diff --git a/build-tor.py b/build-tor.py index d5b82389eb6f8e3225c3bfe6dcb45c2ac2949d4a..965c112fe9ba16384fd652e5f815e1961cfab3ac 100755 --- a/build-tor.py +++ b/build-tor.py @@ -1,24 +1,21 @@ #!/usr/bin/env python3 -import json import os import sys -from collections import OrderedDict from shutil import move, copy, rmtree from subprocess import check_call -from utils import get_sha256, fail +from utils import REPO_DIR, get_sha256, fail, get_build_versions, get_final_file_name, get_version NDK_DIR = 'android-ndk' -REPO_DIR = 'tor-android' def main(): - if len(sys.argv) > 2: - fail("Usage: %s [Tor version tag]" % sys.argv[0]) - tag = sys.argv[1] if len(sys.argv) > 1 else None + # get Tor version from command or show usage information + version = get_version() # get Tor version and versions of its dependencies - versions = get_build_versions(tag) + versions = get_build_versions(version) + print("Building Tor %s" % versions['tor']) # setup Android NDK setup_android_ndk(versions) @@ -38,7 +35,7 @@ def main(): file_list = ['tor_arm_pie.zip', 'tor_arm.zip', 'tor_x86_pie.zip', 'tor_x86.zip', 'geoip.zip'] for filename in file_list: reset_time(os.path.join(REPO_DIR, filename)) # make file times deterministic before zipping - zip_name = 'tor-android-%s.zip' % versions['tor'].split('-')[1] + zip_name = get_final_file_name(versions) check_call(['zip', '-D', '-X', zip_name] + file_list, cwd=REPO_DIR) # print hashes for debug purposes @@ -47,19 +44,6 @@ def main(): print("%s: %s" % (file, sha256hash)) -def get_build_versions(tag): - # load Tor versions and their dependencies - with open('tor-versions.json', 'r') as f: - versions = json.load(f, object_pairs_hook=OrderedDict) - - if tag is None: - # take top-most Tor version - tag = next(iter(versions)) - - print("Building Tor %s" % versions[tag]['tor']) - return versions[tag] - - def setup_android_ndk(versions): if os.path.isdir(NDK_DIR): # check that we are using the correct NDK diff --git a/utils.py b/utils.py index 87164f259a1593c9299873d582a0ccf7ae262aa7..16a3d622400666860450a0904816503d86f3f39a 100644 --- a/utils.py +++ b/utils.py @@ -1,8 +1,28 @@ #!/usr/bin/env python3 import hashlib - +import json import sys +from collections import OrderedDict + +REPO_DIR = 'tor-android' + + +def get_version(): + if len(sys.argv) > 2: + fail("Usage: %s [Tor version tag]" % sys.argv[0]) + return sys.argv[1] if len(sys.argv) > 1 else None + + +def get_build_versions(tag): + # load Tor versions and their dependencies + with open('tor-versions.json', 'r') as f: + versions = json.load(f, object_pairs_hook=OrderedDict) + + if tag is None: + # take top-most Tor version + tag = next(iter(versions)) + return versions[tag] def fail(msg=""): @@ -16,3 +36,7 @@ def get_sha256(filename, block_size=65536): for block in iter(lambda: f.read(block_size), b''): sha256.update(block) return sha256.hexdigest() + + +def get_final_file_name(versions): + return 'tor-android-%s.zip' % versions['tor'].split('-')[1] diff --git a/verify-tor.py b/verify-tor.py new file mode 100755 index 0000000000000000000000000000000000000000..c9b44653b2c95b5d2ba60a13e40a5ef7b4e89423 --- /dev/null +++ b/verify-tor.py @@ -0,0 +1,60 @@ +#!/usr/bin/env python3 +import os +import sys +from subprocess import check_call, CalledProcessError + +from utils import REPO_DIR, get_sha256, fail, get_build_versions, get_final_file_name, get_version + + +def main(): + # get Tor version from command or show usage information + version = get_version() + + # get Tor version and versions of its dependencies + versions = get_build_versions(version) + + # download reference binary + file_name = get_final_file_name(versions) + try: + # try downloading from jcenter + check_call(['wget', '--no-verbose', get_url(versions), '-O', file_name]) + except CalledProcessError: + # try fallback to bintray + print("Warning: Download from jcenter failed. Trying bintray directly...") + check_call(['wget', '--no-verbose', get_url(versions, fallback=True), '-O', file_name]) + + # check if Tor was already build + build_file_name = os.path.join(REPO_DIR, file_name) + if not os.path.isfile(build_file_name): + # build Tor + if version is None: + check_call(['./build-tor.py']) + else: + check_call(['./build-tor.py', version]) + + # calculate hashes for both files + reference_hash = get_sha256(file_name) + build_hash = get_sha256(build_file_name) + print("Reference sha256: %s" % reference_hash) + print("Build sha256: %s" % build_hash) + + # compare hashes + if reference_hash == build_hash: + print("Tor version %s was successfully verified! \o/" % versions['tor']) + sys.exit(0) + else: + fail("Hashes do not match :(") + + +def get_url(versions, fallback=False): + version = versions['tor'].split('-')[1] + file = get_final_file_name(versions) + if not fallback: + return "https://jcenter.bintray.com/org/briarproject/tor-android/%s/%s" % (version, file) + else: + return "https://dl.bintray.com/briarproject/org.briarproject/org/briarproject/tor-android" \ + "/%s/%s" % (version, file) + + +if __name__ == "__main__": + main()