1
0
mirror of https://gitlab.com/fdroid/fdroidserver.git synced 2024-11-16 11:50:10 +01:00
Commit Graph

5937 Commits

Author SHA1 Message Date
Hans-Christoph Steiner
c591a4cd89 fdroid btlog external binary transparency logger
This complements the binary transparency logging that happens on the
server side !226.  Anyone can set up an efficient tracker of any
F-Droid repo which stores all index files that it sees.  It uses HEAD
requests and ETag checking to be as efficient as possible, so that
this can be automatically run at a frequent pace.
2017-04-03 20:24:21 +02:00
Hans-Christoph Steiner
eadcd13723 move make_binary_transparency_log to common for easy reuse 2017-04-03 20:24:21 +02:00
Hans-Christoph Steiner
e58ad330f4 encode filenames as bytes to handle all locale setups
This was failing on environments that did not have any LANG or LC_* locale
variables set.  This is a valid setup, and is common in headless setups, so
it needs to be handled.

This also adds a new pass of the test suite without the locale env vars set
so that this situation is also tests on gitlab-ci, not only gpjenkins.

The error this caused was:
UnicodeEncodeError: 'ascii' codec can't encode characters in position 6-18: ordinal not in range(128)
2017-04-03 20:24:00 +02:00
Hans-Christoph Steiner
4d50ab9bad ignore cache on key name change, instead of crashing
In 6c2cf2ccdd, the names of some essential
data bits changed.  If those names are not in the tmp/apkcache, then
`fdroid update` shouldn't crash but instead just ignore that cache entry.
tmp/apkcache should be deleted since the metadata version was bumped, but
I guess that does not always happen.
2017-04-03 20:20:25 +02:00
Hans-Christoph Steiner
5ad3486741 make sure indexes are sorted to minimize diffs between copies
With the binary transparency log stored in git, it makes that more readable
and as small as possible if the index files are fully sorted.  That will
reduce the differences between two copies of an index file to a bare
minimum.

If in the future we implement some kind of binary diff transfer, this will
also help there.
2017-04-03 20:18:54 +02:00
Hans-Christoph Steiner
7d4176dd50 metadata: don't crash if metadata includes blank Categories list
If someone includes just 'Categories:', it shouldn't crash.
2017-04-03 20:18:54 +02:00
Hans-Christoph Steiner
baeae862ad buildserver: allow gradle to install new components
Google is making gradle automatically download Android SDK components that
are needed by the build, but not already present.  We need to support that
since it would be a lot of work to fight it.  Plus, since each build starts
from the fresh snapshot, it should not be such a big deal to let each
build install stuff during the process.

closes #268
2017-04-03 20:18:54 +02:00
Hans-Christoph Steiner
d6310ed52c Merge branch 'invalid-apk-fix' into 'master'
Fix bug when scanning invalid APKs and add a test for it

See merge request !246
2017-04-03 17:38:51 +00:00
Torsten Grote
8f6fa2955d
Fix bug when scanning invalid APKs and add a test for it 2017-04-03 13:07:49 -03:00
Hans-Christoph Steiner
2ba757e6c9 Merge branch 'index-parsing' into 'master'
Download and return repository index

See merge request !240
2017-04-03 16:04:35 +00:00
Hans-Christoph Steiner
159ca824b7 Merge branch 'local-install' into 'master'
Fix installs with pip --user

See merge request !244
2017-04-03 14:45:45 +00:00
Torsten Grote
6552c1fa49
Fix installs with pip --user 2017-04-03 09:55:20 -03:00
Torsten Grote
7c34dd96f4
Reduce code duplication
by re-using methods for extracting and verifying certificate
2017-04-03 09:23:06 -03:00
Torsten Grote
a23da47118
Add method for downloading (and verifying) a repository index
This includes some test cases to test the new code.
2017-04-03 09:02:07 -03:00
Hans-Christoph Steiner
d8ad1c78c2 Merge branch '265-fdroid-init-generates-double-entries-in-config-py' into 'master'
avoid duplicate value assignments in config files

Closes #265

See merge request !241
2017-04-03 10:13:20 +00:00
Michael Pöhn
8b51e40d63 avoid duplicate value assignments when updating config files 2017-04-02 12:08:01 +02:00
Hans-Christoph Steiner
a6b3ffeeea Merge branch 'move-index-methods' into 'master'
Move index methods into dedicated modules

See merge request !239
2017-03-31 17:42:22 +00:00
Torsten Grote
389fd7e6c9
Re-use config and options from common module in index 2017-03-31 11:00:49 -03:00
Torsten Grote
f9321f6032
Move index related methods to new index module 2017-03-29 13:10:04 -03:00
Torsten Grote
9f765ed6f7
Move index signing methods into signindex.py 2017-03-29 12:11:40 -03:00
Hans-Christoph Steiner
256ef003fc Merge branch 'patch-1' into 'master'
Update support repository.

See merge request !238
2017-03-29 14:56:37 +00:00
Jan Christian Grünhage
f637b461f0 Update support repository. 2017-03-29 10:33:38 +00:00
Hans-Christoph Steiner
8f96c9da3d Merge branch 'smaller-methods' into 'master'
Factor out code into smaller methods to be used by repomaker

See merge request !236
2017-03-27 19:59:51 +00:00
Hans-Christoph Steiner
c3492ab153 Merge branch 'notabug' into 'master'
import: add notabug.org, auto-detect gradle, add options for license and categories

See merge request !237
2017-03-27 19:55:44 +00:00
Hans-Christoph Steiner
916e8eb108 Merge branch 'build_tools_log' into 'master'
post correct build tool versions to wiki

Closes #267

See merge request !235
2017-03-27 19:54:48 +00:00
Hans-Christoph Steiner
7f08fad2c6 Merge branch 'sign-and-verify-update' into 'master'
sign and verify update

See merge request !230
2017-03-27 19:48:36 +00:00
Boris Kraut
13b276e02f import: add option to specify license and categories, auto-detect build.gradle 2017-03-26 19:00:03 +02:00
Boris Kraut
39f7429c9b import: add notabug.org 2017-03-26 18:05:37 +02:00
Torsten Grote
c9b76eb808
Return public key and fingerprint after generating repo signing key 2017-03-22 15:53:20 -03:00
Torsten Grote
c484dc33be
Factor out code from update.main() to individual functions 2017-03-22 15:17:04 -03:00
Michael Pöhn
843595eb33 moved version android tools version log header to corresponding function 2017-03-22 14:56:26 +01:00
Michael Pöhn
0fda23ef80 fix local var name overloading when iterating build flavours 2017-03-22 14:20:54 +01:00
Michael Pöhn
c15f02ed68 fix exception handling in dscanner and update.py 2017-03-22 14:07:54 +01:00
Michael Pöhn
c45c4041a5 Merge remote-tracking branch 'fdroid/master' into build_tools_log 2017-03-22 14:02:45 +01:00
Michael Pöhn
83fe2bda4d fix exception handling in build.py 2017-03-22 14:01:32 +01:00
Hans-Christoph Steiner
223c793201 prefer apksigner if installed, jarsigner sucks
Google has their own utility for verifying APK signatures on a desktop
machine since Java's jarsigner is bad for the task.  For example, it
acts as if an unsigned APK validates.  And to check whether an APK is
unsigned using jarsigner is difficult.

apksigner also does the v2 signatures, so it will have to be used
eventually anyway.  It is already in Debian/stretch and can be
available in jessie-backports if need be.

https://android.googlesource.com/platform/tools/apksig
https://packages.debian.org/apksigner
2017-03-22 10:51:12 +01:00
Hans-Christoph Steiner
ffd490d8da set_command_in_config() for finding CLI tools to run 2017-03-22 10:51:12 +01:00
Hans-Christoph Steiner
70915a7445 verify: fdroidserverid and buildserverid are part of the sig
There are two SHA1 git commit IDs that fdroidserver includes in the builds
it makes: fdroidserverid and buildserverid.  Originally, these were inserted
into AndroidManifest.xml, but that makes the build not reproducible. So
instead they are included as separate files in the APK's META-INF/ folder.
If those files exist in the signed APK, they will be part of the signature
and need to also be included in the unsigned APK for it to validate.
2017-03-22 10:51:12 +01:00
Hans-Christoph Steiner
364e609ebe make fdroid verify use common.verify_apks()
This makes the jarsigner the ultimate and only judge of whether two APKs
match.  This is the best tool since APK signatures are jar signatures. This
should be eventually updated to use the official Android APK signing tool
called apksigner.

https://android.googlesource.com/platform/tools/apksig/
2017-03-22 10:51:12 +01:00
Hans-Christoph Steiner
998b6245e9 verify: ensure only a single signature is in compared APK
The ZIP format allows multiple entries with the exact same filename, and on
top of that, it does not allow deleting or updating entries.  To make the
`fdroid verify` procedure failsafe, it needs to create a new temporary APK
that is made up on the contents of the "unsigned APK" and the signature
from the "signed APK".  Since it would be possible to give a signed APK as
in the unsigned one's position, `fdroid verify` was not able to update the
signature since it was just adding the new signature to the end of the ZIP
file.  When reading a ZIP, the first entry is used.
2017-03-22 10:51:12 +01:00
Hans-Christoph Steiner
3c9eeff7f3 Merge branch 'supportrepo' into 'master'
makebs: update support repo to r46

See merge request !233
2017-03-22 09:28:26 +00:00
Michael Pöhn
bb49123118 post correct build tool versions to wiki 2017-03-21 23:51:15 +01:00
Boris Kraut
53be33055b makebs: update support repo to r46 2017-03-21 21:50:29 +01:00
Hans-Christoph Steiner
71ff1d6257 Merge branch 'ndk14' into 'master'
makebs: add ndk r14

See merge request !231
2017-03-20 09:38:58 +00:00
Boris Kraut
ed310f0404 makebs: add ndk r14 2017-03-19 22:27:51 +01:00
Hans-Christoph Steiner
9b12aa6f71 Merge branch 'scan-single-apk' into 'master'
Allow for scanning single APKs

See merge request !227
2017-03-17 14:47:30 +00:00
Torsten Grote
04db6870d1
Factor code for scanning a single APK out into its own method.
This allows projects using fdroidserver to scan individual APKs without
needing to re-scan all APKs present in a repository.
2017-03-17 10:40:45 -03:00
Torsten Grote
60f166b2c6 Merge branch 'index-v1' into 'master'
app index V1 - support graphics, localization, and more

See merge request !221
2017-03-17 13:34:31 +00:00
Hans-Christoph Steiner
866528de5b signindex: support signing index-v1.jar
This is a bit different than index.jar: instead of their being index.xml
and index_unsigned.jar, the presense of index-v1.json means that there is
unsigned data.  That file is then stuck into a jar and signed by the
signing process.  index-v1.json is never published to the repo.  It is
included in the binary transparency log, if that is enabled.
2017-03-17 14:12:03 +01:00
Hans-Christoph Steiner
fa657ce720 move update.signjar() to common so it can also be used in signindex 2017-03-17 13:55:40 +01:00