Closed Pleune closed 1 month ago
After looking at this, I think we can safely say that PluggableTransports are thoroughly broken at the moment
With 0a04f7a870e4a7e538387b4f8d0a79f9ebe76cb8 I'm now able to connect to pre-defined bridges using the obfs4 transport. NixOS support blocked by https://github.com/NixOS/patchelf/issues/66
@joachifm I will test this out later today
I think we need to think about building these things from source at some point. I'll be looking into at least building the transports from source, they are a rather important feature for those who need them, after all.
I can confirm your findings. I can connect with predefined obfs4 bridges, The default bridges do not work.
I'm working on a re-write of the tor-browser package at https://github.com/joachifm/nixpkgs/tree/tor-browser Among other things, it adds a hack to allow plugin transports to be executed via the nixpkgs dynamic linker without patchelf, so should improve NixOS compatibility.
Did you ever fix this?
I think we should definitely add pluggable transports to the standard Tor package as well.
My rewrite effort did manage to get some of the transports working (except meek), but I utterly failed to get it working on grsec so lost interest. I might port over some of the wrapper improvements eventually.
From-source is probably the best way to go here. My thinking is that we build a custom bundle ontop of the firefox-esr derivation. My main worry is somehow introducing observable differences in the bundle that'd make nixpkgs users discernable from others ... avoiding that is the primary reason for using the upstream binaries.
Another possibility is to re-write the wrapper so that it copies the entire binary payload into $HOME and runs setfattr on it. That does work.
I have mostly fixed this; all transports work for me now, all that remains is some polish & tweaks.
How did you fix it?
@spacekitteh brute force ... see https://github.com/joachifm/nixpkgs/commit/34c2f30959f027890de461c20ec0249b8b7a2a84
hideous but I guess that can't be helped
What is next here?
Thank you for your contributions.
This has been automatically marked as stale because it has had no activity for 180 days.
If this is still important to you, we ask that you leave a comment below. Your comment can be as simple as "still important to me". This lets people see that at least one person still cares about this. Someone will have to do this at most twice a year if there is no other activity.
Here are suggestions that might help resolve this more quickly:
@joachifm @Pleune any info?
I marked this as stale due to inactivity. → More info
System
Linux nixos 4.4.4 #1-NixOS SMP Thu Mar 3 23:10:04 UTC 2016 x86_64 GNU/Linux
16.09pre78286.0bf8a1a (Emu)
nix-env (Nix) 1.11.2
16.09pre78286.0bf8a1a
The issue:
The PluggableTransports have not been patched. I attempted to add them to the patch phase, but patchelf fails with the following:
output of
file meek-client
:If you would like to see the log from tor: pastebin.com
Steps to reproduce
Install tor-browser and attempt to use a bridge