Opened 4 years ago

Closed 4 years ago

#16011 closed task (fixed)

Make sure authenticode signed Tor Browser installers are working and correct

Reported by: gk Owned by: gk
Priority: Medium Milestone:
Component: Applications/Quality Assurance and Testing Version:
Severity: Keywords: TorBrowserTeam201506, GeorgKoppen201506
Cc: boklm Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

During the release of 5.0a1 it occurred that the NSIS files were corrupted and not functioning. We should make sure that this is not happening again. Additionally, it might be smart to verify that the bundles, after stripping the authenticode signature, are matching the ones we built. I think a script checking for the latter would prevent corrupted .exe files as well.

This should check as well whether all .exe are signed at all in the first place.

Child Tickets

Change History (5)

comment:1 Changed 4 years ago by boklm

Cc: boklm added

comment:2 Changed 4 years ago by gk

Keywords: TorBrowserTeam201506 GeorgKoppen201506 added; TorBrowserTeam201505 removed

comment:3 Changed 4 years ago by gk

Keywords: TorBrowserTeam201506R added; TorBrowserTeam201506 removed
Status: newneeds_review

bug_16011 (https://gitweb.torproject.org/user/gk/tor-browser-bundle.git/commit/?h=bug_16011) in my public tor-browser-bundle repo has the script for review.

comment:4 Changed 4 years ago by mcs

r=mcs
I did not run the script, but the logic looks correct.

comment:5 Changed 4 years ago by gk

Keywords: TorBrowserTeam201506 added; TorBrowserTeam201506R removed
Resolution: fixed
Status: needs_reviewclosed

Merged in commit c15148af3030d08c550d6b25261714e7f26d0f3d, thanks.

Note: See TracTickets for help on using tickets.