[tor-commits] [tor-browser-bundle/master] Add stopgap for shipping HTTPS-Everywhere.
gk at torproject.org
gk at torproject.org
Fri May 2 07:19:19 UTC 2014
commit 35411af55b92ee4d1c823aaefc5a5062ac940787
Author: Georg Koppen <gk at torproject.org>
Date: Fri May 2 09:17:54 2014 +0000
Add stopgap for shipping HTTPS-Everywhere.
Until bug 11630 is fixed we add a better stopgap than shipping
outdated HTTPS-Everywhere versions: we take the NoScript route and
download and use the .xpi made by the EFF.
---
gitian/descriptors/linux/gitian-bundle.yml | 11 ++++++-----
gitian/descriptors/mac/gitian-bundle.yml | 11 ++++++-----
gitian/descriptors/windows/gitian-bundle.yml | 11 ++++++-----
gitian/fetch-inputs.sh | 6 ++++--
gitian/versions.beta | 4 ++++
gitian/versions.nightly | 4 ++++
6 files changed, 30 insertions(+), 17 deletions(-)
diff --git a/gitian/descriptors/linux/gitian-bundle.yml b/gitian/descriptors/linux/gitian-bundle.yml
index c16589a..006883c 100644
--- a/gitian/descriptors/linux/gitian-bundle.yml
+++ b/gitian/descriptors/linux/gitian-bundle.yml
@@ -41,6 +41,7 @@ files:
- "linux-skeleton.zip"
- "linux-langpacks.zip"
- "noscript at noscript.net.xpi"
+- "https-everywhere at eff.org.xpi"
- "dzip.sh"
- "dtar.sh"
- "bare-version"
@@ -88,13 +89,13 @@ script: |
~/build/dzip.sh ../../../tor-browser/Data/Browser/profile.default/extensions/torbutton at torproject.org.xpi .
cd ../../../
#
- cd https-everywhere
+ #cd https-everywhere
# XXX: Bloody hack to workaround a bug in HTTPS_E's git hash extraction in
# makexpi.sh. See https://trac.torproject.org/projects/tor/ticket/10066
- rm -f .git/refs/heads/master
- ./makexpi.sh
- cp pkg/*.xpi ../tor-browser/Data/Browser/profile.default/extensions/https-everywhere at eff.org.xpi
- cd ..
+ #rm -f .git/refs/heads/master
+ #./makexpi.sh
+ #cp pkg/*.xpi ../tor-browser/Data/Browser/profile.default/extensions/https-everywhere at eff.org.xpi
+ #cd ..
#
cp *.xpi tor-browser/Data/Browser/profile.default/extensions/
cd tor-browser/Data/Browser/profile.default/extensions
diff --git a/gitian/descriptors/mac/gitian-bundle.yml b/gitian/descriptors/mac/gitian-bundle.yml
index 263ca57..2668c7d 100644
--- a/gitian/descriptors/mac/gitian-bundle.yml
+++ b/gitian/descriptors/mac/gitian-bundle.yml
@@ -41,6 +41,7 @@ files:
- "dmg-desktop.tar.xz"
- "mac-langpacks.zip"
- "noscript at noscript.net.xpi"
+- "https-everywhere at eff.org.xpi"
- "dzip.sh"
- "ddmg.sh"
- "libdmg.patch"
@@ -95,13 +96,13 @@ script: |
~/build/dzip.sh ../../../$TORBROWSER_NAME.app/Data/Browser/profile.default/extensions/torbutton at torproject.org.xpi .
cd ../../../
#
- cd https-everywhere
+ # cd https-everywhere
# XXX: Bloody hack to workaround a bug in HTTPS_E's git hash extraction in
# makexpi.sh. See https://trac.torproject.org/projects/tor/ticket/10066
- rm -f .git/refs/heads/master
- ./makexpi.sh
- cp pkg/*.xpi ../$TORBROWSER_NAME.app/Data/Browser/profile.default/extensions/https-everywhere at eff.org.xpi
- cd ..
+ # rm -f .git/refs/heads/master
+ # ./makexpi.sh
+ # cp pkg/*.xpi ../$TORBROWSER_NAME.app/Data/Browser/profile.default/extensions/https-everywhere at eff.org.xpi
+ # cd ..
#
cp *.xpi ./$TORBROWSER_NAME.app/Data/Browser/profile.default/extensions/
cd $TORBROWSER_NAME.app/Data/Browser/profile.default/extensions/
diff --git a/gitian/descriptors/windows/gitian-bundle.yml b/gitian/descriptors/windows/gitian-bundle.yml
index 457fa7b..ebde49b 100644
--- a/gitian/descriptors/windows/gitian-bundle.yml
+++ b/gitian/descriptors/windows/gitian-bundle.yml
@@ -37,6 +37,7 @@ files:
- "windows-skeleton.zip"
- "win32-langpacks.zip"
- "noscript at noscript.net.xpi"
+- "https-everywhere at eff.org.xpi"
- "dzip.sh"
- "bare-version"
- "bundle.inputs"
@@ -78,13 +79,13 @@ script: |
~/build/dzip.sh ../../../tbb-windows-installer/"Tor Browser"/Data/Browser/profile.default/extensions/torbutton at torproject.org.xpi .
cd ../../../
#
- cd https-everywhere
+ #cd https-everywhere
# XXX: Bloody hack to workaround a bug in HTTPS_E's git hash extraction in
# makexpi.sh. See https://trac.torproject.org/projects/tor/ticket/10066
- rm -f .git/refs/heads/master
- ./makexpi.sh
- cp ./pkg/*.xpi ../tbb-windows-installer/"Tor Browser"/Data/Browser/profile.default/extensions/https-everywhere at eff.org.xpi
- cd ..
+ #rm -f .git/refs/heads/master
+ #./makexpi.sh
+ #cp ./pkg/*.xpi ../tbb-windows-installer/"Tor Browser"/Data/Browser/profile.default/extensions/https-everywhere at eff.org.xpi
+ #cd ..
#
cp *.xpi tbb-windows-installer/"Tor Browser"/Data/Browser/profile.default/extensions
cd tbb-windows-installer/"Tor Browser"/Data/Browser/profile.default/extensions
diff --git a/gitian/fetch-inputs.sh b/gitian/fetch-inputs.sh
index f80348e..b542cf0 100755
--- a/gitian/fetch-inputs.sh
+++ b/gitian/fetch-inputs.sh
@@ -206,8 +206,9 @@ done
cd ..
-# NoScript and PDF.JS are magikal and special:
+# NoScript and HTTPS-Everywhere are magikal and special:
wget -U "" -N ${NOSCRIPT_URL}
+wget -U "" -N ${HTTPSE_URL}
# So is mingw:
if [ ! -f mingw-w64-svn-snapshot.zip ];
@@ -226,7 +227,7 @@ fi
# Verify packages with weak or no signatures via direct sha256 check
# (OpenSSL is signed with MD5, and OSXSDK is not signed at all)
-for i in OSXSDK TOOLCHAIN4 TOOLCHAIN4_OLD NOSCRIPT MINGW MSVCR100 PYCRYPTO ARGPARSE PYYAML ZOPEINTERFACE TWISTED M2CRYPTO SETUPTOOLS OPENSSL GMP
+for i in OSXSDK TOOLCHAIN4 TOOLCHAIN4_OLD NOSCRIPT HTTPSE MINGW MSVCR100 PYCRYPTO ARGPARSE PYYAML ZOPEINTERFACE TWISTED M2CRYPTO SETUPTOOLS OPENSSL GMP
do
PACKAGE="${i}_PACKAGE"
HASH="${i}_HASH"
@@ -262,6 +263,7 @@ done
cd ..
ln -sf "$NOSCRIPT_PACKAGE" noscript at noscript.net.xpi
+ln -sf "$HTTPSE_PACKAGE" https-everywhere at eff.org.xpi
ln -sf "$OPENSSL_PACKAGE" openssl.tar.gz
ln -sf "$BINUTILS_PACKAGE" binutils.tar.bz2
ln -sf "$GCC_PACKAGE" gcc.tar.bz2
diff --git a/gitian/versions.beta b/gitian/versions.beta
index 3460248..b5cfa53 100755
--- a/gitian/versions.beta
+++ b/gitian/versions.beta
@@ -38,11 +38,13 @@ M2CRYPTO_VER=0.21.1
PY2EXE_VER=0.6.9
SETUPTOOLS_VER=1.4
LXML_VER=3.3.5
+HTTPSE_VER=3.5.1
## File names for the source packages
OPENSSL_PACKAGE=openssl-${OPENSSL_VER}.tar.gz
GMP_PACKAGE=gmp-${GMP_VER}.tar.bz2
NOSCRIPT_PACKAGE=noscript_security_suite-2.6.8.20-fn+fx+sm.xpi
+HTTPSE_PACKAGE=https-everywhere-${HTTPSE_VER}.xpi
TOOLCHAIN4_PACKAGE=x86_64-apple-darwin10.tar.xz
TOOLCHAIN4_OLD_PACKAGE=multiarch-darwin11-cctools127.2-gcc42-5666.3-llvmgcc42-2336.1-Linux-120724.tar.xz
OSXSDK_PACKAGE=apple-uni-sdk-10.6_20110407-0.flosoft1_i386.deb
@@ -69,6 +71,7 @@ OSXSDK_HASH=6602d8d5ddb371fbc02e2a5967d9bd0cd7358d46f9417753c8234b923f2ea6fc
TOOLCHAIN4_HASH=7b71bfe02820409b994c5c33a7eab81a81c72550f5da85ff7af70da3da244645
TOOLCHAIN4_OLD_HASH=65c1b2d302358a6b95a26c6828a66908a199276193bb0b268f2dcc1a997731e9
NOSCRIPT_HASH=dae2abeb3c57240168c1fdfbf6c6664fa64859fb430ca1a05c218f81371f5ad1
+HTTPSE_HASH=62ac6560bb224a8f5557722153a72fb245b30b345940c537423bfbb7d8144e29
MINGW_HASH=a5b03d0448a309341be4cf34c6ad3016d04c89952dca5243254b4d6c738b164f
MSVCR100_HASH=1221a09484964a6f38af5e34ee292b9afefccb3dc6e55435fd3aaf7c235d9067
PYCRYPTO_HASH=f2ce1e989b272cfcb677616763e0a2e7ec659effa67a88aa92b3a65528f60a3c
@@ -89,6 +92,7 @@ OSXSDK_URL=https://launchpad.net/~flosoft/+archive/cross-apple/+files/${OSXSDK_P
BINUTILS_URL=https://ftp.gnu.org/gnu/binutils/${BINUTILS_PACKAGE}
GCC_URL=https://ftp.gnu.org/gnu/gcc/gcc-${GCC_VER}/${GCC_PACKAGE}
NOSCRIPT_URL=https://addons.cdn.mozilla.net/storage/public-staging/722/${NOSCRIPT_PACKAGE}
+HTTPSE_URL=https://www.eff.org/files/${HTTPSE_PACKAGE}
PYTHON_URL=http://www.python.org/ftp/python/${PYTHON_VER}/${PYTHON_PACKAGE}
PYTHON_MSI_URL=http://www.python.org/ftp/python/${PYTHON_VER}/${PYTHON_MSI_PACKAGE}
PYCRYPTO_URL=https://ftp.dlitz.net/pub/dlitz/crypto/pycrypto/${PYCRYPTO_PACKAGE}
diff --git a/gitian/versions.nightly b/gitian/versions.nightly
index c8a8d7c..355b68a 100755
--- a/gitian/versions.nightly
+++ b/gitian/versions.nightly
@@ -39,11 +39,13 @@ M2CRYPTO_VER=0.21.1
PY2EXE_VER=0.6.9
SETUPTOOLS_VER=1.4
LXML_VER=3.3.5
+HTTPSE_VER=3.5.1
## File names for the source packages
OPENSSL_PACKAGE=openssl-${OPENSSL_VER}.tar.gz
GMP_PACKAGE=gmp-${GMP_VER}.tar.bz2
NOSCRIPT_PACKAGE=noscript_security_suite-2.6.8.20-fn+fx+sm.xpi
+HTTPSE_PACKAGE=https-everywhere-${HTTPSE_VER}.xpi
TOOLCHAIN4_PACKAGE=x86_64-apple-darwin10.tar.xz
TOOLCHAIN4_OLD_PACKAGE=multiarch-darwin11-cctools127.2-gcc42-5666.3-llvmgcc42-2336.1-Linux-120724.tar.xz
OSXSDK_PACKAGE=apple-uni-sdk-10.6_20110407-0.flosoft1_i386.deb
@@ -70,6 +72,7 @@ OSXSDK_HASH=6602d8d5ddb371fbc02e2a5967d9bd0cd7358d46f9417753c8234b923f2ea6fc
TOOLCHAIN4_HASH=7b71bfe02820409b994c5c33a7eab81a81c72550f5da85ff7af70da3da244645
TOOLCHAIN4_OLD_HASH=65c1b2d302358a6b95a26c6828a66908a199276193bb0b268f2dcc1a997731e9
NOSCRIPT_HASH=dae2abeb3c57240168c1fdfbf6c6664fa64859fb430ca1a05c218f81371f5ad1
+HTTPSE_HASH=62ac6560bb224a8f5557722153a72fb245b30b345940c537423bfbb7d8144e29
MINGW_HASH=a5b03d0448a309341be4cf34c6ad3016d04c89952dca5243254b4d6c738b164f
MSVCR100_HASH=1221a09484964a6f38af5e34ee292b9afefccb3dc6e55435fd3aaf7c235d9067
PYCRYPTO_HASH=f2ce1e989b272cfcb677616763e0a2e7ec659effa67a88aa92b3a65528f60a3c
@@ -90,6 +93,7 @@ OSXSDK_URL=https://launchpad.net/~flosoft/+archive/cross-apple/+files/${OSXSDK_P
BINUTILS_URL=https://ftp.gnu.org/gnu/binutils/${BINUTILS_PACKAGE}
GCC_URL=https://ftp.gnu.org/gnu/gcc/gcc-${GCC_VER}/${GCC_PACKAGE}
NOSCRIPT_URL=https://addons.cdn.mozilla.net/storage/public-staging/722/${NOSCRIPT_PACKAGE}
+HTTPSE_URL=https://www.eff.org/files/${HTTPSE_PACKAGE}
PYTHON_URL=http://www.python.org/ftp/python/${PYTHON_VER}/${PYTHON_PACKAGE}
PYTHON_MSI_URL=http://www.python.org/ftp/python/${PYTHON_VER}/${PYTHON_MSI_PACKAGE}
PYCRYPTO_URL=https://ftp.dlitz.net/pub/dlitz/crypto/pycrypto/${PYCRYPTO_PACKAGE}
More information about the tor-commits
mailing list