[tbb-commits] [Git][tpo/applications/tor-browser-build][main] 4 commits: Bug 41361: Reproducible conjure builds
Richard Pospesel (@richard)
git at gitlab.torproject.org
Tue Jan 31 20:58:17 UTC 2023
Richard Pospesel pushed to branch main at The Tor Project / Applications / tor-browser-build
Commits:
144d70db by Cecylia Bocovich at 2023-01-31T20:56:23+00:00
Bug 41361: Reproducible conjure builds
Add a conjure project and go dependencies to reproducibly build the
conjure client on all platforms.
- - - - -
76c3558e by Cecylia Bocovich at 2023-01-31T20:56:23+00:00
Bug 41361: Add conjure line to torrc-defaults
Add the ClientTransportPlugin line for conjure to the torrc-defaults for
desktop all platforms.
- - - - -
c3c4bd9f by Cecylia Bocovich at 2023-01-31T20:56:23+00:00
Bug 41361: Add conjure to tor-expert-bundle
- - - - -
d5a12bf8 by Cecylia Bocovich at 2023-01-31T20:56:23+00:00
Bug 41361: Move conjure README to the docs dir
- - - - -
18 changed files:
- projects/browser/Bundle-Data/PTConfigs/linux/torrc-defaults-appendix
- projects/browser/Bundle-Data/PTConfigs/mac/torrc-defaults-appendix
- projects/browser/Bundle-Data/PTConfigs/windows/torrc-defaults-appendix
- projects/browser/build
- + projects/bsbuffer/config
- + projects/conjure/build
- + projects/conjure/config
- + projects/go-cmp/config
- + projects/goprotobuf/config
- + projects/gotapdance/config
- + projects/logrus/config
- + projects/obfs4-lib/config
- + projects/protobuf/config
- + projects/snowflake-lib/config
- projects/tor-expert-bundle/build
- projects/tor-expert-bundle/config
- projects/tor-expert-bundle/pt_config.json
- + projects/weightedrand/config
Changes:
=====================================
projects/browser/Bundle-Data/PTConfigs/linux/torrc-defaults-appendix
=====================================
@@ -6,3 +6,6 @@ ClientTransportPlugin snowflake exec ./TorBrowser/Tor/PluggableTransports/snowfl
## webtunnel configuration
ClientTransportPlugin webtunnel exec ./TorBrowser/Tor/PluggableTransports/webtunnel-client
+
+## conjure configuration
+ClientTransportPlugin conjure exec ./TorBrowser/Tor/PluggableTransports/conjure-client -registerURL https://registration.refraction.network/api
=====================================
projects/browser/Bundle-Data/PTConfigs/mac/torrc-defaults-appendix
=====================================
@@ -6,3 +6,6 @@ ClientTransportPlugin snowflake exec PluggableTransports/snowflake-client
## webtunnel configuration
ClientTransportPlugin webtunnel exec PluggableTransports/webtunnel-client
+
+## conjure configuration
+ClientTransportPlugin conjure exec PluggableTransports/conjure-client -registerURL https://registration.refraction.network/api
=====================================
projects/browser/Bundle-Data/PTConfigs/windows/torrc-defaults-appendix
=====================================
@@ -6,3 +6,6 @@ ClientTransportPlugin snowflake exec TorBrowser\Tor\PluggableTransports\snowflak
## webtunnel configuration
ClientTransportPlugin webtunnel exec TorBrowser\Tor\PluggableTransports\webtunnel-client.exe
+
+## conjure configuration
+ClientTransportPlugin conjure exec TorBrowser\Tor\PluggableTransports\conjure-client.exe -registerURL https://registration.refraction.network/api
=====================================
projects/browser/build
=====================================
@@ -100,13 +100,14 @@ mv [% c('input_files_by_name/noscript') %] "$TBDIR/$EXTSPATH/{73a6fe31-595d-460b
rm -f aarch64/tor/pluggable_transports/bridges_list.*.txt aarch64/tor/pluggable_transports/pt_config.json
[% END -%]
- # Snowflake's README is a documentation shipped in tor-expert-bundle
+ # Move READMEs from tor-expert-bundle to the doc dir
mkdir -p "$TBDIR/$DOCSPATH/snowflake" [% IF c("var/macos_universal") %]"$TBDIR_AARCH64/$DOCSPATH/snowflake"[% END %]
- mv_tbdir tor/pluggable_transports/README.SNOWFLAKE.md "$DOCSPATH/snowflake/README.md"
-
- # WebTunnel's README is a documentation shipped in tor-expert-bundle
+
mkdir -p "$TBDIR/$DOCSPATH/webtunnel" [% IF c("var/macos_universal") %]"$TBDIR_AARCH64/$DOCSPATH/webtunnel"[% END %]
+ mkdir -p "$TBDIR/$DOCSPATH/conjure" [% IF c("var/macos_universal") %]"$TBDIR_AARCH64/$DOCSPATH/conjure"[% END %]
+ mv_tbdir tor/pluggable_transports/README.SNOWFLAKE.md "$DOCSPATH/snowflake/README.md"
mv_tbdir tor/pluggable_transports/README.WEBTUNNEL.md "$DOCSPATH/webtunnel/README.md"
+ mv_tbdir tor/pluggable_transports/README.CONJURE.md "$DOCSPATH/conjure/README.md"
# Move the PTs to where TB expects them
mkdir -p "$TBDIR/$TORBINPATH" [% IF c("var/macos_universal") %]"$TBDIR_AARCH64/$TORBINPATH"[% END %]
=====================================
projects/bsbuffer/config
=====================================
@@ -0,0 +1,17 @@
+# vim: filetype=yaml sw=2
+version: '[% c("abbrev") %]'
+git_url: https://github.com/sergeyfrolov/bsbuffer
+git_hash: 94e85abb850729a5f54f383e8175e62931d04748
+filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz'
+container:
+ use_container: 1
+
+build: '[% c("projects/go/var/build_go_lib") %]'
+
+var:
+ go_lib: github.com/sergeyfrolov/bsbuffer
+
+input_files:
+ - project: container-image
+ - name: go
+ project: go
=====================================
projects/conjure/build
=====================================
@@ -0,0 +1,38 @@
+#!/bin/bash
+[% c("var/set_default_env") -%]
+[% pc('go', 'var/setup', { go_tarfile => c('input_files_by_name/go') }) %]
+distdir=/var/tmp/dist/[% project %]
+mkdir -p $distdir
+
+[% IF c("var/android") -%]
+ [% pc(c('var/compiler'), 'var/setup', { compiler_tarfile => c('input_files_by_name/' _ c('var/compiler')) }) %]
+ # We need to explicitly set CGO_ENABLED with Go 1.13.x as the Android build
+ # breaks otherwise.
+ export CGO_ENABLED=1
+[% END -%]
+
+tar -C /var/tmp/dist -xf [% c('input_files_by_name/goptlib') %]
+tar -C /var/tmp/dist -xf [% c('input_files_by_name/snowflake-lib') %]
+tar -C /var/tmp/dist -xf [% c('input_files_by_name/gotapdance') %]
+
+mkdir -p /var/tmp/build
+tar -C /var/tmp/build -xf [% project %]-[% c('version') %].tar.gz
+cd /var/tmp/build/[% project %]-[% c('version') %]
+
+mkdir -p "$GOPATH/src/gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conjure.git"
+
+# Fix gopath location of versioned dependencies
+ln -sf "$GOPATH/src/git.torproject.org/pluggable-transports/snowflake.git" "$GOPATH/src/git.torproject.org/pluggable-transports/snowflake.git/v2"
+
+cd client
+go build -ldflags '-s'
+cp -a client[% IF c("var/windows") %].exe[% END %] $distdir/conjure-client[% IF c("var/windows") %].exe[% END %]
+
+cd ..
+cp -a README.md $distdir/README.CONJURE.md
+
+cd $distdir
+[% c('tar', {
+ tar_src => [ '.' ],
+ tar_args => '-czf ' _ dest_dir _ '/' _ c('filename'),
+ }) %]
=====================================
projects/conjure/config
=====================================
@@ -0,0 +1,21 @@
+# vim: filetype=yaml sw=2
+version: '[% c("abbrev") %]'
+git_url: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conjure.git
+git_hash: b7d485734c3ab09ef3da818abb4b39ec27ef3a73
+filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz'
+container:
+ use_container: 1
+
+input_files:
+ - project: container-image
+ - name: go
+ project: go
+ - name: goptlib
+ project: goptlib
+ - name: gotapdance
+ project: gotapdance
+ - name: snowflake-lib
+ project: snowflake-lib
+ - name: '[% c("var/compiler") %]'
+ project: '[% c("var/compiler") %]'
+ enable: '[% c("var/android") %]'
=====================================
projects/go-cmp/config
=====================================
@@ -0,0 +1,23 @@
+# vim: filetype=yaml sw=2
+version: '[% c("abbrev") %]'
+git_url: https://github.com/google/go-cmp
+git_hash: 8fa37b4dd109f12e42b131e485268768f18bcbf8 #v0.5.5
+filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz'
+container:
+ use_container: 1
+
+build: '[% c("projects/go/var/build_go_lib") %]'
+
+var:
+ go_lib: github.com/google/go-cmp
+ go_lib_deps:
+ - goxxerrors
+ build_go_lib_pre: |
+ cd "cmp"
+
+input_files:
+ - project: container-image
+ - name: go
+ project: go
+ - name: goxxerrors
+ project: goxxerrors
=====================================
projects/goprotobuf/config
=====================================
@@ -0,0 +1,23 @@
+# vim: filetype=yaml sw=2
+version: '[% c("abbrev") %]'
+git_url: https://github.com/golang/protobuf
+git_hash: ae97035608a719c7a1c1c41bed0ae0744bdb0c6f #v1.5.2
+filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz'
+container:
+ use_container: 1
+
+build: '[% c("projects/go/var/build_go_lib") %]'
+
+var:
+ go_lib: github.com/golang/protobuf
+ go_lib_install:
+ - github.com/golang/protobuf/proto
+ go_lib_deps:
+ - protobuf
+
+input_files:
+ - project: container-image
+ - name: go
+ project: go
+ - name: protobuf
+ project: protobuf
=====================================
projects/gotapdance/config
=====================================
@@ -0,0 +1,47 @@
+# vim: filetype=yaml sw=2
+version: '[% c("abbrev") %]'
+git_url: https://github.com/refraction-networking/gotapdance
+git_hash: 14162bd2967839d5d873645881f4a4761fb7bb48 #v1.3.0
+filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz'
+container:
+ use_container: 1
+
+build: '[% c("projects/go/var/build_go_lib") %]'
+
+var:
+ go_lib: github.com/refraction-networking/gotapdance
+ go_lib_deps:
+ - bsbuffer
+ - goprotobuf
+ - goptlib
+ - goxcrypto
+ - goxnet
+ - logrus
+ - obfs4-lib
+ - refraction-utls
+ - weightedrand
+ go_lib_install:
+ - github.com/refraction-networking/gotapdance/tapdance
+
+input_files:
+ - project: container-image
+ - name: go
+ project: go
+ - name: bsbuffer
+ project: bsbuffer
+ - name: goprotobuf
+ project: goprotobuf
+ - name: goptlib
+ project: goptlib
+ - name: goxcrypto
+ project: goxcrypto
+ - name: goxnet
+ project: goxnet
+ - name: logrus
+ project: logrus
+ - name: obfs4-lib
+ project: obfs4-lib
+ - name: refraction-utls
+ project: refraction-utls
+ - name: weightedrand
+ project: weightedrand
=====================================
projects/logrus/config
=====================================
@@ -0,0 +1,24 @@
+# vim: filetype=yaml sw=2
+version: '[% c("abbrev") %]'
+git_url: https://github.com/sirupsen/logrus
+git_hash: bdc0db8ead3853c56b7cd1ac2ba4e11b47d7da6b #v1.8.1
+filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz'
+container:
+ use_container: 1
+
+build: '[% c("projects/go/var/build_go_lib") %]'
+
+var:
+ go_lib: github.com/sirupsen/logrus
+ go_lib_deps:
+ - goxcrypto
+ - goxsys
+
+input_files:
+ - project: container-image
+ - name: go
+ project: go
+ - name: goxcrypto
+ project: goxcrypto
+ - name: goxsys
+ project: goxsys
=====================================
projects/obfs4-lib/config
=====================================
@@ -0,0 +1,39 @@
+# vim: filetype=yaml sw=2
+version: '[% c("abbrev") %]'
+git_url: https://gitlab.com/yawning/obfs4.git
+git_hash: 77af0cba934d73c4baeb709560bcfc9a9fbc661c
+filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz'
+container:
+ use_container: 1
+
+build: '[% c("projects/go/var/build_go_lib") %]'
+
+var:
+ go_lib: gitlab.com/yawning/obfs4.git
+ go_lib_deps:
+ - edwards25519
+ - edwards25519-extra
+ - goptlib
+ - goxcrypto
+ - goxnet
+ - siphash
+ go_lib_install:
+ - gitlab.com/yawning/obfs4.git/common/ntor
+ - gitlab.com/yawning/obfs4.git/transports/obfs4
+
+input_files:
+ - project: container-image
+ - name: go
+ project: go
+ - name: edwards25519
+ project: edwards25519
+ - name: edwards25519-extra
+ project: edwards25519-extra
+ - name: goptlib
+ project: goptlib
+ - name: goxcrypto
+ project: goxcrypto
+ - name: goxnet
+ project: goxnet
+ - name: siphash
+ project: siphash
=====================================
projects/protobuf/config
=====================================
@@ -0,0 +1,23 @@
+# vim: filetype=yaml sw=2
+version: '[% c("abbrev") %]'
+git_url: https://github.com/protocolbuffers/protobuf-go
+git_hash: f2d1f6cbe10b90d22296ea09a7217081c2798009 #v1.26.0
+filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz'
+container:
+ use_container: 1
+
+build: '[% c("projects/go/var/build_go_lib") %]'
+
+var:
+ go_lib: google.golang.org/protobuf
+ go_lib_install:
+ - google.golang.org/protobuf/cmd/protoc-gen-go/internal_gengo
+ - google.golang.org/protobuf/compiler/protogen
+ - google.golang.org/protobuf/reflect/protodesc
+ - google.golang.org/protobuf/proto
+ - google.golang.org/protobuf/encoding/protojson
+
+input_files:
+ - project: container-image
+ - name: go
+ project: go
=====================================
projects/snowflake-lib/config
=====================================
@@ -0,0 +1,19 @@
+# vim: filetype=yaml sw=2
+version: '[% c("abbrev") %]'
+git_url: https://git.torproject.org/pluggable-transports/snowflake.git
+git_hash: 01ae5b56e8399d29aa18605dc9add913d84dc553
+filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz'
+container:
+ use_container: 1
+
+build: '[% c("projects/go/var/build_go_lib") %]'
+
+var:
+ go_lib: git.torproject.org/pluggable-transports/snowflake.git
+ go_lib_install:
+ - git.torproject.org/pluggable-transports/snowflake.git/common/safelog
+
+input_files:
+ - project: container-image
+ - name: go
+ project: go
=====================================
projects/tor-expert-bundle/build
=====================================
@@ -12,6 +12,7 @@ mkdir pluggable_transports && cd pluggable_transports
tar -xkf $rootdir/[% c('input_files_by_name/obfs4') %]
tar -xkf $rootdir/[% c('input_files_by_name/snowflake') %]
tar -xkf $rootdir/[% c('input_files_by_name/webtunnel') %]
+tar -xkf $rootdir/[% c('input_files_by_name/conjure') %]
# copy in bridge lines for each pluggable transport
mv $rootdir/bridges_list.obfs4.txt .
=====================================
projects/tor-expert-bundle/config
=====================================
@@ -20,6 +20,8 @@ input_files:
project: snowflake
- project: webtunnel
name: webtunnel
+ - name: conjure
+ project: conjure
- filename: pt_config.json
- filename: bridges_list.obfs4.txt
- filename: bridges_list.meek-azure.txt
=====================================
projects/tor-expert-bundle/pt_config.json
=====================================
@@ -3,7 +3,8 @@
"pluggableTransports" : {
"obfs4proxy" : "ClientTransportPlugin meek_lite,obfs2,obfs3,obfs4,scramblesuit exec ${pt_path}obfs4proxy${pt_extension}",
"snowflake" : "ClientTransportPlugin snowflake exec ${pt_path}snowflake-client${pt_extension}",
- "webtunnel" : "ClientTransportPlugin webtunnel exec ${pt_path}webtunnel-client${pt_extension}"
+ "webtunnel" : "ClientTransportPlugin webtunnel exec ${pt_path}webtunnel-client${pt_extension}",
+ "conjure" : "ClientTransportPlugin conjure exec ${pt_path}conjure-client${pt_extension} -registerURL https://registration.refraction.network/api"
},
"bridges" : {
"meek-azure" : [
=====================================
projects/weightedrand/config
=====================================
@@ -0,0 +1,17 @@
+# vim: filetype=yaml sw=2
+version: '[% c("abbrev") %]'
+git_url: https://github.com/mroth/weightedrand
+git_hash: 0d642756f17d052e03f6ca68ee9264022f7d26af #v0.4.1
+filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz'
+container:
+ use_container: 1
+
+build: '[% c("projects/go/var/build_go_lib") %]'
+
+var:
+ go_lib: github.com/mroth/weightedrand
+
+input_files:
+ - project: container-image
+ - name: go
+ project: go
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/56ade2cfa69b6696492356eb480a996e74e4bc3c...d5a12bf8998dc254d5583fd44816b5c61e92598c
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/56ade2cfa69b6696492356eb480a996e74e4bc3c...d5a12bf8998dc254d5583fd44816b5c61e92598c
You're receiving this email because of your account on gitlab.torproject.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tbb-commits/attachments/20230131/a33c76f3/attachment-0001.htm>
More information about the tbb-commits
mailing list