kamp/fdroidserver
1
0
Fork 0
mirror of https://gitlab.com/fdroid/fdroidserver.git synced 2024-11-19 05:10:10 +01:00
Code Activity
6,721 Commits 1 Branch 59 Tags 43 MiB
4514983e58
Commit Graph

95 Commits

Author SHA1 Message Date
Hans-Christoph Steiner
2946c90dd4 publish: rename vars to match naming in JAR Signature docs 
https://docs.oracle.com/javase/tutorial/deployment/jar/intro.html

closes #892
 2021-04-14 23:01:47 +02:00
Hans-Christoph Steiner
d28c1c0441 force apksigcopier "AUTO" to select sigs by available files 2021-04-14 23:01:47 +02:00
Felix C. Stegerman
202fd8b25a
vendor & use apksigcopier v0.4.0-12-g93d8e14 2021-04-14 21:06:20 +02:00
Felix C. Stegerman
3e557a1a8a
check for invalid appids passed to commands 2021-04-08 10:31:33 +02:00
Hans-Christoph Steiner
7ec2a8ebb3 add apksigner, jarsigner, and keytool to relevant status JSON 2021-03-22 22:31:29 +01:00
Hans-Christoph Steiner
5e1377c77a standardize on "Application ID" in UI text 2020-10-01 23:01:55 +02:00
Marcus Hoffmann
a114c73c2d publish: factor out the signing key creation into a method 2020-08-24 19:34:08 +02:00
Marcus Hoffmann
7813a17cf8 publish: extract a few functions out of main 
publish is currently not reusable from other modules as everything is
happening in main. It's also not testable from python unittests.

There's already a function for getting the key_alias, so we can use
that.

Introduce tests for the split out functions.
 2020-08-24 19:34:08 +02:00
Marcus Hoffmann
eaca3d5faa publish: better json reporting 
* newKeyAliases wasn't providing any useful information
* generatedKeys now contains the used keyalias as well
* signedApks now also records the used keyalias for each apk
 2020-08-24 19:34:08 +02:00
Marcus Hoffmann
ca86c18e33 publish: reformat 2020-08-24 19:34:08 +02:00
Marcus Hoffmann
004d13a48a make publish and update work with a smartcard HSM 
Followup to fdroid/fdroidserver!779.

We need to add smartcardoptions to every call to keytool and jarsigner
as well as handle when keypass not being required and not allowed for
pkcs11 keystores.
 2020-08-14 17:27:58 +02:00
Marcus Hoffmann
066978cbcf publish: use common signing method 
This is currently still jarsigner based but will at least use sha256
when possible
 2020-08-14 15:07:04 +02:00
Marcus Hoffmann
6128f93d26 publish: keystore "NONE" is a special case and doesn't need to exist 2020-08-14 15:06:33 +02:00
Hans-Christoph Steiner
4bb590b6e5
publish: write status JSON 2020-02-19 14:50:24 +01:00
Hans-Christoph Steiner
dd2f9d60f8
publish: fix stupid error in repro-signing and add integration test 
stoopid mistake in ea84014f9b reported
by @CiaranG
 2019-04-11 14:06:51 +02:00
Hans-Christoph Steiner
ea84014f9b make signer_fingerprint() accept DER encoded certs 
androguard's v2 signature methods return DER-encoded certificates.  The DER-
encoded certificates are parsed from JAR Signature's raw "Signature Block
File".
 2019-02-01 08:50:57 +01:00
Hans-Christoph Steiner
8d3e82913e mark all required usages of MD5 so bandit doesn't complain 2018-08-29 17:44:54 +02:00
Michael Pöhn
74ae6a6a3b set locale explicitly when using keytool 2018-08-03 04:36:00 +02:00
Michael Pöhn
b6ad6724cc Revert "publish: avoid double removal of dev-supplied reference binary" 
This reverts commit db5ed26517.

Doh, messed up the rebase...
 2018-07-13 00:07:58 +02:00
Hans-Christoph Steiner
58b81b5ca6 publish: strict regex replacement for .binary.apk 
. matches anything \. matches the char "."
 2018-07-12 23:53:05 +02:00
Hans-Christoph Steiner
68fb3d2bd9 fix typos 2018-07-12 23:53:05 +02:00
Michael Pöhn
db5ed26517 publish: avoid double removal of dev-supplied reference binary 2018-07-12 23:53:05 +02:00
Michael Pöhn
cdc2147de9 put .binary.apk files into sub-directory 2018-07-12 23:52:46 +02:00
Michael Pöhn
5726432159 fix ignoring developer supplied reference apks for reproducible builds when publishing 2018-07-02 15:28:22 +02:00
Hans-Christoph Steiner
8f2ee4bd1d run 'zipalign' using standard flags used by Gradle Android Plugin 
Nice find by @equeim!  -p was added in build-tools-23.0.0

https://developer.android.com/studio/publish/app-signing#sign-manually

closes #288
 2018-06-19 15:40:48 +02:00
Hans-Christoph Steiner
ff90c0246e fix PEP8 W605 invalid escape sequence 
Python 3.7 will get a lot stricter with escape sequences.  They must be
valid.

* https://lintlyci.github.io/Flake8Rules/rules/W605.html
* https://docs.python.org/3/whatsnew/3.6.html#deprecated-python-behavior
 2018-05-29 13:51:47 +02:00
Hans-Christoph Steiner
43c61aecee fix pylint Unused argument 2018-05-14 15:25:33 +02:00
Hans-Christoph Steiner
1c3a4479ab add common.sign_apk() for nighly as test for using in publish 
Since the MD5 migration was quite a bit of work, it makes sense to start
on moving away from SHA1 as much as possible while it is easy to do. SHA256
will only work in APK signatures on android-18 (4.3) or newer.  So if an
APK has a minSdkVersion of 18 or newer, then sign with SHA256.

https://issuetracker.google.com/issues/36956587
https://android-review.googlesource.com/c/platform/libcore/+/44491
 2017-12-04 22:52:41 +01:00
Michael Pöhn
788c8f97fd better error message in publish when repo_key is not set 2017-10-17 22:10:39 +02:00
Michael Pöhn
6930edf889 sort index-v1; publish now creates and stores a list of signature fingerprints 2017-09-26 14:11:09 +02:00
Michael Pöhn
bca07f794f added functions for storing/loading signer fingerprints to stats 2017-09-26 14:11:09 +02:00
Michael Pöhn
b993d93395 skip singing apks which ar not validating with signatures from metadata 2017-09-26 14:11:09 +02:00
Michael Pöhn
91369dacfb try injecting signatures for metadata when publishing 2017-09-26 14:11:09 +02:00
Michael Pöhn
45688bfe42 refactored publishing source tarball into a function 2017-09-26 14:11:09 +02:00
Hans-Christoph Steiner
6c7b987239 fix string formats that are ambiguous for translators 2017-09-16 13:19:38 +02:00
Hans-Christoph Steiner
c7d45b9515 Merge branch 'plural' into 'master' 
Correct plurals

See merge request fdroid/fdroidserver!334
 2017-09-16 08:11:06 +00:00
Jan Berkel
4723cff0c8 Correct plurals 2017-09-15 14:16:30 +02:00
Hans-Christoph Steiner
fa0d618d2f rename 'app-id' to standard Android 'applicationId' 
* https://developer.android.com/studio/build/application-id.html
* https://sites.google.com/a/android.com/tools/tech-docs/new-build-system/applicationid-vs-packagename

This only changes the term in the human texts, not var names or CLI flags.
 2017-09-15 11:41:51 +02:00
Hans-Christoph Steiner
278d67d960 implement gettext localization 
This allows all the text to be localized via Weblate.  This is a quick
overview of all the strings, but there are certainly some that were left
out.

closes #342
 2017-09-15 11:39:00 +02:00
Michael Pöhn
328c1ad0c7 proper error message when publishing with the same app in repo and unsigned 2017-09-07 12:19:48 +02:00
Hans-Christoph Steiner
67d98c5a36 keep .apk file ext when diffoscope'ing Binaries: 2017-07-19 15:07:50 +02:00
Torsten Grote
1fcd8e63a3
Replace sys.exit() in non-main functions by exceptions 
Also move all exceptions into one module
 2017-05-22 16:51:11 -03:00
Torsten Grote
4d25113fa0
Eliminate the need for password files 
The passwords are now passed as private environment variables to the
processes that need them.
 2017-04-11 16:34:49 -03:00
Hans-Christoph Steiner
6c2cf2ccdd convert internal dict keys to match fdroidclient's Apk class 
This syncs up the field names between the fdroiddata .yml files, the keys
used in the implementation in fdroidserver, the index data format, and the
final data structures in fdroidclient.  This makes it easier for devs to
follow, and makes the Jackson parsing library automatically handle
converting the data from the index file to Java instances.

This bumps the metadata version since the apkcache will have to be
discarded.

Here are the name changes:
* apkname --> apkName
* id --> packageName
* sha256 --> hash
* version --> versionName
* versioncode --> versionCode

tests/repo/index.xml was changed only to bump the metadata version
from 17 to 18.
 2017-03-17 13:55:40 +01:00
Hans-Christoph Steiner
bc27dee950 fdroid publish now includes OTA ZIPs and related source 
This adds support for publishing ZIP files which were built with
`fdroid build`.  This is for "Over-The-Air" (OTA) update ZIP files for
flashing to ROMs.  The first example of this is the Privileged Extension,
which must be installed by flashing an OTA ZIP on Android > 5.0.

!181
https://gitlab.com/fdroid/privileged-extension/issues/9
https://gitlab.com/fdroid/privileged-extension/issues/10
https://gitlab.com/fdroid/fdroiddata/merge_requests/1804

Also, "if app.Binaries:" is the same as "if app.Binaries is not None:", but
is the standard Python style.
 2017-01-09 11:32:52 +01:00
Hans-Christoph Steiner
d522988d8c make metadata exceptions optional based on CLI flag 
In many cases, there are times where metadata errors need to be ignored, or
at least not stop the command from running.  For example, there will
inevitably be new metadata fields added, in which case a packaged version
of fdroidserver will throw errors on each one.  This adds a standard -W
flag to customize the response: ignore, default, or error.

* by default, the errors are still errors
* `fdroid readmeta -W` will just print errors
* `fdroid readmeta -Wignore` will not even print errors

https://gitlab.com/fdroid/fdroidserver/issues/150
 2016-09-12 12:55:48 +02:00
Daniel Martí
b31e20ee8b publish: fix hashing of strings 2016-03-10 16:43:37 +00:00
Daniel Martí
da258dad57 Replace md5 with hashlib.md5 2016-03-10 16:43:37 +00:00
Daniel Martí
920ae4692f Port all imports to python3 2016-03-10 16:43:37 +00:00
Daniel Martí
99edd64372 Switch all headers to python3 2016-03-10 16:43:36 +00:00