richard pushed to branch main at The Tor Project / Applications / tor-browser-build
Commits: 995029fd by Richard Pospesel at 2023-09-28T18:51:26+00:00 Bug 40741: Update browser, and tor-android-service projects to populate PT settings from pt_config.json
- - - - -
13 changed files:
- − projects/browser/Bundle-Data/PTConfigs/bridge_prefs.js - − projects/browser/Bundle-Data/PTConfigs/linux/torrc-defaults-appendix - − projects/browser/Bundle-Data/PTConfigs/mac/torrc-defaults-appendix - − projects/browser/Bundle-Data/PTConfigs/windows/torrc-defaults-appendix - projects/browser/build - projects/browser/config - − projects/common/bridges_list.meek-azure.txt - − projects/common/bridges_list.obfs4.txt - − projects/common/bridges_list.snowflake.txt - projects/tor-android-service/build - projects/tor-android-service/config - projects/tor-expert-bundle/build - projects/tor-expert-bundle/config
Changes:
===================================== projects/browser/Bundle-Data/PTConfigs/bridge_prefs.js deleted ===================================== @@ -1,2 +0,0 @@ -# Tor Launcher preferences (default bridges): -pref("extensions.torlauncher.default_bridge_recommended_type", "obfs4");
===================================== projects/browser/Bundle-Data/PTConfigs/linux/torrc-defaults-appendix deleted ===================================== @@ -1,11 +0,0 @@ -## lyrebird configuration -ClientTransportPlugin meek_lite,obfs2,obfs3,obfs4,scramblesuit exec ./TorBrowser/Tor/PluggableTransports/lyrebird - -## snowflake configuration -ClientTransportPlugin snowflake exec ./TorBrowser/Tor/PluggableTransports/snowflake-client - -## webtunnel configuration -ClientTransportPlugin webtunnel exec ./TorBrowser/Tor/PluggableTransports/webtunnel-client - -## conjure configuration -ClientTransportPlugin conjure exec ./TorBrowser/Tor/PluggableTransports/conjure-client -registerURL https://registration.refraction.network/api
===================================== projects/browser/Bundle-Data/PTConfigs/mac/torrc-defaults-appendix deleted ===================================== @@ -1,11 +0,0 @@ -## lyrebird configuration -ClientTransportPlugin meek_lite,obfs2,obfs3,obfs4,scramblesuit exec PluggableTransports/lyrebird - -## snowflake configuration -ClientTransportPlugin snowflake exec PluggableTransports/snowflake-client - -## webtunnel configuration -ClientTransportPlugin webtunnel exec PluggableTransports/webtunnel-client - -## conjure configuration -ClientTransportPlugin conjure exec PluggableTransports/conjure-client -registerURL https://registration.refraction.network/api
===================================== projects/browser/Bundle-Data/PTConfigs/windows/torrc-defaults-appendix deleted ===================================== @@ -1,11 +0,0 @@ -## lyrebird configuration -ClientTransportPlugin meek_lite,obfs2,obfs3,obfs4,scramblesuit exec TorBrowser\Tor\PluggableTransports\lyrebird.exe - -## snowflake configuration -ClientTransportPlugin snowflake exec TorBrowser\Tor\PluggableTransports\snowflake-client.exe - -## webtunnel configuration -ClientTransportPlugin webtunnel exec TorBrowser\Tor\PluggableTransports\webtunnel-client.exe - -## conjure configuration -ClientTransportPlugin conjure exec TorBrowser\Tor\PluggableTransports\conjure-client.exe -registerURL https://registration.refraction.network/api
===================================== projects/browser/build ===================================== @@ -15,7 +15,7 @@ mkdir -p $OUTDIR # directory named tor-browser (instead of tor-browser_en-US). Therefore we # stage everything under tor-browser-stage to avoid a conflict. TB_STAGE_DIR=$distdir/tor-browser-stage -GENERATEDPREFSPATH=$rootdir/Bundle-Data/PTConfigs/generated-prefs.js +GENERATEDPREFSPATH=$rootdir/Bundle-Data/generated-prefs.js # Create initially empty prefs file where we can dump our conditionally included/genetered prefs touch "$GENERATEDPREFSPATH"
@@ -100,10 +100,10 @@ mv [% c('input_files_by_name/noscript') %] "$TBDIR/$EXTSPATH/{73a6fe31-595d-460b mkdir -p "$TBDIR/$TORCONFIGPATH" [% IF c("var/macos_universal") %]"$TBDIR_AARCH64/$TORCONFIGPATH"[% END %] mv_tbdir data/{geoip,geoip6} "$TORCONFIGPATH"
- # Bridge lists will be consumed later in `bridges_conf` - mv tor/pluggable_transports/bridges_list.*.txt tor/pluggable_transports/pt_config.json $rootdir + # pt_config.json will be consumed later in `bridges_conf` + mv tor/pluggable_transports/pt_config.json $rootdir [% IF c("var/macos_universal") %] - rm -f aarch64/tor/pluggable_transports/bridges_list.*.txt aarch64/tor/pluggable_transports/pt_config.json + rm -f aarch64/tor/pluggable_transports/pt_config.json [% END -%]
# Move READMEs from tor-expert-bundle to the doc dir @@ -246,24 +246,37 @@ do done
[% IF c("var/tor-browser") -%] + PT_CONFIG="$rootdir/pt_config.json" + + # Write our ClientTransportPlugin lines to torrc-defults for tbdir in "${TBDIRS[@]}" do - cat Bundle-Data/PTConfigs/[% bundledata_osname %]/torrc-defaults-appendix >> "$tbdir/$TORCONFIGPATH/torrc-defaults" + PT_PATH='[% c("var/pt_path") %]' + TORRC_DEFAULTS="$tbdir/$TORCONFIGPATH/torrc-defaults" + jq --raw-output .pluggableTransports[] "${PT_CONFIG}" | while read -r line; do + echo "${line/${pt_path}/${PT_PATH}}" >> "$TORRC_DEFAULTS" + done done - cat Bundle-Data/PTConfigs/bridge_prefs.js >> "$GENERATEDPREFSPATH"
+ # Write Default Bridge Prefs + echo "# Tor Launcher preferences (default bridges):" >> "$GENERATEDPREFSPATH" + RECOMMMENDED_DEFAULT=$(jq -r .recommendedDefault "${PT_CONFIG}") + echo "pref("extensions.torlauncher.default_bridge_recommended_type", "${RECOMMMENDED_DEFAULT}");" >> "$GENERATEDPREFSPATH" + + # Writes bridge-line prefs for a given bridge type function bridges_conf { - local pt="$1" + local bridge_type="$1" local i=1 - while read -r line - do - echo "pref("extensions.torlauncher.default_bridge.$pt.$i", "$line");" >> "$GENERATEDPREFSPATH" + jq -r ".bridges."$bridge_type" | .[]" "${PT_CONFIG}" | while read -r line; do + echo "pref("extensions.torlauncher.default_bridge.$bridge_type.$i", "$line");" >> "$GENERATEDPREFSPATH" i=$((i + 1)) - done < "$rootdir/bridges_list.$pt.txt" + done } - bridges_conf obfs4 - bridges_conf meek-azure - bridges_conf snowflake + + # Iterate over our bridge types and write default bridgelines for each + for bridge_type in $(jq -r ".bridges | keys[]" "${PT_CONFIG}"); do + bridges_conf $bridge_type + done [% END -%]
[% IF c("var/linux") && c("var/tor-browser") %]
===================================== projects/browser/config ===================================== @@ -11,6 +11,7 @@ var: - libparallel-forkmanager-perl - libfile-slurp-perl - bzip2 + - jq mar_osname: '[% c("var/osname") %]'
targets: @@ -21,6 +22,7 @@ targets: # builds (bug 29812). We don't need it in x86_64 builds, but we # share the container to reduce space used. - libc6-i386 + pt_path: ./TorBrowser/Tor/PluggableTransports/ macos: var: arch_deps: @@ -29,6 +31,7 @@ targets: - python3-pip - python3-distutils-extra - python3-psutil + pt_path: PluggableTransports/ macos-universal: var: mar_osname: macos @@ -36,6 +39,7 @@ targets: var: arch_deps: - python3-pefile + pt_path: TorBrowser\Tor\PluggableTransports\ android: build: '[% INCLUDE build.android %]' var:
===================================== projects/common/bridges_list.meek-azure.txt deleted ===================================== @@ -1 +0,0 @@ -meek_lite 192.0.2.18:80 BE776A53492E1E044A26F17306E1BC46A55A1625 url=https://meek.azureedge.net/ front=ajax.aspnetcdn.com
===================================== projects/common/bridges_list.obfs4.txt deleted ===================================== @@ -1,11 +0,0 @@ -obfs4 192.95.36.142:443 CDF2E852BF539B82BD10E27E9115A31734E378C2 cert=qUVQ0srL1JI/vO6V6m/24anYXiJD3QP2HgzUKQtQ7GRqqUvs7P+tG43RtAqdhLOALP7DJQ iat-mode=1 -obfs4 37.218.245.14:38224 D9A82D2F9C2F65A18407B1D2B764F130847F8B5D cert=bjRaMrr1BRiAW8IE9U5z27fQaYgOhX1UCmOpg2pFpoMvo6ZgQMzLsaTzzQNTlm7hNcb+Sg iat-mode=0 -obfs4 85.31.186.98:443 011F2599C0E9B27EE74B353155E244813763C3E5 cert=ayq0XzCwhpdysn5o0EyDUbmSOx3X/oTEbzDMvczHOdBJKlvIdHHLJGkZARtT4dcBFArPPg iat-mode=0 -obfs4 85.31.186.26:443 91A6354697E6B02A386312F68D82CF86824D3606 cert=PBwr+S8JTVZo6MPdHnkTwXJPILWADLqfMGoVvhZClMq/Urndyd42BwX9YFJHZnBB3H0XCw iat-mode=0 -obfs4 193.11.166.194:27015 2D82C2E354D531A68469ADF7F878FA6060C6BACA cert=4TLQPJrTSaDffMK7Nbao6LC7G9OW/NHkUwIdjLSS3KYf0Nv4/nQiiI8dY2TcsQx01NniOg iat-mode=0 -obfs4 193.11.166.194:27020 86AC7B8D430DAC4117E9F42C9EAED18133863AAF cert=0LDeJH4JzMDtkJJrFphJCiPqKx7loozKN7VNfuukMGfHO0Z8OGdzHVkhVAOfo1mUdv9cMg iat-mode=0 -obfs4 193.11.166.194:27025 1AE2C08904527FEA90C4C4F8C1083EA59FBC6FAF cert=ItvYZzW5tn6v3G4UnQa6Qz04Npro6e81AP70YujmK/KXwDFPTs3aHXcHp4n8Vt6w/bv8cA iat-mode=0 -obfs4 209.148.46.65:443 74FAD13168806246602538555B5521A0383A1875 cert=ssH+9rP8dG2NLDN2XuFw63hIO/9MNNinLmxQDpVa+7kTOa9/m+tGWT1SmSYpQ9uTBGa6Hw iat-mode=0 -obfs4 146.57.248.225:22 10A6CD36A537FCE513A322361547444B393989F0 cert=K1gDtDAIcUfeLqbstggjIw2rtgIKqdIhUlHp82XRqNSq/mtAjp1BIC9vHKJ2FAEpGssTPw iat-mode=0 -obfs4 45.145.95.6:27015 C5B7CD6946FF10C5B3E89691A7D3F2C122D2117C cert=TD7PbUO0/0k6xYHMPW3vJxICfkMZNdkRrb63Zhl5j9dW3iRGiCx0A7mPhe5T2EDzQ35+Zw iat-mode=0 -obfs4 51.222.13.177:80 5EDAC3B810E12B01F6FD8050D2FD3E277B289A08 cert=2uplIpLQ0q9+0qMFrK5pkaYRDOe460LL9WHBvatgkuRr/SL31wBOEupaMMJ6koRE6Ld0ew iat-mode=0
===================================== projects/common/bridges_list.snowflake.txt deleted ===================================== @@ -1,2 +0,0 @@ -snowflake 192.0.2.3:80 2B280B23E1107BB62ABFC40DDCC8824814F80A72 fingerprint=2B280B23E1107BB62ABFC40DDCC8824814F80A72 url=https://snowflake-broker.torproject.net.global.prod.fastly.net/ front=foursquare.com ice=stun:stun.l.google.com:19302,stun:stun.antisip.com:3478,stun:stun.bluesip.net:3478,stun:stun.dus.net:3478,stun:stun.epygi.com:3478,stun:stun.sonetel.com:3478,stun:stun.uls.co.za:3478,stun:stun.voipgate.com:3478,stun:stun.voys.nl:3478 utls-imitate=hellorandomizedalpn -snowflake 192.0.2.4:80 8838024498816A039FCBBAB14E6F40A0843051FA fingerprint=8838024498816A039FCBBAB14E6F40A0843051FA url=https://snowflake-broker.torproject.net.global.prod.fastly.net/ front=foursquare.com ice=stun:stun.l.google.com:19302,stun:stun.antisip.com:3478,stun:stun.bluesip.net:3478,stun:stun.dus.net:3478,stun:stun.epygi.com:3478,stun:stun.sonetel.net:3478,stun:stun.uls.co.za:3478,stun:stun.voipgate.com:3478,stun:stun.voys.nl:3478 utls-imitate=hellorandomizedalpn
===================================== projects/tor-android-service/build ===================================== @@ -57,9 +57,22 @@ rm -fR service/src/main/jniLibs/* mv $tebdir/data/{geoip,geoip6} service/src/main/assets/common
# Update bridges list - ptdir=$tebdir/tor/pluggable_transports - cat $ptdir/bridges_list.obfs4.txt $ptdir/bridges_list.meek-azure.txt \ - $ptdir/bridges_list.snowflake.txt > service/src/main/assets/common/bridges.txt + PT_CONFIG="$tebdir/tor/pluggable_transports/pt_config.json" + + # Writes bridge-line prefs for a given bridge type + BRIDGES_TXT="service/src/main/assets/common/bridges.txt" + echo -n "" > "${BRIDGES_TXT}" + function bridges_conf { + local bridge_type="$1" + jq -r ".bridges."$bridge_type" | .[]" "${PT_CONFIG}" | while read -r line; do + echo $line >> "${BRIDGES_TXT}" + done + } + + # Iterate over our bridge types and write default bridgelines for each + for bridge_type in $(jq -r ".bridges | keys[]" "${PT_CONFIG}"); do + bridges_conf $bridge_type + done [% END -%] [% END -%]
===================================== projects/tor-android-service/config ===================================== @@ -11,6 +11,8 @@ var: # this should be updated when the list of gradle dependencies is changed gradle_dependencies_version: 5 gradle_version: 5.6.4 + arch_deps: + - jq
input_files: - project: container-image
===================================== projects/tor-expert-bundle/build ===================================== @@ -14,11 +14,6 @@ tar -xkf $rootdir/[% c('input_files_by_name/snowflake') %] tar -xkf $rootdir/[% c('input_files_by_name/webtunnel') %] tar -xkf $rootdir/[% c('input_files_by_name/conjure') %]
-# copy in bridge lines for each pluggable transport -mv $rootdir/bridges_list.obfs4.txt . -mv $rootdir/bridges_list.meek-azure.txt . -mv $rootdir/bridges_list.snowflake.txt . - # add per-platform pt extension awk '{gsub(/${pt_extension}/, "[% c("var/pt_extension") %]"); print}' $rootdir/pt_config.json > pt_config.json
===================================== projects/tor-expert-bundle/config ===================================== @@ -23,6 +23,3 @@ input_files: - name: conjure project: conjure - filename: pt_config.json - - filename: bridges_list.obfs4.txt - - filename: bridges_list.meek-azure.txt - - filename: bridges_list.snowflake.txt
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/99...