+[% IF !c("var/browser_platforms/signing_desktop") -%]

+create_downloads_json_only: 1

+[% END -%]

+

+    # is_android_release and is_desktop_release are used to quickly

+    # enable/disable all android or desktop platforms. If you want to

+    # check whether a release includes some android or desktop platforms

+    # see signing_android and signing_desktop below.

+    is_android_release: '[% c("var/tor-browser") %]'

+    is_desktop_release: '1'

+

+    # signing_android is used in signing scripts to check if at least

+    # one android platform is being signed/published

+    signing_android: |

+      [%-

+      c("var/browser_platforms/android-armv7") ||

+      c("var/browser_platforms/android-x86") ||

+      c("var/browser_platforms/android-x86_64") ||

+      c("var/browser_platforms/android-aarch64")

+      -%]

+    # signing_desktop is used in signing scripts to check if at least

+    # one desktop platform is being signed/published

+    signing_desktop: |

+      [%-

+      c("var/browser_platforms/linux-x86_64") ||

+      c("var/browser_platforms/linux-i686") ||

+      c("var/browser_platforms/linux-aarch64") ||

+      c("var/browser_platforms/windows-i686") ||

+      c("var/browser_platforms/windows-x86_64") ||

+      c("var/browser_platforms/macos")

+      -%]

+    signing_windows: |

+      [%-

+      c("var/browser_platforms/windows-i686") ||

+      c("var/browser_platforms/windows-x86_64")

+      -%]

+function is_legacy {

+  [[ "$tbb_version" = 13.* ]]

+}

+

+if is_legacy; then

+  platform_android=

+  platform_desktop=1

+  platform_macos=1

+  platform_windows=1

+else

+  platform_android=$(rbm_showconf_boolean var/browser_platforms/signing_android)

+  platform_desktop=$(rbm_showconf_boolean var/browser_platforms/signing_desktop)

+  platform_macos=$(rbm_showconf_boolean var/browser_platforms/macos)

+  platform_windows=$(rbm_showconf_boolean var/browser_platforms/signing_windows)

+fi

+

+  [ -n "$platform_macos" ] && \

+    RCODESIGN_PW=$(get_sekrit 'rcodesign')

+  [ -n "$platform_desktop" ] && \

+    NSSPASS=$(get_sekrit "$nssdb (mar signing)")

+  [ -n "$platform_android" ] && \

+    KSPASS=$(get_sekrit "android apk ($tbb_version_type)")

+  [ -n "$platform_windows" ] && \

+    YUBIPASS=$(get_sekrit "windows authenticode")

+[ -z "$platform_macos" ] || \

+  [ -f "$steps_dir/linux-signer-rcodesign-sign.done" ] || \

+  [ -n "$RCODESIGN_PW" ] || \

+[ -z "$platform_desktop" ] || \

+  [ -f "$steps_dir/linux-signer-signmars.done" ] || \

+  [ -n "$NSSPASS" ] || \

+[ -z "$platform_android" ] || \

+  [ -f "$steps_dir/linux-signer-sign-android-apks.done" ] || \

+  [ -n "$KSPASS" ] || \

+  read -sp "Enter android apk signing password ($tbb_version_type): " KSPASS

+echo

+

+[ -z "$platform_windows" ] || \

+  [ -f "$steps_dir/linux-signer-authenticode-signing.done" ] || \

+  [ -n "$YUBIPASS" ] || \

+

+[ -f "$steps_dir/linux-signer-gpg-sign.done" ] || [ -n "$GPG_PASS" ] || \

+[ -n "$platform_macos" ] && \

+  do_step linux-signer-rcodesign-sign

+[ -n "$platform_macos" ] && \

+  do_step sync-linux-signer-macos-signed-tar-to-local

+[ -n "$platform_macos" ] && \

+  do_step rcodesign-notary-submit

+[ -n "$platform_macos" ] && \

+  do_step gatekeeper-bundling

+[ -n "$platform_macos" ] && \

+  do_step dmg2mar

+[ -n "$platform_desktop" ] && \

+  do_step linux-signer-signmars

+[ -n "$platform_desktop" ] && \

+  do_step sync-after-signmars

+[ -n "$platform_android" ] && \

+[ -n "$platform_android" ] && \

+[ -n "$platform_windows" ] && \

+  do_step linux-signer-authenticode-signing

+[ -n "$platform_windows" ] && \

+  do_step sync-after-authenticode-signing

+[ -n "$platform_windows" ] && \

+  do_step authenticode-timestamping

+[ -n "$platform_windows" ] && \

+  do_step sync-after-authenticode-timestamping

+! is_legacy && \

+function rbm_showconf {

+  "$rbm" showconf release "$1" --target "$SIGNING_PROJECTNAME" \

+                   --target "$tbb_version_type"

+}

+

+function rbm_showconf_boolean {

+  local res=$(rbm_showconf "$1")

+  if [ -z "$res" ] || [ "a$res" = "a0" ]; then

+    return

+  fi

+  echo '1'

+}

+platform_android=$(rbm_showconf_boolean var/browser_platforms/signing_android)

+if [ -n "$platform_android" ]; then

+    if (!$config->{create_downloads_json_only}) {

+        my $data = {

+            version => "$version",

+            tag => "$tag",

+            downloads => get_version_downloads($config, $version),

+            comment => 'This file is deprecated and should not be used. Please use the files download-$platform.json instead.',

+        };

+        write_htdocs($channel, '.', 'downloads.json',

+            JSON->new->utf8->canonical->pretty->encode($data));

+    }

+        if (!$config->{create_downloads_json_only}) {

+          write_responses($config, $channel);

+          write_htaccess($config, $channel);

+        }