[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [Git][tpo/applications/tor-browser-build][main] Bug 40827: MAR generation uses (mostly) hard-coded MAR update channel

Title: GitLab

Richard Pospesel pushed to branch main at The Tor Project / Applications / tor-browser-build

Commits:

  • d2179847
    by Richard Pospesel at 2023-03-27T09:59:36+00:00 
    Bug 40827: MAR generation uses (mostly) hard-coded MAR update channel

7 changed files:

Changes:

  • projects/browser/build
    ... ... @@ -345,7 +345,7 @@ cd $distdir
    345 345 
       [% SET mar_file = c("var/project-name") _ '-' _ c("var/mar_osname") _ '-' _ c("var/torbrowser_version") _ '_${PKG_LOCALE}.mar' %]
    346 346 
       MAR=$MARTOOLS/mar \
    347 347 
       MOZ_PRODUCT_VERSION=[% c("var/torbrowser_version") %] \
    348 
    -  MAR_CHANNEL_ID=torbrowser-torproject-[% c("var/channel") %] \
    348 
    +  MAR_CHANNEL_ID=[% c("var/mar_channel_id") %] \
    349 349 
       $MARTOOLS/make_full_update.sh -q $OUTDIR/[% mar_file %] "$TBDIR"
    350 350 
     [% END -%]
    351 351

  • projects/release/dmg2mar
    ... ... @@ -5,4 +5,4 @@ cd [% shell_quote(path(dest_dir)) %]/[% c("var/signed_status") %]/[% c("version
    5 5 
     export TOR_APPNAME_BUNDLE_OSX='[% c("var/Project_Name") -%]'
    6 6 
     export TOR_APPNAME_DMGFILE='[% c("var/ProjectName") -%]'
    7 7 
     export TOR_APPNAME_MARFILE='[% c("var/project-name") -%]'
    8 
    -[% shell_quote(c("basedir")) %]/tools/dmg2mar [% c("var/channel") %]
    8 
    +[% shell_quote(c("basedir")) %]/tools/dmg2mar [% c("var/mar_channel_id") %]

  • projects/release/update_responses_config.yml
    ... ... @@ -31,6 +31,7 @@ versions:
    31 31 
     [% IF c("var/create_unsigned_incrementals") -%]
    32 32 
             releases_dir: [% path(c('output_dir')) %]/unsigned
    33 33 
     [% END -%]
    34 
    +        mar_channel_id: [% c('var/mar_channel_id') %]
    34 35 
             platformVersion: [% pc('firefox', 'var/firefox_platform_version') %]
    35 36 
             detailsURL: https://blog.torproject.org/new-release-tor-browser-[% c("var/torbrowser_version") FILTER remove('\.') %]
    36 37 
             incremental_from:

  • rbm.conf
    ... ... @@ -77,6 +77,8 @@ var:
    77 77 
         - 12.5a3
    78 78 
       updater_enabled: 1
    79 79 
       build_mar: 1
    80 
    +  mar_channel_id: '[% c("var/projectname") %]-torproject-[% c("var/channel") %]'
    81 
    +
    80 82 
       # By default, we sort the list of installed packages. This allows sharing
    81 83 
       # containers with identical list of packages, even if they are not listed
    82 84 
       # in the same order. In the cases where the installation order is

  • tools/dmg2mar
    ... ... @@ -104,7 +104,7 @@ sub get_dmg_files_from_sha256sums {
    104 104 
     }
    105 105
    106 106 
     sub convert_files {
    107 
    -    my ($channel) = @_;
    107 
    +    my ($mar_channel_id) = @_;
    108 108 
         my $pm = Parallel::ForkManager->new(get_nbprocs);
    109 109 
         $pm->run_on_finish(
    110 110 
           sub {
    ... ... @@ -149,7 +149,7 @@ sub convert_files {
    149 149
    150 150 
             unlink $output;
    151 151 
             local $ENV{MOZ_PRODUCT_VERSION} = $file->{version};
    152 
    -        local $ENV{MAR_CHANNEL_ID} = "torbrowser-torproject-$channel";
    152 
    +        local $ENV{MAR_CHANNEL_ID} = $mar_channel_id;
    153 153 
             local $ENV{TMPDIR} = $tmpdir;
    154 154 
             (undef, $err, $success) =  capture_exec('make_full_update.sh', '-q',
    155 155 
                                             $output, $appdir);
    ... ... @@ -178,9 +178,9 @@ sub remove_incremental_mars {
    178 178 
     $ENV{LC_ALL} = 'C';
    179 179
    180 180
    181 
    -exit_error "Please specify update channel" unless @ARGV == 1;
    182 
    -my $channel = $ARGV[0];
    181 
    +exit_error "Please specify the mar channel id" unless @ARGV == 1;
    182 
    +my $mar_channel_id = $ARGV[0];
    183 183
    184 184 
     extract_martools;
    185 
    -convert_files $channel;
    185 
    +convert_files $mar_channel_id;
    186 186 
     remove_incremental_mars;

  • tools/marsigning_check.sh
    ... ... @@ -35,7 +35,7 @@
    35 35 
     # 2) Let LD_LIBRARY_PATH point to the mar-tools directory
    36 36 
     # 3) Let NSS_DB_DIR point to the directory containing the database with the
    37 37 
     #    signing certificate to check against.
    38 
    -# 4) Let CHANNEL be the expected update channel
    38 
    +# 4) Let MAR_CHANNEL_ID be the expected update channel (eg: torbrowser-torproject-alpha)
    39 39 
     #
    40 40 
     #    To create the database to use for signature checking import the
    41 41 
     #    release*.der certificate of your choice found in
    ... ... @@ -45,9 +45,9 @@
    45 45 
     #    certutil -d nssdb -N --empty-password
    46 46 
     #    certutil -A -n "marsigner" -t,, -d nssdb -i /path/to/.der
    47 47 
     #
    48 
    -# 4) Change into the directory containing the MAR files and the
    48 
    +# 5) Change into the directory containing the MAR files and the
    49 49 
     #    sha256sums-unsigned-build.txt/sha256sums-unsigned-build.incrementals.txt.
    50 
    -# 5) Run /path/to/marsigning_check.sh
    50 
    +# 6) Run /path/to/marsigning_check.sh
    51 51
    52 52 
     if [ -z "$SIGNMAR" ]
    53 53 
     then
    ... ... @@ -67,9 +67,9 @@ then
    67 67 
       exit 1
    68 68 
     fi
    69 69
    70 
    -if [ -z "$CHANNEL" ]
    70 
    +if [ -z "$MAR_CHANNEL_ID" ]
    71 71 
     then
    72 
    -  echo "The update channel is missing! ([nightly|alpha|release])"
    72 
    +  echo "The update channel is missing! (torbrowser-torproject-[nightly|alpha|release])"
    73 73 
       exit 1
    74 74 
     fi
    75 75
    ... ... @@ -106,7 +106,7 @@ for f in *.mar; do
    106 106 
       fi
    107 107
    108 108 
       # Test 1.5: Is the MAR file correctly signed by the correct channel key?
    109 
    -  if [ ! "$($SIGNMAR -T "$f" | grep "MAR channel name")" = "    - MAR channel name: torbrowser-torproject-${CHANNEL}" ]; then
    109 
    +  if [ ! "$($SIGNMAR -T "$f" | grep "MAR channel name")" = "    - MAR channel name: ${MAR_CHANNEL_ID}" ]; then
    110 110 
           echo "$f contains wrong update channel!"
    111 111 
       fi
    112 112

  • tools/update-responses/update_responses
    ... ... @@ -264,7 +264,7 @@ sub create_incremental_mar {
    264 264 
             }
    265 265 
         }
    266 266 
         local $ENV{MOZ_PRODUCT_VERSION} = $new_version;
    267 
    -    local $ENV{MAR_CHANNEL_ID} = "torbrowser-torproject-$channel";
    267 
    +    local $ENV{MAR_CHANNEL_ID} = get_config($config, $new_version, $os, 'mar_channel_id');
    268 268 
         local $ENV{TMPDIR} = $tmpdir;
    269 269 
         my ($out, $err, $success) = capture_exec('make_incremental_update.sh',
    270 270 
                                        $mar_file_path, "$tmpdir/A", "$tmpdir/B");


    • View it on GitLab.
    You're receiving this email because of your account on gitlab.torproject.org. Manage all notifications · Help 

    _______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits