[tbb-commits] [tor-browser-bundle/maint-6.0] Bug 20422: Fall back to SHA256 check for PyCrypto

gk at torproject.org gk at torproject.org
Fri Oct 21 13:52:06 UTC 2016 

commit bfc9d71a999e0902011684610a9dcfb97319ae10
Author: Georg Koppen <gk at torproject.org>
Date:   Fri Oct 21 13:00:34 2016 +0000

    Bug 20422: Fall back to SHA256 check for PyCrypto
    
    The subkey that signed PyCrypto back in the days expired. We fall back
    to the SHA256 check (which we already did in addition to the signature
    check).
---
 gitian/fetch-inputs.sh | 6 +++---
 gitian/verify-tags.sh  | 4 ++--
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/gitian/fetch-inputs.sh b/gitian/fetch-inputs.sh
index 99b984b..b5adfc2 100755
--- a/gitian/fetch-inputs.sh
+++ b/gitian/fetch-inputs.sh
@@ -113,11 +113,11 @@ update_git() {
 
 ##############################################################################
 # Get+verify sigs that exist
-for i in OPENSSL BINUTILS GCC PYCRYPTO PYTHON_MSI GMP
+for i in OPENSSL BINUTILS GCC PYTHON_MSI GMP
 do
   PACKAGE="${i}_PACKAGE"
   URL="${i}_URL"
-  if [ "${i}" == "PYCRYPTO" -o "${i}" == "PYTHON_MSI" -o "${i}" == "OPENSSL" ]; then
+  if [ "${i}" == "PYTHON_MSI" -o "${i}" == "OPENSSL" ]; then
     SUFFIX="asc"
   else
     SUFFIX="sig"
@@ -162,7 +162,7 @@ do
   get "${!PACKAGE}" "${MIRROR_URL_ASN}${!PACKAGE}"
 done
 
-for i in ZOPEINTERFACE TWISTED PY2EXE SETUPTOOLS PARSLEY GO STIXMATHFONT NOTOEMOJIFONT NOTOJPFONT NOTOKRFONT NOTOSCFONT NOTOTCFONT NSIS NSIS_DEBIAN
+for i in ZOPEINTERFACE TWISTED PY2EXE SETUPTOOLS PARSLEY GO STIXMATHFONT NOTOEMOJIFONT NOTOJPFONT NOTOKRFONT NOTOSCFONT NOTOTCFONT NSIS NSIS_DEBIAN PYCRYPTO
 do
   URL="${i}_URL"
   PACKAGE="${i}_PACKAGE"
diff --git a/gitian/verify-tags.sh b/gitian/verify-tags.sh
index e006fb0..33b54a4 100755
--- a/gitian/verify-tags.sh
+++ b/gitian/verify-tags.sh
@@ -125,11 +125,11 @@ noto-fonts              $NOTOFONTS_TAG
 EOF
 
 # Verify signatures on signed packages
-for i in OPENSSL BINUTILS GCC PYCRYPTO PYTHON_MSI GMP
+for i in OPENSSL BINUTILS GCC PYTHON_MSI GMP
 do
   PACKAGE="${i}_PACKAGE"
   URL="${i}_URL"
-  if [ "${i}" == "PYCRYPTO" -o "${i}" == "PYTHON_MSI" -o "${i}" == "OPENSSL" ]; then
+  if [ "${i}" == "PYTHON_MSI" -o "${i}" == "OPENSSL" ]; then
     SUFFIX="asc"
   else
     SUFFIX="sig"

More information about the tbb-commits mailing list