As far as I can tell, this flag used to enable some Android-specific code, such as the option to write logs via Android's native logging API rather than syslog. The logging code was removed because both APIs ended up writing to the same place, and there was some discussion about whether to remove this flag or change it into shorthand for enabling various other build settings. It looks like that discussion was shelved in favour of Arti, so I'm not sure whether this flag currently does anything. But tor-browser-build
uses it on Android, so I thought it probably wouldn't do any harm for us to use it too.
akwizgran (2a49c97b) at 02 Jan 15:21
This branch enables FORTIFY_SOURCE hardening measures for the 32-bit Tor binaries on Android.
The flag to enable this was being passed to the compiler already, but it has no effect with the API 16 compiler, which resulted in our 32-bit binaries not having those protections. (The 64-bit binaries were compiled with the API 21 compiler, so they already had the protections.)
Enabling these protections will require raising the minimum API level of Briar Mailbox from 16 to 18. Stats from the Play Store suggest that three users will be affected.
Torsten Grote (3cbb8643) at 02 Jan 15:21
Merge branch 'tor-hardening' into 'master'
... and 2 more commits
oops, do you know what this does and why it worked before?
Unrelated change \o/
These are overridden by the Makefile so I removed them.
This branch enables FORTIFY_SOURCE hardening measures for the 32-bit Tor binaries on Android.
The flag to enable this was being passed to the compiler already, but it has no effect with the API 16 compiler, which resulted in our 32-bit binaries not having those protections. (The 64-bit binaries were compiled with the API 21 compiler, so they already had the protections.)
Enabling these protections will require raising the minimum API level of Briar Mailbox from 16 to 18. Stats from the Play Store suggest that three users will be affected.
akwizgran (04d032f3) at 06 Dec 15:59
akwizgran (3c52e0dc) at 06 Dec 15:59
Merge branch 'tor-0.4.8.9' into 'master'
... and 6 more commits
Note: Building Tor 0.4.8 for macOS requires an updated CI image - see ci-image-upstream-tor-reproducer!6.
Thanks for the review! I've uploaded the artifacts so the pipeline should pass now.
Note: Building Tor 0.4.8 for macOS requires an updated CI image - see ci-image-upstream-tor-reproducer!6.
Looks good to me now.
Thanks! Added.
akwizgran (04d032f3) at 27 Nov 17:51
Update format of upstream filename.
After merging the MR of the upstream reproducer image, I reran the mac pipeline and the build succeeded now. I think you still need to add the fixes you added concerning the upstream file names of the tor expert bundle here (ci-image-upstream-tor-reproducer@39589839).
akwizgran (a09a04cb) at 24 Nov 14:30
Add Tor Browser version for reproducing upstream build.
akwizgran (ab628b4f) at 23 Nov 14:24
Reproduce upstream build for Tor 0.4.8.9.