[tbb-commits] [Git][tpo/applications/tor-browser-build][maint-13.5] 2 commits: Bug 40964: Update keyring/torbrowser.gpg for new subkey
morgan (@morgan)
git at gitlab.torproject.org
Wed Jul 24 19:59:26 UTC 2024
morgan pushed to branch maint-13.5 at The Tor Project / Applications / tor-browser-build
Commits:
7e25f33b by Nicolas Vigier at 2024-07-24T19:58:57+00:00
Bug 40964: Update keyring/torbrowser.gpg for new subkey
- - - - -
1176788e by Nicolas Vigier at 2024-07-24T19:59:03+00:00
Bug 40964: Sign alpha release using new gpg subkey
- - - - -
4 changed files:
- keyring/torbrowser.gpg
- tools/signing/linux-signer-gpg-sign
- tools/signing/machines-setup/sudoers.d/sign-gpg
- tools/signing/wrappers/sign-gpg
Changes:
=====================================
keyring/torbrowser.gpg
=====================================
Binary files a/keyring/torbrowser.gpg and b/keyring/torbrowser.gpg differ
=====================================
tools/signing/linux-signer-gpg-sign
=====================================
@@ -4,6 +4,8 @@ set -e
script_dir=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
source "$script_dir/functions"
+test "$tbb_version_type" = "alpha" && export GPG_NEWSUBKEY=1
+
cd ~/"$SIGNING_PROJECTNAME-$tbb_version"
test -n "$GPG_PASS" || read -sp "Enter gpg passphrase: " GPG_PASS
=====================================
tools/signing/machines-setup/sudoers.d/sign-gpg
=====================================
@@ -1,2 +1,2 @@
-Defaults>signing-gpg env_keep += SIGNING_PROJECTNAME
+Defaults>signing-gpg env_keep += "SIGNING_PROJECTNAME GPG_NEWSUBKEY"
%signing ALL = (signing-gpg) NOPASSWD: /signing/tor-browser-build/tools/signing/wrappers/sign-gpg
=====================================
tools/signing/wrappers/sign-gpg
=====================================
@@ -11,4 +11,6 @@ if test $(whoami) != 'signing-gpg'; then
exit 1
fi
-exec gpg --homedir /home/signing-gpg/.gnupg -absu 0xe53d989a9e2d47bf! --batch --no-tty -o- --passphrase-fd 0 -- "$1"
+gpg_subkey='0xe53d989a9e2d47bf!'
+test -n "$GPG_NEWSUBKEY" && gpg_subkey='0x157432CF78A65729!'
+exec gpg --homedir /home/signing-gpg/.gnupg -absu "$gpg_subkey" --batch --no-tty -o- --passphrase-fd 0 -- "$1"
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/e71735f4a849df78574dfe8ef21ea1465c3f0048...1176788e2bcb0d9e32954f31fa3e39046431c4f0
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/e71735f4a849df78574dfe8ef21ea1465c3f0048...1176788e2bcb0d9e32954f31fa3e39046431c4f0
You're receiving this email because of your account on gitlab.torproject.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tbb-commits/attachments/20240724/0414ddce/attachment-0001.htm>
More information about the tbb-commits
mailing list