Merge pull request #21 from eighthave/master
work towards a reproducible build
This commit is contained in:
Nathan Freitas
commit
0bbe5d5f51
|
|
@ -199,7 +199,7 @@ iptables/Makefile:
|
|||
cp config.sub iptables
|
||||
cp config.guess iptables
|
||||
cd iptables && \
|
||||
CC="$(CC)" AR="$(AR)" RANLIB=$(RANLIB) CFLAGS="$(CFLAGS) -I$(EXTERNAL_ROOT)/include" LDFLAGS="$(LDFLAGS)" \
|
||||
CC="$(CC)" AR="$(AR)" RANLIB=$(RANLIB) CFLAGS="$(CFLAGS) -I$(EXTERNAL_ROOT)/include" LDFLAGS="$(LDFLAGS)" \
|
||||
./configure --host=$(HOST) --disable-shared --enable-static
|
||||
|
||||
iptables-build-stamp: iptables/Makefile
|
||||
|
|
@ -290,35 +290,13 @@ pluto: pluto-build-stamp
|
|||
pluto-clean:
|
||||
# -rm -rf pluto/bin
|
||||
|
||||
#------------------------------------------------------------------------------#
|
||||
# JTorControl library
|
||||
|
||||
jtorctl/bin/jtorctl.jar:
|
||||
test -d jtorctl/bin || mkdir jtorctl/bin
|
||||
cd jtorctl && \
|
||||
javac -source 1.6 -target 1.6 net/freehaven/tor/control/TorControlConnection.java -d bin
|
||||
cd jtorctl/bin && \
|
||||
jar cvf jtorctl.jar *
|
||||
|
||||
jtorctl-build-stamp: jtorctl/bin/jtorctl.jar
|
||||
touch jtorctl-build-stamp
|
||||
|
||||
jtorctl: jtorctl-build-stamp
|
||||
test -d bin || mkdir bin
|
||||
cp jtorctl/bin/jtorctl.jar bin
|
||||
|
||||
jtorctl-clean:
|
||||
-rm -rf jtorctl/bin
|
||||
-rm jtorctl-build-stamp
|
||||
|
||||
#------------------------------------------------------------------------------#
|
||||
#create and clean assets: FYI - tor is stored as a ZIP file with an mp3 extension
|
||||
#in order to stop Android OS (older devices) from trying to compress/decompress it
|
||||
#this is related to a bug in compression of assets and resources > 1MB
|
||||
|
||||
assets: tor polipo jtorctl iptables pluto
|
||||
assets: tor polipo iptables pluto
|
||||
install -d ../libs
|
||||
install bin/jtorctl.jar ../libs
|
||||
install -d ../assets/$(APP_ABI)
|
||||
-$(STRIP) bin/polipo
|
||||
-zip ../assets/$(APP_ABI)/polipo.mp3 bin/polipo
|
||||
|
|
@ -341,13 +319,12 @@ assets-clean:
|
|||
-rm ../assets/$(APP_ABI)/meek-client.mp3
|
||||
-rm ../assets/$(APP_ABI)/obfs4proxy.mp3
|
||||
-rm ../assets/$(APP_ABI)/pdnsd.mp3
|
||||
-rm ../libs/jtorctl.jar
|
||||
|
||||
#------------------------------------------------------------------------------#
|
||||
# cleanup, cleanup, put the toys away
|
||||
|
||||
##clean: openssl-clean libevent-clean tor-clean polipo-clean jtorctl-clean assets-clean
|
||||
clean: openssl-clean libevent-clean tor-clean polipo-clean iptables-clean jtorctl-clean pluto-clean
|
||||
##clean: openssl-clean libevent-clean tor-clean polipo-clean assets-clean
|
||||
clean: openssl-clean libevent-clean tor-clean polipo-clean iptables-clean pluto-clean
|
||||
|
||||
#------------------------------------------------------------------------------#
|
||||
# debugging stuff
|
||||
|
|
|
|||
|
|
@ -16,6 +16,9 @@ else
|
|||
echo ""
|
||||
echo ""
|
||||
echo "Checking git tag signature for release build:"
|
||||
gpg --list-key 9F0FE587374BBE81 || gpg --recv-key 9F0FE587374BBE81
|
||||
gpg --list-key E9E28DEA00AA5556 || gpg --recv-key E9E28DEA00AA5556
|
||||
gpg --list-key A801183E69B37AA9 || gpg --recv-key A801183E69B37AA9
|
||||
git tag -v $versionName
|
||||
echo ""
|
||||
echo ""
|
||||
|
|
@ -32,6 +35,15 @@ if [ -z $ANDROID_HOME ]; then
|
|||
fi
|
||||
fi
|
||||
|
||||
if [ -z $ANDROID_NDK_HOME ]; then
|
||||
if which ndk-build 2>&1 /dev/null; then
|
||||
ANDROID_NDK_HOME=`which ndk-build | sed 's,/ndk-build,,'`
|
||||
else
|
||||
echo "ANDROID_NDK_HOME not set and 'ndk-build' not in PATH"
|
||||
exit
|
||||
fi
|
||||
fi
|
||||
|
||||
projectroot=`pwd`
|
||||
projectname=`sed -n 's,.*name="app_name">\(.*\)<.*,\1,p' res/values/strings.xml`
|
||||
|
||||
|
|
@ -39,9 +51,6 @@ projectname=`sed -n 's,.*name="app_name">\(.*\)<.*,\1,p' res/values/strings.xml`
|
|||
export TZ=UTC
|
||||
TIMESTAMP=`printf '%(%Y-%m-%d %H:%M:%S)T' \
|
||||
$(git log -n1 --format=format:%at)`
|
||||
# run the clock at 5% speed, ant requires a moving clock
|
||||
TIMESTAMP_5=`printf '@%(%Y-%m-%d %H:%M:%S)T x0.05' \
|
||||
$(git log -n1 --format=format:%at)`
|
||||
|
||||
git reset --hard
|
||||
git clean -fdx
|
||||
|
|
@ -58,16 +67,24 @@ else
|
|||
echo "skipping release ant.properties"
|
||||
fi
|
||||
|
||||
ndk-build
|
||||
faketime "$TIMESTAMP" $ANDROID_NDK_HOME/ndk-build
|
||||
|
||||
faketime "$TIMESTAMP" make -C external
|
||||
|
||||
./setup-ant
|
||||
|
||||
faketime -f "$TIMESTAMP_5" ant release
|
||||
ant release
|
||||
|
||||
apk=$projectroot/bin/$projectname-v$describe.apk
|
||||
|
||||
# standardize timestamps in ZIP headers, requires strip-nondeterminism 0.014
|
||||
if which strip-nondeterminism > /dev/null; then
|
||||
strip-nondeterminism -t zip -T $(git log -n1 --format=format:%at) $apk
|
||||
fi
|
||||
|
||||
# echo the checksum to build logs
|
||||
sha256sum $apk
|
||||
|
||||
if which gpg > /dev/null; then
|
||||
if [ -z "`gpg --list-secret-keys`" ]; then
|
||||
echo "No GPG secret keys found, not signing APK"
|
||||
|
|
|
|||
|
|
@ -0,0 +1 @@
|
|||
values-iw
|
||||
|
|
@ -0,0 +1 @@
|
|||
values-in-rID
|
||||
Loading…
Reference in New Issue