[tor-commits] [tor-browser-build/master] Bug 28672: Android reproducible build of Snowflake

sysrqb at torproject.org sysrqb at torproject.org
Fri May 29 21:14:56 UTC 2020 

commit 853e75e9276432a39153db2e3fa54375af9b8822
Author: Cecylia Bocovich <cohosh at torproject.org>
Date:   Thu Apr 30 13:46:56 2020 +0000

    Bug 28672: Android reproducible build of Snowflake
---
 projects/snowflake/build                | 7 +++++++
 projects/snowflake/config               | 3 +++
 projects/tor-browser/config             | 2 +-
 projects/tor-onion-proxy-library/build  | 7 ++++++-
 projects/tor-onion-proxy-library/config | 2 ++
 rbm.conf                                | 3 +++
 6 files changed, 22 insertions(+), 2 deletions(-)

diff --git a/projects/snowflake/build b/projects/snowflake/build
index 2724dd9..a72caba 100644
--- a/projects/snowflake/build
+++ b/projects/snowflake/build
@@ -5,6 +5,13 @@ distdir=/var/tmp/dist/[% project %]
 [% c("var/set_PTDIR_DOCSDIR") -%]
 mkdir -p $PTDIR $DOCSDIR
 
+[% IF c("var/android") -%]
+  [% pc(c('var/compiler'), 'var/setup', { compiler_tarfile => c('input_files_by_name/' _ c('var/compiler')) }) %]
+  # We need to explicitly set CGO_ENABLED with Go 1.13.x as the Android build
+  # breaks otherwise.
+  export CGO_ENABLED=1
+[% END -%]
+
 tar -C /var/tmp/dist -xf [% c('input_files_by_name/uniuri') %]
 tar -C /var/tmp/dist -xf [% c('input_files_by_name/goptlib') %]
 tar -C /var/tmp/dist -xf [% c('input_files_by_name/pion-webrtc') %]
diff --git a/projects/snowflake/config b/projects/snowflake/config
index efd0707..898fe70 100644
--- a/projects/snowflake/config
+++ b/projects/snowflake/config
@@ -22,3 +22,6 @@ input_files:
     project: kcp-go
   - name: smux
     project: smux
+  - name: '[% c("var/compiler") %]'
+    project: '[% c("var/compiler") %]'
+    enable: '[% c("var/android") %]'
diff --git a/projects/tor-browser/config b/projects/tor-browser/config
index 3f41ed2..809bfa0 100644
--- a/projects/tor-browser/config
+++ b/projects/tor-browser/config
@@ -70,7 +70,7 @@ input_files:
     enable: '[% ! c("var/android") %]'
   - project: snowflake
     name: snowflake
-    enable: '[% c("var/snowflake") %]'
+    enable: '[% c("var/snowflake") && ! c("var/android") %]'
   - filename: Bundle-Data
     enable: '[% ! c("var/android") %]'
   - URL: https://addons.cdn.mozilla.net/user-media/addons/722/noscript_security_suite-11.0.26-an+fx.xpi
diff --git a/projects/tor-onion-proxy-library/build b/projects/tor-onion-proxy-library/build
index c8025ad..dfe1837 100644
--- a/projects/tor-onion-proxy-library/build
+++ b/projects/tor-onion-proxy-library/build
@@ -26,12 +26,17 @@ patch -p1 < $rootdir/0001-Bug-33931-Filter-bridges-in-stream-by-type.patch
 # Extract obfs4proxy from TorBrowser/Tor/PluggableTransports/obfs4proxy
 tar --strip-components=4 -xf $rootdir/[% c('input_files_by_name/obfs4') %]
 
-# Overwrite the obfs4proxy binary provided by Pluto
+# Extract snowflake from TorBrowser/Tor/PluggableTransports/snowflake
+tar --strip-components=4 -xf $rootdir/[% c('input_files_by_name/snowflake') %]
+
+# Overwrite the obfs4proxy binary provided by Pluto and add Snowflake
 for d in external/pluto/bin/*; do
   cp obfs4proxy $d/
+  cp snowflake-client $d/
 done
 
 rm obfs4proxy
+rm snowflake-client
 
 # Build Android Libraries and Apps
 $GRADLE_HOME/gradle-4.10.2/bin/gradle --offline --no-daemon -P androidplugin=3.1.0 -Dmaven.repo.local=$gradle_repo assembleRelease -x lint
diff --git a/projects/tor-onion-proxy-library/config b/projects/tor-onion-proxy-library/config
index 5d90481..cffcdd0 100644
--- a/projects/tor-onion-proxy-library/config
+++ b/projects/tor-onion-proxy-library/config
@@ -21,6 +21,8 @@ input_files:
     project: '[% c("var/compiler") %]'
   - project: obfs4
     name: obfs4
+  - project: snowflake
+    name: snowflake
   - filename: 'gradle-dependencies-[% c("var/gradle_dependencies_version") %]'
     name: gradle-dependencies
     exec: '[% INCLUDE "fetch-gradle-dependencies" %]'
diff --git a/rbm.conf b/rbm.conf
index ba1cc23..f2d0f4f 100644
--- a/rbm.conf
+++ b/rbm.conf
@@ -253,6 +253,9 @@ targets:
       android_min_api_x86_64: 21
       CC: '$ANDROID_NDK_HOME/[% c("var/toolchain_arch") %]/bin/clang'
       CXX: '$ANDROID_NDK_HOME/[% c("var/toolchain_arch") %]/bin/clang++'
+      # We only build snowflake on the alpha and nightly
+      # channels for now.
+      snowflake: '[% c("var/alpha") || c("var/nightly") %]'
       container:
         suite: buster
         arch: amd64

More information about the tor-commits mailing list