[tor-dev] reproducible builds for Android tor daemon
Georg Koppen
gk at torproject.org
Thu Sep 12 11:02:00 UTC 2019
Hans-Christoph Steiner:
>
> Hey all,
>
> I'm currently working on tor for Android as part of a Guardian Project
> project. One key goal is making a shareable, reproducible build process
> for the tor daemon for Android. Then this would be published to
> MavenCentral as an Android AAR package to be used in all the apps that
> include tor (Tor Browser, Orbot, Briar, Thali, etc). I have cleaned up
> the existing build process a lot, so now I'm down to troubleshooting
> reproducible issues.
>
> First off, can anyone see any objections to switching Tor Browser,
> Orbot, Briar, etc. to use GPG-signed reproducible binaries via
> MavenCentral for the tor dameon?
We want to include building tor and all its dependencies in
tor-browser-build/rbm to have the latest tor for Android in our nightly
builds and respective alpha and stable versions in our alpha and stable
browsers. We have a ticket for that for a while now in our bug tracker
but did not get to it so far.[1] The plan is to pick that work up in
November after Tor Browser 9 is out.
As to whether other projects would be interested in that, dunno. But I
guess some at least would?
Georg
[1] The parent ticket for that work is:
https://trac.torproject.org/projects/tor/ticket/28704.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20190912/ceff8406/attachment-0001.sig>
More information about the tor-dev
mailing list