mirror of
https://github.com/onionshare/onionshare.git
synced 2025-01-15 01:07:21 -05:00
870 lines
34 KiB
YAML
870 lines
34 KiB
YAML
version: 2.1
|
|
|
|
orbs:
|
|
win: circleci/windows@4.0.0
|
|
|
|
workflows:
|
|
version: 2
|
|
ci:
|
|
jobs:
|
|
- test-cli
|
|
# - test-gui
|
|
- build-tor-windows:
|
|
requires:
|
|
- test-cli
|
|
# - build-win64:
|
|
# requires:
|
|
# - test-cli
|
|
# # - test-gui
|
|
# - build-win32:
|
|
# requires:
|
|
# - test-cli
|
|
# # - test-gui
|
|
# - build-macos:
|
|
# requires:
|
|
# - test-cli
|
|
# # - test-gui
|
|
|
|
jobs:
|
|
test-cli:
|
|
docker:
|
|
- image: cimg/python:3.9
|
|
steps:
|
|
- checkout
|
|
- run:
|
|
name: Install dependencies
|
|
command: |
|
|
sudo apt-get update
|
|
sudo apt-get -y install tor obfs4proxy
|
|
- restore_cache:
|
|
key: test-cli-poetry-deps-{{ .Environment.CACHE_VERSION }}-{{ checksum "~/project/cli/poetry.lock" }}
|
|
- run:
|
|
name: Install poetry dependencies
|
|
command: |
|
|
cd ~/project/cli
|
|
poetry install
|
|
- save_cache:
|
|
key: test-cli-poetry-deps-{{ .Environment.CACHE_VERSION }}-{{ checksum "~/project/cli/poetry.lock" }}
|
|
paths:
|
|
- /home/circleci/.cache/pypoetry/virtualenvs
|
|
- run:
|
|
name: Run tests
|
|
command: |
|
|
cd ~/project/cli
|
|
poetry run pytest -v ./tests
|
|
poetry run onionshare-cli --local-only ./tests --auto-stop-timer 2
|
|
poetry run onionshare-cli --local-only --receive --auto-stop-timer 2
|
|
poetry run onionshare-cli --local-only --website ../docs --auto-stop-timer 2
|
|
poetry run onionshare-cli --local-only --chat --auto-stop-timer 2
|
|
|
|
test-gui:
|
|
docker:
|
|
- image: cimg/python:3.9
|
|
steps:
|
|
- checkout
|
|
- run:
|
|
name: Install dependencies
|
|
command: |
|
|
sudo apt-get update
|
|
sudo apt-get install -y tor obfs4proxy gcc python3-dev python3-pyside2.qtcore python3-pyside2.qtwidgets python3-pyside2.qtgui
|
|
sudo apt-get install -y xvfb x11-utils libxkbcommon-x11-0 libxcb-randr0-dev libxcb-xtest0-dev libxcb-xinerama0-dev libxcb-shape0-dev libxcb-xkb-dev libxcb-render-util0 libxcb-icccm4 libxcb-keysyms1 libxcb-image0
|
|
- restore_cache:
|
|
key: test-desktop-poetry-deps-{{ checksum "~/project/desktop/poetry.lock" }}-{{ .Environment.CACHE_VERSION }}
|
|
- run:
|
|
name: Install poetry dependencies
|
|
command: |
|
|
cd ~/project/desktop
|
|
poetry install
|
|
- save_cache:
|
|
key: test-desktop-poetry-deps-{{ checksum "~/project/desktop/poetry.lock" }}-{{ .Environment.CACHE_VERSION }}
|
|
paths:
|
|
- /home/circleci/.cache/pypoetry/virtualenvs
|
|
- run:
|
|
name: Run tests
|
|
command: |
|
|
cd ~/project/desktop
|
|
QT_DEBUG_PLUGINS=1 xvfb-run poetry run pytest -v ./tests/test_gui_*.py
|
|
|
|
# Based off of https://github.com/ahf/tor-win32
|
|
build-tor-windows:
|
|
docker:
|
|
- image: cimg/python:3.9
|
|
environment:
|
|
# NOTE: change when upgrading openssl
|
|
OPENSSL_VERSION: "3.0.3"
|
|
# NOTE: change when upgrading libevent
|
|
LIBEVENT_VERSION: "2.1.12-stable"
|
|
# NOTE: change when upgrading tor
|
|
TOR_TAG: tor-0.4.7.7
|
|
steps:
|
|
- checkout
|
|
- run:
|
|
name: Install build dependencies
|
|
command: |
|
|
sudo apt-get update
|
|
sudo apt-get install -y autoconf automake libtool
|
|
sudo apt-get install -y gcc-mingw-w64-i686 gcc-mingw-w64-x86-64 libz-mingw-w64-dev
|
|
|
|
- run:
|
|
name: Create folders
|
|
command: |
|
|
mkdir ~/build
|
|
mkdir ~/build/src
|
|
mkdir ~/build/dist
|
|
mkdir ~/build/prefix-openssl-x32
|
|
mkdir ~/build/prefix-openssl-x64
|
|
mkdir ~/build/prefix-libevent-x32
|
|
mkdir ~/build/prefix-libevent-x64
|
|
mkdir ~/build/prefix-tor-x32
|
|
mkdir ~/build/prefix-tor-x64
|
|
|
|
- restore_cache:
|
|
# NOTE: change when upgrading openssl
|
|
key: build-tor-windows-openssl-3.0.3-{{ .Environment.CACHE_VERSION }}
|
|
- run:
|
|
name: Build openssl
|
|
command: |
|
|
if [[ -d "~/build/prefix-openssl-x32/bin" ]]; then
|
|
echo "openssl already compiled, skipping"
|
|
exit 0
|
|
fi
|
|
|
|
cd ~/build/dist
|
|
|
|
# download
|
|
wget https://www.openssl.org/source/openssl-$OPENSSL_VERSION.tar.gz
|
|
echo "ee0078adcef1de5f003c62c80cc96527721609c6f3bb42b7795df31f8b558c0b openssl-$OPENSSL_VERSION.tar.gz" | sha256sum --check --status
|
|
if [ $? -ne 0 ]; then
|
|
echo "openssl checksum failed"
|
|
exit -1
|
|
fi
|
|
|
|
# extract
|
|
cd ~/build/
|
|
tar zxfv ~/build/dist/openssl-$OPENSSL_VERSION.tar.gz -C ~/build/src/
|
|
mv ~/build/src/openssl-$OPENSSL_VERSION ~/build/src/openssl-$OPENSSL_VERSION-x32
|
|
cp -r ~/build/src/openssl-$OPENSSL_VERSION-x32 ~/build/src/openssl-$OPENSSL_VERSION-x64
|
|
|
|
# build 32-bit
|
|
export MINGW=mingw
|
|
export HOST=i686-w64-mingw32
|
|
cd ~/build/src/openssl-$OPENSSL_VERSION-x32
|
|
./Configure $MINGW shared --cross-compile-prefix=$HOST- --prefix=/home/circleci/build/prefix-openssl-x32
|
|
make -j$(nproc)
|
|
make install
|
|
|
|
# build 64-bit
|
|
export MINGW=mingw64
|
|
export HOST=x86_64-w64-mingw32
|
|
cd ~/build/src/openssl-$OPENSSL_VERSION-x64
|
|
./Configure $MINGW shared --cross-compile-prefix=$HOST- --prefix=/home/circleci/build/prefix-openssl-x64
|
|
make -j$(nproc)
|
|
make install
|
|
- save_cache:
|
|
# NOTE: change when upgrading openssl
|
|
key: build-tor-windows-openssl-3.0.3-{{ .Environment.CACHE_VERSION }}
|
|
paths:
|
|
- /home/circleci/build/prefix-openssl-x32
|
|
- /home/circleci/build/prefix-openssl-x64
|
|
|
|
- restore_cache:
|
|
# NOTE: change when upgrading libevent
|
|
key: build-tor-windows-libevent-2.1.12-stable-{{ .Environment.CACHE_VERSION }}
|
|
- run:
|
|
name: Build libevent
|
|
command: |
|
|
if [[ -d "~/build/prefix-libevent-x32/lib" ]]; then
|
|
echo "libevent already compiled, skipping"
|
|
exit 0
|
|
fi
|
|
|
|
cd ~/build/dist
|
|
|
|
# download
|
|
wget https://github.com/libevent/libevent/releases/download/release-$LIBEVENT_VERSION/libevent-$LIBEVENT_VERSION.tar.gz
|
|
echo "92e6de1be9ec176428fd2367677e61ceffc2ee1cb119035037a27d346b0403bb libevent-$LIBEVENT_VERSION.tar.gz" | sha256sum --check --status
|
|
if [ $? -ne 0 ]; then
|
|
echo "libevent checksum failed"
|
|
exit -1
|
|
fi
|
|
|
|
# extract
|
|
cd ~/build/
|
|
tar zxfv ~/build/dist/libevent-$LIBEVENT_VERSION.tar.gz -C ~/build/src/
|
|
mv ~/build/src/libevent-$LIBEVENT_VERSION ~/build/src/libevent-$LIBEVENT_VERSION-x32
|
|
cp -r ~/build/src/libevent-$LIBEVENT_VERSION-x32 ~/build/src/libevent-$LIBEVENT_VERSION-x64
|
|
|
|
# build 32-bit
|
|
export MINGW=mingw
|
|
export HOST=i686-w64-mingw32
|
|
cd ~/build/src/libevent-$LIBEVENT_VERSION-x32
|
|
./configure --host=$HOST --prefix=/home/circleci/build/prefix-libevent-x32 --disable-openssl
|
|
make -j$(nproc)
|
|
make install
|
|
|
|
# build 64-bit
|
|
export MINGW=mingw64
|
|
export HOST=x86_64-w64-mingw32
|
|
cd ~/build/src/libevent-$LIBEVENT_VERSION-x64
|
|
./configure --host=$HOST --prefix=/home/circleci/build/prefix-libevent-x64 --disable-openssl
|
|
make -j$(nproc)
|
|
make install
|
|
- save_cache:
|
|
# NOTE: change when upgrading libevent
|
|
key: build-tor-windows-libevent-2.1.12-stable-{{ .Environment.CACHE_VERSION }}
|
|
paths:
|
|
- /home/circleci/build/prefix-libevent-x32
|
|
- /home/circleci/build/prefix-libevent-x64
|
|
|
|
- restore_cache:
|
|
# NOTE: change when upgrading tor
|
|
key: build-tor-windows-tor-0.4.7.7-{{ .Environment.CACHE_VERSION }}
|
|
- run:
|
|
name: Build tor
|
|
command: |
|
|
if [[ -d "~/build/prefix-tor-x32/bin" ]]; then
|
|
echo "tor already compiled, skipping"
|
|
exit 0
|
|
fi
|
|
|
|
# git clone
|
|
curl https://keys.openpgp.org/vks/v1/by-fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36 | gpg --import
|
|
cd ~/build/src
|
|
git clone https://git.torproject.org/tor.git
|
|
cd tor
|
|
git tag -v $TOR_TAG
|
|
if [ $? -ne 0 ]; then
|
|
echo "tor tag doesn't verify"
|
|
exit -1
|
|
fi
|
|
git checkout $TOR_TAG
|
|
|
|
cd ~/build
|
|
mv ~/build/src/tor ~/build/src/tor-x32
|
|
cp -r ~/build/src/tor-x32 ~/build/src/tor-x64
|
|
|
|
# build 32-bit
|
|
export MINGW=mingw
|
|
export HOST=i686-w64-mingw32
|
|
cd ~/build/src/tor-x32
|
|
./configure --host=$HOST \
|
|
--disable-asciidoc \
|
|
--disable-zstd \
|
|
--disable-lzma \
|
|
--enable-static-libevent \
|
|
--with-libevent-dir=/home/circleci/build/prefix-libevent-x32 \
|
|
--enable-static-openssl \
|
|
--with-openssl-dir=/home/circleci/build/prefix-openssl-x32 \
|
|
--disable-tool-name-check \
|
|
--enable-fatal-warnings \
|
|
--prefix=/home/circleci/build/prefix-tor-x32
|
|
make -j$(nproc)
|
|
make install
|
|
|
|
# build 64-bit
|
|
export MINGW=mingw64
|
|
export HOST=x86_64-w64-mingw32
|
|
cd ~/build/src/tor-x64
|
|
./configure --host=$HOST \
|
|
--disable-asciidoc \
|
|
--disable-zstd \
|
|
--disable-lzma \
|
|
--enable-static-libevent \
|
|
--with-libevent-dir=/home/circleci/build/prefix-libevent-x64 \
|
|
--enable-static-openssl \
|
|
--with-openssl-dir=/home/circleci/build/prefix-openssl-x64 \
|
|
--disable-tool-name-check \
|
|
--enable-fatal-warnings \
|
|
--prefix=/home/circleci/build/prefix-tor-x64
|
|
make -j$(nproc)
|
|
make install
|
|
- save_cache:
|
|
# NOTE: change when upgrading tor
|
|
key: build-tor-windows-tor-0.4.7.7-{{ .Environment.CACHE_VERSION }}
|
|
paths:
|
|
- /home/circleci/build/prefix-tor-x32
|
|
- /home/circleci/build/prefix-tor-x64
|
|
|
|
- persist_to_workspace:
|
|
root: ~/build/prefix
|
|
paths:
|
|
- prefix-tor-x32
|
|
- prefix-tor-x64
|
|
|
|
build-win64:
|
|
executor:
|
|
name: win/default
|
|
shell: powershell.exe
|
|
environment:
|
|
# NOTE: change when upgrading libevent
|
|
LIBEVENT_TAG: release-2.1.12-stable
|
|
# NOTE: change when upgrading tor
|
|
TOR_TAG: tor-0.4.7.7
|
|
# NOTE: change when upgrading obfs4proxy
|
|
OBFS4PROXY_TAG: obfs4proxy-0.0.13
|
|
# NOTE: change when upgrading snowflake
|
|
SNOWFLAKE_TAG: v2.2.0
|
|
# NOTE: change when upgrading meek
|
|
MEEK_TAG: v0.37.0
|
|
steps:
|
|
- checkout
|
|
|
|
- run:
|
|
name: Install cygwin and required packages
|
|
shell: bash.exe --login -eo pipefail
|
|
command: |
|
|
curl -o setup-x86_64.exe https://cygwin.com/setup-x86_64.exe
|
|
curl -o setup-x86_64.exe.sig https://cygwin.com/setup-x86_64.exe.sig
|
|
curl -o pubring.asc https://cygwin.com/key/pubring.asc
|
|
|
|
gpg --import pubring.asc
|
|
gpg --verify setup-x86_64.exe.sig setup-x86_64.exe
|
|
if [ $? -ne 0 ]; then
|
|
echo "cygwin signature doesn't verify"
|
|
exit -1
|
|
fi
|
|
|
|
./setup-x86_64.exe -q -s https://mirrors.kernel.org/sourceware/cygwin/ \
|
|
-P libssl-devel,zlib-devel,git,gcc-core,make,autoconf,automake,libtool,gnupg
|
|
|
|
- restore_cache:
|
|
# NOTE: change when upgrading libevent
|
|
key: build-win64-libevent-2.1.12-stable-{{ .Environment.CACHE_VERSION }}
|
|
- run:
|
|
name: Build libevent
|
|
shell: C:\\cygwin64\\bin\\bash.exe --login -eo pipefail
|
|
command: |
|
|
if [[ -d "/cygdrive/c/Users/circleci/build/libevent" ]]; then
|
|
echo "libevent already compiled, skipping"
|
|
exit 0
|
|
fi
|
|
|
|
mkdir -p /cygdrive/c/Users/circleci/src
|
|
mkdir -p /cygdrive/c/Users/circleci/build
|
|
|
|
# Get source
|
|
curl "https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x9e3ac83a27974b84d1b3401db86086848ef8686d" | gpg --import
|
|
cd /cygdrive/c/Users/circleci/src
|
|
git clone https://github.com/libevent/libevent.git
|
|
cd libevent
|
|
git tag -v $LIBEVENT_TAG
|
|
if [ $? -ne 0 ]; then
|
|
echo "libevent tag doesn't verify"
|
|
exit -1
|
|
fi
|
|
git checkout $LIBEVENT_TAG
|
|
|
|
# Build
|
|
./autogen.sh
|
|
./configure \
|
|
--prefix=/cygdrive/c/Users/circleci/build/libevent \
|
|
--with-pic
|
|
make -j$(nproc)
|
|
make install
|
|
- save_cache:
|
|
# NOTE: change when upgrading libevent
|
|
key: build-win64-libevent-2.1.12-stable-{{ .Environment.CACHE_VERSION }}
|
|
paths:
|
|
- C:\Users\circleci\build\libevent
|
|
|
|
- restore_cache:
|
|
# NOTE: change when upgrading tor
|
|
key: build-win64-tor-0.4.7.7-{{ .Environment.CACHE_VERSION }}
|
|
- run:
|
|
name: Build tor
|
|
shell: C:\\cygwin64\\bin\\bash.exe --login -eo pipefail
|
|
command: |
|
|
if [[ -d "/cygdrive/c/Users/circleci/build/tor" ]]; then
|
|
echo "tor already compiled, skipping"
|
|
exit 0
|
|
fi
|
|
|
|
mkdir -p /cygdrive/c/Users/circleci/src
|
|
mkdir -p /cygdrive/c/Users/circleci/build
|
|
|
|
# Get source
|
|
curl https://keys.openpgp.org/vks/v1/by-fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36 | gpg --import
|
|
cd /cygdrive/c/Users/circleci/src
|
|
git clone https://git.torproject.org/tor.git
|
|
cd tor
|
|
git tag -v $TOR_TAG
|
|
if [ $? -ne 0 ]; then
|
|
echo "tor tag doesn't verify"
|
|
exit -1
|
|
fi
|
|
git checkout $TOR_TAG
|
|
|
|
# Build
|
|
./autogen.sh
|
|
./configure \
|
|
--prefix=/cygdrive/c/Users/circleci/build/tor \
|
|
--disable-asciidoc \
|
|
--enable-static-libevent \
|
|
--with-libevent-dir=/cygdrive/c/Users/circleci/build/libevent
|
|
make -j$(nproc)
|
|
make install
|
|
- save_cache:
|
|
# NOTE: change when upgrading tor
|
|
key: build-win64-tor-0.4.7.7-{{ .Environment.CACHE_VERSION }}
|
|
paths:
|
|
- C:\Users\circleci\build\tor
|
|
|
|
- run:
|
|
name: Copy tor binaries into project
|
|
command: |
|
|
New-Item -ItemType Directory -Force -Path C:\Users\circleci\project\desktop\onionshare\resources\tor
|
|
Copy-Item -Path C:\Users\circleci\build\tor\bin\tor.exe -Destination C:\Users\circleci\project\desktop\onionshare\resources\tor
|
|
Copy-Item -Path C:\Users\circleci\build\tor\share\tor\geoip -Destination C:\Users\circleci\project\desktop\onionshare\resources\tor
|
|
Copy-Item -Path C:\Users\circleci\build\tor\share\tor\geoip6 -Destination C:\Users\circleci\project\desktop\onionshare\resources\tor
|
|
|
|
- restore_cache:
|
|
# NOTE: change when upgrading obfs4proxy
|
|
key: build-win64-obfs4proxy-v0.0.13-{{ .Environment.CACHE_VERSION }}
|
|
- run:
|
|
name: Build obfs4proxy
|
|
command: |
|
|
if ((Test-Path -Path C:\Users\circleci\project\desktop\onionshare\resources\tor\obfs4proxy.exe) -eq $True) {
|
|
Write-Output "obfs4proxy already built"
|
|
} else {
|
|
# curl https://keys.openpgp.org/vks/v1/by-fingerprint/9EB1A490C73CC5D44DFB3E47BFBD1C7B8A6EC81A | gpg --import
|
|
New-Item -ItemType Directory -Force -Path C:\Users\circleci\src\obfs4proxy
|
|
cd C:\Users\circleci\src\obfs4proxy
|
|
git clone https://gitlab.com/yawning/obfs4
|
|
cd obfs4
|
|
# TODO: verify signature
|
|
git checkout $OBFS4PROXY_TAG
|
|
go build .\obfs4proxy
|
|
Move-Item -Path .\obfs4proxy.exe -Destination C:\Users\circleci\project\desktop\onionshare\resources\tor\obfs4proxy.exe
|
|
}
|
|
- save_cache:
|
|
# NOTE: change when upgrading obfs4proxy
|
|
key: build-win64-obfs4proxy-v0.0.13-{{ .Environment.CACHE_VERSION }}
|
|
paths:
|
|
- C:\Users\circleci\project\desktop\onionshare\resources\tor\obfs4proxy.exe
|
|
|
|
- restore_cache:
|
|
# NOTE: change when upgrading snowflake
|
|
key: build-win64-snowflake-v2.1.0-{{ .Environment.CACHE_VERSION }}
|
|
- run:
|
|
name: Build snowflake-client
|
|
command: |
|
|
if ((Test-Path -Path C:\Users\circleci\project\desktop\onionshare\resources\tor\snowflake-client.exe) -eq $True) {
|
|
Write-Output "snowflake already built"
|
|
} else {
|
|
New-Item -ItemType Directory -Force -Path C:\Users\circleci\src\obfs4proxy
|
|
cd C:\Users\circleci\src\obfs4proxy
|
|
git clone https://git.torproject.org/pluggable-transports/snowflake.git
|
|
cd snowflake
|
|
# TODO: verify signature
|
|
git checkout $SNOWFLAKE_TAG
|
|
go build .\client
|
|
Move-Item -Path .\client.exe -Destination C:\Users\circleci\project\desktop\onionshare\resources\tor\snowflake-client.exe
|
|
}
|
|
- save_cache:
|
|
# NOTE: change when upgrading snowflake
|
|
key: build-win64-snowflake-v2.1.0-{{ .Environment.CACHE_VERSION }}
|
|
paths:
|
|
- C:\Users\circleci\project\desktop\onionshare\resources\tor\snowflake-client.exe
|
|
|
|
- restore_cache:
|
|
# NOTE: change when upgrading meek
|
|
key: build-win64-meek-v0.37.0-{{ .Environment.CACHE_VERSION }}
|
|
- run:
|
|
name: Build meek-client
|
|
command: |
|
|
if ((Test-Path -Path C:\Users\circleci\project\desktop\onionshare\resources\tor\meek-client.exe) -eq $True) {
|
|
Write-Output "snowflake already built"
|
|
} else {
|
|
New-Item -ItemType Directory -Force -Path C:\Users\circleci\src\meek
|
|
cd C:\Users\circleci\src\meek
|
|
git clone https://git.torproject.org/pluggable-transports/meek.git
|
|
cd meek
|
|
# TODO: verify signature
|
|
git checkout $MEEK_TAG
|
|
go build .\meek-client
|
|
Move-Item -Path .\meek-client.exe -Destination C:\Users\circleci\project\desktop\onionshare\resources\tor\meek-client.exe
|
|
}
|
|
- save_cache:
|
|
# NOTE: change when upgrading meek
|
|
key: build-win64-meek-v0.37.0-{{ .Environment.CACHE_VERSION }}
|
|
paths:
|
|
- C:\Users\circleci\project\desktop\onionshare\resources\tor\Tor\meek-client.exe
|
|
|
|
- run:
|
|
name: Install Python 3.9.12
|
|
command: |
|
|
choco install python3 --version=3.9.12
|
|
|
|
- run:
|
|
name: Install poetry
|
|
command: (Invoke-WebRequest -Uri https://raw.githubusercontent.com/python-poetry/poetry/master/get-poetry.py -UseBasicParsing).Content | python -
|
|
|
|
- restore_cache:
|
|
key: build-win64-desktop-poetry-deps-{{ checksum "~/project/desktop/poetry.lock" }}-{{ .Environment.CACHE_VERSION }}
|
|
- run:
|
|
name: Install poetry dependencies
|
|
command: |
|
|
cd C:\Users\circleci\project\desktop
|
|
poetry install
|
|
- save_cache:
|
|
key: build-win64-desktop-poetry-deps-{{ checksum "~/project/desktop/poetry.lock" }}-{{ .Environment.CACHE_VERSION }}
|
|
paths:
|
|
- C:\Users\circleci\AppData\Local\pypoetry\Cache\virtualenvs
|
|
|
|
- run:
|
|
name: Build OnionShare
|
|
command: |
|
|
cd ~\project\desktop
|
|
poetry run python .\setup-freeze.py build
|
|
poetry run python .\scripts\build-windows.py cleanup-build
|
|
|
|
- run:
|
|
name: Compress
|
|
command: |
|
|
mv ~\project\desktop\build\exe.win-amd64-3.9\ ~\onionshare-win64
|
|
Compress-Archive -LiteralPath ~\onionshare-win64 -DestinationPath ~\onionshare-win64.zip
|
|
|
|
- store_artifacts:
|
|
path: ~\onionshare-win64.zip
|
|
|
|
build-win32:
|
|
executor:
|
|
name: win/default
|
|
shell: powershell.exe
|
|
environment:
|
|
# NOTE: change when upgrading tor
|
|
TOR_TAG: tor-0.4.7.7
|
|
# NOTE: change when upgrading obfs4proxy
|
|
OBFS4PROXY_TAG: obfs4proxy-0.0.13
|
|
# NOTE: change when upgrading snowflake
|
|
SNOWFLAKE_TAG: v2.2.0
|
|
# NOTE: change when upgrading meek
|
|
MEEK_TAG: v0.37.0
|
|
steps:
|
|
- checkout
|
|
|
|
- run:
|
|
name: Install cygwin (32-bit) and required packages
|
|
shell: bash.exe --login -eo pipefail
|
|
command: |
|
|
curl -o setup-x86.exe https://cygwin.com/setup-x86.exe
|
|
curl -o setup-x86.exe.sig https://cygwin.com/setup-x86.exe.sig
|
|
curl -o pubring.asc https://cygwin.com/key/pubring.asc
|
|
|
|
gpg --import pubring.asc
|
|
gpg --verify setup-x86.exe.sig setup-x86.exe
|
|
if [ $? -ne 0 ]; then
|
|
echo "cygwin signature doesn't verify"
|
|
exit -1
|
|
fi
|
|
|
|
./setup-x86.exe -q -s https://mirrors.kernel.org/sourceware/cygwin/ \
|
|
-P libssl-devel,libevent-devel,zlib-devel,git,gcc-core,make,autoconf,automake,libtool,gnupg
|
|
|
|
- restore_cache:
|
|
# NOTE: change when upgrading tor
|
|
key: build-win32-tor-0.4.7.7-{{ .Environment.CACHE_VERSION }}
|
|
- run:
|
|
name: Build tor
|
|
shell: C:\\cygwin\\bin\\bash.exe --login -eo pipefail
|
|
command: |
|
|
if [[ -d "/cygdrive/c/Users/circleci/build/tor" ]]; then
|
|
echo "tor already compiled, skipping"
|
|
exit 0
|
|
fi
|
|
|
|
mkdir -p /cygdrive/c/Users/circleci/src
|
|
mkdir -p /cygdrive/c/Users/circleci/build
|
|
|
|
# Get source
|
|
curl https://keys.openpgp.org/vks/v1/by-fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36 | gpg --import
|
|
cd /cygdrive/c/Users/circleci/src
|
|
git clone https://git.torproject.org/tor.git
|
|
cd tor
|
|
git tag -v $TOR_TAG
|
|
if [ $? -ne 0 ]; then
|
|
echo "tor tag doesn't verify"
|
|
exit -1
|
|
fi
|
|
git checkout $TOR_TAG
|
|
|
|
# Build
|
|
./autogen.sh
|
|
./configure \
|
|
--prefix=/opt/tor-build \
|
|
--disable-asciidoc
|
|
make -j$(nproc)
|
|
make install
|
|
cp -r /opt/tor-build /cygdrive/c/Users/circleci/build/tor
|
|
- save_cache:
|
|
# NOTE: change when upgrading tor
|
|
key: build-win32-tor-0.4.7.7-{{ .Environment.CACHE_VERSION }}
|
|
paths:
|
|
- C:\Users\circleci\build\tor
|
|
|
|
- run:
|
|
name: Copy tor binaries into project
|
|
command: |
|
|
New-Item -ItemType Directory -Force -Path C:\Users\circleci\project\desktop\onionshare\resources\tor
|
|
Copy-Item -Path C:\Users\circleci\build\tor\bin\tor.exe -Destination C:\Users\circleci\project\desktop\onionshare\resources\tor
|
|
Copy-Item -Path C:\Users\circleci\build\tor\share\tor\geoip -Destination C:\Users\circleci\project\desktop\onionshare\resources\tor
|
|
Copy-Item -Path C:\Users\circleci\build\tor\share\tor\geoip6 -Destination C:\Users\circleci\project\desktop\onionshare\resources\tor
|
|
|
|
- run:
|
|
name: Install golang (32-bit)
|
|
command: |
|
|
cd ~\Downloads
|
|
Invoke-WebRequest -Uri https://go.dev/dl/go1.18.windows-386.msi -OutFile go1.18.windows-386.msi
|
|
msiexec.exe /i go1.18.windows-386.msi /quiet /L*V go-install.log
|
|
|
|
- restore_cache:
|
|
# NOTE: change when upgrading obfs4proxy
|
|
key: build-win32-obfs4proxy-v0.0.13-{{ .Environment.CACHE_VERSION }}
|
|
- run:
|
|
name: Build obfs4proxy (32-bit)
|
|
command: |
|
|
if ((Test-Path -Path C:\Users\circleci\project\desktop\onionshare\resources\tor\obfs4proxy.exe) -eq $True) {
|
|
Write-Output "obfs4proxy already built"
|
|
} else {
|
|
# curl https://keys.openpgp.org/vks/v1/by-fingerprint/9EB1A490C73CC5D44DFB3E47BFBD1C7B8A6EC81A | gpg --import
|
|
New-Item -ItemType Directory -Force -Path C:\Users\circleci\src\obfs4proxy
|
|
cd C:\Users\circleci\src\obfs4proxy
|
|
git clone https://gitlab.com/yawning/obfs4
|
|
cd obfs4
|
|
# TODO: verify signature
|
|
git checkout $OBFS4PROXY_TAG
|
|
"C:\Program Files (x86)\Go\bin\go" build .\obfs4proxy
|
|
Move-Item -Path .\obfs4proxy.exe -Destination C:\Users\circleci\project\desktop\onionshare\resources\tor\obfs4proxy.exe
|
|
}
|
|
- save_cache:
|
|
# NOTE: change when upgrading obfs4proxy
|
|
key: build-win32-obfs4proxy-v0.0.13-{{ .Environment.CACHE_VERSION }}
|
|
paths:
|
|
- C:\Users\circleci\project\desktop\onionshare\resources\tor\obfs4proxy.exe
|
|
|
|
- restore_cache:
|
|
# NOTE: change when upgrading snowflake
|
|
key: build-win32-snowflake-v2.1.0-{{ .Environment.CACHE_VERSION }}
|
|
- run:
|
|
name: Build snowflake-client (32-bit)
|
|
command: |
|
|
if ((Test-Path -Path C:\Users\circleci\project\desktop\onionshare\resources\tor\snowflake-client.exe) -eq $True) {
|
|
Write-Output "snowflake already built"
|
|
} else {
|
|
New-Item -ItemType Directory -Force -Path C:\Users\circleci\src\obfs4proxy
|
|
cd C:\Users\circleci\src\obfs4proxy
|
|
git clone https://git.torproject.org/pluggable-transports/snowflake.git
|
|
cd snowflake
|
|
# TODO: verify signature
|
|
git checkout $SNOWFLAKE_TAG
|
|
"C:\Program Files (x86)\Go\bin\go" build .\client
|
|
Move-Item -Path .\client.exe -Destination C:\Users\circleci\project\desktop\onionshare\resources\tor\snowflake-client.exe
|
|
}
|
|
- save_cache:
|
|
# NOTE: change when upgrading snowflake
|
|
key: build-win32-snowflake-v2.1.0-{{ .Environment.CACHE_VERSION }}
|
|
paths:
|
|
- C:\Users\circleci\project\desktop\onionshare\resources\tor\snowflake-client.exe
|
|
|
|
- restore_cache:
|
|
# NOTE: change when upgrading meek
|
|
key: build-win32-meek-v0.37.0-{{ .Environment.CACHE_VERSION }}
|
|
- run:
|
|
name: Build meek-client (32-bit)
|
|
command: |
|
|
if ((Test-Path -Path C:\Users\circleci\project\desktop\onionshare\resources\tor\meek-client.exe) -eq $True) {
|
|
Write-Output "snowflake already built"
|
|
} else {
|
|
New-Item -ItemType Directory -Force -Path C:\Users\circleci\src\meek
|
|
cd C:\Users\circleci\src\meek
|
|
git clone https://git.torproject.org/pluggable-transports/meek.git
|
|
cd meek
|
|
# TODO: verify signature
|
|
git checkout $MEEK_TAG
|
|
"C:\Program Files (x86)\Go\bin\go" build .\meek-client
|
|
Move-Item -Path .\meek-client.exe -Destination C:\Users\circleci\project\desktop\onionshare\resources\tor\meek-client.exe
|
|
}
|
|
- save_cache:
|
|
# NOTE: change when upgrading meek
|
|
key: build-win32-meek-v0.37.0-{{ .Environment.CACHE_VERSION }}
|
|
paths:
|
|
- C:\Users\circleci\project\desktop\onionshare\resources\tor\Tor\meek-client.exe
|
|
|
|
- run:
|
|
name: Install Python 3.9.12 (32-bit)
|
|
command: |
|
|
choco install python3 --params "/InstallDir32:C:\Python-32bit" --version=3.9.12
|
|
|
|
- run:
|
|
name: Install poetry (32-bit)
|
|
command: C:\Python-32bit\Scripts\pip install poetry
|
|
|
|
- restore_cache:
|
|
key: build-win32-desktop-poetry-deps-{{ checksum "~/project/desktop/poetry.lock" }}-{{ .Environment.CACHE_VERSION }}
|
|
- run:
|
|
name: Install poetry dependencies
|
|
command: |
|
|
cd ~\project\desktop
|
|
C:\Python-32bit\Scripts\poetry install
|
|
- save_cache:
|
|
key: build-win32-desktop-poetry-deps-{{ checksum "~/project/desktop/poetry.lock" }}-{{ .Environment.CACHE_VERSION }}
|
|
paths:
|
|
- C:\Users\circleci\AppData\Local\pypoetry\Cache\virtualenvs
|
|
|
|
- run:
|
|
name: Build OnionShare
|
|
command: |
|
|
cd ~\project\desktop
|
|
C:\Python-32bit\Scripts\poetry run python .\setup-freeze.py build
|
|
C:\Python-32bit\Scripts\poetry run python .\scripts\build-windows.py cleanup-build
|
|
|
|
- run:
|
|
name: Compress
|
|
command: |
|
|
mv ~\project\desktop\build\exe.win32-3.9\ ~\onionshare-win32
|
|
Compress-Archive -LiteralPath ~\onionshare-win32 -DestinationPath ~\onionshare-win32.zip
|
|
|
|
- store_artifacts:
|
|
path: ~\onionshare-win32.zip
|
|
|
|
build-macos:
|
|
macos:
|
|
xcode: 12.5.1
|
|
environment:
|
|
BINARY_DIR: /Users/distiller/bin
|
|
steps:
|
|
- checkout
|
|
- run:
|
|
name: Install Homebrew dependencies
|
|
command: |
|
|
brew install wget
|
|
brew install go
|
|
- restore_cache:
|
|
key: build-libevent-2.1.12-tor-0.4.6.10
|
|
- run:
|
|
name: Build libevent and tor
|
|
command: |
|
|
mkdir -p $BINARY_DIR/tor
|
|
# Download and verify libevent
|
|
cd ~/Downloads
|
|
URL=https://github.com/libevent/libevent/releases/download/release-2.1.12-stable/libevent-2.1.12-stable.tar.gz
|
|
FILENAME=libevent-2.1.12-stable.tar.gz
|
|
EXPECTED_SHA256=92e6de1be9ec176428fd2367677e61ceffc2ee1cb119035037a27d346b0403bb
|
|
wget $URL
|
|
SHA256=$(shasum -a 256 $FILENAME | cut -d" " -f1)
|
|
if [ "$SHA256" != "$EXPECTED_SHA256" ]; then echo "Failed" && exit -1; fi
|
|
tar -xvf $FILENAME
|
|
# Build libevent
|
|
cd libevent-2.1.12-stable
|
|
./configure --disable-openssl --prefix=$BINARY_DIR/tor
|
|
make
|
|
make install
|
|
# Download and verify tor
|
|
cd ~/Downloads
|
|
URL=https://dist.torproject.org/tor-0.4.6.10.tar.gz
|
|
FILENAME=tor-0.4.6.10.tar.gz
|
|
EXPECTED_SHA256=94ccd60e04e558f33be73032bc84ea241660f92f58cfb88789bda6893739e31c
|
|
wget $URL
|
|
SHA256=$(shasum -a 256 $FILENAME | cut -d" " -f1)
|
|
if [ "$SHA256" != "$EXPECTED_SHA256" ]; then echo "Failed" && exit -1; fi
|
|
tar -xvf $FILENAME
|
|
# Build tor
|
|
cd tor-0.4.6.10
|
|
./configure --prefix=$BINARY_DIR/tor
|
|
make
|
|
make install
|
|
- save_cache:
|
|
key: build-libevent-2.1.12-tor-0.4.6.10
|
|
paths:
|
|
- /Users/distiller/bin/tor
|
|
- restore_cache:
|
|
key: build-macos-obfs4proxy-v0.0.13
|
|
- run:
|
|
name: Build obfs4proxy
|
|
command: |
|
|
# Get source code
|
|
mkdir ~/Downloads/obfs4proxy
|
|
cd ~/Downloads/obfs4proxy
|
|
git clone https://gitlab.com/yawning/obfs4
|
|
cd obfs4
|
|
git checkout obfs4proxy-0.0.13
|
|
# Build
|
|
go build -o $BINARY_DIR/obfs4proxy ./obfs4proxy
|
|
- save_cache:
|
|
key: build-macos-obfs4proxy-v0.0.13
|
|
paths:
|
|
- /Users/distiller/bin/obfs4proxy
|
|
- restore_cache:
|
|
key: build-macos-snowflake-v2.1.0
|
|
- run:
|
|
name: Build snowflake-client
|
|
command: |
|
|
# Get source code
|
|
mkdir ~/Downloads/snowflake-client
|
|
cd ~/Downloads/snowflake-client
|
|
git clone https://git.torproject.org/pluggable-transports/snowflake.git
|
|
cd snowflake
|
|
git checkout v2.1.0
|
|
# Build
|
|
go build -o $BINARY_DIR/snowflake-client ./client
|
|
- save_cache:
|
|
key: build-macos-snowflake-v2.1.0
|
|
paths:
|
|
- /Users/distiller/bin/snowflake-client
|
|
- restore_cache:
|
|
key: build-macos-meek-v0.37.0
|
|
- run:
|
|
name: Build meek-client
|
|
command: |
|
|
# Get source code
|
|
mkdir ~/Downloads/meek-client
|
|
cd ~/Downloads/meek-client
|
|
git clone https://git.torproject.org/pluggable-transports/meek.git
|
|
cd meek
|
|
git checkout v0.37.0
|
|
# Build
|
|
go build -o $BINARY_DIR/meek-client ./meek-client
|
|
- save_cache:
|
|
key: build-macos-meek-v0.37.0
|
|
paths:
|
|
- /Users/distiller/bin/meek-client
|
|
- run:
|
|
name: Copy binaries into app
|
|
command: |
|
|
export DEST=~\project\desktop\onionshare\resources\tor
|
|
cp $BINARY_DIR/tor/bin/tor $DEST
|
|
cp $BINARY_DIR/tor/lib/libevent-2.1.7.dylib $DEST
|
|
cp $BINARY_DIR/tor/share/tor/geoip* $DEST
|
|
cp $BINARY_DIR/obfs4proxy $DEST
|
|
cp $BINARY_DIR/snowflake-client $DEST
|
|
cp $BINARY_DIR/meek-client $DEST
|
|
- run:
|
|
name: Install Python 3.9.12
|
|
command: |
|
|
wget https://www.python.org/ftp/python/3.9.12/python-3.9.12-macosx10.9.pkg -O ~/Downloads/python.pkg
|
|
sudo installer -pkg ~/Downloads/python.pkg -target /
|
|
- run:
|
|
name: Install poetry
|
|
command: |
|
|
pip3 install poetry
|
|
ln -s /Library/Frameworks/Python.framework/Versions/3.9/bin/poetry /usr/local/bin
|
|
- run:
|
|
name: Install poetry dependencies
|
|
command: |
|
|
cd ~/project/desktop
|
|
poetry install
|
|
- run:
|
|
name: Build OnionShare
|
|
command: |
|
|
cd ~/project/desktop
|
|
poetry run python ./setup-freeze.py build
|
|
poetry run python ./setup-freeze.py bdist_mac
|
|
poetry run python ./scripts/build-macos.py cleanup-build
|
|
- run:
|
|
name: Compress
|
|
command: |
|
|
cd ~/project/desktop/build
|
|
zip -r ~/onionshare-macos.zip OnionShare.app
|
|
- store_artifacts:
|
|
path: ~/onionshare-macos.zip
|