obfs4: init at 0.0.10, use in tor-browser-bundle's, tor service

[dtzWill]

(Alt PR title: OBFS4 Service Pack)

Introduction and Motivation for this change

This enables obfs4 for use in our tor service
and our tor-browser-bundle!

This is important because
(source)[https://2019.www.torproject.org/docs/bridges.html.en]:

Sadly, pluggable transports are not immune to detection, if a censor
is given enough time. In the past, we promoted obfs and obfs2 as safe
transports. These are now deprecated and were replaced by obfs3,
scramblesuit, fte, and obfs4.

Happily obfs4proxy supports scramblesuit too, as well as the other
obfs transports, which is particularly important for interacting
with peers that don't "yet" support obfs4.

In the tor and our bundle, this replaces the python-based obfsproxy
and makes it possible to replace obfs4proxy in tor-browser-bundle-bin
instead of patchelf'ing.

(we may wish to use the shipped binary anyway for fingerprinting
reasons, but since we patchelf it anyway I'm not sure if
there's good cause for using the version provided?)

For our built-from-source bundle this means
these transports are newly available for use.

Testing

I have not tested the tor module with this "yet",
help appreciated and especially any feedback from
folks using the module in a way this would impact :).

I've tested the browser bundles in a few bridge configurations
and am able to use obfs4 bridges and such.

Things done

• Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS)
• Built on platform(s)
  • NixOS
  • macOS
  • other Linux distributions
• Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
• Tested compilation of all pkgs that depend on this change using nix-shell -p nix-review --run "nix-review wip"
• Tested execution of all binary files (usually in ./result/bin/)
• Determined the impact on package closure size (by running nix path-info -S before and after)
• Assured whether relevant documentation is up to date
• Fits CONTRIBUTING.md.

---

[dtzWill]

cc @oxij

[joachifm]

The binary bundle already uses obfs4, I prefer it to continue using bundled deps wherever possible. Otherwise, LGTM.

[joachifm]

Thank you :)