[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #19494 [Community]: Invalid SHA256 on version 6.0.1 et 6.0.2



#19494: Invalid SHA256 on version 6.0.1 et 6.0.2
-------------------------+---------------------------
 Reporter:  cypherpunks  |          Owner:
     Type:  project      |         Status:  closed
 Priority:  Low          |      Milestone:
Component:  Community    |        Version:
 Severity:  Normal       |     Resolution:  not a bug
 Keywords:               |  Actual Points:
Parent ID:               |         Points:
 Reviewer:               |        Sponsor:
-------------------------+---------------------------
Changes (by boklm):

 * status:  new => closed
 * resolution:   => not a bug


Comment:

 The `sha256sums-unsigned-build.txt` file contains the hashes of the
 bundles before they are signed.

 For the Windows bundles, you can use `osslsigncode` to remove the
 signature. It is available in this git repository:
 http://git.code.sf.net/p/osslsigncode/osslsigncode/

 Then you can do:
 {{{
 $ sha256sum torbrowser-install-6.0.2_en-US.exe
 3a2e05304345936fd713b638612088fa0914102389c15c7bf7aa1d74803e5db8
 torbrowser-install-6.0.2_en-US.exe
 $ ./osslsigncode remove-signature torbrowser-install-6.0.2_en-US.exe
 torbrowser-install-6.0.2_en-US.exe-unsigned
 Succeeded
 $ sha256sum torbrowser-install-6.0.2_en-US.exe-unsigned
 697a1d592c46138f894f9c03db54393bf61dd53df1b1043844f59f7e85439d1b
 torbrowser-install-6.0.2_en-US.exe-unsigned
 }}}

 We are still working on the instructions to remove the code signing on the
 .dmg files. This is ticket #18925.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19494#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs