[tbb-commits] [tor-browser-build/master] Add meek and obfs4
boklm at torproject.org
boklm at torproject.org
Wed Feb 1 22:56:58 UTC 2017
commit 9cbe67960c0d80f393a72715dab4fb32afed7094
Author: Nicolas Vigier <boklm at torproject.org>
Date: Wed Feb 1 23:50:33 2017 +0100
Add meek and obfs4
---
keyring/goptlib.gpg | Bin 0 -> 5876 bytes
keyring/meek.gpg | Bin 0 -> 5876 bytes
keyring/obfs4.gpg | Bin 0 -> 41312 bytes
projects/ed25519/config | 18 ++++++++++
projects/go/build | 74 ++++++++++++++++++++++++++++++++++++++++
projects/go/config | 80 ++++++++++++++++++++++++++++++++++++++++++++
projects/goptlib/config | 18 ++++++++++
projects/goxcrypto/config | 24 +++++++++++++
projects/goxnet/config | 22 ++++++++++++
projects/meek/build | 49 +++++++++++++++++++++++++++
projects/meek/config | 15 +++++++++
projects/obfs4/build | 34 +++++++++++++++++++
projects/obfs4/config | 30 +++++++++++++++++
projects/siphash/config | 16 +++++++++
projects/tor-browser/build | 17 ++++++++--
projects/tor-browser/config | 4 +++
projects/uniuri/config | 20 +++++++++++
17 files changed, 419 insertions(+), 2 deletions(-)
diff --git a/keyring/goptlib.gpg b/keyring/goptlib.gpg
new file mode 100644
index 0000000..f3b543f
Binary files /dev/null and b/keyring/goptlib.gpg differ
diff --git a/keyring/meek.gpg b/keyring/meek.gpg
new file mode 100644
index 0000000..f3b543f
Binary files /dev/null and b/keyring/meek.gpg differ
diff --git a/keyring/obfs4.gpg b/keyring/obfs4.gpg
new file mode 100644
index 0000000..f26a4cd
Binary files /dev/null and b/keyring/obfs4.gpg differ
diff --git a/projects/ed25519/config b/projects/ed25519/config
new file mode 100644
index 0000000..5bab68b
--- /dev/null
+++ b/projects/ed25519/config
@@ -0,0 +1,18 @@
+# vim: filetype=yaml sw=2
+version: '[% c("abbrev") %]'
+git_url: https://github.com/agl/ed25519.git
+git_hash: c4161f4c7483313562781c61b9a20aba73daf9de
+filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz'
+remote_docker: 1
+
+build: '[% c("projects/go/var/build_go_lib") %]'
+
+var:
+ go_lib: github.com/agl/ed25519
+ go_lib_install:
+ - github.com/agl/ed25519/extra25519
+
+input_files:
+ - project: docker-image
+ - name: go
+ project: go
diff --git a/projects/go/build b/projects/go/build
new file mode 100644
index 0000000..2efd928
--- /dev/null
+++ b/projects/go/build
@@ -0,0 +1,74 @@
+#!/bin/bash
+set -e
+rootdir=$(pwd)
+distdir=/var/tmp/dist/[% project %]
+mkdir -p /var/tmp/dist
+
+[% IF c("var/linux") %]
+ # Config options for hardening-wrapper
+ export DEB_BUILD_HARDENING=1
+ export DEB_BUILD_HARDENING_STACKPROTECTOR=1
+ export DEB_BUILD_HARDENING_FORTIFY=1
+ export DEB_BUILD_HARDENING_FORMAT=1
+ export DEB_BUILD_HARDENING_PIE=1
+[% END %]
+
+mkdir -p /var/tmp/build
+
+# Building go 1.4.x
+# This is needed to bootstrap the go that we actually use
+# https://golang.org/doc/install/source#go14
+tar -C /var/tmp/build --transform='s,^go\>,go1.4,' -xf $rootdir/[% c('input_files_by_name/go14') %]
+cd /var/tmp/build/go1.4/src
+# Disable cgo to avoid conflicts with newer GCC. cgo is not needed for the bootstrap go.
+# https://github.com/golang/go/issues/13114#issuecomment-186922245
+# Disable CC etc. that are set up for cross builds.
+CGO_ENABLED=0 CC= CFLAGS= LDFLAGS= ./make.bash
+export GOROOT_BOOTSTRAP="/var/tmp/build/go1.4"
+
+cd $rootdir
+[% IF ! c("var/linux") %]
+ [% pc(c('var/compiler'), 'var/setup', { compiler_tarfile => c('input_files_by_name/' _ c('var/compiler')) }) %]
+[% END %]
+
+# Building go
+# http://golang.org/doc/install/source#environment
+tar -C /var/tmp/dist -xf $rootdir/[% c('input_files_by_name/go') %]
+export GOROOT="$distdir"
+cd /var/tmp/dist/go/src
+[% IF c("var/linux") -%]
+ ./make.bash
+[% ELSIF c("var/osx") -%]
+ # Create a cc-for-target script that closes over CC, CFLAGS, and LDFLAGS.
+ # Go's CC_FOR_TARGET only allows a command name, not a command with arguments.
+ # https://github.com/golang/go/issues/15457
+ CC_FOR_TARGET="$(pwd)/cc-for-target"
+ echo "#!/bin/sh" > "$CC_FOR_TARGET"
+ echo "exec $CC $CFLAGS $LDFLAGS -std=gnu99 \"\$@\"" >> "$CC_FOR_TARGET"
+ chmod +x "$CC_FOR_TARGET"
+ # http://golang.org/doc/install/source#environment
+ export GOOS=darwin
+ export GOARCH=386
+ # Remove a preprocessor directive that causes problems when building with the 10.7 SDK.
+ # https://github.com/golang/go/issues/17732
+ sed -i -e '/^#cgo CFLAGS:/s/-D__MAC_OS_X_VERSION_MAX_ALLOWED=1060//' crypto/x509/root_cgo_darwin.go
+ CGO_ENABLED=1 CC_FOR_TARGET="$CC_FOR_TARGET" CC= CFLAGS= LDFLAGS= ./make.bash
+[% ELSIF c("var/windows") -%]
+ # Create a cc-for-target script that closes over CC, CFLAGS, and LDFLAGS.
+ # Go's CC_FOR_TARGET only allows a command name, not a command with arguments.
+ # https://github.com/golang/go/issues/15457
+ CC_FOR_TARGET="$(pwd)/cc-for-target"
+ echo "#!/bin/sh" > "$CC_FOR_TARGET"
+ echo "exec i686-w64-mingw32-gcc [% c("var/CFLAGS") %] [% c("var/LDFLAGS") %] \"\$@\"" >> "$CC_FOR_TARGET"
+ chmod +x "$CC_FOR_TARGET"
+ # http://golang.org/doc/install/source#environment
+ export GOOS=windows
+ export GOARCH=386
+ CGO_ENABLED=1 CC_FOR_TARGET="$CC_FOR_TARGET" CC= CFLAGS= LDFLAGS= ./make.bash
+[% END -%]
+
+cd /var/tmp/dist
+[% c('tar', {
+ tar_src => [ project ],
+ tar_args => '-czf ' _ dest_dir _ '/' _ c('filename'),
+ }) %]
diff --git a/projects/go/config b/projects/go/config
new file mode 100644
index 0000000..a5920f5
--- /dev/null
+++ b/projects/go/config
@@ -0,0 +1,80 @@
+# vim: filetype=yaml sw=2
+version: 1.7.4
+filename: '[% project %]-[% c("version") %]-[% c("var/build_id") %].tar.gz'
+remote_docker: 1
+
+var:
+ go14_version: 1.4.3
+
+ setup: |
+ mkdir -p /var/tmp/dist
+ tar -C /var/tmp/dist -xf $rootdir/[% c("go_tarfile") %]
+ export GOOS=[% c("var/GOOS") %]
+ export GOARCH=[% c("var/GOARCH") %]
+ export GOPATH=/var/tmp/dist/gopath
+ export PATH=/var/tmp/dist/go/bin:"$PATH"
+
+ # Template build script for building a go library.
+ # This can be called as projects/go/var/build_go_lib.
+ # You need to define /var/go_lib, and optionaly var/go_lib_install as
+ # a list of install targets.
+ build_go_lib: |
+ #!/bin/bash
+ set -e
+ rootdir=$(pwd)
+ [% pc('go', 'var/setup', { go_tarfile => c('input_files_by_name/go') }) %]
+ distdir=/var/tmp/dist/[% project %]
+ mkdir -p /var/tmp/build
+ tar -C /var/tmp/build -xf [% project %]-[% c('version') %].tar.gz
+ mkdir -p $(dirname "$GOPATH/src/[% c("var/go_lib") %]")
+ mv /var/tmp/build/[% project %]-[% c('version') %] "$GOPATH/src/[% c("var/go_lib") %]"
+ cd "$GOPATH/src/[% c("var/go_lib") %]"
+ [% IF c("var/go_lib_install") -%]
+ [% FOREACH inst IN c("var/go_lib_install") %]
+ go install [% inst %]
+ [% END %]
+ [% ELSE %]
+ go install [% c("var/go_lib") %]
+ [% END %]
+ cd /var/tmp/dist
+ [% c('tar', {
+ tar_src => [ 'gopath' ],
+ tar_args => '-czf ' _ dest_dir _ '/' _ c('filename'),
+ }) %]
+
+targets:
+ windows-i686:
+ var:
+ GOOS: windows
+ GOARCH: 386
+ osx-x86_64:
+ var:
+ arch_deps:
+ - libc6-i386
+ - libstdc++6:i386
+ pre_pkginst: dpkg --add-architecture i386
+ compiler: macosx-toolchain-gcc
+ 10_7_SDK: 1
+ GOOS: darwin
+ GOARCH: 386
+ linux:
+ var:
+ GOOS: linux
+ linux-x86_64:
+ var:
+ GOARCH: amd64
+ linux-i686:
+ var:
+ GOARCH: 386
+
+input_files:
+ - project: docker-image
+ - name: '[% c("var/compiler") %]'
+ project: '[% c("var/compiler") %]'
+ enable: '[% c("var/windows") || c("var/osx") %]'
+ - URL: 'https://golang.org/dl/go[% c("version") %].src.tar.gz'
+ name: go
+ sha256sum: 4c189111e9ba651a2bb3ee868aa881fab36b2f2da3409e80885ca758a6b614cc
+ - URL: 'https://golang.org/dl/go[% c("var/go14_version") %].src.tar.gz'
+ name: go14
+ sha256sum: 9947fc705b0b841b5938c48b22dc33e9647ec0752bae66e50278df4f23f64959
diff --git a/projects/goptlib/config b/projects/goptlib/config
new file mode 100644
index 0000000..dd520ec
--- /dev/null
+++ b/projects/goptlib/config
@@ -0,0 +1,18 @@
+# vim: filetype=yaml sw=2
+version: 0.5
+git_url: https://git.torproject.org/pluggable-transports/goptlib.git
+git_hash: '[% c("version") %]'
+tag_gpg_id: 1
+gpg_keyring: goptlib.gpg
+filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz'
+remote_docker: 1
+
+build: '[% c("projects/go/var/build_go_lib") %]'
+
+var:
+ go_lib: git.torproject.org/pluggable-transports/goptlib.git
+
+input_files:
+ - project: docker-image
+ - name: go
+ project: go
diff --git a/projects/goxcrypto/config b/projects/goxcrypto/config
new file mode 100644
index 0000000..8362f28
--- /dev/null
+++ b/projects/goxcrypto/config
@@ -0,0 +1,24 @@
+# vim: filetype=yaml sw=2
+version: '[% c("abbrev") %]'
+git_url: https://go.googlesource.com/crypto
+git_hash: 4ed45ec682102c643324fae5dff8dab085b6c300
+filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz'
+remote_docker: 1
+
+build: '[% c("projects/go/var/build_go_lib") %]'
+
+var:
+ go_lib: golang.org/x/crypto
+ go_lib_install:
+ - golang.org/x/crypto/curve25519
+ - golang.org/x/crypto/hkdf
+ - golang.org/x/crypto/nacl/secretbox
+
+targets:
+ nightly:
+ git_hash: master
+
+input_files:
+ - project: docker-image
+ - name: go
+ project: go
diff --git a/projects/goxnet/config b/projects/goxnet/config
new file mode 100644
index 0000000..507f997
--- /dev/null
+++ b/projects/goxnet/config
@@ -0,0 +1,22 @@
+# vim: filetype=yaml sw=2
+version: '[% c("abbrev") %]'
+git_url: https://go.googlesource.com/net
+git_hash: 7dbad50ab5b31073856416cdcfeb2796d682f844
+filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz'
+remote_docker: 1
+
+build: '[% c("projects/go/var/build_go_lib") %]'
+
+var:
+ go_lib: golang.org/x/net
+ go_lib_install:
+ - golang.org/x/net/proxy
+
+targets:
+ nightly:
+ git_hash: master
+
+input_files:
+ - project: docker-image
+ - name: go
+ project: go
diff --git a/projects/meek/build b/projects/meek/build
new file mode 100644
index 0000000..d195e90
--- /dev/null
+++ b/projects/meek/build
@@ -0,0 +1,49 @@
+#!/bin/bash
+set -e
+rootdir=$(pwd)
+[% pc('go', 'var/setup', { go_tarfile => c('input_files_by_name/go') }) %]
+distdir=/var/tmp/dist/[% project %]
+[% IF c("var/osx") %]
+ PTDIR="$distdir/Contents/MacOS/Tor/PluggableTransports"
+ DOCSDIR="$distdir/Contents/Resources/TorBrowser/Docs/meek"
+[% ELSE %]
+ PTDIR="$distdir/TorBrowser/Tor/PluggableTransports"
+ DOCSDIR="$distdir/TorBrowser/Docs/meek"
+[% END %]
+mkdir -p $PTDIR $DOCSDIR
+
+tar -C /var/tmp/dist -xf [% c('input_files_by_name/goptlib') %]
+
+mkdir -p /var/tmp/build
+tar -C /var/tmp/build -xf [% project %]-[% c('version') %].tar.gz
+cd /var/tmp/build/[% project %]-[% c('version') %]
+
+cd meek-client
+go build -ldflags '-s'
+cp -a meek-client[% IF c("var/windows") %].exe[% END %] $PTDIR
+
+cd ../meek-client-torbrowser
+go build -ldflags '-s'
+cp -a meek-client-torbrowser[% IF c("var/windows") %].exe[% END %] $PTDIR
+
+
+[% IF c("var/windows") %]
+ cd ../terminateprocess-buffer
+ go build -ldflags '-s'
+ cp -a terminateprocess-buffer.exe $PTDIR
+[% END %]
+
+cd ..
+cp -a README doc/* $DOCSDIR
+
+cd firefox
+[% c('zip', {
+ zip_src => [ '.' ],
+ zip_args => '$distdir/meek-http-helper at bamsoftware.com.xpi',
+ }) %]
+
+cd $distdir
+[% c('tar', {
+ tar_src => [ '.' ],
+ tar_args => '-czf ' _ dest_dir _ '/' _ c('filename'),
+ }) %]
diff --git a/projects/meek/config b/projects/meek/config
new file mode 100644
index 0000000..84ed2bd
--- /dev/null
+++ b/projects/meek/config
@@ -0,0 +1,15 @@
+# vim: filetype=yaml sw=2
+version: 0.25
+git_url: https://git.torproject.org/pluggable-transports/meek.git
+git_hash: '[% c("version") %]'
+tag_gpg_id: 1
+gpg_keyring: meek.gpg
+filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz'
+remote_docker: 1
+
+input_files:
+ - project: docker-image
+ - name: go
+ project: go
+ - name: goptlib
+ project: goptlib
diff --git a/projects/obfs4/build b/projects/obfs4/build
new file mode 100644
index 0000000..ff313e9
--- /dev/null
+++ b/projects/obfs4/build
@@ -0,0 +1,34 @@
+#!/bin/bash
+set -e
+rootdir=$(pwd)
+[% pc('go', 'var/setup', { go_tarfile => c('input_files_by_name/go') }) %]
+distdir=/var/tmp/dist/[% project %]
+[% IF c("var/osx") %]
+ PTDIR="$distdir/Contents/MacOS/Tor/PluggableTransports"
+[% ELSE %]
+ PTDIR="$distdir/TorBrowser/Tor/PluggableTransports"
+[% END %]
+mkdir -p $PTDIR
+
+tar -C /var/tmp/dist -xf [% c('input_files_by_name/goptlib') %]
+tar -C /var/tmp/dist -xf [% c('input_files_by_name/ed25519') %]
+tar -C /var/tmp/dist -xf [% c('input_files_by_name/siphash') %]
+tar -C /var/tmp/dist -xf [% c('input_files_by_name/uniuri') %]
+tar -C /var/tmp/dist -xf [% c('input_files_by_name/goxcrypto') %]
+tar -C /var/tmp/dist -xf [% c('input_files_by_name/goxnet') %]
+
+mkdir -p /var/tmp/build
+tar -C /var/tmp/build -xf [% project %]-[% c('version') %].tar.gz
+cd /var/tmp/build/[% project %]-[% c('version') %]
+
+mkdir -p "$GOPATH/src/git.torproject.org/pluggable-transports"
+ln -sf "$PWD" "$GOPATH/src/git.torproject.org/pluggable-transports/obfs4.git"
+cd obfs4proxy
+go build -ldflags '-s'
+cp -a obfs4proxy[% IF c("var/windows") %].exe[% END %] $PTDIR
+
+cd $distdir
+[% c('tar', {
+ tar_src => [ '.' ],
+ tar_args => '-czf ' _ dest_dir _ '/' _ c('filename'),
+ }) %]
diff --git a/projects/obfs4/config b/projects/obfs4/config
new file mode 100644
index 0000000..952b054
--- /dev/null
+++ b/projects/obfs4/config
@@ -0,0 +1,30 @@
+# vim: filetype=yaml sw=2
+version: 0.0.5
+git_url: https://git.torproject.org/pluggable-transports/obfs4.git
+git_hash: 'obfs4proxy-[% c("version") %]'
+tag_gpg_id: 1
+gpg_keyring: obfs4.gpg
+filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz'
+remote_docker: 1
+
+targets:
+ nightly:
+ git_hash: master
+ tag_gpg_id: 0
+
+input_files:
+ - project: docker-image
+ - name: go
+ project: go
+ - name: goptlib
+ project: goptlib
+ - name: ed25519
+ project: ed25519
+ - name: siphash
+ project: siphash
+ - name: uniuri
+ project: uniuri
+ - name: goxcrypto
+ project: goxcrypto
+ - name: goxnet
+ project: goxnet
diff --git a/projects/siphash/config b/projects/siphash/config
new file mode 100644
index 0000000..0f3f4b5
--- /dev/null
+++ b/projects/siphash/config
@@ -0,0 +1,16 @@
+# vim: filetype=yaml sw=2
+version: '[% c("abbrev") %]'
+git_url: https://github.com/dchest/siphash.git
+git_hash: 42ba037e748c9062a75e0924705c43b893edefcd
+filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz'
+remote_docker: 1
+
+build: '[% c("projects/go/var/build_go_lib") %]'
+
+var:
+ go_lib: github.com/dchest/siphash
+
+input_files:
+ - project: docker-image
+ - name: go
+ project: go
diff --git a/projects/tor-browser/build b/projects/tor-browser/build
index a5f9e1d..e25a1d8 100644
--- a/projects/tor-browser/build
+++ b/projects/tor-browser/build
@@ -52,7 +52,9 @@ mv [% c('input_files_by_name/torbutton') %] $TBDIR/$EXTSPATH/torbutton at torprojec
mv [% c('input_files_by_name/https-everywhere') %] $TBDIR/$EXTSPATH/https-everywhere-eff at eff.org.xpi
mv [% c('input_files_by_name/noscript') %] $TBDIR/$EXTSPATH/{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
-# TODO: add meek xpi
+tar -C $TBDIR -xf [% c('input_files_by_name/obfs4') %]
+tar -C $TBDIR -xf [% c('input_files_by_name/meek') %]
+mv $TBDIR/meek-http-helper at bamsoftware.com.xpi $TBDIR/$MEEKPROFILEPATH/extensions/
tar -C $TBDIR[% IF c("var/osx") %]/Contents/Resources[% END %] -xf [% c('input_files_by_name/fonts') %]
@@ -105,7 +107,18 @@ tar -C $TBDIR[% IF ! c("var/osx") %]/TorBrowser[% END %] -xf [% c('input_files_b
cp -a Bundle-Data/Docs $TBDIR/$DOCSPATH
tar -C Bundle-Data/[% bundledata_osname %] -c . | tar -C $TBDIR[% IF ! c("var/osx") %]/TorBrowser[% END %] -x
-# TODO: install pluggable transports here
+cat Bundle-Data/PTConfigs/[% bundledata_osname %]/torrc-defaults-appendix >> $TBDIR/$TORCONFIGPATH/torrc-defaults
+cat Bundle-Data/PTConfigs/bridge_prefs.js >> $TBDIR/$EXTOVERRIDESPATH
+cat Bundle-Data/PTConfigs/meek-http-helper-user.js >> $TBDIR/$MEEKPROFILEPATH/user.js
+
+[% IF c("var/osx") %]
+ pushd $TBDIR
+ # Create the meek-template-sha256sum.txt file by generating a list
+ # of hashes (one for each file within the meek-http-helper profile) and
+ # and then generating one final hash from the contents of the list.
+ sha256sum `find $MEEKPROFILEPATH -type f | sort` | sha256sum | sed -e 's/ *-$//' > $MEEKPROFILEPATH/meek-template-sha256sum.txt
+ popd
+[% END %]
[% IF c("var/multi_lingual") %]
echo 'pref("extensions.torlauncher.prompt_for_locale", false);' >> $TBDIR/$EXTOVERRIDESPATH
diff --git a/projects/tor-browser/config b/projects/tor-browser/config
index 9ec262b..01463d9 100644
--- a/projects/tor-browser/config
+++ b/projects/tor-browser/config
@@ -42,6 +42,10 @@ input_files:
name: https-everywhere
- project: fonts
name: fonts
+ - project: meek
+ name: meek
+ - project: obfs4
+ name: obfs4
- filename: Bundle-Data
- URL: https://addons.cdn.mozilla.net/user-media/addons/722/noscript_security_suite-2.9.5.3-fx+sm.xpi
name: noscript
diff --git a/projects/uniuri/config b/projects/uniuri/config
new file mode 100644
index 0000000..62fa8ef
--- /dev/null
+++ b/projects/uniuri/config
@@ -0,0 +1,20 @@
+# vim: filetype=yaml sw=2
+version: '[% c("abbrev") %]'
+git_url: https://github.com/dchest/uniuri
+git_hash: 8902c56451e9b58ff940bbe5fec35d5f9c04584a
+filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz'
+remote_docker: 1
+
+build: '[% c("projects/go/var/build_go_lib") %]'
+
+var:
+ go_lib: github.com/dchest/uniuri
+
+targets:
+ nightly:
+ git_hash: master
+
+input_files:
+ - project: docker-image
+ - name: go
+ project: go
More information about the tbb-commits
mailing list