Pier Angelo Vendrame pushed to branch main at The Tor Project / Applications / tor-browser-build
Commits: 2941c888 by Pier Angelo Vendrame at 2023-09-05T16:56:42+02:00 Bug 40943: Update libdmg-hfs to drop our patch
We have uplifted one of our libdmg-hfs patches, so we can update our git_hash to the upstream commit that includes it. Also, deleted the OpenSSL 1.0.2 project in favor of a patch to optionally completely disable OpenSSL, since we do not need the functionalities it provides.
- - - - -
7 changed files:
- projects/libdmg-hfsplus/build - projects/libdmg-hfsplus/config - − projects/libdmg-hfsplus/libdmg.patch - + projects/libdmg-hfsplus/no-openssl.diff - − projects/openssl-1.0.2/build - − projects/openssl-1.0.2/config - tools/signing/gatekeeper-bundling.sh
Changes:
===================================== projects/libdmg-hfsplus/build ===================================== @@ -4,15 +4,14 @@ distdir=/var/tmp/dist/[% project %] mkdir -p /var/tmp/dist tar -C /var/tmp/dist -xf [% c('input_files_by_name/cmake') %] tar -C /var/tmp/dist -xf [% c('input_files_by_name/ninja') %] -[% IF c("container/global_disable") -%] - tar -C /var/tmp/dist -xf [% c('input_files_by_name/openssl-1.0.2') %] -[% END -%] export PATH="/var/tmp/dist/ninja:/var/tmp/dist/cmake/bin:$PATH"
mkdir /var/tmp/build tar -C /var/tmp/build -xf [% project %]-[% c('version') %].tar.[% c('compress_tar') %] cd /var/tmp/build/[% project %]-[% c('version') %] -patch -p1 < "$rootdir/libdmg.patch" +[% IF c("container/global_disable") -%] + patch -p1 < "$rootdir/no-openssl.diff" +[% END -%] cmake . -GNinja -DCMAKE_BUILD_TYPE=Release [% c("var/cmake_opts") %] ninja -j[% c("num_procs") %] -v
===================================== projects/libdmg-hfsplus/config ===================================== @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 version: '[% c("abbrev") %]' git_url: https://github.com/mozilla/libdmg-hfsplus -git_hash: 2ee327795680101d36f9700bd0fb618362237718 +git_hash: 2cb30de5b277bf2bc1fc129899bb9382bb56ccca filename: '[% project %]-[% c("version") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' container: use_container: 1 @@ -13,16 +13,12 @@ var: targets: no_containers: var: - cmake_opts: | - -DOPENSSL_USE_STATIC_LIBS=1 \ - -DOPENSSL_ROOT_DIR=/var/tmp/dist/openssl + cmake_opts: '-DUSE_OPENSSL=OFF' input_files: - project: container-image - name: cmake project: cmake - name: ninja project: ninja - - filename: libdmg.patch - - name: openssl-1.0.2 - project: openssl-1.0.2 + - filename: no-openssl.diff enable: '[% c("container/global_disable") %]'
===================================== projects/libdmg-hfsplus/libdmg.patch deleted ===================================== @@ -1,39 +0,0 @@ -From d1a5eca891f32103ccda80ee75e158dfc7ece70d Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@torproject.org -Date: Thu, 6 Mar 2014 19:47:05 -0800 -Subject: [PATCH] Memset a UDIF header to ensure archive reproducibility. - -Some of the struct padding and fields contained unitialized memory, which -caused two successive invocations to produce archives that differed in some -bytes. ---- - dmg/dmglib.c | 6 ++++-- - 1 file changed, 4 insertions(+), 2 deletions(-) - -diff --git a/dmg/dmglib.c b/dmg/dmglib.c -index f481b1f..b74e50b 100644 ---- a/dmg/dmglib.c -+++ b/dmg/dmglib.c -@@ -108,7 +108,8 @@ int buildDmg(AbstractFile* abstractIn, AbstractFile* abstractOut) { - ChecksumToken dataForkToken; - - UDIFResourceFile koly; -- -+ memset(&koly, 0, sizeof(koly)); -+ - off_t plistOffset; - uint32_t plistSize; - uint32_t dataForkChecksum; -@@ -284,7 +285,8 @@ int convertToDMG(AbstractFile* abstractIn, AbstractFile* abstractOut) { - uint64_t numSectors; - - UDIFResourceFile koly; -- -+ memset(&koly, 0, sizeof(koly)); -+ - char partitionName[512]; - - off_t fileLength; --- -1.8.1.2 -
===================================== projects/libdmg-hfsplus/no-openssl.diff ===================================== @@ -0,0 +1,34 @@ +diff --git a/CMakeLists.txt b/CMakeLists.txt +index 79d4302..b54e81d 100644 +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -2,6 +2,8 @@ cmake_minimum_required(VERSION 2.6) + + project (libdmg-hfsplus) + ++option(USE_OPENSSL "Enable or disable OpenSSL (1.0.x is currently required)" ON) ++ + # We want win32 executables to build staticly by default, since it's more difficult to keep the shared libraries straight on Windows + IF(WIN32) + SET(BUILD_STATIC ON CACHE BOOL "Force compilation with static libraries") +diff --git a/dmg/CMakeLists.txt b/dmg/CMakeLists.txt +index 36f6bb6..ffdac77 100644 +--- a/dmg/CMakeLists.txt ++++ b/dmg/CMakeLists.txt +@@ -18,14 +18,14 @@ link_directories(${PROJECT_BINARY_DIR}/common ${PROJECT_BINARY_DIR}/hfs) + + add_library(dmg adc.c checksum.c dmgfile.c dmglib.c filevault.c io.c partition.c resources.c udif.c ../includes/dmg/adc.h ../includes/dmg/dmg.h ../includes/dmg/dmgfile.h ../includes/dmg/dmglib.h ../includes/dmg/filevault.h) + +-IF(OPENSSL_FOUND) ++IF(OPENSSL_FOUND AND USE_OPENSSL) + add_definitions(-DHAVE_CRYPT) + include_directories(${OPENSSL_INCLUDE_DIR}) + target_link_libraries(dmg ${OPENSSL_CRYPTO_LIBRARY} $<$BOOL:${OPENSSL_USE_STATIC_LIBS}:${CMAKE_DL_LIBS}>) + IF(WIN32) + TARGET_LINK_LIBRARIES(dmg gdi32) + ENDIF(WIN32) +-ENDIF(OPENSSL_FOUND) ++ENDIF(OPENSSL_FOUND AND USE_OPENSSL) + + target_link_libraries(dmg common hfs z bz2) +
===================================== projects/openssl-1.0.2/build deleted ===================================== @@ -1,15 +0,0 @@ -#!/bin/bash -[% c("var/set_default_env") -%] -distdir=/var/tmp/dist/openssl -mkdir -p /var/tmp/build -tar -C /var/tmp/build -xf openssl-[% c('version') %].tar.[% c('compress_tar') %] -cd /var/tmp/build/openssl-[% c('version') %] -export SOURCE_DATE_EPOCH='[% c("timestamp") %]' -./Configure --prefix="$distdir" -shared enable-ec_nistp_64_gcc_128 linux-x86_64 -make -j[% c("num_procs") %] -make -j[% c("num_procs") %] install -cd /var/tmp/dist -[% c('tar', { - tar_src => [ 'openssl' ], - tar_args => '-caf ' _ dest_dir _ '/' _ c('filename'), - }) %]
===================================== projects/openssl-1.0.2/config deleted ===================================== @@ -1,11 +0,0 @@ -# vim: filetype=yaml sw=2 -# -# We need openssl-1.0.2 for building libdmg-hfsplus: -# https://github.com/planetbeing/libdmg-hfsplus/issues/14 -# -version: 1.0.2u -filename: '[% project %]-[% c("version") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' - -input_files: - - URL: 'https://www.openssl.org/source/openssl-%5B% c("version") %].tar.gz' - sha256sum: ecd0c6ffb493dd06707d38b14bb4d8c2288bb7033735606569d8f90f89669d16
===================================== tools/signing/gatekeeper-bundling.sh ===================================== @@ -39,7 +39,7 @@ test -f $faketime_path || \ exit_error "$faketime_path is missing" test -d $macos_stapled_dir || \ exit_error "The stapled macos zip files should be placed in directory $macos_stapled_dir" -libdmg_file="$script_dir/../../out/libdmg-hfsplus/libdmg-hfsplus-2ee327795680-555a7e.tar.gz" +libdmg_file="$script_dir/../../out/libdmg-hfsplus/libdmg-hfsplus-2cb30de5b277-68b0fc.tar.zst" test -f "$libdmg_file" || \ exit_error "$libdmg_file is missing." \ "You can build it with:" \
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/29...