[tor-bugs] #9444 [Tor bundles/installation]: Create deterministic TorBrowserBundles with Pluggable Transports

Tor Bug Tracker & Wiki blackhole at torproject.org
Sun Nov 10 07:08:58 UTC 2013


#9444: Create deterministic TorBrowserBundles with Pluggable Transports
------------------------------------------+--------------------------
     Reporter:  bastik                    |      Owner:  erinn
         Type:  task                      |     Status:  needs_review
     Priority:  normal                    |  Milestone:
    Component:  Tor bundles/installation  |    Version:
   Resolution:                            |   Keywords:  flashproxy
Actual Points:                            |  Parent ID:
       Points:                            |
------------------------------------------+--------------------------

Comment (by dcf):

 Replying to [comment:11 brade]:
 > Replying to [comment:8 dcf]:
 > >  * We will need to make changes to `torrc`.
 [https://gitweb.torproject.org/pluggable-
 transports/bundle.git/blob/50b44927d460825c6b920d4f7d53e357984d794a
 :/bundle-torrc-gnulinux (For example.)] What's a good way to do that? I
 don't want to modify e.g. `Bundle-Data/linux/Data/Tor/torrc` because
 that's used by the vanilla bundles. Really all we need is to append some
 lines to the end of the `torrc` that is normally installed (currently an
 empty file).
 >
 > Please don't add anything to torrc (it should be empty).  We are
 planning to remove that file from the bundles once #10060 is fixed.  torrc
 will be reserved for saving user's changes; all of the default settings
 that are part of TBB should be placed in torrc-defaults.  One approach
 would be to append your changes to torrc-defaults when assembling the
 bundle.  There is also #1922 but it doesn't look like anyone is working on
 that.

 I see now what you are doing with `torrc-defaults`. The requirements of
 the pluggable transports bundle may be a little tricky, then. Most of the
 extra configuration we add is a bunch of `Bridge` lines. There needs to be
 a sensible list of default bridges, because that works for many users; but
 it also needs to be possible to remove all the default bridges and
 configure your own, because for another group of users the defaults don't
 work.

 What's different about `Bridge` lines is that if there are some present in
 `torrc-defaults` and you add some in `torrc`, the ones you add don't
 override the defaults, they augment the defaults. Do you have any ideas
 for how to handle this situation? If we put the default bridges in `torrc-
 defaults`, then some users will have to edit `torrc-defaults` to remove
 them every time they update their bundle.

 This is the extra configuration we're currently using:
 {{{
 UseBridges 1

 Bridge flashproxy 0.0.1.0:1
 Bridge obfs2 109.163.233.198:1051
 Bridge obfs2 83.212.100.216:47870
 Bridge obfs2 83.212.96.182:46602
 Bridge obfs2 109.105.109.163:46924
 Bridge obfs2 70.182.182.109:54542
 Bridge obfs2 169.229.59.74:32779
 Bridge obfs2 169.229.59.75:47809
 Bridge obfs2 209.141.36.236:60783
 Bridge obfs2 208.79.90.242:55564
 Bridge obfs2 128.31.0.34:1051
 Bridge obfs2 83.212.101.2:45235
 Bridge obfs3 83.212.101.2:42782

 LearnCircuitBuildTimeout 0
 CircuitBuildTimeout 60
 ClientTransportPlugin flashproxy exec ./App/flashproxy-client --register
 :0 :9000
 ClientTransportPlugin obfs2,obfs3 exec ./App/obfsproxy.bin managed
 }}}

 `UseBridges`, `LearnCircuitBuildTimeout`, `CircuitBuildTimeout`, and
 `ClientTransportPlugin` can be moved to `torrc-defaults` no problem. But
 the `Bridge` lines are problematic.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9444#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list