On Fri, Dec 23, 2022 at 07:12:46PM +0100, Caspar Schutijser wrote: > On Wed, Dec 21, 2022 at 06:29:11PM +0100, Caspar Schutijser wrote: > > On Wed, Dec 21, 2022 at 06:11:43AM +0000, Yifei Zhan wrote: > > > On 22/12/16 06:22PM, Caspar Schutijser wrote: > > > > Dear users in this thread, if possible, can you give this a spin? > > > > > > > > With some help and feedback from the Tor Browser developers I > > > > came up with the following diff. I verified that I can use > > > > the meek-azure and obfs4 Pluggable Transports. With a > > > > local (uncommitted) snowflake_client port Snowflake also worked but > > > > I'll get back to that some other time. > > > > > > > > > > This works exactly as it should :) > > > I tested meek/obfs/snowflake and all three worked without issue. > > > > > > It seems like TBB changed the way bridges integrate since I last attempt > > > to get > > > this working on OpenBSD, so my old patchset is no longer applicable, I'm > > > happy > > > to help testing tho. > > > > Okay, great to hear! Thanks for testing. > > > > Here is a diff for -current that I do intend to commit. > > > > Comments or OKs? > > And here is an updated and slightly tweaked diff since we now ship > snowflake_client. This requires a recent commit by me to > net/snowflake_proxy. > > Comments or OKs?
Ping. > > Caspar > > ---- > > Tor Browser: out of the box support for some Pluggable Transports > > Provide default bridges for the meek-azure, obfs4 and snowflake > Pluggable Transports and put the necessary bits in torrc-defaults > so those Pluggable Transports work out of the box. > > ---- > > Index: meta/tor-browser/Makefile > =================================================================== > RCS file: /cvs/ports/meta/tor-browser/Makefile,v > retrieving revision 1.65 > diff -u -p -r1.65 Makefile > --- meta/tor-browser/Makefile 18 Dec 2022 15:55:09 -0000 1.65 > +++ meta/tor-browser/Makefile 23 Dec 2022 18:11:16 -0000 > @@ -4,6 +4,7 @@ MAINTAINER= Caspar Schutijser <caspar@sc > > PKGNAME= tor-browser-12.0.1 > ONLY_FOR_ARCHS = amd64 > +REVISION= 0 > > RUN_DEPENDS= www/tor-browser/browser>=12.0.1 \ > www/tor-browser/noscript>=11.4.13 \ > Index: meta/tor-browser/pkg/README > =================================================================== > RCS file: /cvs/ports/meta/tor-browser/pkg/README,v > retrieving revision 1.9 > diff -u -p -r1.9 README > --- meta/tor-browser/pkg/README 9 Mar 2022 20:48:33 -0000 1.9 > +++ meta/tor-browser/pkg/README 23 Dec 2022 18:11:16 -0000 > @@ -33,11 +33,9 @@ editing your torrc yourself. Make sure > before doing so if you use this method; if Tor Browser is running it > might overwrite your torrc. > > -NOTE: The OpenBSD Tor Browser ports do not yet include Pluggable > -Transports (PT). This means that not all features are yet available, > -such as using obfsproxy to get to Tor. A future update will include > -ports for PT components. Pluggable Transports have a web page > -worth reading: > +NOTE: on OpenBSD, the only Pluggable Transports that are available > +for now are meek-azure, obfs4 and snowflake. Pluggable Transports have > +a web page worth reading: > https://2019.www.torproject.org/docs/pluggable-transports.html.en > > For more information about Tor Browser and the Tor anonymity network > Index: www/tor-browser/browser/Makefile > =================================================================== > RCS file: /cvs/ports/www/tor-browser/browser/Makefile,v > retrieving revision 1.99 > diff -u -p -r1.99 Makefile > --- www/tor-browser/browser/Makefile 18 Dec 2022 15:55:09 -0000 1.99 > +++ www/tor-browser/browser/Makefile 23 Dec 2022 18:11:16 -0000 > @@ -13,10 +13,12 @@ PATCHORIG = .pat.orig > > PKGNAME = ${TB_PREFIX}-browser-${TB_VERSION:S/a/alpha/} > DISTNAME = src-firefox-tor-browser-102.6.0esr-12.0-1-build2 > +REVISION = 0 > > FIX_EXTRACT_PERMISSIONS = Yes > DISTFILES += ${DISTNAME}.tar.xz \ > - tor-browser-linux64-${TB_VERSION}_ALL.tar.xz > + tor-browser-linux64-${TB_VERSION}_ALL.tar.xz \ > + tor-expert-bundle-${TB_VERSION}-linux-x86_64.tar.gz > > SO_VERSION = 8.0 > MOZILLA_LIBS = xul clearkey lgpllibs mozavcodec mozavutil > mozgtk > @@ -74,7 +76,9 @@ MAKE_ENV += BUILD_OPT=1 \ > NSS_ENABLE_ECC=1 \ > XCFLAGS="-I${LOCALBASE}/include ${CFLAGS}" > > -RUN_DEPENDS += net/tor>=0.4.7.12 > +RUN_DEPENDS += net/obfs4proxy>=0.0.14 \ > + net/snowflake_proxy>=2.4.1 \ > + net/tor>=0.4.7.12 > > CONFIGURE_ARGS += --enable-release #1386371 > CONFIGURE_ARGS += --enable-sandbox > @@ -103,7 +107,16 @@ post-patch: > # Not using a patch for this; patch context would contain UTF-8 > sed -i 's/#ifdef XP_LINUX/#if defined(XP_LINUX) || > defined(XP_OPENBSD)/' \ > ${WRKSRC}/browser/app/profile/000-tor-browser.js > - ln -s ${WRKSRC}/mozconfig-linux-x86_64 ${WRKSRC}/.mozconfig > + ln -fs ${WRKSRC}/mozconfig-linux-x86_64 ${WRKSRC}/.mozconfig > + > + # add default bridges for Pluggable Transports that we support > +.for pt in meek-azure obfs4 snowflake > + I=1; \ > + cat ${WRKDIR}/tor/pluggable_transports/bridges_list.${pt}.txt | while > read -r line ; do \ > + echo "pref(\"extensions.torlauncher.default_bridge.${pt}.$$I\", > \"$$line\");" >>${WRKSRC}/browser/app/profile/000-tor-browser.js; \ > + I=$$((I + 1)); \ > + done > +.endfor > > ${SUBST_CMD} ${WRKSRC}/xpcom/build/BinaryPath.h > > Index: www/tor-browser/browser/distinfo > =================================================================== > RCS file: /cvs/ports/www/tor-browser/browser/distinfo,v > retrieving revision 1.60 > diff -u -p -r1.60 distinfo > --- www/tor-browser/browser/distinfo 18 Dec 2022 15:55:09 -0000 1.60 > +++ www/tor-browser/browser/distinfo 23 Dec 2022 18:11:16 -0000 > @@ -1,4 +1,6 @@ > SHA256 (mozilla/src-firefox-tor-browser-102.6.0esr-12.0-1-build2.tar.xz) = > 3hcAm81t5G57LV94qFSck/s8T02gkVmf+/tns5KobWA= > SHA256 (mozilla/tor-browser-linux64-12.0.1_ALL.tar.xz) = > kaHfdedtSaIGe1N6jSlUrz6QDBEfxoBbe3/M91A2ds8= > +SHA256 (mozilla/tor-expert-bundle-12.0.1-linux-x86_64.tar.gz) = > no+4BZ+Jq6uVnIYHIYd5AeRw8litNkml+s+Enkf0u98= > SIZE (mozilla/src-firefox-tor-browser-102.6.0esr-12.0-1-build2.tar.xz) = > 512895940 > SIZE (mozilla/tor-browser-linux64-12.0.1_ALL.tar.xz) = 105644596 > +SIZE (mozilla/tor-expert-bundle-12.0.1-linux-x86_64.tar.gz) = 17667213 > Index: www/tor-browser/browser/files/torrc-defaults > =================================================================== > RCS file: /cvs/ports/www/tor-browser/browser/files/torrc-defaults,v > retrieving revision 1.1 > diff -u -p -r1.1 torrc-defaults > --- www/tor-browser/browser/files/torrc-defaults 13 Feb 2020 07:41:53 > -0000 1.1 > +++ www/tor-browser/browser/files/torrc-defaults 23 Dec 2022 18:11:16 > -0000 > @@ -12,22 +12,8 @@ CookieAuthentication 1 > GeoIPFile ${LOCALBASE}/share/tor/geoip > GeoIPv6File ${LOCALBASE}/share/tor/geoip6 > > -## > -## N.B. PT not yet done on OpenBSD: 2015-07-21 > -## > - > -## fteproxy configuration > -#ClientTransportPlugin fte exec fteproxy --managed > - > ## obfs4proxy configuration > -#ClientTransportPlugin obfs2,obfs3,obfs4,scramblesuit exec obfs4proxy > - > -## flash proxy configuration > -# > -# Change the second number here (9000) to the number of a port that can > -# receive connections from the Internet (the port for which you > -# configured port forwarding). > -#ClientTransportPlugin flashproxy exec flashproxy-client --register :0 :9000 > +ClientTransportPlugin meek_lite,obfs2,obfs3,obfs4,scramblesuit exec > /usr/local/bin/obfs4proxy > > -## meek configuration > -#ClientTransportPlugin meek exec meek-client-torbrowser -- meek-client > +## snowflake configuration > +ClientTransportPlugin snowflake exec /usr/local/bin/snowflake_client >
