... | ... | @@ -125,42 +125,16 @@ Testing the updater (and update process) is non-trivial. There are three separat |
|
|
|
|
|
In addition, you must [create a new public key pair](https://gitlab.torproject.org/tpo/applications/tor-browser-spec/-/blob/main/processes/KeyGeneration#L41) for signing mar files. Copy the resulting public certificate `marsigner.der` for later use, too.
|
|
|
|
|
|
## Updater URL
|
|
|
|
|
|
Testing the `nightly` channel is easiest. The URL can be modified in the [build](https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/blob/main/projects/firefox/build#L105) script. If you are testing `release` or `alpha` then a more complicated patch will be needed.
|
|
|
|
|
|
The URL you are setting will contain the update responses, that are some XML files that the Firefox updater polls with a certain frequency, to check if any update is available.
|
|
|
|
|
|
## Signature Public Certificate
|
|
|
|
|
|
After creating the new testing key pair, add the new certificate into tor-browser by overwriting the appropriate secondary key. For `nightly`, you can achieve this with a patch
|
|
|
```patch
|
|
|
diff --git a/projects/firefox/build b/projects/firefox/build
|
|
|
index 732da0f36d52..354145dece4d 100644
|
|
|
--- a/projects/firefox/build
|
|
|
+++ b/projects/firefox/build
|
|
|
@@ -102,7 +102,10 @@ tar -C browser/extensions -xf $rootdir/[% c('input_files_by_name/tor-launcher')
|
|
|
|
|
|
[% IF c("var/nightly") -%]
|
|
|
# Set update url for nightly (#33402 / #40033)
|
|
|
- sed -i 's|^URL=https://aus1\.torproject\.org/.*|URL=https://nightlies.tbb.torproject.org/nightly-updates/updates/nightly-[% c("var/osname") %]/%CHANNEL%/%BUILD_TARGET%/%VERSION%/%LOCALE%|' build/application.ini.in
|
|
|
+ #sed -i 's|^URL=https://aus1\.torproject\.org/.*|URL=https://nightlies.tbb.torproject.org/nightly-updates/updates/nightly-[% c("var/osname") %]/%CHANNEL%/%BUILD_TARGET%/%VERSION%/%LOCALE%|' build/application.ini.in
|
|
|
+ sed -i 's|^URL=https://aus1\.torproject\.org/.*|URL=https://people.torproject.org/~sysrqb/update_3/%CHANNEL%/%BUILD_TARGET%/%VERSION%/ALL|' build/application.ini.in
|
|
|
+
|
|
|
+ cp $rootdir/marsigner.der toolkit/mozapps/update/updater/nightly_aurora_level3_secondary.der
|
|
|
[% END -%]
|
|
|
|
|
|
rm -f configure
|
|
|
diff --git a/projects/firefox/config b/projects/firefox/config
|
|
|
index 006c3c9d7c68..fa59b712776e 100644
|
|
|
--- a/projects/firefox/config
|
|
|
+++ b/projects/firefox/config
|
|
|
@@ -168,3 +170,4 @@ input_files:
|
|
|
# TorButton patch authored by Arthur Edelstein, from https://github.com/arthuredelstein/torbutton/ branch 2.1.10-namecoin
|
|
|
- filename: namecoin-etld.patch
|
|
|
enable: '[% c("var/namecoin") %]'
|
|
|
+ - filename: marsigner.der
|
|
|
```
|
|
|
## Updater URL and Signature Public Certificate
|
|
|
|
|
|
Testing the `nightly` channel is easiest.
|
|
|
|
|
|
You can change the URL in the [build configuration](https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/blob/main/projects/firefox/config#L38): you just need to set `override_updater_url`.
|
|
|
This URL will contain the update responses, that are some XML files that the Firefox updater polls with a certain frequency to check if any update is available.
|
|
|
|
|
|
Setting a custom updater URL will also override the update certificate: copy yours to `project/firefox/marsigner.der`.
|
|
|
|
|
|
If you are testing `release` or `alpha` then a more complicated patch will be needed.
|
|
|
|
|
|
## Sign MAR file
|
|
|
|
... | ... | @@ -257,9 +231,11 @@ Before creating the update responses, **be sure of having signed the `.mar`s**: |
|
|
If you have done that, creating the update responses is very easy, just run this command:
|
|
|
|
|
|
```sh
|
|
|
./update_responses
|
|
|
./update_responses nightly
|
|
|
```
|
|
|
|
|
|
If you are on another channel, you should replace nightly with that.
|
|
|
|
|
|
When it is done, copy the content of the `htdocs` directory to the URL you provided to the build (e.g., `~/public_html/update_3`):
|
|
|
|
|
|
```shell
|
... | ... | |