[tor-bugs] #19001 [Obfuscation/Snowflake]: Tor Browser with Snowflake
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue May 10 02:05:33 UTC 2016
#19001: Tor Browser with Snowflake
-----------------------------------+---------------------
Reporter: dcf | Owner:
Type: project | Status: new
Priority: Medium | Milestone:
Component: Obfuscation/Snowflake | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-----------------------------------+---------------------
Comment (by dcf):
First working bundles with Snowflake, for linux only:
* https://people.torproject.org/~dcf/pt-
bundle/snowflake-20160509-5a801bf207/
* https://gitweb.torproject.org/user/dcf/tor-browser-
bundle.git/log/?h=snowflake&id=5a801bf2077e55c7b0dc35faed101a6c3d5375fb
Overall diff so far:
* https://gitweb.torproject.org/user/dcf/tor-browser-
bundle.git/diff/?h=snowflake&id=5a801bf2077e55c7b0dc35faed101a6c3d5375fb&id2=a00e9b4617c65e8a09eb7584ebe92aa76df24ec3
To run,
1. Open another browser to
http://keroserene.net/snowflake/snowflake.html.
2. Run ./start-tor-browser.desktop
3. Say yes to "Does your Internet Service Provider (ISP) block or
otherwise censor connections to the Tor Network?" and select snowflake
from the menu.
If all goes well, after a few seconds the other browser should turn green.
In order to build it yourself, you have to do
{{{
git clone -b snowflake https://git.torproject.org/user/dcf/tor-browser-
bundle.git
cd tor-browser-bundle/gitian
build nightly TORSOCKS=
}}}
You'll need to prepared the gitian-builder directory and everything else
according to [[doc/TorBrowser/Hacking]] and
[[doc/TorBrowser/BuildingWithGitian]]. I did not try targets other than
nightly.
Explanations of some noteworthy changes:
* I cherry-picked [[attachment:0001-Upgrade-go-
to-1.6.2.patch:ticket:18333|the Go 1.6 patch]] from #18333 because arlolra
said there is a dependency on Go 1.5 having to do with SRCDIR.
* I [https://gitweb.torproject.org/user/dcf/tor-browser-
bundle.git/tree/gitian/fetch-
inputs.sh?h=snowflake&id=235bdbc03d29e9e84e22f9fa6212677179293bc0#n308
tried using] `--no-history` when running depot_tools' `fetch` and
`gclient`, but it doesn't seem to work because the directories are 12 GB
and have history.
* libwebrtc needs a newer GCC than Debian wheezy has, so
[https://gitweb.torproject.org/user/dcf/tor-browser-
bundle.git/tree/gitian/descriptors/linux/gitian-pluggable-
transports.yml?h=snowflake&id=235bdbc03d29e9e84e22f9fa6212677179293bc0#n104
I copied code] from the [https://gitweb.torproject.org/user/dcf/tor-
browser-bundle.git/tree/gitian/descriptors/linux/gitian-
firefox.yml?h=snowflake&id=235bdbc03d29e9e84e22f9fa6212677179293bc0#n57
firefox descriptor] to use our self-built GCC. I also tried building
libwebrtc with Clang, which worked, but I couldn't get the resulting
library to link with go-webrtc and Cgo.
* At https://github.com/keroserene/go-webrtc/issues/23#issue-123390551,
serene said that it was necessary to create a custom ninja file, but I
didn't find it necessary (nor did I know what to put in the custom file).
* [https://gitweb.torproject.org/user/dcf/tor-browser-
bundle.git/tree/gitian/descriptors/linux/gitian-pluggable-
transports.yml?h=snowflake&id=235bdbc03d29e9e84e22f9fa6212677179293bc0#n327
The GYP_DEFINES] are a result of trial and error and cribbing from the
Debian [https://packages.debian.org/jessie/chromium chromium-browser]
source package.
* I [https://gitweb.torproject.org/user/dcf/tor-browser-
bundle.git/tree/gitian/descriptors/linux/gitian-pluggable-
transports.yml?h=snowflake&id=235bdbc03d29e9e84e22f9fa6212677179293bc0#n329
had to install Java and set JAVA_HOME] to get past what seems to be a
trivial step in webrtc/build/gyp_webrtc.
* For constructing libwebrtc-magic.a,
[https://gitweb.torproject.org/user/dcf/tor-browser-
bundle.git/tree/gitian/descriptors/linux/gitian-pluggable-
transports.yml?h=snowflake&id=235bdbc03d29e9e84e22f9fa6212677179293bc0#n332
I used] the `ar crs` command from [https://github.com/keroserene/go-
webrtc/blob/3a7f6aed75357dc85a7438af10b12c4177cf180f/build.sh#L68-L69 go-
webrtc's build.sh], but I had to exclude an additional file,
dump_syms_regtest.o.
* I [https://gitweb.torproject.org/user/dcf/tor-browser-
bundle.git/tree/gitian/descriptors/linux/gitian-pluggable-
transports.yml?h=snowflake&id=235bdbc03d29e9e84e22f9fa6212677179293bc0#n354
had to disable] `_GLIBCXX_USE_CXX11_ABI=0` when building go-webrtc,
because the prebuilt libwebrtc-magic.a is built an older default
`_GLIBCXX_USE_CXX11_ABI=0`, but the Gitian-built libwebrtc-magic.a is
built with the new default which is `_GLIBCXX_USE_CXX11_ABI=1`.
* I [https://gitweb.torproject.org/user/dcf/tor-browser-
bundle.git/commit/?h=snowflake&id=f2a142866932528549b525b0e31f8ecdb3a50a71
used an old version] of snowflake, [https://gitweb.torproject.org
/pluggable-
transports/snowflake.git/log/?id=598e2a3bfb1cd8effab4c1b945035c870be16bff
598e2a3bfb1cd8effab4c1b945035c870be16bff], because that's the parent of
the bad commit mentioned in #18653. It might not be the same problem, but
I couldn't get snowflake master to bootstrap past 10%.
* I [https://gitweb.torproject.org/user/dcf/tor-browser-
bundle.git/tree/gitian/verify-
tags.sh?h=snowflake&id=235bdbc03d29e9e84e22f9fa6212677179293bc0#n159
didn't know what to do about webrtc] in verify-tags.sh, since the `gclient
sync` step clones a bunch of other repos within itself.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19001#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list