From 300c2a7139d85c0e8fb18bb07f1d14bd98c19cc9 Mon Sep 17 00:00:00 2001 From: Micah Lee Date: Wed, 27 Sep 2023 18:37:37 -0700 Subject: Revert "Make get-tor.py download Tor Browser signing key from keys.openpgp.org" This reverts commit f2bf4f0a94583c8cef4438c209c3eb93aac3f8f4. --- cli/onionshare_cli/resources/torrc_template-snowflake | 4 ++-- desktop/scripts/get-tor.py | 7 +++---- desktop/scripts/kounek7zrdx745qydx6p59t9mqjpuhdf | Bin 0 -> 6694 bytes 3 files changed, 5 insertions(+), 6 deletions(-) create mode 100644 desktop/scripts/kounek7zrdx745qydx6p59t9mqjpuhdf diff --git a/cli/onionshare_cli/resources/torrc_template-snowflake b/cli/onionshare_cli/resources/torrc_template-snowflake index 0ca1edae..40a9ccbb 100644 --- a/cli/onionshare_cli/resources/torrc_template-snowflake +++ b/cli/onionshare_cli/resources/torrc_template-snowflake @@ -1,3 +1,3 @@ # Enable built-in snowflake bridge -Bridge snowflake 192.0.2.3:80 2B280B23E1107BB62ABFC40DDCC8824814F80A72 fingerprint=2B280B23E1107BB62ABFC40DDCC8824814F80A72 url=https://snowflake-broker.torproject.net.global.prod.fastly.net/ front=foursquare.com ice=stun:stun.l.google.com:19302,stun:stun.antisip.com:3478,stun:stun.bluesip.net:3478,stun:stun.dus.net:3478,stun:stun.epygi.com:3478,stun:stun.sonetel.com:3478,stun:stun.uls.co.za:3478,stun:stun.voipgate.com:3478,stun:stun.voys.nl:3478 utls-imitate=hellorandomizedalpn -Bridge snowflake 192.0.2.4:80 8838024498816A039FCBBAB14E6F40A0843051FA fingerprint=8838024498816A039FCBBAB14E6F40A0843051FA url=https://snowflake-broker.torproject.net.global.prod.fastly.net/ front=foursquare.com ice=stun:stun.l.google.com:19302,stun:stun.antisip.com:3478,stun:stun.bluesip.net:3478,stun:stun.dus.net:3478,stun:stun.epygi.com:3478,stun:stun.sonetel.net:3478,stun:stun.uls.co.za:3478,stun:stun.voipgate.com:3478,stun:stun.voys.nl:3478 utls-imitate=hellorandomizedalpn +Bridge snowflake 192.0.2.3:80 2B280B23E1107BB62ABFC40DDCC8824814F80A72 fingerprint=2B280B23E1107BB62ABFC40DDCC8824814F80A72 url=https://snowflake-broker.torproject.net.global.prod.fastly.net/ front=cdn.sstatic.net ice=stun:stun.l.google.com:19302,stun:stun.antisip.com:3478,stun:stun.bluesip.net:3478,stun:stun.dus.net:3478,stun:stun.epygi.com:3478,stun:stun.sonetel.com:3478,stun:stun.uls.co.za:3478,stun:stun.voipgate.com:3478,stun:stun.voys.nl:3478 utls-imitate=hellorandomizedalpn +Bridge snowflake 192.0.2.4:80 8838024498816A039FCBBAB14E6F40A0843051FA fingerprint=8838024498816A039FCBBAB14E6F40A0843051FA url=https://snowflake-broker.torproject.net.global.prod.fastly.net/ front=cdn.sstatic.net ice=stun:stun.l.google.com:19302,stun:stun.antisip.com:3478,stun:stun.bluesip.net:3478,stun:stun.dus.net:3478,stun:stun.epygi.com:3478,stun:stun.sonetel.net:3478,stun:stun.uls.co.za:3478,stun:stun.voipgate.com:3478,stun:stun.voys.nl:3478 utls-imitate=hellorandomizedalpn diff --git a/desktop/scripts/get-tor.py b/desktop/scripts/get-tor.py index 5e3570fd..6730c73f 100644 --- a/desktop/scripts/get-tor.py +++ b/desktop/scripts/get-tor.py @@ -203,9 +203,6 @@ def get_tor_linux64(gpg, torkey, linux64_url, linux64_filename, expected_linux64 # Verify signature sig_stream = open(tarball_sig_path, "rb") verified = gpg.verify_file(sig_stream, tarball_path) - print(verified) - print(verified.valid) - print(verified.pubkey_fingerprint) if not verified.valid or verified.pubkey_fingerprint != tor_dev_fingerprint: print("ERROR! The tarball verification with the signature failed!") sys.exit(-1) @@ -325,7 +322,9 @@ def main(platform): ) = get_latest_tor_version_urls(platform) tmpdir = tempfile.TemporaryDirectory() gpg = gnupg.GPG(gnupghome=tmpdir.name) - torkey = gpg.recv_keys("keys.openpgp.org", tor_dev_fingerprint) + torkey = gpg.import_keys_file( + os.path.join(root_path, "scripts", "kounek7zrdx745qydx6p59t9mqjpuhdf") + ) print(f"Imported Tor GPG key: {torkey.fingerprints}") if platform == "win64": diff --git a/desktop/scripts/kounek7zrdx745qydx6p59t9mqjpuhdf b/desktop/scripts/kounek7zrdx745qydx6p59t9mqjpuhdf new file mode 100644 index 00000000..8f4e9750 Binary files /dev/null and b/desktop/scripts/kounek7zrdx745qydx6p59t9mqjpuhdf differ -- cgit v1.2.3-54-g00ecf