From 7be0ec35721f77a8a49169167d7b9fb2e80ec3b4 Mon Sep 17 00:00:00 2001 From: Hans-Christoph Steiner Date: Mon, 23 May 2022 20:35:08 +0200 Subject: [PATCH 1/4] btlog: include index-v2.json entry.json and entry.jar --- fdroidserver/btlog.py | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/fdroidserver/btlog.py b/fdroidserver/btlog.py index e014b639..8238a5d8 100755 --- a/fdroidserver/btlog.py +++ b/fdroidserver/btlog.py @@ -182,7 +182,15 @@ def main(): os.makedirs(tempdir, exist_ok=True) gitrepodir = os.path.join(options.git_repo, repodir) os.makedirs(gitrepodir, exist_ok=True) - for f in ('index.jar', 'index.xml', 'index-v1.jar', 'index-v1.json'): + for f in ( + 'entry.jar', + 'entry.json', + 'index-v1.jar', + 'index-v1.json', + 'index-v2.json', + 'index.jar', + 'index.xml', + ): dlfile = os.path.join(tempdir, f) dlurl = options.url + '/' + repodir + '/' + f http_headers_file = os.path.join(gitrepodir, f + '.HTTP-headers.json') From 4ce3da476dadc53c5ef05d42b151d9257bff85b0 Mon Sep 17 00:00:00 2001 From: Hans-Christoph Steiner Date: Mon, 23 May 2022 20:41:05 +0200 Subject: [PATCH 2/4] btlog: run black to format code --- .gitlab-ci.yml | 1 + fdroidserver/btlog.py | 38 ++++++++++++++++++++++++++------------ 2 files changed, 27 insertions(+), 12 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 71a1e410..97e799c5 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -235,6 +235,7 @@ black: examples/fdroid_extract_repo_pubkey.py examples/makebuildserver.config.py fdroid + fdroidserver/btlog.py fdroidserver/exception.py fdroidserver/gpgsign.py fdroidserver/lint.py diff --git a/fdroidserver/btlog.py b/fdroidserver/btlog.py index 8238a5d8..b5499d09 100755 --- a/fdroidserver/btlog.py +++ b/fdroidserver/btlog.py @@ -70,7 +70,8 @@ def make_binary_transparency_log( if not url: url = common.config['repo_url'].rstrip('/') with open(os.path.join(btrepo, 'README.md'), 'w') as fp: - fp.write(""" + fp.write( + """ # Binary Transparency Log for %s This is a log of the signed app index metadata. This is stored in a @@ -80,8 +81,10 @@ F-Droid repository was a publicly released file. For more info on this idea: * https://wiki.mozilla.org/Security/Binary_Transparency -""" % url[:url.rindex('/')]) # strip '/repo' - gitrepo.index.add(['README.md', ]) +""" + % url[: url.rindex('/')] # strip '/repo' + ) + gitrepo.index.add(['README.md']) gitrepo.index.commit('add README') for repodir in repodirs: @@ -150,13 +153,22 @@ def main(): parser = ArgumentParser() common.setup_global_opts(parser) - parser.add_argument("--git-repo", - default=os.path.join(os.getcwd(), 'binary_transparency'), - help=_("Path to the git repo to use as the log")) - parser.add_argument("-u", "--url", default='https://f-droid.org', - help=_("The base URL for the repo to log (default: https://f-droid.org)")) - parser.add_argument("--git-remote", default=None, - help=_("Push the log to this git remote repository")) + parser.add_argument( + "--git-repo", + default=os.path.join(os.getcwd(), 'binary_transparency'), + help=_("Path to the git repo to use as the log"), + ) + parser.add_argument( + "-u", + "--url", + default='https://f-droid.org', + help=_("The base URL for the repo to log (default: https://f-droid.org)"), + ) + parser.add_argument( + "--git-remote", + default=None, + help=_("Push the log to this git remote repository"), + ) options = parser.parse_args() if options.verbose: @@ -204,7 +216,7 @@ def main(): r = session.head(dlurl, headers=headers, allow_redirects=False) if r.status_code != 200: logging.debug( - 'HTTP Response (' + str(r.status_code) + '), did not download ' + dlurl + 'HTTP Response (%d), did not download %s' % (r.status_code, dlurl) ) continue if etag and etag == r.headers.get('ETag'): @@ -226,7 +238,9 @@ def main(): if new_files: os.chdir(tempdirbase) - make_binary_transparency_log(repodirs, options.git_repo, options.url, 'fdroid btlog') + make_binary_transparency_log( + repodirs, options.git_repo, options.url, 'fdroid btlog' + ) if options.git_remote: deploy.push_binary_transparency(options.git_repo, options.git_remote) shutil.rmtree(tempdirbase, ignore_errors=True) From 5448fa2a2d94e1d561eaa7d51ae66d300d624af1 Mon Sep 17 00:00:00 2001 From: Hans-Christoph Steiner Date: Mon, 23 May 2022 21:20:41 +0200 Subject: [PATCH 3/4] update: hide confusing androguard warning that is irrelevant here This is related to androguard features that fdroidserver does not use: WARNING: Requested API level 31 is larger than maximum we have, returning API level 28 instead. --- fdroidserver/common.py | 1 + 1 file changed, 1 insertion(+) diff --git a/fdroidserver/common.py b/fdroidserver/common.py index 8cb96cac..b18887c7 100644 --- a/fdroidserver/common.py +++ b/fdroidserver/common.py @@ -2592,6 +2592,7 @@ def use_androguard(): use_androguard.show_path = False if options and options.verbose: logging.getLogger("androguard.axml").setLevel(logging.INFO) + logging.getLogger("androguard.core.api_specific_resources").setLevel(logging.ERROR) return True except ImportError: return False From cbd4828561257ebb4f2af545784513b63c0c7b94 Mon Sep 17 00:00:00 2001 From: Hans-Christoph Steiner Date: Mon, 23 May 2022 23:10:52 +0200 Subject: [PATCH 4/4] include index-v2 in signindex tests --- tests/signindex.TestCase | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/tests/signindex.TestCase b/tests/signindex.TestCase index 98ff8313..79977e8d 100755 --- a/tests/signindex.TestCase +++ b/tests/signindex.TestCase @@ -76,7 +76,15 @@ class SignindexTest(unittest.TestCase): fp.write('# placeholder') shutil.copy(str(self.basedir / 'urzip.apk'), 'repo') index_files = [] - for f in ('index.xml', 'index.jar', 'index-v1.json', 'index-v1.jar'): + for f in ( + 'entry.jar', + 'entry.json', + 'index-v1.jar', + 'index-v1.json', + 'index-v2.json', + 'index.jar', + 'index.xml', + ): for section in (Path('repo'), Path('archive')): path = section / f self.assertFalse(path.exists(), '%s should not exist yet!' % path)