[Whonix-devel] #19409 [Circumvention/Snowflake]: Make a deb of snowflake and get into Debian

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Mar 18 01:23:41 CET 2020


#19409: Make a deb of snowflake and get into Debian
-------------------------------------+--------------------------
 Reporter:  adrelanos                |          Owner:  cohosh
     Type:  enhancement              |         Status:  assigned
 Priority:  High                     |      Milestone:
Component:  Circumvention/Snowflake  |        Version:
 Severity:  Major                    |     Resolution:
 Keywords:                           |  Actual Points:
Parent ID:                           |         Points:
 Reviewer:                           |        Sponsor:
-------------------------------------+--------------------------

Comment (by arma):

 Replying to [comment:21 anarcat]:
 > golang is still statically linked in Debian, just like everywhere else,
 because the upstream tooling for dynamic linking is non-existent

 Ah ha, right, great.

 So that means definitely smart to get set up with the Debian go team,
 because they will need to know that here is yet another package that needs
 to get rebuilt whenever there's a security update to one of its go libs.

 > >  One of the awesome things about a snowflake deb (i.e. a deb that lets
 people become snowflakes) would be that you just install the deb and it
 magically works from there -- no editing text files, no opening ports, no
 installing tor, etc. Basically all the features of having a Snowflake
 browser extension, but now also in the (headless) deb package world.
 >
 > ... that sometimes involves a lot of tricky debian packaging tricks. It
 is much easier to do this when upstream already provides tools to do that
 hard stuff ("edit text file", "open port" (?), "configure tor")...

 We're in luck! I'm not doing the bad idea of saying "oh we'll just
 automate all of that in the deb somehow". I'm saying that snowflake, by
 design, doesn't need it: there are no text files to edit, it only makes
 outgoing connections so nothing needs to mess with port forwarding, it
 doesn't use tor, etc.

 So I think we won't need the tricky debian packaging tricks here either.
 :)

 > Let me know if you have any other questions: I have packaged a few
 golang libraries and one binary in Debian and learned some of the ropes,
 so I can help. (Hey, and look at that - I *am* part of the golang team, so
 you got a team member to ask right here. ;)

 Anarcat: one other thing you could do here that would be really helpful:
 give cohosh some intuition about how much future ongoing misery she's
 signing herself up for, by offering to help package/maintain the set of go
 libs she'll depend on. With that knowledge, the anti-censorship team
 should think about whether signing up for that commitment is the best use
 of their limited time -- or said another way, how to make things scale
 well enough for the future.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19409#comment:23>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the Whonix-devel mailing list