Opened 2 years ago

Closed 2 years ago

#22398 closed task (fixed)

Upgrade Go to 1.7.6 / 1.8.3

Reported by: yawning Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: tbb-gitian, TorBrowserTeam201706R
Cc: dcf Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description (last modified by dcf)

Minor release notes: https://golang.org/doc/devel/release.html#go1.7 https://golang.org/doc/devel/release.html#go1.8.minor

This also should include: https://github.com/golang/go/issues/20040

Certain parts of our code do use P-256, but it's probably not exploitable. Updating is still a good idea.

Child Tickets

Attachments (2)

0001-Bug-22398-Upgrade-go-to-1.7.6.patch (4.8 KB) - added by dcf 2 years ago.
0001-Bug-22398-Upgrade-go-to-1.8.3.patch (4.7 KB) - added by dcf 2 years ago.

Download all attachments as: .zip

Change History (8)

comment:1 Changed 2 years ago by yawning

Just for clarity the P-256 fix is in the Go 1.8.2 release as the only change, made a day prior. But there isn't really a reason not to go to Go 1.8.3.

Changed 2 years ago by dcf

comment:2 Changed 2 years ago by dcf

Description: modified (diff)
Keywords: TorBrowserTeam201705R added
Status: newneeds_review
Summary: Upgrade Go to 1.8.3Upgrade Go to 1.7.6 / 1.8.3

The P-256 fix from 1.8.2 was also backported to 1.7.6.

Here is a patch for current maint-6.5 that upgrades to 1.7.6. I tested a build on all platforms but only tested running on GNU/Linux.

attachment:0001-Bug-22398-Upgrade-go-to-1.7.6.patch

I'll start another build for 1.8.3 on the master branch.

comment:3 Changed 2 years ago by gk

Sorry for the extra work but there won't be another build with maint-6.5. We are about to branch off maint-7.0 from master which should only differ in missing snowflake and selfrando support. Thus, the next stable (which we are about to build) will have Go 1.8.x. Having a patch for using Go 1.8.3 ready by tomorrow morning UTC would be nice. (I actually planned to write and test that one today myself but won't do so to avoid duplicated efforts.)

Changed 2 years ago by dcf

comment:4 Changed 2 years ago by dcf

I am having problems building off of master (082738a4bd) that do not appear to be related to the Go upgrade, so I'll leave the patch here so you can try it.

Trying to build stable, I get an error in make prep:

$ make TORSOCKS=
...
File ‘libcxxabi-3.8.0.src.tar.xz.sig’ not modified on server. Omitting download.

./fetch-inputs.sh: line 125: !PACKAGE: unbound variable
Makefile:93: recipe for target 'prep' failed
make: *** [prep] Error 1

Trying to build alpha, the build gets a lot farther, but fails while doing the system upgrade in --- Building sandbox-linux for jessie amd64 ---.

$ make resume-alpha TORSOCKS=
...
Updating apt-get repository (log in var/install.log)
Installing additional packages (log in var/install.log)
Upgrading system, may take a while
./bin/gbuild:21:in `system!': failed to run on-target -u root bash < target-bin/upgrade-system.sh > var/install.log 2>&1 (RuntimeError)
        from ./bin/gbuild:112:in `build_one_configuration'
        from ./bin/gbuild:289:in `block (2 levels) in <main>'
        from ./bin/gbuild:284:in `each'
        from ./bin/gbuild:284:in `block in <main>'
        from ./bin/gbuild:282:in `each'
        from ./bin/gbuild:282:in `<main>'
Makefile:27: recipe for target 'build-alpha' failed
make: *** [build-alpha] Error 1

If I set the -x flag in target-bin/upgrade-system.sh to get some debugging output, I see an error relating to a missing /usr/sbin/update-grub:

$ ssh -o NoHostAuthenticationForLocalhost=yes root@127.0.0.1 -p 2223 -i var/id_rsa < target-bin/upgrade-system.sh
Pseudo-terminal will not be allocated because stdin is not a terminal.

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
stdin: is not a tty
+ mkdir -p /var/cache/gitian
+ apt-get -q -y purge grub
+ true
+ DEBIAN_FRONTEND=noninteractive
+ apt-get -y dist-upgrade
Reading package lists...
Building dependency tree...
Reading state information...
The following packages were automatically installed and are no longer required:
  bcron fgetty grub-common lib32ncurses5 lib32tinfo5 libbg1 libbg1-doc
  libc6-i386 libfuse2 os-prober runit ucspi-unix
Use 'apt-get autoremove' to remove them.
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
        LANGUAGE = (unset),
        LC_ALL = (unset),
        LANG = "en_US.UTF-8"
    are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
locale: Cannot set LC_CTYPE to default locale: No such file or directory
locale: Cannot set LC_MESSAGES to default locale: No such file or directory
locale: Cannot set LC_ALL to default locale: No such file or directory
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
1 not fully installed or removed.
After this operation, 0 B of additional disk space will be used.
Setting up linux-image-3.16.0-4-amd64 (3.16.43-2) ...
locale: Cannot set LC_CTYPE to default locale: No such file or directory
locale: Cannot set LC_MESSAGES to default locale: No such file or directory
locale: Cannot set LC_ALL to default locale: No such file or directory
Running /usr/sbin/update-grub.
Can't exec "/usr/sbin/update-grub": No such file or directory at /var/lib/dpkg/info/linux-image-3.16.0-4-amd64.postinst line 604.
User postinst hook script [/usr/sbin/update-grub] failed to execute: No such file or directory
dpkg: error processing package linux-image-3.16.0-4-amd64 (--configure):
 subprocess installed post-installation script returned error exit status 255
Errors were encountered while processing:
 linux-image-3.16.0-4-amd64
E: Sub-process /usr/bin/dpkg returned an error code (1)

comment:5 Changed 2 years ago by gk

Keywords: TorBrowserTeam201706R added; TorBrowserTeam201705R removed

Moving review tickets to 201706

comment:6 in reply to:  4 Changed 2 years ago by gk

Resolution: fixed
Status: needs_reviewclosed

Replying to dcf:

I am having problems building off of master (082738a4bd) that do not appear to be related to the Go upgrade, so I'll leave the patch here so you can try it.

Looks good to me, compiles for all three platforms and works at least on Linux and Windows. Applied to master and maint-7.0 as commit fbe1263eb9601e5d435131aa3d96306b8bfdb465 and 28c582f8aad09c2d2a8e166024841ac7014bb590.

Trying to build stable, I get an error in make prep:

$ make TORSOCKS=
...
File ‘libcxxabi-3.8.0.src.tar.xz.sig’ not modified on server. Omitting download.

./fetch-inputs.sh: line 125: !PACKAGE: unbound variable
Makefile:93: recipe for target 'prep' failed
make: *** [prep] Error 1

Yes, using effectively versions on master (which make prep is doing) is going to fail. We have the maint-x.x branches for that.

Trying to build alpha, the build gets a lot farther, but fails while doing the system upgrade in --- Building sandbox-linux for jessie amd64 ---.

$ make resume-alpha TORSOCKS=
...
Updating apt-get repository (log in var/install.log)
Installing additional packages (log in var/install.log)
Upgrading system, may take a while
./bin/gbuild:21:in `system!': failed to run on-target -u root bash < target-bin/upgrade-system.sh > var/install.log 2>&1 (RuntimeError)
        from ./bin/gbuild:112:in `build_one_configuration'
        from ./bin/gbuild:289:in `block (2 levels) in <main>'
        from ./bin/gbuild:284:in `each'
        from ./bin/gbuild:284:in `block in <main>'
        from ./bin/gbuild:282:in `each'
        from ./bin/gbuild:282:in `<main>'
Makefile:27: recipe for target 'build-alpha' failed
make: *** [build-alpha] Error 1

If I set the -x flag in target-bin/upgrade-system.sh to get some debugging output, I see an error relating to a missing /usr/sbin/update-grub:

$ ssh -o NoHostAuthenticationForLocalhost=yes root@127.0.0.1 -p 2223 -i var/id_rsa < target-bin/upgrade-system.sh
Pseudo-terminal will not be allocated because stdin is not a terminal.

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
stdin: is not a tty
+ mkdir -p /var/cache/gitian
+ apt-get -q -y purge grub
+ true
+ DEBIAN_FRONTEND=noninteractive
+ apt-get -y dist-upgrade
Reading package lists...
Building dependency tree...
Reading state information...
The following packages were automatically installed and are no longer required:
  bcron fgetty grub-common lib32ncurses5 lib32tinfo5 libbg1 libbg1-doc
  libc6-i386 libfuse2 os-prober runit ucspi-unix
Use 'apt-get autoremove' to remove them.
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
        LANGUAGE = (unset),
        LC_ALL = (unset),
        LANG = "en_US.UTF-8"
    are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
locale: Cannot set LC_CTYPE to default locale: No such file or directory
locale: Cannot set LC_MESSAGES to default locale: No such file or directory
locale: Cannot set LC_ALL to default locale: No such file or directory
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
1 not fully installed or removed.
After this operation, 0 B of additional disk space will be used.
Setting up linux-image-3.16.0-4-amd64 (3.16.43-2) ...
locale: Cannot set LC_CTYPE to default locale: No such file or directory
locale: Cannot set LC_MESSAGES to default locale: No such file or directory
locale: Cannot set LC_ALL to default locale: No such file or directory
Running /usr/sbin/update-grub.
Can't exec "/usr/sbin/update-grub": No such file or directory at /var/lib/dpkg/info/linux-image-3.16.0-4-amd64.postinst line 604.
User postinst hook script [/usr/sbin/update-grub] failed to execute: No such file or directory
dpkg: error processing package linux-image-3.16.0-4-amd64 (--configure):
 subprocess installed post-installation script returned error exit status 255
Errors were encountered while processing:
 linux-image-3.16.0-4-amd64
E: Sub-process /usr/bin/dpkg returned an error code (1)

Thanks for investigating this, I've filed #22467.

Note: See TracTickets for help on using tickets.