Opened 14 months ago

Last modified 3 weeks ago

#28764 needs_review defect

OpenSSL Build for Android

Reported by: sisbell Owned by: sisbell
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: tbb-mobile, tbb-rbm, tbb-parity, TorBrowserTeam202001R
Cc: sisbell, gk, tbb-team Actual Points:
Parent ID: #28704 Points: 0.5
Reviewer: sysrqb, boklm Sponsor:

Description


Child Tickets

Change History (16)

comment:1 Changed 14 months ago by sisbell

Status: newneeds_review

Initial commit for review (android-1207)

comment:2 Changed 14 months ago by gk

Keywords: TorBrowserTeam201812R added; TorBrowserTeam201812 removed

comment:3 Changed 14 months ago by gk

Keywords: TorBrowserTeam201812 added; TorBrowserTeam201812R removed
Status: needs_reviewneeds_revision

Three things we should think about here:

1) The OpenSSL output is not build reproducibly. The .a creation is not deterministic as it seems to contain timestamps, see:

0007ce70: 0000 0000 0000 0000 0000 6001 0000 0b00  ..........`.....
 0007ce80: 0000 0000 0000 0000 0000 0100 0000 0000  ................
 0007ce90: 0000 7373 6c5f 7574 7374 2e6f 2f20 2020  ..ssl_utst.o/   
-0007cea0: 2020 3135 3434 3532 3132 3032 2020 3130    1544521202  10
+0007cea0: 2020 3135 3434 3532 3035 3032 2020 3130    1544520502  10
 0007ceb0: 3030 2020 3130 3030 2020 3130 3036 3434  00  1000  100644
 0007cec0: 2020 3736 3420 2020 2020 2020 600a 7f45    764       `..E
 0007ced0: 4c46 0101 0100 0000 0000 0000 0000 0100  LF..............

I wonder why that is an issue here. Maybe the cross-toolchain for Android does not have something like -Wl,--no-insert-timestamp?

2) Do we really need all the exported env variables in the build script? The build seemed to work for me e.g. without declaring RANLIB?

3) The comment in the config file should we wrapped so that we have it on two lines instead of one.

Last edited 14 months ago by gk (previous) (diff)

comment:4 Changed 11 months ago by gk

Keywords: tbb-parity added

tbb-parity items.

comment:6 Changed 4 months ago by cypherpunks

Recheck enable-ec_nistp_64_gcc_128.

comment:7 Changed 4 months ago by sysrqb

Points: 0.5

comment:8 Changed 3 months ago by sisbell

This is a really old commit from Dec 7th (branch 1219) so I'll need to update and test with what we have now but the following was working at the time.

https://github.com/sisbell/tor-browser-build/commit/c00bf3abba168b3462b2f93ed95e2ad1b530ec87

comment:9 Changed 3 months ago by sisbell

Of course the same issues are still a problem, but just including the commit for reference.

comment:10 Changed 3 months ago by eighthave

FYI, I tried building with enable-ec_nistp_64_gcc_128 using Android NDK r20, which only has clang and it failed. It seems that clang lacks some feature needed to build with enable-ec_nistp_64_gcc_128.

comment:11 Changed 2 months ago by sysrqb

Keywords: TorBrowserTeam201912 added; TorBrowserTeam201812 removed
Owner: changed from tbb-team to sisbell
Status: needs_revisionassigned

comment:12 Changed 2 months ago by sysrqb

Cc: tbb-team added

comment:14 Changed 7 weeks ago by sisbell

Keywords: TorBrowserTeam201912R added; TorBrowserTeam201912 removed
Status: assignedneeds_review

I verified it builds on all 4 targets. I have not verified reproducibility.

https://github.com/sisbell/tor-browser-build/commit/a4d6fdcdee0217197216b3d82705d91f0ebc6190

comment:15 Changed 7 weeks ago by sysrqb

Reviewer: sysrqb, boklm

comment:16 Changed 3 weeks ago by sysrqb

Keywords: TorBrowserTeam202001R added; TorBrowserTeam201912R removed
Note: See TracTickets for help on using tickets.