Write Linux script to download Tor Browser and extract binaries

2024-12-17 19:54:48 -05:00 · 2021-10-11 20:17:26 -07:00 · 2021-10-11 20:17:26 -07:00 · 3e61e8dd37
commit 3e61e8dd37
parent 357e3efead
2 changed files with 140 additions and 2 deletions
--- a/desktop/README.md
+++ b/desktop/README.md
@ -13,9 +13,19 @@ cd onionshare/desktop

 #### Linux

-If you're using Linux, install `tor` and `obfs4proxy` from either the [official Debian repository](https://support.torproject.org/apt/tor-deb-repo/), or from your package manager.
+In Ubuntu 20.04 you need the `libxcb-xinerama0` package installed.

-In Ubuntu 20.04 you also need the `libxcb-xinerama0` package installed.
+Install python dependencies:
+
+```sh
+pip3 install --user poetry requests
+```
+
+Download Tor Browser and extract the binaries:
+
+```sh
+./scripts/get-tor-linux.py
+```

 #### macOS

--- a/desktop/scripts/get-tor-linux.py
+++ b/desktop/scripts/get-tor-linux.py
@ -0,0 +1,128 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+"""
+OnionShare | https://onionshare.org/
+
+Copyright (C) 2014-2021 Micah Lee, et al. <micah@micahflee.com>
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+"""
+
+"""
+This script downloads a pre-built tor binary to bundle with OnionShare.
+In order to avoid a Mac gnupg dependency, I manually verify the signature
+and hard-code the sha256 hash.
+"""
+import inspect
+import os
+import sys
+import hashlib
+import shutil
+import subprocess
+import requests
+
+
+def main():
+    tarball_url = "https://dist.torproject.org/torbrowser/11.0a7/tor-browser-linux64-11.0a7_en-US.tar.xz"
+    tarball_filename = "tor-browser-linux64-11.0a7_en-US.tar.xz"
+    expected_tarball_sha256 = (
+        "bc9861c692f899fe0344c960dc615ff0e275cf74c61066c8735c88e3ddc2b623"
+    )
+
+    # Build paths
+    root_path = os.path.dirname(
+        os.path.dirname(os.path.abspath(inspect.getfile(inspect.currentframe())))
+    )
+    working_path = os.path.join(root_path, "build", "tor")
+    tarball_path = os.path.join(working_path, tarball_filename)
+
+    # Make sure the dist path exists
+    dist_path = os.path.join(working_path, "dist")
+    if not os.path.exists(dist_path):
+        os.makedirs(dist_path, exist_ok=True)
+
+    # Make sure the tarball is downloaded
+    if not os.path.exists(tarball_path):
+        print("Downloading {}".format(tarball_url))
+        r = requests.get(tarball_url)
+        open(tarball_path, "wb").write(r.content)
+        tarball_sha256 = hashlib.sha256(r.content).hexdigest()
+    else:
+        tarball_data = open(tarball_path, "rb").read()
+        tarball_sha256 = hashlib.sha256(tarball_data).hexdigest()
+
+    # Compare the hash
+    if tarball_sha256 != expected_tarball_sha256:
+        print("ERROR! The sha256 doesn't match:")
+        print("expected: {}".format(expected_tarball_sha256))
+        print("  actual: {}".format(tarball_sha256))
+        sys.exit(-1)
+
+    # Delete extracted tarball, if it's there
+    shutil.rmtree(os.path.join(working_path, "tor-browser_en-US"), ignore_errors=True)
+
+    # Extract the tarball
+    subprocess.call(["tar", "-xvf", tarball_path], cwd=working_path)
+    tarball_tor_path = os.path.join(
+        working_path, "tor-browser_en-US", "Browser", "TorBrowser"
+    )
+
+    # Copy into dist
+    shutil.copyfile(
+        os.path.join(tarball_tor_path, "Data", "Tor", "geoip"),
+        os.path.join(dist_path, "geoip"),
+    )
+    shutil.copyfile(
+        os.path.join(tarball_tor_path, "Data", "Tor", "geoip6"),
+        os.path.join(dist_path, "geoip6"),
+    )
+    shutil.copyfile(
+        os.path.join(tarball_tor_path, "Tor", "tor"),
+        os.path.join(dist_path, "tor"),
+    )
+    os.chmod(os.path.join(dist_path, "tor"), 0o755)
+    shutil.copyfile(
+        os.path.join(tarball_tor_path, "Tor", "libcrypto.so.1.1"),
+        os.path.join(dist_path, "libcrypto.so.1.1"),
+    )
+    shutil.copyfile(
+        os.path.join(tarball_tor_path, "Tor", "libevent-2.1.so.7"),
+        os.path.join(dist_path, "libevent-2.1.so.7"),
+    )
+    shutil.copyfile(
+        os.path.join(tarball_tor_path, "Tor", "libssl.so.1.1"),
+        os.path.join(dist_path, "libssl.so.1.1"),
+    )
+    shutil.copyfile(
+        os.path.join(tarball_tor_path, "Tor", "libstdc++", "libstdc++.so.6"),
+        os.path.join(dist_path, "libstdc++.so.6"),
+    )
+    shutil.copyfile(
+        os.path.join(tarball_tor_path, "Tor", "PluggableTransports", "obfs4proxy"),
+        os.path.join(dist_path, "obfs4proxy"),
+    )
+    os.chmod(os.path.join(dist_path, "obfs4proxy"), 0o755)
+    shutil.copyfile(
+        os.path.join(
+            tarball_tor_path, "Tor", "PluggableTransports", "snowflake-client"
+        ),
+        os.path.join(dist_path, "snowflake-client"),
+    )
+    os.chmod(os.path.join(dist_path, "snowflake-client"), 0o755)
+
+    print(f"Tor binaries extracted to: {dist_path}")
+
+
+if __name__ == "__main__":
+    main()