morgan pushed to branch main at The Tor Project / Applications / tor-browser-build
Commits:
-
67416f82
by Nicolas Vigier at 2024-07-23T13:40:11+02:00
-
f72eb030
by Nicolas Vigier at 2024-07-23T13:43:27+02:00
4 changed files:
- keyring/torbrowser.gpg
- tools/signing/linux-signer-gpg-sign
- tools/signing/machines-setup/sudoers.d/sign-gpg
- tools/signing/wrappers/sign-gpg
Changes:
... | ... | @@ -4,6 +4,8 @@ set -e |
4 | 4 | script_dir=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
|
5 | 5 | source "$script_dir/functions"
|
6 | 6 | |
7 | +test "$tbb_version_type" = "alpha" && export GPG_NEWSUBKEY=1
|
|
8 | + |
|
7 | 9 | cd ~/"$SIGNING_PROJECTNAME-$tbb_version"
|
8 | 10 | |
9 | 11 | test -n "$GPG_PASS" || read -sp "Enter gpg passphrase: " GPG_PASS
|
1 | -Defaults>signing-gpg env_keep += SIGNING_PROJECTNAME
|
|
1 | +Defaults>signing-gpg env_keep += "SIGNING_PROJECTNAME GPG_NEWSUBKEY"
|
|
2 | 2 | %signing ALL = (signing-gpg) NOPASSWD: /signing/tor-browser-build/tools/signing/wrappers/sign-gpg |
... | ... | @@ -11,4 +11,6 @@ if test $(whoami) != 'signing-gpg'; then |
11 | 11 | exit 1
|
12 | 12 | fi
|
13 | 13 | |
14 | -exec gpg --homedir /home/signing-gpg/.gnupg -absu 0xe53d989a9e2d47bf! --batch --no-tty -o- --passphrase-fd 0 -- "$1" |
|
14 | +gpg_subkey='0xe53d989a9e2d47bf!'
|
|
15 | +test -n "$GPG_NEWSUBKEY" && gpg_subkey='0x157432CF78A65729!'
|
|
16 | +exec gpg --homedir /home/signing-gpg/.gnupg -absu "$gpg_subkey" --batch --no-tty -o- --passphrase-fd 0 -- "$1" |