tor-android/BUILD

// 2011/04/15 this document is a bit out of date. We will be updating to use
// the standalone cross-compiler that is offered by the Android NDK soon

This document explains how to properly build an Android package of Orbot from
source. It covers building on Debian Lenny (5.0.3).

Please install the following prerequisites (instructions for each follows):
	ant: http://ant.apache.org/
	Android OS SDK: http://source.android.com/download
	droid-wrapper: http://github.com/tmurakam/droid-wrapper
	libevent source (1.4.12-stable from svn)
	Tor source (most recent git master branch)
	Privoxy source (http://sourceforge.net/projects/ijbswa/)

Install and prepare the Android OS SDK ( http://source.android.com/download )
on Debian Lenny:

	sudo apt-get install git-core gnupg sun-java5-jdk flex bison gperf \
		libsdl-dev libesd0-dev libwxgtk2.6-dev build-essential zip \
		curl libncurses5-dev zlib1g-dev valgrind libtool automake \
		ruby subversion
	update-java-alternatives -s java-1.5.0-sun

	mkdir ~/bin
	PATH=~/bin:$PATH
	curl https://dl-ssl.google.com/dl/googlesource/git-repo/repo > ~/bin/repo
	chmod a+x ~/bin/repo

	mkdir ~/mydroid
	cd ~/mydroid

	repo init -u https://android.googlesource.com/platform/manifest -b android-2.3.7_r1
	repo sync

	# Paste in key from http://source.android.com/download next...
	gpg --import

	cd ~/mydroid

	# This takes a long while...
	make

Install droid-wrapper:

	cd /tmp
	git clone git://github.com/tmurakam/droid-wrapper.git
	cd droid-wrapper
	sudo make install

zlib and OpenSSL are included with the Android OS SDK. You'll need to build
libevent, Privoxy and finally Tor. We'll create an externals directory for this code:

	mkdir -p ~/mydroid/external/{libevent,tor,privoxy}

We need to set to environment variables for droid-gcc:
	export DROID_ROOT=~/mydroid/
	export DROID_TARGET=generic

Fetch and build Privoxy:c
	cd ~/mydroid/external/privoxy
	wget http://sourceforge.net/projects/ijbswa/files/Sources/3.0.12%20%28stable%29/privoxy-3.0.12-stable-src.tar.gz/download
	tar xzvf privoxy-3.0.12-stable-src.tar.gz
	cd privoxy-3.0.12-stable
	autoheader
	autoconf
	#need to disable setpgrp check in configure
	export ac_cv_func_setpgrp_void=yes
	CC=droid-gcc LD=droid-ld CPPFLAGS="-I$DROID_ROOT/external/zlib/" ./configure --host=arm-none-linux-gnueabi
	#don't mind the "unrecognized option '-pthread'" error message that you'll see when you run make
	make
	
Fetch and build libevent:

	cd ~/mydroid/external/libevent
	svn co https://levent.svn.sourceforge.net/svnroot/levent/tags/release-1.4.13-stable/libevent/ .
	export LIBEVENTDIR=`cd $DROID_ROOT/external/libevent && pwd`
	./autogen.sh
	# Put the contents of http://pastebin.ca/1577207 in /tmp/libevent-patch
	# path no longer needed: patch < /tmp/libevent-patch
	CC=droid-gcc LD=droid-ld ./configure --host=arm-none-linux-gnueabi
	make

Copy over the libevent library:
	cp .libs/libevent.a $DROID_ROOT/out/target/product/generic/obj/lib

Fetch and build Tor:

	export OPENSSLDIR=`cd $DROID_ROOT/external/openssl/include/ && pwd`
	export ZLIBDIR=`cd $DROID_ROOT/external/zlib && pwd`

	cd $DROID_ROOT/external/tor
	git clone git://git.torproject.org/git/tor.git
	cd tor/
	./autogen.sh
	CC=droid-gcc LD=droid-ld ./configure --host=arm-none-linux-gnueabi \
	--with-libevent-dir=$LIBEVENTDIR --with-openssl-dir=$OPENSSLDIR \
	--with-zlib-dir=$ZLIBDIR --disable-asciidoc
	make

At this point, you'll have a Tor binary that can be run on an Android handset.
You can verify the ARM binary was properly built using the following command:

file src/or/tor
	
You should see something like:
src/or/tor: ELF 32-bit LSB executable, ARM, version 1 (SYSV), dynamically linked (uses shared libs), not stripped

This isn't enough though and we'll now sew up the binary into a small package
that will handle basic Tor controlling features.

We need to get the TorControl library for Java:
(see also https://svn.torproject.org/svn/torctl/trunk/doc/howto.txt)

	git clone git://git.torproject.org/git/jtorctl
	cd jtorctl
	mkdir bin
	javac net/freehaven/tor/control/TorControlConnection.java -d bin
	cd bin
	jar cvf jtorctrl.jar *
	cp jtorctrl.jar {Orbot Home}/libs
	
Finally, we'll make a proper Android package with ant and the Android App SDK:

	export APP_SDK=~/Documents/projects/android/android-sdk-linux_x86-1.5_r3/tools
	cd ../Orbot/
	cp $DROID_ROOT/external/privoxy/privoxy-3.0.12-stable/privoxy assets/privoxy

Now you need to split and copy the tor binary into res/raw. We split it into < 1M chunks
because some Android devices don't like resources larger than 1M.

	split --bytes=1m $DROID_ROOT/external/tor/tor/src/or/tor res/raw/tor

Now build the Android app
	$APP_SDK/android update project --name Orbot --target 3 --path .
	ant release

This will produce an unsigned Tor package in ./bin/Orbot-unsigned.apk!

To produce a usable package, you'll need to sign the .apk. The basics on
signing can be found on the Android developer site:

	http://developer.android.com/guide/publishing/app-signing.html

The three steps are quite simple. First, you'll generate a key. Secondly,
you'll sign the application. Thirdly, you'll verify the the apk.

Generating a signing key:

	keytool -genkey -v -keystore my-release-key.keystore \
		-alias orbots_key -keyalg RSA -validity 10000

Sign the apk:

	jarsigner -verbose -keystore my-release-key.keystore \
		bin/Orbot-unsigned.apk orbots_key

Verify the signature for the apk:

	jarsigner -verify bin/Orbot-unsigned.apk
	mv bin/Orbot-unsigned.apk bin/Orbot-signed-alpha.apk

You can also GPG sign the apk and generate an .asc:

	gpg -ab Orbot-signed-alpha.apk

Now you should have a fully signed and production ready alpha release of Orbot!
Give bin/Orbot-signed-alpha.apk an install and send us bug reports!