Richard Pospesel pushed to branch main at The Tor Project / Applications / tor-browser-build
Commits: 144d70db by Cecylia Bocovich at 2023-01-31T20:56:23+00:00 Bug 41361: Reproducible conjure builds
Add a conjure project and go dependencies to reproducibly build the conjure client on all platforms.
- - - - - 76c3558e by Cecylia Bocovich at 2023-01-31T20:56:23+00:00 Bug 41361: Add conjure line to torrc-defaults
Add the ClientTransportPlugin line for conjure to the torrc-defaults for desktop all platforms.
- - - - - c3c4bd9f by Cecylia Bocovich at 2023-01-31T20:56:23+00:00 Bug 41361: Add conjure to tor-expert-bundle
- - - - - d5a12bf8 by Cecylia Bocovich at 2023-01-31T20:56:23+00:00 Bug 41361: Move conjure README to the docs dir
- - - - -
18 changed files:
- projects/browser/Bundle-Data/PTConfigs/linux/torrc-defaults-appendix - projects/browser/Bundle-Data/PTConfigs/mac/torrc-defaults-appendix - projects/browser/Bundle-Data/PTConfigs/windows/torrc-defaults-appendix - projects/browser/build - + projects/bsbuffer/config - + projects/conjure/build - + projects/conjure/config - + projects/go-cmp/config - + projects/goprotobuf/config - + projects/gotapdance/config - + projects/logrus/config - + projects/obfs4-lib/config - + projects/protobuf/config - + projects/snowflake-lib/config - projects/tor-expert-bundle/build - projects/tor-expert-bundle/config - projects/tor-expert-bundle/pt_config.json - + projects/weightedrand/config
Changes:
===================================== projects/browser/Bundle-Data/PTConfigs/linux/torrc-defaults-appendix ===================================== @@ -6,3 +6,6 @@ ClientTransportPlugin snowflake exec ./TorBrowser/Tor/PluggableTransports/snowfl
## webtunnel configuration ClientTransportPlugin webtunnel exec ./TorBrowser/Tor/PluggableTransports/webtunnel-client + +## conjure configuration +ClientTransportPlugin conjure exec ./TorBrowser/Tor/PluggableTransports/conjure-client -registerURL https://registration.refraction.network/api
===================================== projects/browser/Bundle-Data/PTConfigs/mac/torrc-defaults-appendix ===================================== @@ -6,3 +6,6 @@ ClientTransportPlugin snowflake exec PluggableTransports/snowflake-client
## webtunnel configuration ClientTransportPlugin webtunnel exec PluggableTransports/webtunnel-client + +## conjure configuration +ClientTransportPlugin conjure exec PluggableTransports/conjure-client -registerURL https://registration.refraction.network/api
===================================== projects/browser/Bundle-Data/PTConfigs/windows/torrc-defaults-appendix ===================================== @@ -6,3 +6,6 @@ ClientTransportPlugin snowflake exec TorBrowser\Tor\PluggableTransports\snowflak
## webtunnel configuration ClientTransportPlugin webtunnel exec TorBrowser\Tor\PluggableTransports\webtunnel-client.exe + +## conjure configuration +ClientTransportPlugin conjure exec TorBrowser\Tor\PluggableTransports\conjure-client.exe -registerURL https://registration.refraction.network/api
===================================== projects/browser/build ===================================== @@ -100,13 +100,14 @@ mv [% c('input_files_by_name/noscript') %] "$TBDIR/$EXTSPATH/{73a6fe31-595d-460b rm -f aarch64/tor/pluggable_transports/bridges_list.*.txt aarch64/tor/pluggable_transports/pt_config.json [% END -%]
- # Snowflake's README is a documentation shipped in tor-expert-bundle + # Move READMEs from tor-expert-bundle to the doc dir mkdir -p "$TBDIR/$DOCSPATH/snowflake" [% IF c("var/macos_universal") %]"$TBDIR_AARCH64/$DOCSPATH/snowflake"[% END %] - mv_tbdir tor/pluggable_transports/README.SNOWFLAKE.md "$DOCSPATH/snowflake/README.md" - - # WebTunnel's README is a documentation shipped in tor-expert-bundle + mkdir -p "$TBDIR/$DOCSPATH/webtunnel" [% IF c("var/macos_universal") %]"$TBDIR_AARCH64/$DOCSPATH/webtunnel"[% END %] + mkdir -p "$TBDIR/$DOCSPATH/conjure" [% IF c("var/macos_universal") %]"$TBDIR_AARCH64/$DOCSPATH/conjure"[% END %] + mv_tbdir tor/pluggable_transports/README.SNOWFLAKE.md "$DOCSPATH/snowflake/README.md" mv_tbdir tor/pluggable_transports/README.WEBTUNNEL.md "$DOCSPATH/webtunnel/README.md" + mv_tbdir tor/pluggable_transports/README.CONJURE.md "$DOCSPATH/conjure/README.md"
# Move the PTs to where TB expects them mkdir -p "$TBDIR/$TORBINPATH" [% IF c("var/macos_universal") %]"$TBDIR_AARCH64/$TORBINPATH"[% END %]
===================================== projects/bsbuffer/config ===================================== @@ -0,0 +1,17 @@ +# vim: filetype=yaml sw=2 +version: '[% c("abbrev") %]' +git_url: https://github.com/sergeyfrolov/bsbuffer +git_hash: 94e85abb850729a5f54f383e8175e62931d04748 +filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz' +container: + use_container: 1 + +build: '[% c("projects/go/var/build_go_lib") %]' + +var: + go_lib: github.com/sergeyfrolov/bsbuffer + +input_files: + - project: container-image + - name: go + project: go
===================================== projects/conjure/build ===================================== @@ -0,0 +1,38 @@ +#!/bin/bash +[% c("var/set_default_env") -%] +[% pc('go', 'var/setup', { go_tarfile => c('input_files_by_name/go') }) %] +distdir=/var/tmp/dist/[% project %] +mkdir -p $distdir + +[% IF c("var/android") -%] + [% pc(c('var/compiler'), 'var/setup', { compiler_tarfile => c('input_files_by_name/' _ c('var/compiler')) }) %] + # We need to explicitly set CGO_ENABLED with Go 1.13.x as the Android build + # breaks otherwise. + export CGO_ENABLED=1 +[% END -%] + +tar -C /var/tmp/dist -xf [% c('input_files_by_name/goptlib') %] +tar -C /var/tmp/dist -xf [% c('input_files_by_name/snowflake-lib') %] +tar -C /var/tmp/dist -xf [% c('input_files_by_name/gotapdance') %] + +mkdir -p /var/tmp/build +tar -C /var/tmp/build -xf [% project %]-[% c('version') %].tar.gz +cd /var/tmp/build/[% project %]-[% c('version') %] + +mkdir -p "$GOPATH/src/gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conjure.git" + +# Fix gopath location of versioned dependencies +ln -sf "$GOPATH/src/git.torproject.org/pluggable-transports/snowflake.git" "$GOPATH/src/git.torproject.org/pluggable-transports/snowflake.git/v2" + +cd client +go build -ldflags '-s' +cp -a client[% IF c("var/windows") %].exe[% END %] $distdir/conjure-client[% IF c("var/windows") %].exe[% END %] + +cd .. +cp -a README.md $distdir/README.CONJURE.md + +cd $distdir +[% c('tar', { + tar_src => [ '.' ], + tar_args => '-czf ' _ dest_dir _ '/' _ c('filename'), + }) %]
===================================== projects/conjure/config ===================================== @@ -0,0 +1,21 @@ +# vim: filetype=yaml sw=2 +version: '[% c("abbrev") %]' +git_url: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conju... +git_hash: b7d485734c3ab09ef3da818abb4b39ec27ef3a73 +filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz' +container: + use_container: 1 + +input_files: + - project: container-image + - name: go + project: go + - name: goptlib + project: goptlib + - name: gotapdance + project: gotapdance + - name: snowflake-lib + project: snowflake-lib + - name: '[% c("var/compiler") %]' + project: '[% c("var/compiler") %]' + enable: '[% c("var/android") %]'
===================================== projects/go-cmp/config ===================================== @@ -0,0 +1,23 @@ +# vim: filetype=yaml sw=2 +version: '[% c("abbrev") %]' +git_url: https://github.com/google/go-cmp +git_hash: 8fa37b4dd109f12e42b131e485268768f18bcbf8 #v0.5.5 +filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz' +container: + use_container: 1 + +build: '[% c("projects/go/var/build_go_lib") %]' + +var: + go_lib: github.com/google/go-cmp + go_lib_deps: + - goxxerrors + build_go_lib_pre: | + cd "cmp" + +input_files: + - project: container-image + - name: go + project: go + - name: goxxerrors + project: goxxerrors
===================================== projects/goprotobuf/config ===================================== @@ -0,0 +1,23 @@ +# vim: filetype=yaml sw=2 +version: '[% c("abbrev") %]' +git_url: https://github.com/golang/protobuf +git_hash: ae97035608a719c7a1c1c41bed0ae0744bdb0c6f #v1.5.2 +filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz' +container: + use_container: 1 + +build: '[% c("projects/go/var/build_go_lib") %]' + +var: + go_lib: github.com/golang/protobuf + go_lib_install: + - github.com/golang/protobuf/proto + go_lib_deps: + - protobuf + +input_files: + - project: container-image + - name: go + project: go + - name: protobuf + project: protobuf
===================================== projects/gotapdance/config ===================================== @@ -0,0 +1,47 @@ +# vim: filetype=yaml sw=2 +version: '[% c("abbrev") %]' +git_url: https://github.com/refraction-networking/gotapdance +git_hash: 14162bd2967839d5d873645881f4a4761fb7bb48 #v1.3.0 +filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz' +container: + use_container: 1 + +build: '[% c("projects/go/var/build_go_lib") %]' + +var: + go_lib: github.com/refraction-networking/gotapdance + go_lib_deps: + - bsbuffer + - goprotobuf + - goptlib + - goxcrypto + - goxnet + - logrus + - obfs4-lib + - refraction-utls + - weightedrand + go_lib_install: + - github.com/refraction-networking/gotapdance/tapdance + +input_files: + - project: container-image + - name: go + project: go + - name: bsbuffer + project: bsbuffer + - name: goprotobuf + project: goprotobuf + - name: goptlib + project: goptlib + - name: goxcrypto + project: goxcrypto + - name: goxnet + project: goxnet + - name: logrus + project: logrus + - name: obfs4-lib + project: obfs4-lib + - name: refraction-utls + project: refraction-utls + - name: weightedrand + project: weightedrand
===================================== projects/logrus/config ===================================== @@ -0,0 +1,24 @@ +# vim: filetype=yaml sw=2 +version: '[% c("abbrev") %]' +git_url: https://github.com/sirupsen/logrus +git_hash: bdc0db8ead3853c56b7cd1ac2ba4e11b47d7da6b #v1.8.1 +filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz' +container: + use_container: 1 + +build: '[% c("projects/go/var/build_go_lib") %]' + +var: + go_lib: github.com/sirupsen/logrus + go_lib_deps: + - goxcrypto + - goxsys + +input_files: + - project: container-image + - name: go + project: go + - name: goxcrypto + project: goxcrypto + - name: goxsys + project: goxsys
===================================== projects/obfs4-lib/config ===================================== @@ -0,0 +1,39 @@ +# vim: filetype=yaml sw=2 +version: '[% c("abbrev") %]' +git_url: https://gitlab.com/yawning/obfs4.git +git_hash: 77af0cba934d73c4baeb709560bcfc9a9fbc661c +filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz' +container: + use_container: 1 + +build: '[% c("projects/go/var/build_go_lib") %]' + +var: + go_lib: gitlab.com/yawning/obfs4.git + go_lib_deps: + - edwards25519 + - edwards25519-extra + - goptlib + - goxcrypto + - goxnet + - siphash + go_lib_install: + - gitlab.com/yawning/obfs4.git/common/ntor + - gitlab.com/yawning/obfs4.git/transports/obfs4 + +input_files: + - project: container-image + - name: go + project: go + - name: edwards25519 + project: edwards25519 + - name: edwards25519-extra + project: edwards25519-extra + - name: goptlib + project: goptlib + - name: goxcrypto + project: goxcrypto + - name: goxnet + project: goxnet + - name: siphash + project: siphash
===================================== projects/protobuf/config ===================================== @@ -0,0 +1,23 @@ +# vim: filetype=yaml sw=2 +version: '[% c("abbrev") %]' +git_url: https://github.com/protocolbuffers/protobuf-go +git_hash: f2d1f6cbe10b90d22296ea09a7217081c2798009 #v1.26.0 +filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz' +container: + use_container: 1 + +build: '[% c("projects/go/var/build_go_lib") %]' + +var: + go_lib: google.golang.org/protobuf + go_lib_install: + - google.golang.org/protobuf/cmd/protoc-gen-go/internal_gengo + - google.golang.org/protobuf/compiler/protogen + - google.golang.org/protobuf/reflect/protodesc + - google.golang.org/protobuf/proto + - google.golang.org/protobuf/encoding/protojson + +input_files: + - project: container-image + - name: go + project: go
===================================== projects/snowflake-lib/config ===================================== @@ -0,0 +1,19 @@ +# vim: filetype=yaml sw=2 +version: '[% c("abbrev") %]' +git_url: https://git.torproject.org/pluggable-transports/snowflake.git +git_hash: 01ae5b56e8399d29aa18605dc9add913d84dc553 +filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz' +container: + use_container: 1 + +build: '[% c("projects/go/var/build_go_lib") %]' + +var: + go_lib: git.torproject.org/pluggable-transports/snowflake.git + go_lib_install: + - git.torproject.org/pluggable-transports/snowflake.git/common/safelog + +input_files: + - project: container-image + - name: go + project: go
===================================== projects/tor-expert-bundle/build ===================================== @@ -12,6 +12,7 @@ mkdir pluggable_transports && cd pluggable_transports tar -xkf $rootdir/[% c('input_files_by_name/obfs4') %] tar -xkf $rootdir/[% c('input_files_by_name/snowflake') %] tar -xkf $rootdir/[% c('input_files_by_name/webtunnel') %] +tar -xkf $rootdir/[% c('input_files_by_name/conjure') %]
# copy in bridge lines for each pluggable transport mv $rootdir/bridges_list.obfs4.txt .
===================================== projects/tor-expert-bundle/config ===================================== @@ -20,6 +20,8 @@ input_files: project: snowflake - project: webtunnel name: webtunnel + - name: conjure + project: conjure - filename: pt_config.json - filename: bridges_list.obfs4.txt - filename: bridges_list.meek-azure.txt
===================================== projects/tor-expert-bundle/pt_config.json ===================================== @@ -3,7 +3,8 @@ "pluggableTransports" : { "obfs4proxy" : "ClientTransportPlugin meek_lite,obfs2,obfs3,obfs4,scramblesuit exec ${pt_path}obfs4proxy${pt_extension}", "snowflake" : "ClientTransportPlugin snowflake exec ${pt_path}snowflake-client${pt_extension}", - "webtunnel" : "ClientTransportPlugin webtunnel exec ${pt_path}webtunnel-client${pt_extension}" + "webtunnel" : "ClientTransportPlugin webtunnel exec ${pt_path}webtunnel-client${pt_extension}", + "conjure" : "ClientTransportPlugin conjure exec ${pt_path}conjure-client${pt_extension} -registerURL https://registration.refraction.network/api" }, "bridges" : { "meek-azure" : [
===================================== projects/weightedrand/config ===================================== @@ -0,0 +1,17 @@ +# vim: filetype=yaml sw=2 +version: '[% c("abbrev") %]' +git_url: https://github.com/mroth/weightedrand +git_hash: 0d642756f17d052e03f6ca68ee9264022f7d26af #v0.4.1 +filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz' +container: + use_container: 1 + +build: '[% c("projects/go/var/build_go_lib") %]' + +var: + go_lib: github.com/mroth/weightedrand + +input_files: + - project: container-image + - name: go + project: go
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/5...