[tor-bugs] #28672 [Obfuscation/Snowflake]: Android reproducible build of Snowflake

Tor Bug Tracker & Wiki blackhole at torproject.org
Sat Mar 9 01:14:34 UTC 2019 

#28672: Android reproducible build of Snowflake
-----------------------------------+---------------------------
 Reporter:  dcf                    |          Owner:  (none)
     Type:  project                |         Status:  new
 Priority:  Medium                 |      Milestone:
Component:  Obfuscation/Snowflake  |        Version:
 Severity:  Normal                 |     Resolution:
 Keywords:  android                |  Actual Points:
Parent ID:  #19001                 |         Points:
 Reviewer:                         |        Sponsor:  Sponsor19
-----------------------------------+---------------------------

Comment (by dcf):

 Replying to [comment:6 gk]:
 > dcf: do you have a script/instructions somewhere on how to build the
 whole thing which we could then translate into our `tor-browser-build`
 process? If you plan to do that work yourself, you are more than welcome!
 :). We'll likely put that on our plate otherwise.

 I didn't do anything beyond making sure that go-webrtc and snowflake would
 compile for Android, because I don't know how the pluggable transport
 integration works on Android. eighthave was showing us a `gomobile bind`
 setup that doesn't use separate executables (requires patching out
 `package main`) and I didn't know if that was how it was going to be done.

 I think that go-webrtc will only require minor changes in
 projects/webrtc/config and projects/snowflake/config. Here you can see the
 changes we made in the upstream build script:
   https://github.com/keroserene/go-webrtc/pull/90/files#diff-
 0b83f9dedf40d7356e5ca147a077acb4
 In projects/webrtc/config:
  * Set `TARGET_OS=android` `TARGET_CPU=arm`
  * Append `target_os = [ 'android' ]` to .gclient. I think it's safe to do
 across all targets, as it only affects what gets downloaded.
  * In `gclient sync`, `echo n` to not agree to the proprietary Google Play
 services license (also prevents the Play libraries from downloading). You
 could alternately patch out this check, etc.
  * In `gn gen`, set `symbol_level=0`. This is needed to actually disable
 debugging symbols; otherwise the libwebrtc is like 100 MB.
  * Upstream we are using Google's prebuilt arm-linux-androideabi-ar, but
 it would be better to build your own.
 In projects/snowflake/config:
  * Set `GOOS=android` `GOARCH=arm`.
  * You may have to copy webrtc-android-armeabi-v7a.pc over webrtc-linux-
 arm.pc, as in [https://gitlab.com/eighthave/snowflake/blob/master/.gitlab-
 ci.yml#L92 eighthave's script].

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/28672#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list