After that you can try both the CLI and the GUI version of OnionShare:
...
...
@@ -28,6 +36,8 @@ Create a .deb on Debian-like distros: `./install/build_deb.sh`
Create a .rpm on Fedora-like distros: `./install/build_rpm.sh`
For OpenSuSE: There are instructions for building [in the wiki](https://github.com/micahflee/onionshare/wiki/Linux-Distribution-Support#opensuse-leap-150).
For ArchLinux: There is a PKBUILD available [here](https://aur.archlinux.org/packages/onionshare/) that can be used to install OnionShare.
If you find that these instructions don't work for your Linux distribution or version, consult the [Linux Distribution Support wiki guide](https://github.com/micahflee/onionshare/wiki/Linux-Distribution-Support), which might contain extra instructions.
...
...
@@ -36,26 +46,68 @@ If you find that these instructions don't work for your Linux distribution or ve
Install Xcode from the Mac App Store. Once it's installed, run it for the first time to set it up. Also, run this to make sure command line tools are installed: `xcode-select --install`. And finally, open Xcode, go to Preferences > Locations, and make sure under Command Line Tools you select an installed version from the dropdown. (This is required for installing Qt5.)
Download and install Python 3.6.4 from https://www.python.org/downloads/release/python-364/. I downloaded `python-3.6.4-macosx10.6.pkg`.
Download and install Python 3.7.2 from https://www.python.org/downloads/release/python-372/. I downloaded `python-3.7.2-macosx10.9.pkg`.
You may also need to run the command `/Applications/Python\ 3.6/Install\ Certificates.command` to update Python 3.6's internal certificate store. Otherwise, you may find that fetching the Tor Browser .dmg file fails later due to a certificate validation error.
You may also need to run the command `/Applications/Python\ 3.7/Install\ Certificates.command` to update Python 3.6's internal certificate store. Otherwise, you may find that fetching the Tor Browser .dmg file fails later due to a certificate validation error.
Download and install Qt5 from https://www.qt.io/download-open-source/. I downloaded `qt-unified-mac-x64-3.0.2-online.dmg`. There's no need to login to a Qt account during installation. Make sure you install the latest Qt 5.x. I installed Qt 5.10.0 -- all you need is to check `Qt > Qt 5.10.0 > macOS`.
Install Qt 5.11.3 from https://www.qt.io/download-open-source/. I downloaded `qt-unified-mac-x64-3.0.6-online.dmg`. In the installer, you can skip making an account, and all you need is `Qt` > `Qt 5.11.3` > `macOS`.
Now install some python dependencies with pip (note, there's issues building a .app if you install this in a virtualenv):
```sh
sudo pip3 install-rinstall/requirements.txt
pip3 install-rinstall/requirements.txt
```
You can run both the CLI and GUI versions of OnionShare without building an bundle:
#### You can run both the CLI and GUI versions of OnionShare without building an bundle
```sh
./dev_scripts/onionshare
./dev_scripts/onionshare-gui
```
To build the app bundle:
#### Building PyInstaller
If you want to build an app bundle, you'll need to use PyInstaller. Recently there has been issues with installing PyInstaller using pip, so here's how to build it from source. First, make sure you don't have PyInstaller currently installed:
```sh
pip3 uninstall PyInstaller
```
Change to a folder where you keep source code, and clone the PyInstaller git repo:
It should say `Good signature from "Hartmut Goebel <h.goebel@goebel-consult.de>`. If it verified successfully, checkout the tag:
```sh
git checkout v3.4
```
And compile the bootloader, following [these instructions](https://pyinstaller.readthedocs.io/en/stable/bootloader-building.html#building-for-mac-os-x). To compile, run this:
```sh
cd bootloader
python3 waf distclean all --target-arch=64bit
```
Finally, install the PyInstaller module into your local site-packages:
```sh
cd ..
python3 setup.py install
```
#### To build the app bundle
```sh
install/build_osx.sh
...
...
@@ -63,7 +115,7 @@ install/build_osx.sh
Now you should have `dist/OnionShare.app`.
To codesign and build a pkg for distribution:
#### To codesign and build a pkg for distribution
```sh
install/build_osx.sh --release
...
...
@@ -75,17 +127,15 @@ Now you should have `dist/OnionShare.pkg`.
### Setting up your dev environment
Download Python 3.6.4, 32-bit (x86) from https://www.python.org/downloads/release/python-364/. I downloaded `python-3.6.4.exe`. When installing it, make sure to check the "Add Python 3.6 to PATH" checkbox on the first page of the installer.
Download Python 3.7.2, 32-bit (x86) from https://www.python.org/downloads/release/python-372/. I downloaded `python-3.7.2.exe`. When installing it, make sure to check the "Add Python 3.7 to PATH" checkbox on the first page of the installer.
Open a command prompt, cd to the onionshare folder, and install dependencies with pip:
```cmd
pip3 install -r install\requirements-windows.txt
pip install -r install\requirements.txt
```
Download and install pywin32 (build 221, x86, for python 3.6) from https://sourceforge.net/projects/pywin32/files/pywin32/Build%20221/. I downloaded `pywin32-221.win32-py3.6.exe`.
Download and install Qt5 from https://www.qt.io/download-open-source/. I downloaded `qt-unified-windows-x86-3.0.4-online.exe`. There's no need to login to a Qt account during installation. Make sure you install the latest Qt 5.x. I installed Qt 5.11.0. You only need to install the `MSVC 2015 32-bit` component, as well as all of the the `Qt` components, for that that version.
Install the Qt 5.11.3 from https://www.qt.io/download-open-source/. I downloaded `qt-unified-windows-x86-3.0.6-online.exe`. In the installer, you can skip making an account, and all you need `Qt` > `Qt 5.11.3` > `MSVC 2015 32-bit`.
After that you can try both the CLI and the GUI version of OnionShare:
...
...
@@ -94,7 +144,7 @@ python dev_scripts\onionshare
python dev_scripts\onionshare-gui
```
If you want to build a .exe:
#### If you want to build a .exe
These instructions include adding folders to the path in Windows. To do this, go to Start and type "advanced system settings", and open "View advanced system settings" in the Control Panel. Click Environment Variables. Under "System variables" double-click on Path. From there you can add and remove folders that are available in the PATH.
...
...
@@ -106,17 +156,88 @@ Download and install the standalone [Windows 10 SDK](https://dev.windows.com/en-
#### If you want the .exe to not get falsely flagged as malicious by anti-virus software
OnionShare uses PyInstaller to turn the python source code into Windows executable `.exe` file. Apparently, malware developers also use PyInstaller, and some anti-virus vendors have included snippets of PyInstaller code in their virus definitions. To avoid this, you have to compile the Windows PyInstaller bootloader yourself instead of using the pre-compiled one that comes with PyInstaller.
(If you don't care about this, you can install PyInstaller with `pip install PyInstaller==3.4`.)
Here's how to compile the PyInstaller bootloader:
Download and install [Microsoft Build Tools for Visual Studio 2017](https://www.visualstudio.com/downloads/#build-tools-for-visual-studio-2017). I downloaded `vs_buildtools.exe`. In the installer, check the box next to "Visual C++ build tools". Click "Individual components", and under "Compilers, build tools and runtimes", check "Windows Universal CRT SDK". Then click install. When installation is done, you may have to reboot your computer.
Then, enable the 32-bit Visual C++ Toolset on the Command Line like this:
```
cd "C:\Program Files (x86)\Microsoft Visual Studio\2017\BuildTools\VC\Auxiliary\Build"
vcvars32.bat
```
Make sure you have a new enough `setuptools`:
```
pip install setuptools==40.6.3
```
Now make sure you don't have PyInstaller installed from pip:
* Go to http://nsis.sourceforge.net/Download and download the latest NSIS. I downloaded `nsis-3.03-setup.exe`.
To verify the git tag, you first need the signing key's PGP key, which means you need `gpg`. If you installed git from git-scm.com, you can run this from Git Bash:
It should say `Good signature from "Hartmut Goebel <h.goebel@goebel-consult.de>`. If it verified successfully, checkout the tag:
```
git checkout v3.4
```
And compile the bootloader, following [these instructions](https://pythonhosted.org/PyInstaller/bootloader-building.html). To compile, run this:
```
cd bootloader
python waf distclean all --target-arch=32bit --msvc_targets=x86
```
Finally, install the PyInstaller module into your local site-packages:
```
cd ..
python setup.py install
```
Now the next time you use PyInstaller to build OnionShare, the `.exe` file should not be flagged as malicious by anti-virus.
#### If you want to build the installer
* Go to http://nsis.sourceforge.net/Download and download the latest NSIS. I downloaded `nsis-3.04-setup.exe`.
* Add `C:\Program Files (x86)\NSIS` to the path.
If you want to sign binaries with Authenticode:
#### If you want to sign binaries with Authenticode
* You'll need a code signing certificate. I got an open source code signing certificate from [Certum](https://www.certum.eu/certum/cert,offer_en_open_source_cs.xml).
* Once you get a code signing key and certificate and covert it to a pfx file, import it into your certificate store.
...
...
@@ -135,8 +256,34 @@ This will prompt you to codesign three binaries and execute one unsigned binary.
## Tests
OnionShare includes PyTest unit tests. To run the tests:
OnionShare includes PyTest unit tests. To run the tests, first install some dependencies:
```sh
pip3 install-rinstall/requirements-tests.txt
```
Then you can run `pytest` against the `tests/` directory.
```sh
pytest tests/
```
You can run GUI tests like this:
```sh
pytest --rungui tests/
```
If you would like to also run the GUI unit tests in 'tor' mode, start Tor Browser in the background, then run:
```sh
pytest --rungui--runtor tests/
```
Keep in mind that the Tor tests take a lot longer to run than local mode, but they are also more comprehensive.
You can also choose to wrap the tests in `xvfb-run` so that a ton of OnionShare windows don't pop up on your desktop (you may need to install the `xorg-x11-server-Xvfb` package), like this:
* New feature: Receiver mode allows you to receive files with OnionShare, instead of only sending files
* New feature: Support for next generation onion services
* New feature: macOS sandbox is enabled
* New feature: Public mode feature, for public uses of OnionShare, which when enabled turns off slugs in the URL and removes the limit on how many 404 requests can be made
* New feature: If you're sharing a single file, don't zip it up
* New feature: Full support for meek_lite (Azure) bridges
* New feature: Allow selecting your language from a dropdown
* New translations: Bengali (বাংলা), Catalan (Català), Danish (Dansk), French (Français), Greek (Ελληνικά), Italian (Italiano), Japanese (日本語), Persian (فارسی), Portuguese Brazil (Português Brasil), Russian (Русский), Spanish (Español), Swedish (Svenska)
* Several bugfixes
* Invisible to users, but this version includes some major refactoring of the codebase, and a robust set of unit tests which makes OnionShare easier to maintain going forward
## 1.3.2
* Bug fix: In debug mode, stop saving flask debug log in /tmp, where all users can access it
[OnionShare](https://onionshare.org) is an open source tool for securely and anonymously sending and receiving files using Tor onion services. It works by starting a web server directly on your computer and making it accessible as an unguessable Tor web address that others can load in [Tor Browser](https://www.torproject.org/) to download files from you, or upload files to you. It doesn't require setting up a separate server, using a third party file-sharing service, or even logging into an account.
[OnionShare](https://onionshare.org) lets you securely and anonymously share files of any size. It works by starting a web server, making it accessible as a Tor Onion Service, and generating an unguessable URL to access and download the files. It does _not_ require setting up a separate server or using a third party file-sharing service. You host the files on your own computer and use a Tor Onion Service to make it temporarily accessible over the internet. The receiving user just needs to open the URL in Tor Browser to download the file.
Unlike services like email, Google Drive, DropBox, WeTransfer, or nearly any other way people typically send files to each other, when you use OnionShare you don't give any companies access to the files that you're sharing. So long as you share the unguessable web address in a secure way (like pasting it in an encrypted messaging app), _no one_ but you and the person you're sharing with can access the files.
## Documentation
To learn how OnionShare works, what its security properties are, and how to use it, check out the [wiki](https://github.com/micahflee/onionshare/wiki).
## Downloading Onionshare
## Downloading OnionShare
You can download OnionShare for Windows and macOS from the [OnionShare website](https://onionshare.org). It should be available in your package manager for Linux, and it's included by default in [Tails](https://tails.boum.org).
You can download OnionShare for Windows and macOS from the [OnionShare website](https://onionshare.org).
## Developing OnionShare
For Ubuntu-like Linux distributions, you could use this PPA to get the latest version:
You can set up your development environment to build OnionShare yourself by following [these instructions](/BUILD.md). You may also subscribe to our developers mailing list [here](https://lists.riseup.net/www/info/onionshare-dev).
```
sudo add-apt-repository ppa:micahflee/ppa
sudo apt install -y onionshare
```
OnionShare may also be available in your Linux distribution's package manager. Check [this wiki page](https://github.com/micahflee/onionshare/wiki/How-Do-I-Install-Onionshare) for more information.
## Contributing to OnionShare
You can set up your development environment to build OnionShare yourself by following [these instructions](/BUILD.md). You may also subscribe to our mailing list [here](https://lists.riseup.net/www/info/onionshare-dev), and join our public Keybase team [here](https://keybase.io/team/onionshare).
Test status: [](https://circleci.com/gh/micahflee/onionshare)
@@ -12,26 +10,27 @@ onionshare \- a tool for anonymously sharing files over a temporarily set up Tor
.SH DESCRIPTION
.PP
\fBOnionShare\fP lets you anonymously share files. You host the file on your own computer and use a Tor hidden service to make it temporarily accessible over the Internet. OnionShare sets up this hidden service up for you. It then generates an unguessable URL to access and download the file.
\fBOnionShare\fP lets you anonymously share files. This works either in send or in receive mode. OnionShare sets up use a Tor hidden service to either make files on your computer temporarily accessible over the Internet, or allow to upload files to your computer using a hidden service. OnionShare generates an unguessable URL to down- or upload files that you can share with your peers.
.PP
Before you can share a file, you need to open Tor Browser in the background. This will provide the Tor service that OnionShare uses to start the hidden service. All Tor hidden services (any website that's accessed through a .onion domain) are automatically end-to-end encrypted.
In case of sharing with many peers, please enable "Public mode", otherwise OnionShare might interpret multiple accesses as an attack and shut down the hidden service.
.PP
In the case of OnionShare, the crypto key lives in /tmp/onionshare/tmpXXX/private_key. The .onion URL address itself is a fingerprint of the key, which lets the Tor network look up the public key and start an encrypted session. So as long as you transmit the OnionShare URL successfully, the recipient who loads it in Tor Browser gets an end-to-end encrypted session with the server.
.PP
The person you want to share the file with just needs to use the Tor Browser to download the file from you, using the URL you sent to them over another, possibly encrypted, channel like encrypted e-mail or a chat using OTR.
OnionShare can configured to run with it's built-in version of tor, a TorBrowser or system tor running in the background. By default, OnionShare uses the built-in version of Tor.
.PP
It takes around 30 seconds until the hidden service is available over the Tor network.
In the case of OnionShare, the crypto key lives in /tmp/onionshare/tmpXXX/private_key. The .onion URL address itself is a fingerprint of the key, which lets the Tor network look up the public key and start an encrypted session. So as long as you transmit the OnionShare URL successfully, the recipient who loads it in Tor Browser gets an end-to-end encrypted session with the server.
.PP
OnionShare's default behaviour is to shut down the hidden service and to stop once the file has been downloaded. You can prevent this behaviour by invoking the --stay-open option. This can be useful if you want multiple people to access the same file.
.SH OPTIONS
.B
.IP -h
.IP --help
display a short help message and exit
.B
.IP --local-only
don't run a public hidden service, just run on localhost
.B
.IP --receive
Receive shares instead of sending them
.B
.IP --stay-open
don't exit after file has been successfully downloaded