chiark / gitweb /
~ianmdlvl / fdroidserver.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 364e609) | patch
verify: fdroidserverid and buildserverid are part of the sig
authorHans-Christoph Steiner <hans@eds.org>
Mon, 9 Jan 2017 14:10:54 +0000 (15:10 +0100)
committerHans-Christoph Steiner <hans@eds.org>
Wed, 22 Mar 2017 09:51:12 +0000 (10:51 +0100)
commit70915a7445ba249aec9782b1a58a151939d96c34
treed3abb74e8fe2b74eaa037ad3fc4d2913ee7a3860tree | snapshot
parent364e609ebe2ee867b2d156bc96be135ec8da385acommit | diff
verify: fdroidserverid and buildserverid are part of the sig

There are two SHA1 git commit IDs that fdroidserver includes in the builds
it makes: fdroidserverid and buildserverid.  Originally, these were inserted
into AndroidManifest.xml, but that makes the build not reproducible. So
instead they are included as separate files in the APK's META-INF/ folder.
If those files exist in the signed APK, they will be part of the signature
and need to also be included in the unsigned APK for it to validate.
fdroidserver/common.py diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.