Commit 204b810f authored by Torsten Grote's avatar Torsten Grote

Add a script that can be used to verify Tor releases on jcenter

parent ee6d39b5
Pipeline #1609 passed with stages
in 29 minutes and 56 seconds
#!/usr/bin/env python3 #!/usr/bin/env python3
import json
import os import os
import sys import sys
from collections import OrderedDict
from shutil import move, copy, rmtree from shutil import move, copy, rmtree
from subprocess import check_call from subprocess import check_call
from utils import get_sha256, fail from utils import REPO_DIR, get_sha256, fail, get_build_versions, get_final_file_name, get_version
NDK_DIR = 'android-ndk' NDK_DIR = 'android-ndk'
REPO_DIR = 'tor-android'
def main(): def main():
if len(sys.argv) > 2: # get Tor version from command or show usage information
fail("Usage: %s [Tor version tag]" % sys.argv[0]) version = get_version()
tag = sys.argv[1] if len(sys.argv) > 1 else None
# get Tor version and versions of its dependencies # get Tor version and versions of its dependencies
versions = get_build_versions(tag) versions = get_build_versions(version)
print("Building Tor %s" % versions['tor'])
# setup Android NDK # setup Android NDK
setup_android_ndk(versions) setup_android_ndk(versions)
...@@ -38,7 +35,7 @@ def main(): ...@@ -38,7 +35,7 @@ def main():
file_list = ['tor_arm_pie.zip', 'tor_arm.zip', 'tor_x86_pie.zip', 'tor_x86.zip', 'geoip.zip'] file_list = ['tor_arm_pie.zip', 'tor_arm.zip', 'tor_x86_pie.zip', 'tor_x86.zip', 'geoip.zip']
for filename in file_list: for filename in file_list:
reset_time(os.path.join(REPO_DIR, filename)) # make file times deterministic before zipping reset_time(os.path.join(REPO_DIR, filename)) # make file times deterministic before zipping
zip_name = 'tor-android-%s.zip' % versions['tor'].split('-')[1] zip_name = get_final_file_name(versions)
check_call(['zip', '-D', '-X', zip_name] + file_list, cwd=REPO_DIR) check_call(['zip', '-D', '-X', zip_name] + file_list, cwd=REPO_DIR)
# print hashes for debug purposes # print hashes for debug purposes
...@@ -47,19 +44,6 @@ def main(): ...@@ -47,19 +44,6 @@ def main():
print("%s: %s" % (file, sha256hash)) print("%s: %s" % (file, sha256hash))
def get_build_versions(tag):
# load Tor versions and their dependencies
with open('tor-versions.json', 'r') as f:
versions = json.load(f, object_pairs_hook=OrderedDict)
if tag is None:
# take top-most Tor version
tag = next(iter(versions))
print("Building Tor %s" % versions[tag]['tor'])
return versions[tag]
def setup_android_ndk(versions): def setup_android_ndk(versions):
if os.path.isdir(NDK_DIR): if os.path.isdir(NDK_DIR):
# check that we are using the correct NDK # check that we are using the correct NDK
......
#!/usr/bin/env python3 #!/usr/bin/env python3
import hashlib import hashlib
import json
import sys import sys
from collections import OrderedDict
REPO_DIR = 'tor-android'
def get_version():
if len(sys.argv) > 2:
fail("Usage: %s [Tor version tag]" % sys.argv[0])
return sys.argv[1] if len(sys.argv) > 1 else None
def get_build_versions(tag):
# load Tor versions and their dependencies
with open('tor-versions.json', 'r') as f:
versions = json.load(f, object_pairs_hook=OrderedDict)
if tag is None:
# take top-most Tor version
tag = next(iter(versions))
return versions[tag]
def fail(msg=""): def fail(msg=""):
...@@ -16,3 +36,7 @@ def get_sha256(filename, block_size=65536): ...@@ -16,3 +36,7 @@ def get_sha256(filename, block_size=65536):
for block in iter(lambda: f.read(block_size), b''): for block in iter(lambda: f.read(block_size), b''):
sha256.update(block) sha256.update(block)
return sha256.hexdigest() return sha256.hexdigest()
def get_final_file_name(versions):
return 'tor-android-%s.zip' % versions['tor'].split('-')[1]
#!/usr/bin/env python3
import os
import sys
from subprocess import check_call, CalledProcessError
from utils import REPO_DIR, get_sha256, fail, get_build_versions, get_final_file_name, get_version
def main():
# get Tor version from command or show usage information
version = get_version()
# get Tor version and versions of its dependencies
versions = get_build_versions(version)
# download reference binary
file_name = get_final_file_name(versions)
try:
# try downloading from jcenter
check_call(['wget', '--no-verbose', get_url(versions), '-O', file_name])
except CalledProcessError:
# try fallback to bintray
print("Warning: Download from jcenter failed. Trying bintray directly...")
check_call(['wget', '--no-verbose', get_url(versions, fallback=True), '-O', file_name])
# check if Tor was already build
build_file_name = os.path.join(REPO_DIR, file_name)
if not os.path.isfile(build_file_name):
# build Tor
if version is None:
check_call(['./build-tor.py'])
else:
check_call(['./build-tor.py', version])
# calculate hashes for both files
reference_hash = get_sha256(file_name)
build_hash = get_sha256(build_file_name)
print("Reference sha256: %s" % reference_hash)
print("Build sha256: %s" % build_hash)
# compare hashes
if reference_hash == build_hash:
print("Tor version %s was successfully verified! \o/" % versions['tor'])
sys.exit(0)
else:
fail("Hashes do not match :(")
def get_url(versions, fallback=False):
version = versions['tor'].split('-')[1]
file = get_final_file_name(versions)
if not fallback:
return "https://jcenter.bintray.com/org/briarproject/tor-android/%s/%s" % (version, file)
else:
return "https://dl.bintray.com/briarproject/org.briarproject/org/briarproject/tor-android" \
"/%s/%s" % (version, file)
if __name__ == "__main__":
main()
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment