在 Linux 上为 Android 构建 tor
Build tor for Android on Linux
我需要在 Linux 上为 Android 构建最新的 tor,以便在 Tor 洋葱代理库中连续使用。
当前最新的稳定版本是 maint-0.3.1。
我正在使用 Android NDK r15b。
我准备了一个解决方案,我将在下面展示。
它是各种来源的组合。脚本可以进一步优化。
说明允许使用以下方法构建 tor:
- Android SDK 25
- Android NDK r15b
- tor maint-0.3.1
- openssl1.1.0f
- libevent 2.0.23-稳定版
主要步骤是:
- 构建 openssl
- 构建 libevent
- 构建工具
可以下载完整的脚本here。
指定安装ndk的位置:
export ANDROID_NDK_HOME=/home/marco/Android/ndkr15b
我们在名为 'native':
的文件夹中创建和工作
rm -Rf native
mkdir native
mkdir native/lib
cd native
构建 openssl
wget https://www.openssl.org/source/openssl-1.1.0f.tar.gz
setenv-android.sh可以从here and edited, or use this version下载已经修改为使用_ANDROID_EABI="arm-linux-androideabi-4.9".
# ANDROID_NDK_ROOT is required by setenv-android.sh
export ANDROID_NDK_ROOT=$ANDROID_NDK_HOME
. ../setenv-android.sh
# ANDROID_TOOLCHAIN is now set
tar -xvzf openssl-1.1.0f.tar.gz
cd openssl-1.1.0f
# openssl engine is needed by libevent
./config shared no-ssl2 no-ssl3 no-comp no-hw --openssldir=/usr/local/ssl/android-16/
make depend
make all
注意:下一条命令分别在/usr/local/include/openssl、/usr/local/lib/中安装交叉编译的头文件和库文件。交叉编译的库将在链接 tor 时的最后一步使用。
sudo -E make install CC=$ANDROID_TOOLCHAIN/arm-linux-androideabi-gcc RANLIB=$ANDROID_TOOLCHAIN/arm-linux-androideabi-ranlib
cd ..
# go back to native folder
# when linking to, openssl libraries are still linked from /usr/local/lib/
cp ./openssl-1.1.0f/'*'.a lib/
cp -R ./openssl-1.1.0f/include/openssl ./include
构建 libevent
rm -Rf libevent
我们需要删除对 arc4random_addrandom 的引用,为方便起见,我们可以使用这个 repo 更正后的 libevent。
参见 diff.
git clone https://github.com/marcotessarotto/libevent
cd libevent
export NDK=$ANDROID_NDK_ROOT
$NDK/build/tools/make-standalone-toolchain.sh --platform=android-16 --toolchain=arm-linux-androideabi-4.9 --install-dir=`pwd`/android-toolchain-arm
export TOOLCHAIN_PATH=`pwd`/android-toolchain-arm/bin
export TOOL=arm-linux-androideabi
export NDK_TOOLCHAIN_BASENAME=${TOOLCHAIN_PATH}/${TOOL}
export CC="$NDK_TOOLCHAIN_BASENAME-gcc -D__ANDROID_API__=16 "
export CXX="$NDK_TOOLCHAIN_BASENAME-g++ -D__ANDROID_API__=16 "
export LINK=${CXX}
export LD=$NDK_TOOLCHAIN_BASENAME-ld
export AR=$NDK_TOOLCHAIN_BASENAME-ar
export RANLIB=$NDK_TOOLCHAIN_BASENAME-ranlib
export STRIP=$NDK_TOOLCHAIN_BASENAME-strip
export ARCH_FLAGS="-march=armv7-a -mfloat-abi=softfp -mfpu=vfpv3-d16"
export ARCH_LINK="-march=armv7-a -Wl,--fix-cortex-a8"
export CPPFLAGS=" ${ARCH_FLAGS} -fpic -ffunction-sections -funwind-tables -fstack-protector -fno-strict-aliasing -finline-limit=64 "
export CXXFLAGS=" ${ARCH_FLAGS} -fpic -ffunction-sections -funwind-tables -fstack-protector -fno-strict-aliasing -finline-limit=64 -frtti -fexceptions "
export CFLAGS=" ${ARCH_FLAGS} -fpic -ffunction-sections -funwind-tables -fstack-protector -fno-strict-aliasing -finline-limit=64 "
export LDFLAGS=" ${ARCH_LINK} "
./autogen.sh
./configure --host=arm-linux-androideabi
make
# all tests should pass successfully
#copy headers and libary in work folder
cp .libs/libevent.a ../lib
cp -R include/* ../include
cd ..
构建器
git clone https://github.com/torproject/tor
cd tor/
git checkout remotes/origin/maint-0.3.1
export NDK_ROOT=$ANDROID_NDK_ROOT
echo "SETTING UP CROSS COMPILER"
# export needed variables
export NDK_TOOLCHAIN=$NDK_ROOT/my-android-toolchain
# remove the old toolchain
rm -rf $NDK_TOOLCHAIN
# create the toolchain
$NDK_ROOT/build/tools/make-standalone-toolchain.sh --platform=android-16 --install-dir=$NDK_TOOLCHAIN
# export needed variables for crosscompile
export PATH="$NDK_TOOLCHAIN/bin/:$PATH"
export HOST=arm-linux-androideabi
export CC=$HOST-gcc
export CXX=$HOST-g++
export AR=$HOST-ar
export LD=$HOST-ld
export AS=$HOST-as
export NM=$HOST-nm
export STRIP=$HOST-strip
export RANLIB=$HOST-ranlib
export OBJDUMP=$HOST-objdump
export CPPFLAGS="--sysroot=$NDK_TOOLCHAIN/sysroot -I$NDK_TOOLCHAIN/sysroot/usr/include -I$NDK_TOOLCHAIN/include -I../include -L../lib "
export LDFLAGS="-L$NDK_TOOLCHAIN/sysroot/usr/lib -L$NDK_TOOLCHAIN/lib -L../lib"
export CC="$HOST-gcc -D__ANDROID_API__=16 "
export CXX="$HOST-g++ -D__ANDROID_API__=16 "
./autogen.sh
./configure --host=arm-linux-eabi --disable-asciidoc --prefix=$NDK_TOOLCHAIN --with-openssl-dir=../lib --enable-static-openssl --with-libevent-dir=../lib --enable-static-libevent
make
#some tests fail on compilation, but tor is built (in src/or/tor) and I confirm that it works on Android 6
cd ..
这里是 logcat 使用修补的 Tor 洋葱代理库(见下文)启动 tor (0.3.2.0-alpha-dev):
09-14 12:25:43.059 13520-13544/? I/c*.m*.t*.t*.c: Sep 14 12:25:43.058 [notice] Tor 0.3.2.0-alpha-dev (git-d71a00e91f3921f6) running on Linux with Libevent 2.0.23-stable, OpenSSL 1.1.0f, Zlib 1.2.8, Liblzma N/A, and Libzstd N/A.
09-14 12:25:43.060 13520-13544/? I/c*.m*.t*.t*.c: Sep 14 12:25:43.058 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
09-14 12:25:43.060 13520-13544/? I/c*.m*.t*.t*.c: Sep 14 12:25:43.058 [notice] This version is not a stable Tor release. Expect more bugs than usual.
09-14 12:25:43.060 13520-13544/? I/c*.m*.t*.t*.c: Sep 14 12:25:43.059 [notice] Read configuration file "/data/user/0/com.example.vpnandroidclient/app_torfiles/torrc".
09-14 12:25:43.080 13520-13544/? I/c*.m*.t*.t*.c: Sep 14 12:25:43.079 [notice] I think we have 8 CPUS, but only 2 of them are available. Telling Tor to only use 2. You can override this with the NumCPUs option
09-14 12:26:04.593 13520-13548/? I/c*.m*.t*.t*.d: message: severity: NOTICE, msg: Bootstrapped 53%: Loading relay descriptors
09-14 12:26:07.023 13520-13548/? I/c*.m*.t*.t*.d: message: severity: NOTICE, msg: Bootstrapped 59%: Loading relay descriptors
09-14 12:26:08.472 13520-13548/? I/c*.m*.t*.t*.d: message: severity: NOTICE, msg: Bootstrapped 67%: Loading relay descriptors
09-14 12:26:09.027 13520-13548/? I/c*.m*.t*.t*.d: message: severity: NOTICE, msg: Bootstrapped 72%: Loading relay descriptors
09-14 12:26:09.689 13520-13548/? I/c*.m*.t*.t*.d: message: severity: NOTICE, msg: Bootstrapped 78%: Loading relay descriptors
09-14 12:26:10.301 13520-13548/? I/c*.m*.t*.t*.d: message: severity: NOTICE, msg: Bootstrapped 80%: Connecting to the Tor network
09-14 12:26:11.633 13520-13548/? I/c*.m*.t*.t*.d: message: severity: NOTICE, msg: Bootstrapped 90%: Establishing a Tor circuit
09-14 12:26:14.637 13520-13548/? I/c*.m*.t*.t*.d: message: severity: NOTICE, msg: Tor has successfully opened a circuit. Looks like client functionality is working.
Tor 洋葱代理库
为了使用最新的 tor 版本(编写时:0.3.2.0 alpha-dev),torrc 配置必须由 Tor Onion Proxy Library 以不同的方式生成,因为最新的 tor 对内部的相对路径更加严格它的配置文件(如果指定相对文件名,tor 将退出)。
可以找到修补的 Tor 洋葱代理库 here。
我需要在 Linux 上为 Android 构建最新的 tor,以便在 Tor 洋葱代理库中连续使用。
当前最新的稳定版本是 maint-0.3.1。
我正在使用 Android NDK r15b。
我准备了一个解决方案,我将在下面展示。 它是各种来源的组合。脚本可以进一步优化。
说明允许使用以下方法构建 tor:
- Android SDK 25
- Android NDK r15b
- tor maint-0.3.1
- openssl1.1.0f
- libevent 2.0.23-稳定版
主要步骤是:
- 构建 openssl
- 构建 libevent
- 构建工具
可以下载完整的脚本here。
指定安装ndk的位置:
export ANDROID_NDK_HOME=/home/marco/Android/ndkr15b
我们在名为 'native':
的文件夹中创建和工作rm -Rf native
mkdir native
mkdir native/lib
cd native
构建 openssl
wget https://www.openssl.org/source/openssl-1.1.0f.tar.gz
setenv-android.sh可以从here and edited, or use this version下载已经修改为使用_ANDROID_EABI="arm-linux-androideabi-4.9".
# ANDROID_NDK_ROOT is required by setenv-android.sh
export ANDROID_NDK_ROOT=$ANDROID_NDK_HOME
. ../setenv-android.sh
# ANDROID_TOOLCHAIN is now set
tar -xvzf openssl-1.1.0f.tar.gz
cd openssl-1.1.0f
# openssl engine is needed by libevent
./config shared no-ssl2 no-ssl3 no-comp no-hw --openssldir=/usr/local/ssl/android-16/
make depend
make all
注意:下一条命令分别在/usr/local/include/openssl、/usr/local/lib/中安装交叉编译的头文件和库文件。交叉编译的库将在链接 tor 时的最后一步使用。
sudo -E make install CC=$ANDROID_TOOLCHAIN/arm-linux-androideabi-gcc RANLIB=$ANDROID_TOOLCHAIN/arm-linux-androideabi-ranlib
cd ..
# go back to native folder
# when linking to, openssl libraries are still linked from /usr/local/lib/
cp ./openssl-1.1.0f/'*'.a lib/
cp -R ./openssl-1.1.0f/include/openssl ./include
构建 libevent
rm -Rf libevent
我们需要删除对 arc4random_addrandom 的引用,为方便起见,我们可以使用这个 repo 更正后的 libevent。 参见 diff.
git clone https://github.com/marcotessarotto/libevent
cd libevent
export NDK=$ANDROID_NDK_ROOT
$NDK/build/tools/make-standalone-toolchain.sh --platform=android-16 --toolchain=arm-linux-androideabi-4.9 --install-dir=`pwd`/android-toolchain-arm
export TOOLCHAIN_PATH=`pwd`/android-toolchain-arm/bin
export TOOL=arm-linux-androideabi
export NDK_TOOLCHAIN_BASENAME=${TOOLCHAIN_PATH}/${TOOL}
export CC="$NDK_TOOLCHAIN_BASENAME-gcc -D__ANDROID_API__=16 "
export CXX="$NDK_TOOLCHAIN_BASENAME-g++ -D__ANDROID_API__=16 "
export LINK=${CXX}
export LD=$NDK_TOOLCHAIN_BASENAME-ld
export AR=$NDK_TOOLCHAIN_BASENAME-ar
export RANLIB=$NDK_TOOLCHAIN_BASENAME-ranlib
export STRIP=$NDK_TOOLCHAIN_BASENAME-strip
export ARCH_FLAGS="-march=armv7-a -mfloat-abi=softfp -mfpu=vfpv3-d16"
export ARCH_LINK="-march=armv7-a -Wl,--fix-cortex-a8"
export CPPFLAGS=" ${ARCH_FLAGS} -fpic -ffunction-sections -funwind-tables -fstack-protector -fno-strict-aliasing -finline-limit=64 "
export CXXFLAGS=" ${ARCH_FLAGS} -fpic -ffunction-sections -funwind-tables -fstack-protector -fno-strict-aliasing -finline-limit=64 -frtti -fexceptions "
export CFLAGS=" ${ARCH_FLAGS} -fpic -ffunction-sections -funwind-tables -fstack-protector -fno-strict-aliasing -finline-limit=64 "
export LDFLAGS=" ${ARCH_LINK} "
./autogen.sh
./configure --host=arm-linux-androideabi
make
# all tests should pass successfully
#copy headers and libary in work folder
cp .libs/libevent.a ../lib
cp -R include/* ../include
cd ..
构建器
git clone https://github.com/torproject/tor
cd tor/
git checkout remotes/origin/maint-0.3.1
export NDK_ROOT=$ANDROID_NDK_ROOT
echo "SETTING UP CROSS COMPILER"
# export needed variables
export NDK_TOOLCHAIN=$NDK_ROOT/my-android-toolchain
# remove the old toolchain
rm -rf $NDK_TOOLCHAIN
# create the toolchain
$NDK_ROOT/build/tools/make-standalone-toolchain.sh --platform=android-16 --install-dir=$NDK_TOOLCHAIN
# export needed variables for crosscompile
export PATH="$NDK_TOOLCHAIN/bin/:$PATH"
export HOST=arm-linux-androideabi
export CC=$HOST-gcc
export CXX=$HOST-g++
export AR=$HOST-ar
export LD=$HOST-ld
export AS=$HOST-as
export NM=$HOST-nm
export STRIP=$HOST-strip
export RANLIB=$HOST-ranlib
export OBJDUMP=$HOST-objdump
export CPPFLAGS="--sysroot=$NDK_TOOLCHAIN/sysroot -I$NDK_TOOLCHAIN/sysroot/usr/include -I$NDK_TOOLCHAIN/include -I../include -L../lib "
export LDFLAGS="-L$NDK_TOOLCHAIN/sysroot/usr/lib -L$NDK_TOOLCHAIN/lib -L../lib"
export CC="$HOST-gcc -D__ANDROID_API__=16 "
export CXX="$HOST-g++ -D__ANDROID_API__=16 "
./autogen.sh
./configure --host=arm-linux-eabi --disable-asciidoc --prefix=$NDK_TOOLCHAIN --with-openssl-dir=../lib --enable-static-openssl --with-libevent-dir=../lib --enable-static-libevent
make
#some tests fail on compilation, but tor is built (in src/or/tor) and I confirm that it works on Android 6
cd ..
这里是 logcat 使用修补的 Tor 洋葱代理库(见下文)启动 tor (0.3.2.0-alpha-dev):
09-14 12:25:43.059 13520-13544/? I/c*.m*.t*.t*.c: Sep 14 12:25:43.058 [notice] Tor 0.3.2.0-alpha-dev (git-d71a00e91f3921f6) running on Linux with Libevent 2.0.23-stable, OpenSSL 1.1.0f, Zlib 1.2.8, Liblzma N/A, and Libzstd N/A.
09-14 12:25:43.060 13520-13544/? I/c*.m*.t*.t*.c: Sep 14 12:25:43.058 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
09-14 12:25:43.060 13520-13544/? I/c*.m*.t*.t*.c: Sep 14 12:25:43.058 [notice] This version is not a stable Tor release. Expect more bugs than usual.
09-14 12:25:43.060 13520-13544/? I/c*.m*.t*.t*.c: Sep 14 12:25:43.059 [notice] Read configuration file "/data/user/0/com.example.vpnandroidclient/app_torfiles/torrc".
09-14 12:25:43.080 13520-13544/? I/c*.m*.t*.t*.c: Sep 14 12:25:43.079 [notice] I think we have 8 CPUS, but only 2 of them are available. Telling Tor to only use 2. You can override this with the NumCPUs option
09-14 12:26:04.593 13520-13548/? I/c*.m*.t*.t*.d: message: severity: NOTICE, msg: Bootstrapped 53%: Loading relay descriptors
09-14 12:26:07.023 13520-13548/? I/c*.m*.t*.t*.d: message: severity: NOTICE, msg: Bootstrapped 59%: Loading relay descriptors
09-14 12:26:08.472 13520-13548/? I/c*.m*.t*.t*.d: message: severity: NOTICE, msg: Bootstrapped 67%: Loading relay descriptors
09-14 12:26:09.027 13520-13548/? I/c*.m*.t*.t*.d: message: severity: NOTICE, msg: Bootstrapped 72%: Loading relay descriptors
09-14 12:26:09.689 13520-13548/? I/c*.m*.t*.t*.d: message: severity: NOTICE, msg: Bootstrapped 78%: Loading relay descriptors
09-14 12:26:10.301 13520-13548/? I/c*.m*.t*.t*.d: message: severity: NOTICE, msg: Bootstrapped 80%: Connecting to the Tor network
09-14 12:26:11.633 13520-13548/? I/c*.m*.t*.t*.d: message: severity: NOTICE, msg: Bootstrapped 90%: Establishing a Tor circuit
09-14 12:26:14.637 13520-13548/? I/c*.m*.t*.t*.d: message: severity: NOTICE, msg: Tor has successfully opened a circuit. Looks like client functionality is working.
Tor 洋葱代理库
为了使用最新的 tor 版本(编写时:0.3.2.0 alpha-dev),torrc 配置必须由 Tor Onion Proxy Library 以不同的方式生成,因为最新的 tor 对内部的相对路径更加严格它的配置文件(如果指定相对文件名,tor 将退出)。
可以找到修补的 Tor 洋葱代理库 here。