dropbear: release.sh annotate

annotate release.sh @ 1715:3974f087d9c0

Disallow leading lines before the ident for server (#102) Per RFC4253 4.2 clients must be able to process other lines of data before the version string, server behavior is not defined neither with MUST/SHOULD nor with MAY. If server process up to 50 lines too - it may cause too long hanging session with invalid/evil client that consume host resources and potentially may lead to DDoS on poor embedded boxes. Let's require first line from client to be version string and fail early if it's not - matches both RFC and real OpenSSH behavior.

author	Vladislav Grishenko <themiron@users.noreply.github.com>
date	Mon, 15 Jun 2020 18:22:18 +0500
parents	90fffce0ee99
children	e2e4929d057b

rev	line source
948 f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1 #!/bin/sh
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	2 VERSION=$(echo '#include "sysoptions.h"\necho DROPBEAR_VERSION' \| cpp - \| sh)
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	3 echo Releasing version "$VERSION" ...
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	4 if ! head -n1 CHANGES \| grep -q $VERSION ; then
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	5 echo "CHANGES needs updating"
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	6 exit 1
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	7 fi
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	8
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	9 if ! head -n1 debian/changelog \| grep -q $VERSION ; then
1007 cbd674d63cd4 changelog for 2015.67 Matt Johnston <matt@ucc.asn.au> parents: 949 diff changeset	10 echo "debian/changelog needs updating"
948 f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	11 exit 1
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	12 fi
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	13
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	14 head -n1 CHANGES
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	15
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	16 #sleep 3
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	17
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	18 RELDIR=$PWD/../dropbear-$VERSION
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	19 ARCHIVE=${RELDIR}.tar.bz2
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	20 if test -e $RELDIR; then
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	21 echo "$RELDIR exists"
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	22 exit 1
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	23 fi
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	24
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	25 if test -e $ARCHIVE; then
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	26 echo "$ARCHIVE exists"
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	27 exit 1
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	28 fi
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	29
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	30 hg archive "$RELDIR" \|\| exit 2
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	31
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	32 (cd "$RELDIR" && autoconf && autoheader) \|\| exit 2
1679 90fffce0ee99 Add linter for #ifdef Matt Johnston <matt@ucc.asn.au> parents: 1645 diff changeset	33 (cd "$RELDIR" && make lint) \|\| exit 2
948 f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	34
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	35 rm -r "$RELDIR/autom4te.cache" \|\| exit 2
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	36
1137 40434003bd96 remove .hgtags from release Matt Johnston <matt@ucc.asn.au> parents: 1010 diff changeset	37 rm "$RELDIR/.hgtags"
40434003bd96 remove .hgtags from release Matt Johnston <matt@ucc.asn.au> parents: 1010 diff changeset	38
40434003bd96 remove .hgtags from release Matt Johnston <matt@ucc.asn.au> parents: 1010 diff changeset	39 (cd "$RELDIR/.." && tar cjf $ARCHIVE `basename "$RELDIR"`) \|\| exit 2
948 f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	40
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	41 ls -l $ARCHIVE
1645 0276c0f8c2b8 use "openssl sha256" Matt Johnston <matt@ucc.asn.au> parents: 1183 diff changeset	42 openssl sha256 $ARCHIVE
1183 d10468395a49 release.sh reminds how to sign Matt Johnston <matt@ucc.asn.au> parents: 1137 diff changeset	43 echo Done to
d10468395a49 release.sh reminds how to sign Matt Johnston <matt@ucc.asn.au> parents: 1137 diff changeset	44 echo "$ARCHIVE"
d10468395a49 release.sh reminds how to sign Matt Johnston <matt@ucc.asn.au> parents: 1137 diff changeset	45 echo Sign it with
d10468395a49 release.sh reminds how to sign Matt Johnston <matt@ucc.asn.au> parents: 1137 diff changeset	46 echo gpg2 --detach-sign -a -u F29C6773 "$ARCHIVE"

Mercurial > dropbear

annotate release.sh @ 1715:3974f087d9c0