[tor-commits] [tor-browser-bundle/hardened-builds] Bug 20422: Fall back to SHA256 check for PyCrypto

gk at torproject.org gk at torproject.org
Fri Oct 21 13:54:28 UTC 2016 

commit 51f62d0c35e4c0587618f586fcfacae377933497
Author: Georg Koppen <gk at torproject.org>
Date:   Fri Oct 21 13:00:34 2016 +0000

    Bug 20422: Fall back to SHA256 check for PyCrypto
    
    The subkey that signed PyCrypto back in the days expired. We fall back
    to the SHA256 check (which we already did in addition to the signature
    check).
---
 gitian/fetch-inputs.sh | 6 +++---
 gitian/verify-tags.sh  | 4 ++--
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/gitian/fetch-inputs.sh b/gitian/fetch-inputs.sh
index c663051..bbd2c88 100755
--- a/gitian/fetch-inputs.sh
+++ b/gitian/fetch-inputs.sh
@@ -113,11 +113,11 @@ update_git() {
 
 ##############################################################################
 # Get+verify sigs that exist
-for i in OPENSSL BINUTILS GCC PYCRYPTO PYTHON_MSI GMP ELFUTILS
+for i in OPENSSL BINUTILS GCC PYTHON_MSI GMP ELFUTILS
 do
   PACKAGE="${i}_PACKAGE"
   URL="${i}_URL"
-  if [ "${i}" == "PYCRYPTO" -o "${i}" == "PYTHON_MSI" -o "${i}" == "OPENSSL" ]; then
+  if [ "${i}" == "PYTHON_MSI" -o "${i}" == "OPENSSL" ]; then
     SUFFIX="asc"
   else
     SUFFIX="sig"
@@ -162,7 +162,7 @@ do
   get "${!PACKAGE}" "${MIRROR_URL_ASN}${!PACKAGE}"
 done
 
-for i in ZOPEINTERFACE TWISTED PY2EXE SETUPTOOLS PARSLEY GO14 GO STIXMATHFONT NOTOEMOJIFONT NOTOJPFONT NOTOKRFONT NOTOSCFONT NOTOTCFONT NSIS NSIS_DEBIAN
+for i in ZOPEINTERFACE TWISTED PY2EXE SETUPTOOLS PARSLEY GO14 GO STIXMATHFONT NOTOEMOJIFONT NOTOJPFONT NOTOKRFONT NOTOSCFONT NOTOTCFONT NSIS NSIS_DEBIAN PYCRYPTO
 do
   URL="${i}_URL"
   PACKAGE="${i}_PACKAGE"
diff --git a/gitian/verify-tags.sh b/gitian/verify-tags.sh
index 8277fca..b7c45c4 100755
--- a/gitian/verify-tags.sh
+++ b/gitian/verify-tags.sh
@@ -123,11 +123,11 @@ selfrando               $SELFRANDO_TAG
 EOF
 
 # Verify signatures on signed packages
-for i in OPENSSL BINUTILS GCC PYCRYPTO PYTHON_MSI GMP ELFUTILS
+for i in OPENSSL BINUTILS GCC PYTHON_MSI GMP ELFUTILS
 do
   PACKAGE="${i}_PACKAGE"
   URL="${i}_URL"
-  if [ "${i}" == "PYCRYPTO" -o "${i}" == "PYTHON_MSI" -o "${i}" == "OPENSSL" ]; then
+  if [ "${i}" == "PYTHON_MSI" -o "${i}" == "OPENSSL" ]; then
     SUFFIX="asc"
   else
     SUFFIX="sig"

More information about the tor-commits mailing list