64/tor/pluggable_transports/bridges_list.*.txt aarch64/tor/pluggable_transports/pt_config.json
|
|
106 | + rm -f aarch64/tor/pluggable_transports/pt_config.json
|
|
107 | 107 | [% END -%]
|
108 | 108 | |
109 | 109 | # Move READMEs from tor-expert-bundle to the doc dir
|
... | ... | @@ -246,24 +246,37 @@ do |
246 | 246 | done
|
247 | 247 | |
248 | 248 | [% IF c("var/tor-browser") -%]
|
249 | + PT_CONFIG="$rootdir/pt_config.json"
|
|
250 | + |
|
251 | + # Write our ClientTransportPlugin lines to torrc-defults
|
|
249 | 252 | for tbdir in "${TBDIRS[@]}"
|
250 | 253 | do
|
251 | - cat Bundle-Data/PTConfigs/[% bundledata_osname %]/torrc-defaults-appendix >> "$tbdir/$TORCONFIGPATH/torrc-defaults"
|
|
254 | + PT_PATH='[% c("var/pt_path") %]'
|
|
255 | + TORRC_DEFAULTS="$tbdir/$TORCONFIGPATH/torrc-defaults"
|
|
256 | + jq --raw-output .pluggableTransports[] "${PT_CONFIG}" | while read -r line; do
|
|
257 | + echo "${line/\$\{pt_path\}/${PT_PATH}}" >> "$TORRC_DEFAULTS"
|
|
258 | + done
|
|
252 | 259 | done
|
253 | - cat Bundle-Data/PTConfigs/bridge_prefs.js >> "$GENERATEDPREFSPATH"
|
|
254 | 260 | |
261 | + # Write Default Bridge Prefs
|
|
262 | + echo "# Tor Launcher preferences (default bridges):" >> "$GENERATEDPREFSPATH"
|
|
263 | + RECOMMMENDED_DEFAULT=$(jq -r .recommendedDefault "${PT_CONFIG}")
|
|
264 | + echo "pref(\"extensions.torlauncher.default_bridge_recommended_type\", \"${RECOMMMENDED_DEFAULT}\");" >> "$GENERATEDPREFSPATH"
|
|
265 | + |
|
266 | + # Writes bridge-line prefs for a given bridge type
|
|
255 | 267 | function bridges_conf {
|
256 | - local pt="$1"
|
|
268 | + local bridge_type="$1"
|
|
257 | 269 | local i=1
|
258 | - while read -r line
|
|
259 | - do
|
|
260 | - echo "pref(\"extensions.torlauncher.default_bridge.$pt.$i\", \"$line\");" >> "$GENERATEDPREFSPATH"
|
|
270 | + jq -r ".bridges.\"$bridge_type\" | .[]" "${PT_CONFIG}" | while read -r line; do
|
|
271 | + echo "pref(\"extensions.torlauncher.default_bridge.$bridge_type.$i\", \"$line\");" >> "$GENERATEDPREFSPATH"
|
|
261 | 272 | i=$((i + 1))
|
262 | - done < "$rootdir/bridges_list.$pt.txt"
|
|
273 | + done
|
|
263 | 274 | }
|
264 | - bridges_conf obfs4
|
|
265 | - bridges_conf meek-azure
|
|
266 | - bridges_conf snowflake
|
|
275 | + |
|
276 | + # Iterate over our bridge types and write default bridgelines for each
|
|
277 | + for bridge_type in $(jq -r ".bridges | keys[]" "${PT_CONFIG}"); do
|
|
278 | + bridges_conf $bridge_type
|
|
279 | + done
|
|
267 | 280 | [% END -%]
|
268 | 281 | |
269 | 282 | [% IF c("var/linux") && c("var/tor-browser") %]
|
... | ... | @@ -11,6 +11,7 @@ var: |
11 | 11 | - libparallel-forkmanager-perl
|
12 | 12 | - libfile-slurp-perl
|
13 | 13 | - bzip2
|
14 | + - jq
|
|
14 | 15 | mar_osname: '[% c("var/osname") %]'
|
15 | 16 | |
16 | 17 | targets:
|
... | ... | @@ -21,6 +22,7 @@ targets: |
21 | 22 | # builds (bug 29812). We don't need it in x86_64 builds, but we
|
22 | 23 | # share the container to reduce space used.
|
23 | 24 | - libc6-i386
|
25 | + pt_path: ./TorBrowser/Tor/PluggableTransports/
|
|
24 | 26 | macos:
|
25 | 27 | var:
|
26 | 28 | arch_deps:
|
... | ... | @@ -29,6 +31,7 @@ targets: |
29 | 31 | - python3-pip
|
30 | 32 | - python3-distutils-extra
|
31 | 33 | - python3-psutil
|
34 | + pt_path: PluggableTransports/
|
|
32 | 35 | macos-universal:
|
33 | 36 | var:
|
34 | 37 | mar_osname: macos
|
... | ... | @@ -36,6 +39,7 @@ targets: |
36 | 39 | var:
|
37 | 40 | arch_deps:
|
38 | 41 | - python3-pefile
|
42 | + pt_path: TorBrowser\Tor\PluggableTransports\
|
|
39 | 43 | android:
|
40 | 44 | build: '[% INCLUDE build.android %]'
|
41 | 45 | var:
|
1 | -meek_lite 192.0.2.18:80 BE776A53492E1E044A26F17306E1BC46A55A1625 url=https://meek.azureedge.net/ front=ajax.aspnetcdn.com |
1 | -obfs4 192.95.36.142:443 CDF2E852BF539B82BD10E27E9115A31734E378C2 cert=qUVQ0srL1JI/vO6V6m/24anYXiJD3QP2HgzUKQtQ7GRqqUvs7P+tG43RtAqdhLOALP7DJQ iat-mode=1
|
|
2 | -obfs4 37.218.245.14:38224 D9A82D2F9C2F65A18407B1D2B764F130847F8B5D cert=bjRaMrr1BRiAW8IE9U5z27fQaYgOhX1UCmOpg2pFpoMvo6ZgQMzLsaTzzQNTlm7hNcb+Sg iat-mode=0
|
|
3 | -obfs4 85.31.186.98:443 011F2599C0E9B27EE74B353155E244813763C3E5 cert=ayq0XzCwhpdysn5o0EyDUbmSOx3X/oTEbzDMvczHOdBJKlvIdHHLJGkZARtT4dcBFArPPg iat-mode=0
|
|
4 | -obfs4 85.31.186.26:443 91A6354697E6B02A386312F68D82CF86824D3606 cert=PBwr+S8JTVZo6MPdHnkTwXJPILWADLqfMGoVvhZClMq/Urndyd42BwX9YFJHZnBB3H0XCw iat-mode=0
|
|
5 | -obfs4 193.11.166.194:27015 2D82C2E354D531A68469ADF7F878FA6060C6BACA cert=4TLQPJrTSaDffMK7Nbao6LC7G9OW/NHkUwIdjLSS3KYf0Nv4/nQiiI8dY2TcsQx01NniOg iat-mode=0
|
|
6 | -obfs4 193.11.166.194:27020 86AC7B8D430DAC4117E9F42C9EAED18133863AAF cert=0LDeJH4JzMDtkJJrFphJCiPqKx7loozKN7VNfuukMGfHO0Z8OGdzHVkhVAOfo1mUdv9cMg iat-mode=0
|
|
7 | -obfs4 193.11.166.194:27025 1AE2C08904527FEA90C4C4F8C1083EA59FBC6FAF cert=ItvYZzW5tn6v3G4UnQa6Qz04Npro6e81AP70YujmK/KXwDFPTs3aHXcHp4n8Vt6w/bv8cA iat-mode=0
|
|
8 | -obfs4 209.148.46.65:443 74FAD13168806246602538555B5521A0383A1875 cert=ssH+9rP8dG2NLDN2XuFw63hIO/9MNNinLmxQDpVa+7kTOa9/m+tGWT1SmSYpQ9uTBGa6Hw iat-mode=0
|
|
9 | -obfs4 146.57.248.225:22 10A6CD36A537FCE513A322361547444B393989F0 cert=K1gDtDAIcUfeLqbstggjIw2rtgIKqdIhUlHp82XRqNSq/mtAjp1BIC9vHKJ2FAEpGssTPw iat-mode=0
|
|
10 | -obfs4 45.145.95.6:27015 C5B7CD6946FF10C5B3E89691A7D3F2C122D2117C cert=TD7PbUO0/0k6xYHMPW3vJxICfkMZNdkRrb63Zhl5j9dW3iRGiCx0A7mPhe5T2EDzQ35+Zw iat-mode=0
|
|
11 | -obfs4 51.222.13.177:80 5EDAC3B810E12B01F6FD8050D2FD3E277B289A08 cert=2uplIpLQ0q9+0qMFrK5pkaYRDOe460LL9WHBvatgkuRr/SL31wBOEupaMMJ6koRE6Ld0ew iat-mode=0 |
1 | -snowflake 192.0.2.3:80 2B280B23E1107BB62ABFC40DDCC8824814F80A72 fingerprint=2B280B23E1107BB62ABFC40DDCC8824814F80A72 url=https://snowflake-broker.torproject.net.global.prod.fastly.net/ front=foursquare.com ice=stun:stun.l.google.com:19302,stun:stun.antisip.com:3478,stun:stun.bluesip.net:3478,stun:stun.dus.net:3478,stun:stun.epygi.com:3478,stun:stun.sonetel.com:3478,stun:stun.uls.co.za:3478,stun:stun.voipgate.com:3478,stun:stun.voys.nl:3478 utls-imitate=hellorandomizedalpn
|
|
2 | -snowflake 192.0.2.4:80 8838024498816A039FCBBAB14E6F40A0843051FA fingerprint=8838024498816A039FCBBAB14E6F40A0843051FA url=https://snowflake-broker.torproject.net.global.prod.fastly.net/ front=foursquare.com ice=stun:stun.l.google.com:19302,stun:stun.antisip.com:3478,stun:stun.bluesip.net:3478,stun:stun.dus.net:3478,stun:stun.epygi.com:3478,stun:stun.sonetel.net:3478,stun:stun.uls.co.za:3478,stun:stun.voipgate.com:3478,stun:stun.voys.nl:3478 utls-imitate=hellorandomizedalpn |
... | ... | @@ -57,9 +57,22 @@ rm -fR service/src/main/jniLibs/* |
57 | 57 | mv $tebdir/data/{geoip,geoip6} service/src/main/assets/common
|
58 | 58 | |
59 | 59 | # Update bridges list
|
60 | - ptdir=$tebdir/tor/pluggable_transports
|
|
61 | - cat $ptdir/bridges_list.obfs4.txt $ptdir/bridges_list.meek-azure.txt \
|
|
62 | - $ptdir/bridges_list.snowflake.txt > service/src/main/assets/common/bridges.txt
|
|
60 | + PT_CONFIG="$tebdir/tor/pluggable_transports/pt_config.json"
|
|
61 | + |
|
62 | + # Writes bridge-line prefs for a given bridge type
|
|
63 | + BRIDGES_TXT="service/src/main/assets/common/bridges.txt"
|
|
64 | + echo -n "" > "${BRIDGES_TXT}"
|
|
65 | + function bridges_conf {
|
|
66 | + local bridge_type="$1"
|
|
67 | + jq -r ".bridges.\"$bridge_type\" | .[]" "${PT_CONFIG}" | while read -r line; do
|
|
68 | + echo $line >> "${BRIDGES_TXT}"
|
|
69 | + done
|
|
70 | + }
|
|
71 | + |
|
72 | + # Iterate over our bridge types and write default bridgelines for each
|
|
73 | + for bridge_type in $(jq -r ".bridges | keys[]" "${PT_CONFIG}"); do
|
|
74 | + bridges_conf $bridge_type
|
|
75 | + done
|
|
63 | 76 | [% END -%]
|
64 | 77 | [% END -%]
|
65 | 78 |
... | ... | @@ -11,6 +11,8 @@ var: |
11 | 11 | # this should be updated when the list of gradle dependencies is changed
|
12 | 12 | gradle_dependencies_version: 5
|
13 | 13 | gradle_version: 5.6.4
|
14 | + arch_deps:
|
|
15 | + - jq
|
|
14 | 16 | |
15 | 17 | input_files:
|
16 | 18 | - project: container-image
|
... | ... | @@ -14,11 +14,6 @@ tar -xkf $rootdir/[% c('input_files_by_name/snowflake') %] |
14 | 14 | tar -xkf $rootdir/[% c('input_files_by_name/webtunnel') %]
|
15 | 15 | tar -xkf $rootdir/[% c('input_files_by_name/conjure') %]
|
16 | 16 | |
17 | -# copy in bridge lines for each pluggable transport
|
|
18 | -mv $rootdir/bridges_list.obfs4.txt .
|
|
19 | -mv $rootdir/bridges_list.meek-azure.txt .
|
|
20 | -mv $rootdir/bridges_list.snowflake.txt .
|
|
21 | - |
|
22 | 17 | # add per-platform pt extension
|
23 | 18 | awk '{gsub(/\$\{pt_extension\}/, "[% c("var/pt_extension") %]"); print}' $rootdir/pt_config.json > pt_config.json
|
24 | 19 |
... | ... | @@ -23,6 +23,3 @@ input_files: |
23 | 23 | - name: conjure
|
24 | 24 | project: conjure
|
25 | 25 | - filename: pt_config.json |
26 | - - filename: bridges_list.obfs4.txt
|
|
27 | - - filename: bridges_list.meek-azure.txt
|
|
28 | - - filename: bridges_list.snowflake.txt |