[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [Git][tpo/applications/tor-browser-build][maint-13.0] Bug 41031: Add make targets to unsign and compare mar files

Title: GitLab

richard pushed to branch maint-13.0 at The Tor Project / Applications / tor-browser-build

Commits:

  • ae9e3999
    by Nicolas Vigier at 2023-11-30T13:58:17+00:00 
    Bug 41031: Add make targets to unsign and compare mar files

4 changed files:

Changes:

  • Makefile
    ... ... @@ -239,6 +239,12 @@ torbrowser-compare-windows-signed-unsigned-release: submodule-update
    239 239 
     torbrowser-compare-windows-signed-unsigned-alpha: submodule-update
    240 240 
     	$(rbm) build release --step compare_windows_signed_unsigned_exe --target alpha --target signed --target torbrowser
    241 241
    242 
    +torbrowser-compare-mar-signed-unsigned-release: submodule-update
    243 
    +	$(rbm) build release --step compare_mar_signed_unsigned --target release --target signed --target torbrowser
    244 
    +
    245 
    +torbrowser-compare-mar-signed-unsigned-alpha: submodule-update
    246 
    +	$(rbm) build release --step compare_mar_signed_unsigned --target alpha --target signed --target torbrowser
    247 
    +
    242 248
    243 249 
     ########################
    244 250 
     # Base Browser Targets #
    ... ... @@ -577,6 +583,12 @@ mullvadbrowser-compare-windows-signed-unsigned-release: submodule-update
    577 583 
     mullvadbrowser-compare-windows-signed-unsigned-alpha: submodule-update
    578 584 
     	$(rbm) build release --step compare_windows_signed_unsigned_exe --target alpha --target signed --target mullvadbrowser
    579 585
    586 
    +mullvadbrowser-compare-mar-signed-unsigned-release: submodule-update
    587 
    +	$(rbm) build release --step compare_mar_signed_unsigned --target release --target signed --target mullvadbrowser
    588 
    +
    589 
    +mullvadbrowser-compare-mar-signed-unsigned-alpha: submodule-update
    590 
    +	$(rbm) build release --step compare_mar_signed_unsigned --target alpha --target signed --target mullvadbrowser
    591 
    +
    580 592
    581 593 
     ############################
    582 594 
     # Toolchain Update Targets #

  • doc/MAKEFILE.txt
    ... ... @@ -141,3 +141,8 @@ torbrowser-compare-windows-signed-unsigned-{release,alpha}
    141 141 
     Unsign exe files from directory torbrowser/{release,alpha}/signed/$version
    142 142 
     and compare them with the checksum from sha256sums-unsigned-build.txt.
    143 143
    144 
    +torbrowser-compare-mar-signed-unsigned-{release,alpha}
    145 
    +----------------------------------------------------------
    146 
    +Unsign mar files from directory torbrowser/{release,alpha}/signed/$version
    147 
    +and compare them with the checksum from sha256sums-unsigned-build.txt.
    148 
    +

  • projects/release/compare_mar_signed_unsigned
    1 
    +#!/bin/bash
    2 
    +[% c("var/set_default_env") -%]
    3 
    +[% IF c("var/nightly") -%]
    4 
    +  build_dir=[% shell_quote(path(dest_dir)) %]/[%  c("version") %]
    5 
    +[% ELSE -%]
    6 
    +  build_dir=[% shell_quote(path(dest_dir)) %]/[% c("var/signed_status") %]/[% c("version") %]
    7 
    +[% END -%]
    8 
    +
    9 
    +if ! test -d "$build_dir"
    10 
    +then
    11 
    +  echo "Error: Directory $build_dir does not exist" 1>&2
    12 
    +  echo "You can download it with this command:" 1>&2
    13 
    +  echo " ./tools/download-[% c("var/projectname") %] [% c("var/torbrowser_version") %]" 1>&2
    14 
    +  exit 1
    15 
    +fi
    16 
    +
    17 
    +sha256sums_files=sha256sums-unsigned-build.txt
    18 
    +cd "$build_dir"
    19 
    +test -f sha256sums-unsigned-build.incrementals.txt \
    20 
    +  && sha256sums_files="$sha256sums_files sha256sums-unsigned-build.incrementals.txt"
    21 
    +cp -a -- $(ls -1 *.mar | grep -v -- -macos-) $sha256sums_files "$rootdir/"
    22 
    +cd "$rootdir"
    23 
    +
    24 
    +unzip -q "$rootdir/[% c('input_files_by_name/mar-tools') %]"
    25 
    +export PATH="$rootdir/mar-tools:$PATH"
    26 
    +export LD_LIBRARY_PATH="$rootdir/mar-tools"
    27 
    +
    28 
    +for file in *.mar
    29 
    +do
    30 
    +  signmar -r "$file" "unsigned-$file"
    31 
    +  mv -f "unsigned-$file" "$file"
    32 
    +  echo "Unsigned $file"
    33 
    +done
    34 
    +
    35 
    +grep -h -- '\.mar$' $sha256sums_files | grep -v -- -macos- | sha256sum -c
    36 
    +
    37 
    +cat << 'EOF'
    38 
    +macOS mar files have been skipped as we don't yet have a good solution
    39 
    +to remove code signing from those files.
    40 
    +See https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/40988
    41 
    +
    42 
    +Windows and Linux unsigned mar files are matching with
    43 
    +sha256sums-unsigned-build.txt.
    44 
    +EOF

  • projects/release/config
    ... ... @@ -271,3 +271,11 @@ steps:
    271 271 
             name: osslsigncode
    272 272 
             pkg_type: build
    273 273 
         compare_windows_signed_unsigned_exe: '[% INCLUDE compare_windows_signed_unsigned_exe %]'
    274 
    +  compare_mar_signed_unsigned:
    275 
    +    build_log: '-'
    276 
    +    debug: 0
    277 
    +    input_files:
    278 
    +      - project: mar-tools
    279 
    +        name: mar-tools
    280 
    +        pkg_type: fetch_martools
    281 
    +    compare_mar_signed_unsigned: '[% INCLUDE compare_mar_signed_unsigned %]'


    • View it on GitLab.
    You're receiving this email because of your account on gitlab.torproject.org. Manage all notifications · Help 

    _______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits