Integrate building pluggable transports for Android into tor-browser-build

We want to support Pluggable Transports in Tor Browser for Android. We should integrate those we support into our tor-browser-build process.

added TBA-a3 TorBrowserTeam201911R component::applications/tor browser owner::tbb-team parent::32303 priority::high resolution::fixed severity::normal sponsor::28-can status::closed tbb-mobile tbb-parity tbb-rbm tor-pt type::task labels

It looks like the candidate PTs are

1. obfs4 (implemented in orbot)
2. meek (implemeted in orbot - uses meek_lite)
3. fteproxy-has no plans for support on Android: https://github.com/kpdyer/fteproxy/issues/187

Configuration:

The obfs binary used by orbot supports: obfs3, obfs4. meek lite binary also is available. So we can support (1) and (2). All of these are configured and written to a custom torrc file:

     ClientTransportPlugin transport exec path-to-binary [options]:: The bridge list is read from a text file in the res/raw  folder. The bridges are then written to the custom torrc file.

Building the libraries:

Orbot uses Pluto to build the transports for Android: https://github.com/guardianproject/pluto . However, there is an updated Pluto 2 library available: https://github.com/guardianproject/AndroidPluggableTransports

So first question is do we want to use Pluto 1 (which is what orbot is currently using) or Pluto 2 which is the current recommended version?

To build the transport (for Pluto 1), we will need:

1. Build go toolchain for android (this could be a separate project/go-android-toolchain)
2. Build (with go)  github.com/n8fr8/meek/meek-client
3. Build (with go) git.torproject.org/pluggable-transports/obfs4.git/obfs4proxy

Pluto has a script which sets the correct parameters go compile params and flags. We can modify this script for use in tor-browser-build

The files in Pluto are then packaged into an Android library with the binaries in the res/raw folder. For our purposes, we could put these into the assets folder instead since we want to add this in the last phase of the tor-browser build. We will need to just make sure to create an installer class that will pull from the assets folder into the private data section of the app so we can execute the binaries during runtime.

For Pluto 2 the build is different: It uses the following git repo for building the transports: https://gitlab.com/eighthave/goptbundle .We can then follow a similar process for installing as outlined above.

Skipping FTEProxy makes a lot of sense at this point -- there are only a handful of bridges, and we expect FTEProxy to go away once Marionette replaces it.

For the future, so you are aware of what comes next, the three next PTs we plan to investigate, and hopefully will want to put onto Tor Browser Android too, are:

• Snowflake: https://snowflake.torproject.org/ (I think Hans is messing with that one now)

• httpsproxy: https://gitweb.torproject.org/pluggable-transports/httpsproxy.git/tree/

• Marionette: #26920 (moved)

I think starting with Pluto 2 if there are no blockers for that is the right thing to do. Re the sepaate project/go-android-toolchain: I am not sure why we would need that separate project for the compiler as we build Go for all the other platforms in projects/go. Why can't we add the necessary bits for Android there as well?

Trac:
Sponsor: N/A to Sponsor19
Keywords: N/A deleted, tor-pt added

Nope, that's part of the browser work for Sponsor8.

Trac:
Sponsor: Sponsor19 to Sponsor8

ok! Let's chat in January about it. It would be great if it goes into Sponsor8. If not then we continue with s19.

After some research into this, I think it looks strait forward to get Pluto2 and goptbundle implemented into the tor-browser-build. I'd estimate a week for a first implementation + time for feedback changes.

Initial commit (android-0106)

• Project for android-pluggable-transports

This uses the prebuilt aar for goptbundle. AAR libraries for debug and release versions are copied to the output directory. These libraries will be used by Orbot (or whatever consuming project we decide to use).

Trac:
Status: new to needs_review

Trac:
Keywords: TorBrowserTeam201812 deleted, TorBrowserTeam201901R added

Clearing review for now as it is not needed at the moment.

Trac:
Status: needs_review to new

Trac:
Keywords: TorBrowserTeam201901R deleted, TorBrowserTeam201901 added

Moving tickets to February.

Trac:
Keywords: TorBrowserTeam201901 deleted, TorBrowserTeam201902 added

FWIW, this needs revision as we need to make sure that the built stuff is actually used by our bundle. This requires at least copying the files to the proper places in a different project in tor-browser-build.

Trac:
Status: new to needs_revision

Trac:
Cc: sisbell to sisbell, hans@guardianproject.info

I guess Orbot is not ready for that yet and I am not sure where we are with our PT story once we switch to TOPL. Thus we might want to file a more specific ticket to include the obfs4proxy build process (a la Pluto or the Briar way) in our reproducible build process meanwhile. Or maybe we just wait a bit longer... :)

Trac:
Cc: sisbell, hans@guardianproject.info to sisbell, hans@guardianproject.info, n8fr8

Trac:
Sponsor: Sponsor8 to Sponsor19-can

Moving remaining tickets to March.

Trac:
Keywords: TorBrowserTeam201902 deleted, TorBrowserTeam201903 added

Introducing tbb-parity.

Trac:
Keywords: N/A deleted, tbb-parity added

Moving tickets to April.

Trac:
Keywords: TorBrowserTeam201903 deleted, TorBrowserTeam201904 added

Moving tickets to May

Trac:
Keywords: TorBrowserTeam201904 deleted, TorBrowserTeam201905 added

Moving from Sponsor 19 to Sponsor 28.

Trac:
Sponsor: Sponsor19-can to Sponsor28-can

Moving tickets to June

Trac:
Keywords: TorBrowserTeam201905 deleted, TorBrowserTeam201906 added

Trac:
Keywords: TorBrowserTeam201906 deleted, TorBrowserTeam201911 added
Parent: N/A to #32303 (moved)

This is solved with commit eee5d30a9ab1d727caac262cb62f72aaab75e0a0 on tor-browser-build's master. We might want to backport it at some point, though, given #32303 (moved).

Trac:
Keywords: TorBrowserTeam201911 deleted, tbb-backport, TorBrowserTeam201911R added
Resolution: N/A to fixed
Status: needs_revision to closed

No backport for those tickets/fixes. They will emerge with 9.5.

Trac:
Keywords: tbb-backport deleted, N/A added

closed

mentioned in issue #30334 (moved)

mentioned in issue #31130 (moved)

mentioned in issue #32303 (moved)

mentioned in issue #32477 (moved)

mentioned in issue #29002 (moved)

mentioned in issue #29003 (moved)

moved to tpo/applications/tor-browser#28803 (closed)

mentioned in issue tpo/applications/tor-browser-build#32477