diff options
| author | Micah Lee <micah@micahflee.com> | 2022-06-19 14:57:37 -0400 |
|---|---|---|
| committer | Micah Lee <micah@micahflee.com> | 2022-06-19 14:57:37 -0400 |
| commit | 8ff1a0b29459a48bd15de099860061e874592965 (patch) | |
| tree | 89a226b1d7810bc320164daef7d7826c2e999134 | |
| parent | 7526141024fef0b0e45403ffd2415a581c5b2f63 (diff) | |
| download | onionshare-8ff1a0b29459a48bd15de099860061e874592965.tar.gz onionshare-8ff1a0b29459a48bd15de099860061e874592965.zip | |
Make scripts to build PT binaries, and run those in CI
| -rw-r--r-- | .circleci/config.yml | 240 | ||||
| -rw-r--r-- | desktop/README.md | 20 | ||||
| -rwxr-xr-x | desktop/scripts/build-meek-client.py | 80 | ||||
| -rw-r--r-- | desktop/scripts/build-pt-meek.ps1 | 9 | ||||
| -rwxr-xr-x | desktop/scripts/build-pt-meek.sh | 9 | ||||
| -rw-r--r-- | desktop/scripts/build-pt-obfs4proxy.ps1 | 9 | ||||
| -rwxr-xr-x | desktop/scripts/build-pt-obfs4proxy.sh | 9 | ||||
| -rw-r--r-- | desktop/scripts/build-pt-snowflake.ps1 | 9 | ||||
| -rwxr-xr-x | desktop/scripts/build-pt-snowflake.sh | 9 | ||||
| -rw-r--r-- | desktop/scripts/get-tor.py | 129 |
10 files changed, 187 insertions, 336 deletions
diff --git a/.circleci/config.yml b/.circleci/config.yml index 45519b87..5c0e36a0 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -17,10 +17,10 @@ workflows: requires: - test-cli # - test-gui - # - build-macos: - # requires: - # - test-cli - # # - test-gui + - build-macos: + requires: + - test-cli + # - test-gui jobs: test-cli: @@ -86,13 +86,6 @@ jobs: executor: name: win/default shell: powershell.exe - environment: - # NOTE: change when upgrading obfs4proxy - OBFS4PROXY_TAG: obfs4proxy-0.0.13 - # NOTE: change when upgrading snowflake - SNOWFLAKE_TAG: v2.2.0 - # NOTE: change when upgrading meek - MEEK_TAG: v0.37.0 steps: - checkout @@ -120,85 +113,60 @@ jobs: - restore_cache: key: get-tor-{{ checksum "desktop/scripts/get-tor.py" }}-{{ .Environment.CACHE_VERSION }} - run: - name: Get tor binaries from Tor Browser (32-bit) + name: Get tor binaries from Tor Browser (64-bit) command: | cd desktop - poetry run python .\scripts\get-tor.py + poetry run python .\scripts\get-tor.py win64 - save_cache: key: get-tor-{{ checksum "desktop/scripts/get-tor.py" }}-{{ .Environment.CACHE_VERSION }} paths: - C:\Users\circleci\project\desktop\build\tor - restore_cache: - # NOTE: change when upgrading obfs4proxy - key: build-win64-obfs4proxy-v0.0.13-{{ .Environment.CACHE_VERSION }} + key: build-win64-obfs4proxy-{{ checksum "~/project/desktop/scripts/build-pt-obfs4proxy.ps1" }}-{{ .Environment.CACHE_VERSION }} - run: name: Build obfs4proxy command: | if ((Test-Path -Path C:\Users\circleci\project\desktop\onionshare\resources\tor\obfs4proxy.exe) -eq $True) { Write-Output "obfs4proxy already built" } else { - # curl https://keys.openpgp.org/vks/v1/by-fingerprint/9EB1A490C73CC5D44DFB3E47BFBD1C7B8A6EC81A | gpg --import - New-Item -ItemType Directory -Force -Path C:\Users\circleci\src\obfs4proxy - cd C:\Users\circleci\src\obfs4proxy - git clone https://gitlab.com/yawning/obfs4 - cd obfs4 - # TODO: verify signature - git checkout $OBFS4PROXY_TAG - go build .\obfs4proxy - Move-Item -Path .\obfs4proxy.exe -Destination C:\Users\circleci\project\desktop\onionshare\resources\tor\obfs4proxy.exe + cd C:\Users\circleci\project\desktop + .\scripts\build-pt-obfs4proxy.ps1 } - save_cache: - # NOTE: change when upgrading obfs4proxy - key: build-win64-obfs4proxy-v0.0.13-{{ .Environment.CACHE_VERSION }} + key: build-win64-obfs4proxy-{{ checksum "~/project/desktop/scripts/build-pt-obfs4proxy.ps1" }}-{{ .Environment.CACHE_VERSION }} paths: - C:\Users\circleci\project\desktop\onionshare\resources\tor\obfs4proxy.exe - restore_cache: - # NOTE: change when upgrading snowflake - key: build-win64-snowflake-v2.1.0-{{ .Environment.CACHE_VERSION }} + key: build-win64-snowflake-{{ checksum "~/project/desktop/scripts/build-pt-snowflake.ps1" }}-{{ .Environment.CACHE_VERSION }} - run: name: Build snowflake-client command: | if ((Test-Path -Path C:\Users\circleci\project\desktop\onionshare\resources\tor\snowflake-client.exe) -eq $True) { Write-Output "snowflake already built" } else { - New-Item -ItemType Directory -Force -Path C:\Users\circleci\src\obfs4proxy - cd C:\Users\circleci\src\obfs4proxy - git clone https://git.torproject.org/pluggable-transports/snowflake.git - cd snowflake - # TODO: verify signature - git checkout $SNOWFLAKE_TAG - go build .\client - Move-Item -Path .\client.exe -Destination C:\Users\circleci\project\desktop\onionshare\resources\tor\snowflake-client.exe + cd C:\Users\circleci\project\desktop + .\scripts\build-pt-snowflake.ps1 } - save_cache: - # NOTE: change when upgrading snowflake - key: build-win64-snowflake-v2.1.0-{{ .Environment.CACHE_VERSION }} + key: build-win64-snowflake-{{ checksum "~/project/desktop/scripts/build-pt-snowflake.ps1" }}-{{ .Environment.CACHE_VERSION }} paths: - C:\Users\circleci\project\desktop\onionshare\resources\tor\snowflake-client.exe - restore_cache: - # NOTE: change when upgrading meek - key: build-win64-meek-v0.37.0-{{ .Environment.CACHE_VERSION }} + key: build-win64-meek-{{ checksum "~/project/desktop/scripts/build-pt-meek.ps1" }}-{{ .Environment.CACHE_VERSION }} - run: name: Build meek-client command: | if ((Test-Path -Path C:\Users\circleci\project\desktop\onionshare\resources\tor\meek-client.exe) -eq $True) { Write-Output "snowflake already built" } else { - New-Item -ItemType Directory -Force -Path C:\Users\circleci\src\meek - cd C:\Users\circleci\src\meek - git clone https://git.torproject.org/pluggable-transports/meek.git - cd meek - # TODO: verify signature - git checkout $MEEK_TAG - go build .\meek-client - Move-Item -Path .\meek-client.exe -Destination C:\Users\circleci\project\desktop\onionshare\resources\tor\meek-client.exe + cd C:\Users\circleci\project\desktop + .\scripts\build-pt-meek.ps1 } - save_cache: - # NOTE: change when upgrading meek - key: build-win64-meek-v0.37.0-{{ .Environment.CACHE_VERSION }} + key: build-win64-meek-{{ checksum "~/project/desktop/scripts/build-pt-meek.ps1" }}-{{ .Environment.CACHE_VERSION }} paths: - C:\Users\circleci\project\desktop\onionshare\resources\tor\meek-client.exe @@ -222,13 +190,6 @@ jobs: executor: name: win/default shell: powershell.exe - environment: - # NOTE: change when upgrading obfs4proxy - OBFS4PROXY_TAG: obfs4proxy-0.0.13 - # NOTE: change when upgrading snowflake - SNOWFLAKE_TAG: v2.2.0 - # NOTE: change when upgrading meek - MEEK_TAG: v0.37.0 steps: - checkout @@ -259,7 +220,7 @@ jobs: name: Get tor binaries from Tor Browser (32-bit) command: | cd desktop - C:\Python-32bit\Scripts\poetry run python .\scripts\get-tor.py + C:\Python-32bit\Scripts\poetry run python .\scripts\get-tor.py win32 - save_cache: key: get-tor-{{ checksum "desktop/scripts/get-tor.py" }}-{{ .Environment.CACHE_VERSION }} paths: @@ -273,75 +234,53 @@ jobs: msiexec.exe /i go1.18.windows-386.msi /quiet /L*V go-install.log - restore_cache: - # NOTE: change when upgrading obfs4proxy - key: build-win32-obfs4proxy-v0.0.13-{{ .Environment.CACHE_VERSION }} + key: build-win32-obfs4proxy-{{ checksum "~/project/desktop/scripts/build-pt-obfs4proxy.ps1" }}-{{ .Environment.CACHE_VERSION }} - run: - name: Build obfs4proxy (32-bit) + name: Build obfs4proxy command: | if ((Test-Path -Path C:\Users\circleci\project\desktop\onionshare\resources\tor\obfs4proxy.exe) -eq $True) { Write-Output "obfs4proxy already built" } else { - # curl https://keys.openpgp.org/vks/v1/by-fingerprint/9EB1A490C73CC5D44DFB3E47BFBD1C7B8A6EC81A | gpg --import - New-Item -ItemType Directory -Force -Path C:\Users\circleci\src\obfs4proxy - cd C:\Users\circleci\src\obfs4proxy - git clone https://gitlab.com/yawning/obfs4 - cd obfs4 - # TODO: verify signature - git checkout $OBFS4PROXY_TAG - & "C:\Program Files (x86)\Go\bin\go" build .\obfs4proxy - Move-Item -Path .\obfs4proxy.exe -Destination C:\Users\circleci\project\desktop\onionshare\resources\tor\obfs4proxy.exe + $env:PATH = "C:\Program Files (x86)\Go\bin\go;$env:PATH" + cd C:\Users\circleci\project\desktop + .\scripts\build-pt-obfs4proxy.ps1 } - save_cache: - # NOTE: change when upgrading obfs4proxy - key: build-win32-obfs4proxy-v0.0.13-{{ .Environment.CACHE_VERSION }} + key: build-win32-obfs4proxy-{{ checksum "~/project/desktop/scripts/build-pt-obfs4proxy.ps1" }}-{{ .Environment.CACHE_VERSION }} paths: - C:\Users\circleci\project\desktop\onionshare\resources\tor\obfs4proxy.exe - restore_cache: - # NOTE: change when upgrading snowflake - key: build-win32-snowflake-v2.1.0-{{ .Environment.CACHE_VERSION }} + key: build-win32-snowflake-{{ checksum "~/project/desktop/scripts/build-pt-snowflake.ps1" }}-{{ .Environment.CACHE_VERSION }} - run: - name: Build snowflake-client (32-bit) + name: Build snowflake-client command: | if ((Test-Path -Path C:\Users\circleci\project\desktop\onionshare\resources\tor\snowflake-client.exe) -eq $True) { Write-Output "snowflake already built" } else { - New-Item -ItemType Directory -Force -Path C:\Users\circleci\src\obfs4proxy - cd C:\Users\circleci\src\obfs4proxy - git clone https://git.torproject.org/pluggable-transports/snowflake.git - cd snowflake - # TODO: verify signature - git checkout $SNOWFLAKE_TAG - & "C:\Program Files (x86)\Go\bin\go" build .\client - Move-Item -Path .\client.exe -Destination C:\Users\circleci\project\desktop\onionshare\resources\tor\snowflake-client.exe + $env:PATH = "C:\Program Files (x86)\Go\bin\go;$env:PATH" + cd C:\Users\circleci\project\desktop + .\scripts\build-pt-snowflake.ps1 } - save_cache: - # NOTE: change when upgrading snowflake - key: build-win32-snowflake-v2.1.0-{{ .Environment.CACHE_VERSION }} + key: build-win32-snowflake-{{ checksum "~/project/desktop/scripts/build-pt-snowflake.ps1" }}-{{ .Environment.CACHE_VERSION }} paths: - C:\Users\circleci\project\desktop\onionshare\resources\tor\snowflake-client.exe - restore_cache: - # NOTE: change when upgrading meek - key: build-win32-meek-v0.37.0-{{ .Environment.CACHE_VERSION }} + key: build-win32-meek-{{ checksum "~/project/desktop/scripts/build-pt-meek.ps1" }}-{{ .Environment.CACHE_VERSION }} - run: - name: Build meek-client (32-bit) + name: Build meek-client command: | if ((Test-Path -Path C:\Users\circleci\project\desktop\onionshare\resources\tor\meek-client.exe) -eq $True) { Write-Output "snowflake already built" } else { - New-Item -ItemType Directory -Force -Path C:\Users\circleci\src\meek - cd C:\Users\circleci\src\meek - git clone https://git.torproject.org/pluggable-transports/meek.git - cd meek - # TODO: verify signature - git checkout $MEEK_TAG - & "C:\Program Files (x86)\Go\bin\go" build .\meek-client - Move-Item -Path .\meek-client.exe -Destination C:\Users\circleci\project\desktop\onionshare\resources\tor\meek-client.exe + $env:PATH = "C:\Program Files (x86)\Go\bin\go;$env:PATH" + cd C:\Users\circleci\project\desktop + .\scripts\build-pt-meek.ps1 } - save_cache: - # NOTE: change when upgrading meek - key: build-win32-meek-v0.37.0-{{ .Environment.CACHE_VERSION }} + key: build-win32-meek-{{ checksum "~/project/desktop/scripts/build-pt-meek.ps1" }}-{{ .Environment.CACHE_VERSION }} paths: - C:\Users\circleci\project\desktop\onionshare\resources\tor\meek-client.exe @@ -373,120 +312,25 @@ jobs: command: | brew install wget brew install go - - restore_cache: - key: build-libevent-2.1.12-tor-0.4.6.10 - - run: - name: Build libevent and tor - command: | - mkdir -p $BINARY_DIR/tor - # Download and verify libevent - cd ~/Downloads - URL=https://github.com/libevent/libevent/releases/download/release-2.1.12-stable/libevent-2.1.12-stable.tar.gz - FILENAME=libevent-2.1.12-stable.tar.gz - EXPECTED_SHA256=92e6de1be9ec176428fd2367677e61ceffc2ee1cb119035037a27d346b0403bb - wget $URL - SHA256=$(shasum -a 256 $FILENAME | cut -d" " -f1) - if [ "$SHA256" != "$EXPECTED_SHA256" ]; then echo "Failed" && exit -1; fi - tar -xvf $FILENAME - # Build libevent - cd libevent-2.1.12-stable - ./configure --disable-openssl --prefix=$BINARY_DIR/tor - make - make install - # Download and verify tor - cd ~/Downloads - URL=https://dist.torproject.org/tor-0.4.6.10.tar.gz - FILENAME=tor-0.4.6.10.tar.gz - EXPECTED_SHA256=94ccd60e04e558f33be73032bc84ea241660f92f58cfb88789bda6893739e31c - wget $URL - SHA256=$(shasum -a 256 $FILENAME | cut -d" " -f1) - if [ "$SHA256" != "$EXPECTED_SHA256" ]; then echo "Failed" && exit -1; fi - tar -xvf $FILENAME - # Build tor - cd tor-0.4.6.10 - ./configure --prefix=$BINARY_DIR/tor - make - make install - - save_cache: - key: build-libevent-2.1.12-tor-0.4.6.10 - paths: - - /Users/distiller/bin/tor - - restore_cache: - key: build-macos-obfs4proxy-v0.0.13 - - run: - name: Build obfs4proxy - command: | - # Get source code - mkdir ~/Downloads/obfs4proxy - cd ~/Downloads/obfs4proxy - git clone https://gitlab.com/yawning/obfs4 - cd obfs4 - git checkout obfs4proxy-0.0.13 - # Build - go build -o $BINARY_DIR/obfs4proxy ./obfs4proxy - - save_cache: - key: build-macos-obfs4proxy-v0.0.13 - paths: - - /Users/distiller/bin/obfs4proxy - - restore_cache: - key: build-macos-snowflake-v2.1.0 - - run: - name: Build snowflake-client - command: | - # Get source code - mkdir ~/Downloads/snowflake-client - cd ~/Downloads/snowflake-client - git clone https://git.torproject.org/pluggable-transports/snowflake.git - cd snowflake - git checkout v2.1.0 - # Build - go build -o $BINARY_DIR/snowflake-client ./client - - save_cache: - key: build-macos-snowflake-v2.1.0 - paths: - - /Users/distiller/bin/snowflake-client - - restore_cache: - key: build-macos-meek-v0.37.0 - - run: - name: Build meek-client - command: | - # Get source code - mkdir ~/Downloads/meek-client - cd ~/Downloads/meek-client - git clone https://git.torproject.org/pluggable-transports/meek.git - cd meek - git checkout v0.37.0 - # Build - go build -o $BINARY_DIR/meek-client ./meek-client - - save_cache: - key: build-macos-meek-v0.37.0 - paths: - - /Users/distiller/bin/meek-client - - run: - name: Copy binaries into app - command: | - export DEST=~\project\desktop\onionshare\resources\tor - cp $BINARY_DIR/tor/bin/tor $DEST - cp $BINARY_DIR/tor/lib/libevent-2.1.7.dylib $DEST - cp $BINARY_DIR/tor/share/tor/geoip* $DEST - cp $BINARY_DIR/obfs4proxy $DEST - cp $BINARY_DIR/snowflake-client $DEST - cp $BINARY_DIR/meek-client $DEST + - run: name: Install Python 3.9.12 command: | wget https://www.python.org/ftp/python/3.9.12/python-3.9.12-macosx10.9.pkg -O ~/Downloads/python.pkg sudo installer -pkg ~/Downloads/python.pkg -target / + - run: name: Install poetry command: | pip3 install poetry ln -s /Library/Frameworks/Python.framework/Versions/3.9/bin/poetry /usr/local/bin + - run: name: Install poetry dependencies command: | cd ~/project/desktop poetry install + - run: name: Build OnionShare command: | @@ -494,10 +338,12 @@ jobs: poetry run python ./setup-freeze.py build poetry run python ./setup-freeze.py bdist_mac poetry run python ./scripts/build-macos.py cleanup-build + - run: name: Compress command: | cd ~/project/desktop/build zip -r ~/onionshare-macos.zip OnionShare.app + - store_artifacts: path: ~/onionshare-macos.zip diff --git a/desktop/README.md b/desktop/README.md index 31071782..5a070ee6 100644 --- a/desktop/README.md +++ b/desktop/README.md @@ -31,20 +31,32 @@ poetry install **Windows users:** Download and install 7-Zip from https://7-zip.org/download.html. [Add](https://medium.com/@kevinmarkvi/how-to-add-executables-to-your-path-in-windows-5ffa4ce61a53) `C:\Program Files (x86)\7-Zip` to your path. -Download Tor Browser and extract the binaries: +Download Tor Browser and extract the binaries for your platform. The platform must be `win32`, `win64`, `macos`, or `linux64`. ```sh -poetry run python ./scripts/get-tor.py +poetry run python ./scripts/get-tor.py [platform] ``` ### Compile dependencies Install Go. The simplest way to make sure everything works is to install Go by following [these instructions](https://golang.org/doc/install). -Download and compile `meek-client`: +Compile pluggable transports: + +**Windows users, in PowerShell:** + +```powershell +.\scripts\build-pt-obfs4proxy.ps1 +.\scripts\build-pt-snowflake.ps1 +.\scripts\build-pt-meek.ps1 +``` + +**macOS and Linux users:** ```sh -poetry run python ./scripts/build-meek-client.py +./scripts/build-pt-obfs4proxy.sh +./scripts/build-pt-snowflake.sh +./scripts/build-pt-meek.sh ``` ### Running OnionShare from the source code tree diff --git a/desktop/scripts/build-meek-client.py b/desktop/scripts/build-meek-client.py deleted file mode 100755 index 6e5d7974..00000000 --- a/desktop/scripts/build-meek-client.py +++ /dev/null @@ -1,80 +0,0 @@ -#!/usr/bin/env python3 -# -*- coding: utf-8 -*- -""" -OnionShare | https://onionshare.org/ - -Copyright (C) 2014-2022 Micah Lee, et al. <micah@micahflee.com> - -This program is free software: you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation, either version 3 of the License, or -(at your option) any later version. - -This program is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -GNU General Public License for more details. - -You should have received a copy of the GNU General Public License -along with this program. If not, see <http://www.gnu.org/licenses/>. -""" - -""" -This script downloads a pre-built tor binary to bundle with OnionShare. -In order to avoid a Mac gnupg dependency, I manually verify the signature -and hard-code the sha256 hash. -""" -import shutil -import os -import sys -import subprocess -import inspect -import platform - - -def main(): - # Figure out the architecture and python path - if "64 bit" in sys.version: - python_arch = "win-amd64" - else: - python_arch = "win32" - - if os.getlogin() == "circleci" and python_arch == "win32": - go_path = "C:\\Program Files (x86)\\Go\\bin\\go" - else: - go_path = shutil.which("go") - - if go_path is None: - print("Install go: https://golang.org/doc/install") - return - - subprocess.run( - [ - go_path, - "install", - "git.torproject.org/pluggable-transports/meek.git/meek-client@v0.37.0", - ] - ) - - root_path = os.path.dirname( - os.path.dirname(os.path.abspath(inspect.getfile(inspect.currentframe()))) - ) - if platform.system() == "Windows": - dist_path = os.path.join(root_path, "onionshare", "resources", "tor", "Tor") - bin_filename = "meek-client.exe" - else: - dist_path = os.path.join(root_path, "onionshare", "resources", "tor") - bin_filename = "meek-client" - - bin_path = os.path.join(os.path.expanduser("~"), "go", "bin", bin_filename) - shutil.copyfile( - os.path.join(bin_path), - os.path.join(dist_path, bin_filename), - ) - os.chmod(os.path.join(dist_path, bin_filename), 0o755) - - print(f"Installed {bin_filename} in {dist_path}") - - -if __name__ == "__main__": - main() diff --git a/desktop/scripts/build-pt-meek.ps1 b/desktop/scripts/build-pt-meek.ps1 new file mode 100644 index 00000000..58a7366a --- /dev/null +++ b/desktop/scripts/build-pt-meek.ps1 @@ -0,0 +1,9 @@ +$env:MEEK_TAG = 'v0.37.0' + +New-Item -ItemType Directory -Force -Path .\build\meek +cd .\build\meek +git clone https://git.torproject.org/pluggable-transports/meek.git +cd meek +git checkout $MEEK_TAG +go build .\meek-client +Move-Item -Path .\meek-client.exe -Destination ..\onionshare\resources\tor\meek-client.exe diff --git a/desktop/scripts/build-pt-meek.sh b/desktop/scripts/build-pt-meek.sh new file mode 100755 index 00000000..5ce91d6c --- /dev/null +++ b/desktop/scripts/build-pt-meek.sh @@ -0,0 +1,9 @@ +#!/bin/bash +MEEK_TAG=v0.37.0 + +mkdir -p ./build/meek +cd ./build/meek +git clone https://git.torproject.org/pluggable-transports/meek.git +cd meek +git checkout $MEEK_TAG +go build -o ../../../onionshare/resources/tor/meek-client ./meek-client diff --git a/desktop/scripts/build-pt-obfs4proxy.ps1 b/desktop/scripts/build-pt-obfs4proxy.ps1 new file mode 100644 index 00000000..e4688c93 --- /dev/null +++ b/desktop/scripts/build-pt-obfs4proxy.ps1 @@ -0,0 +1,9 @@ +$env:OBFS4PROXY_TAG = 'obfs4proxy-0.0.13' + +New-Item -ItemType Directory -Force -Path .\build\obfs4proxy +cd .\build\obfs4proxy +git clone https://gitlab.com/yawning/obfs4 +cd obfs4 +git checkout $OBFS4PROXY_TAG +go build .\obfs4proxy +Move-Item -Path .\obfs4proxy.exe -Destination ..\onionshare\resources\tor\obfs4proxy.exe diff --git a/desktop/scripts/build-pt-obfs4proxy.sh b/desktop/scripts/build-pt-obfs4proxy.sh new file mode 100755 index 00000000..15b317a3 --- /dev/null +++ b/desktop/scripts/build-pt-obfs4proxy.sh @@ -0,0 +1,9 @@ +#!/bin/bash +OBFS4PROXY_TAG=obfs4proxy-0.0.13 + +mkdir -p ./build/obfs4proxy +cd ./build/obfs4proxy +git clone https://gitlab.com/yawning/obfs4 || echo "already cloned" +cd obfs4 +git checkout $OBFS4PROXY_TAG +go build -o ../../../onionshare/resources/tor/obfs4proxy ./obfs4proxy
\ No newline at end of file diff --git a/desktop/scripts/build-pt-snowflake.ps1 b/desktop/scripts/build-pt-snowflake.ps1 new file mode 100644 index 00000000..5d15759d --- /dev/null +++ b/desktop/scripts/build-pt-snowflake.ps1 @@ -0,0 +1,9 @@ +$env:SNOWFLAKE_TAG = 'v2.2.0' + +New-Item -ItemType Directory -Force -Path .\build\snowflake +cd .\build\snowflake +git clone https://git.torproject.org/pluggable-transports/snowflake.git +cd snowflake +git checkout $SNOWFLAKE_TAG +go build .\client +Move-Item -Path .\client.exe -Destination ..\onionshare\resources\tor\snowflake-client.exe diff --git a/desktop/scripts/build-pt-snowflake.sh b/desktop/scripts/build-pt-snowflake.sh new file mode 100755 index 00000000..24a7ce74 --- /dev/null +++ b/desktop/scripts/build-pt-snowflake.sh @@ -0,0 +1,9 @@ +#!/bin/bash +SNOWFLAKE_TAG=v2.2.0 + +mkdir -p ./build/snowflake +cd ./build/snowflake +git clone https://git.torproject.org/pluggable-transports/snowflake.git +cd snowflake +git checkout $SNOWFLAKE_TAG +go build -o ../../../onionshare/resources/tor/snowflake-client ./client diff --git a/desktop/scripts/get-tor.py b/desktop/scripts/get-tor.py index 29c5a1e4..bda4e8b8 100644 --- a/desktop/scripts/get-tor.py +++ b/desktop/scripts/get-tor.py @@ -1,5 +1,4 @@ #!/usr/bin/env python3 -import platform import inspect import os from re import M @@ -8,18 +7,30 @@ import hashlib import shutil import subprocess import requests +import click torbrowser_version = "11.0.14" -expected_exe_sha256 = "c14b979c81310ad039985e047dbb5b8058662bb3105b9022f7b9e0d18a29d0d6" -expected_dmg_sha256 = "558ae5ab188f62feb04c6b2e7f43eae2361e8ec1718e0f4f927801411d911e22" -expected_txz_sha256 = "b606924fdf8237e697cf95c229189da5875c190875d729769655c7b67aeb9aa6" +expected_win32_sha256 = ( + "c14b979c81310ad039985e047dbb5b8058662bb3105b9022f7b9e0d18a29d0d6" +) +expected_win64_sha256 = ( + "ced3de06d089fbbeb8cee309971ac26983aba8eaf948fedce472d40cdd572301" +) +expected_macos_sha256 = ( + "558ae5ab188f62feb04c6b2e7f43eae2361e8ec1718e0f4f927801411d911e22" +) +expected_linux64_sha256 = ( + "b606924fdf8237e697cf95c229189da5875c190875d729769655c7b67aeb9aa6" +) -exe_url = f"https://dist.torproject.org/torbrowser/{torbrowser_version}/torbrowser-install-{torbrowser_version}_en-US.exe" -exe_filename = f"torbrowser-install-{torbrowser_version}_en-US.exe" -dmg_url = f"https://dist.torproject.org/torbrowser/{torbrowser_version}/TorBrowser-{torbrowser_version}-osx64_en-US.dmg" -dmg_filename = f"TorBrowser-{torbrowser_version}-osx64_en-US.dmg" -tarball_url = f"https://dist.torproject.org/torbrowser/{torbrowser_version}/tor-browser-linux64-{torbrowser_version}_en-US.tar.xz" -tarball_filename = f"tor-browser-linux64-{torbrowser_version}_en-US.tar.xz" +win32_url = f"https://dist.torproject.org/torbrowser/{torbrowser_version}/torbrowser-install-{torbrowser_version}_en-US.exe" +win32_filename = f"torbrowser-install-{torbrowser_version}_en-US.exe" +win64_url = f"https://dist.torproject.org/torbrowser/{torbrowser_version}/torbrowser-install-win64-{torbrowser_version}_en-US.exe" +win64_filename = f"torbrowser-install-win64-{torbrowser_version}_en-US.exe" +macos_url = f"https://dist.torproject.org/torbrowser/{torbrowser_version}/TorBrowser-{torbrowser_version}-osx64_en-US.dmg" +macos_filename = f"TorBrowser-{torbrowser_version}-osx64_en-US.dmg" +linux64_url = f"https://dist.torproject.org/torbrowser/{torbrowser_version}/tor-browser-linux64-{torbrowser_version}_en-US.tar.xz" +linux64_filename = f"tor-browser-linux64-{torbrowser_version}_en-US.tar.xz" # Common paths @@ -29,9 +40,21 @@ root_path = os.path.dirname( working_path = os.path.join(root_path, "build", "tor") -def get_tor_windows(): +def get_tor_windows(platform): + if platform == "win32": + win_url = win32_url + win_filename = win32_filename + expected_win_sha256 = expected_win32_sha256 + elif platform == "win64": + win_url = win64_url + win_filename = win64_filename + expected_win_sha256 = expected_win64_sha256 + else: + click.echo("invalid platform") + return + # Build paths - exe_path = os.path.join(working_path, exe_filename) + win_path = os.path.join(working_path, win_filename) dist_path = os.path.join(root_path, "onionshare", "resources", "tor") # Make sure the working folder exists @@ -39,21 +62,21 @@ def get_tor_windows(): os.makedirs(working_path) # Make sure Tor Browser is downloaded - if not os.path.exists(exe_path): - print("Downloading {}".format(exe_url)) - r = requests.get(exe_url) - open(exe_path, "wb").write(r.content) + if not os.path.exists(win_path): + print("Downloading {}".format(win_url)) + r = requests.get(win_url) + open(win_path, "wb").write(r.content) exe_sha256 = hashlib.sha256(r.content).hexdigest() else: - print("Already downloaded: {}".format(exe_path)) - exe_data = open(exe_path, "rb").read() - exe_sha256 = hashlib.sha256(exe_data).hexdigest() + print("Already downloaded: {}".format(win_path)) + win_data = open(win_path, "rb").read() + win_sha256 = hashlib.sha256(win_data).hexdigest() # Compare the hash - if exe_sha256 != expected_exe_sha256: + if win_sha256 != expected_win_sha256: print("ERROR! The sha256 doesn't match:") - print("expected: {}".format(expected_exe_sha256)) - print(" actual: {}".format(exe_sha256)) + print("expected: {}".format(expected_win32_sha256)) + print(" actual: {}".format(win_sha256)) sys.exit(-1) # Extract the bits we need from the exe @@ -62,7 +85,7 @@ def get_tor_windows(): "7z", "e", "-y", - exe_path, + win_path, "Browser\\TorBrowser\\Tor", "-o%s" % os.path.join(working_path, "Tor"), ] @@ -72,7 +95,7 @@ def get_tor_windows(): "7z", "e", "-y", - exe_path, + win_path, "Browser\\TorBrowser\\Data\\Tor\\geoip*", "-o%s" % os.path.join(working_path, "Data"), ] @@ -113,7 +136,7 @@ def get_tor_macos(): dmg_tor_path = os.path.join( "/Volumes", "Tor Browser", "Tor Browser.app", "Contents" ) - dmg_path = os.path.join(working_path, dmg_filename) + dmg_path = os.path.join(working_path, macos_filename) dist_path = os.path.join(root_path, "onionshare", "resources", "tor") if not os.path.exists(dist_path): os.makedirs(dist_path, exist_ok=True) @@ -124,8 +147,8 @@ def get_tor_macos(): # Make sure the zip is downloaded if not os.path.exists(dmg_path): - print("Downloading {}".format(dmg_url)) - r = requests.get(dmg_url) + print("Downloading {}".format(macos_url)) + r = requests.get(macos_url) open(dmg_path, "wb").write(r.content) dmg_sha256 = hashlib.sha256(r.content).hexdigest() else: @@ -133,9 +156,9 @@ def get_tor_macos(): dmg_sha256 = hashlib.sha256(dmg_data).hexdigest() # Compare the hash - if dmg_sha256 != expected_dmg_sha256: + if dmg_sha256 != expected_macos_sha256: print("ERROR! The sha256 doesn't match:") - print("expected: {}".format(expected_dmg_sha256)) + print("expected: {}".format(expected_macos_sha256)) print(" actual: {}".format(dmg_sha256)) sys.exit(-1) @@ -182,9 +205,9 @@ def get_tor_macos(): update_tor_bridges() -def get_tor_linux(): +def get_tor_linux64(): # Build paths - tarball_path = os.path.join(working_path, tarball_filename) + tarball_path = os.path.join(working_path, linux64_filename) dist_path = os.path.join(root_path, "onionshare", "resources", "tor") # Make sure dirs exist @@ -196,8 +219,8 @@ def get_tor_linux(): # Make sure the tarball is downloaded if not os.path.exists(tarball_path): - print("Downloading {}".format(tarball_url)) - r = requests.get(tarball_url) + print("Downloading {}".format(linux64_url)) + r = requests.get(linux64_url) open(tarball_path, "wb").write(r.content) tarball_sha256 = hashlib.sha256(r.content).hexdigest() else: @@ -205,9 +228,9 @@ def get_tor_linux(): tarball_sha256 = hashlib.sha256(tarball_data).hexdigest() # Compare the hash - if tarball_sha256 != expected_txz_sha256: + if tarball_sha256 != expected_linux64_sha256: print("ERROR! The sha256 doesn't match:") - print("expected: {}".format(expected_txz_sha256)) + print("expected: {}".format(expected_linux64_sha256)) print(" actual: {}".format(tarball_sha256)) sys.exit(-1) @@ -250,18 +273,6 @@ def get_tor_linux(): os.path.join(tarball_tor_path, "Tor", "libstdc++", "libstdc++.so.6"), os.path.join(dist_path, "libstdc++.so.6"), ) - shutil.copyfile( - os.path.join(tarball_tor_path, "Tor", "PluggableTransports", "obfs4proxy"), - os.path.join(dist_path, "obfs4proxy"), - ) - os.chmod(os.path.join(dist_path, "obfs4proxy"), 0o755) - shutil.copyfile( - os.path.join( - tarball_tor_path, "Tor", "PluggableTransports", "snowflake-client" - ), - os.path.join(dist_path, "snowflake-client"), - ) - os.chmod(os.path.join(dist_path, "snowflake-client"), 0o755) print(f"Tor binaries extracted to: {dist_path}") @@ -317,19 +328,27 @@ def update_tor_bridges(): f.write(f"Bridge {item}\n") -def main(): +@click.command() +@click.argument("platform") +def main(platform): """ Download Tor Browser and extract tor binaries """ - system = platform.system() - if system == "Windows": - get_tor_windows() - elif system == "Darwin": + valid_platforms = ["win32", "win64", "macos", "linux64"] + if platform not in valid_platforms: + click.echo(f"platform must be one of: {valid_platforms}") + return + + if platform == "win32": + get_tor_windows(platform) + elif platform == "win64": + get_tor_windows(platform) + elif platform == "macos": get_tor_macos() - elif system == "Linux": - get_tor_linux() + elif platform == "linux64": + get_tor_linux64() else: - print("Platform not supported") + click.echo("invalid platform") if __name__ == "__main__": |