[tor-bugs] #17305 [Tor Browser]: Make our Gitian setup able to build hardened Linux bundles (64bit)

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Oct 21 19:07:05 UTC 2015 

#17305: Make our Gitian setup able to build hardened Linux bundles (64bit)
----------------------------------------------+--------------------------
 Reporter:  gk                                |          Owner:  gk
     Type:  task                              |         Status:  assigned
 Priority:  Very High                         |      Milestone:
Component:  Tor Browser                       |        Version:
 Severity:  Normal                            |     Resolution:
 Keywords:  tbb-gitian, TorBrowserTeam201510  |  Actual Points:
Parent ID:  #17304                            |         Points:
  Sponsor:  SpnsorU                           |
----------------------------------------------+--------------------------

Comment (by gk):

 Replying to [comment:10 brade]:
 > Using an update channel named "hardened" is OK but this will require
 some code changes (to support "alpha" instead of "aurora" we had to make
 some changes).
 >
 > Using "5.5a3-hardened" as a version number (internally, within the
 browser) won't work well because Mozilla's code expects version numbers to
 conform to a specific format.  For example, the updater code relies on
 this to be able to compare versions.  If this version number is just for
 git tag purposes, then nevermind.  :-)

 So, reading on https://developer.mozilla.org/en-
 US/docs/Mozilla/Tech/XPCOM/Reference/Interface/nsIVersionComparator I see:
 {{{
 Version strings are dot-separated sequences of version-parts. A version-
 part consists of up to four parts, all of which are optional:

 <number-a><string-b><number-c><string-d (everything else)>

 A version-part may also consist of a single asterisk "*" which indicates *
 "infinity". Numbers are base-10, and are zero if left out. Strings are
 compared bytewise.
 }}}
 <number-a> would be "5" and <string-b> would be "a3-hardened". Looking at
 the examples on that page (e.g. `1.0pre1 < 1.0pre2`) there should be no
 issue for the comparator to estimate that `5.5a3-hardened <
 5.5a4-hardened` holds especially as this works without "-hardened" very
 well and "-hardened" is essentially an unchanging string. What am I
 missing?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17305#comment:12>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list