[tor-bugs] #13379 [Tor Browser]: Sign our MAR files
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Nov 17 21:53:29 UTC 2014
#13379: Sign our MAR files
-----------------------------+-------------------------------------------
Reporter: mikeperry | Owner: mcs
Type: defect | Status: needs_review
Priority: major | Milestone:
Component: Tor Browser | Version:
Resolution: | Keywords: tbb-security,MikePerry201411R
Actual Points: | Parent ID:
Points: |
-----------------------------+-------------------------------------------
Changes (by mcs):
* status: assigned => needs_review
* keywords: tbb-security => tbb-security,MikePerry201411R
Comment:
The tor-browser changes are ready for review. The patches may be found on
a branch named bug13379-01 in user/brade/tor-browser.git; that is, here:
https://gitweb.torproject.org/user/brade/tor-
browser.git/shortlog/refs/heads/bug13379-01
There are two "Brian R. Bondy" commits (from mozilla-central, where the
fix for 902761 has landed), one commit to backport some Mozilla patches
that have r+ on the Mozilla side but have not yet been committed, and one
commit that contains our changes to always use NSS and fix up various
things.
The most recent commit (68a488187fde8a1f50e1e85e45b0f0beac15446c) will
need to be discarded; it embeds a certificate that brade and I used for
testing our own 4.5-alpha-1-ish builds.
Also, these changes cause the NSS certutil command to be built as well as
signmar, which is a variant of the mar program that supports signing,
verifying signatures, etc. (signmar uses NSS key and cert databases). We
have some uncommitted builders/tor-browser-bundle changes that cause
certutil and signmar to be included in the mar-tools-linux*.zip archives
along with the dependent NSS and NSPR libraries. We will publish those
patches soon along with other changes we plan to make to automate the
signing process as much as possible (e.g., only prompt once for the NSS
password).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13379#comment:14>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list