dropbear: release.sh annotate

annotate release.sh @ 1902:4a6725ac957c

Revert "Don't include sk keys at all in KEX list" This reverts git commit f972813ecdc7bb981d25b5a63638bd158f1c8e72. The sk algorithms need to remain in the sigalgs list so that they are included in the server-sig-algs ext-info message sent by the server. RFC8308 for server-sig-algs requires that all algorithms are listed (though OpenSSH client 8.4p1 tested doesn't require that)

author	Matt Johnston <matt@ucc.asn.au>
date	Thu, 24 Mar 2022 13:42:08 +0800
parents	6110afb6f581
children

rev	line source
948 f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1 #!/bin/sh
1812 552bb9b4f16a Make releases tarballs more deterministic Matt Johnston <matt@ucc.asn.au> parents: 1720 diff changeset	2
552bb9b4f16a Make releases tarballs more deterministic Matt Johnston <matt@ucc.asn.au> parents: 1720 diff changeset	3 set -e
552bb9b4f16a Make releases tarballs more deterministic Matt Johnston <matt@ucc.asn.au> parents: 1720 diff changeset	4
1900 6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	5 if [ "$1" = '--testrel' ]; then
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	6 # --testrel won't check changelog version correctness and will build in a temporary dir
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	7 TESTREL=1
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	8 else
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	9 TESTREL=0
948 f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	10 fi
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	11
1900 6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	12 VERSION=$(echo '#include "default_options.h"\n#include "sysoptions.h"\necho DROPBEAR_VERSION' \| cpp -DHAVE_CRYPT - \| sh)
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	13
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	14 if [ $TESTREL -eq 1 ]; then
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	15 echo Making test tarball for "$VERSION" ...
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	16 echo Not checking version mismatches.
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	17 WORKDIR=$(mktemp -d)
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	18 TARSUFFIX="-testrel"
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	19 else
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	20 echo Releasing version "$VERSION" ...
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	21 if ! head -n1 CHANGES \| grep -q $VERSION ; then
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	22 echo "CHANGES needs updating"
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	23 exit 1
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	24 fi
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	25
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	26 if ! head -n1 debian/changelog \| grep -q $VERSION ; then
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	27 echo "debian/changelog needs updating"
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	28 exit 1
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	29 fi
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	30 WORKDIR=$PWD/..
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	31 TARSUFFIX=""
948 f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	32 fi
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	33
1900 6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	34 RELDIR=$WORKDIR/dropbear-$VERSION
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	35 ARCHIVE=${RELDIR}${TARSUFFIX}.tar.bz2
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	36
948 f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	37 head -n1 CHANGES
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	38
1812 552bb9b4f16a Make releases tarballs more deterministic Matt Johnston <matt@ucc.asn.au> parents: 1720 diff changeset	39 if tar --version \| grep -q 'GNU tar'; then
552bb9b4f16a Make releases tarballs more deterministic Matt Johnston <matt@ucc.asn.au> parents: 1720 diff changeset	40 TAR=tar
552bb9b4f16a Make releases tarballs more deterministic Matt Johnston <matt@ucc.asn.au> parents: 1720 diff changeset	41 else
552bb9b4f16a Make releases tarballs more deterministic Matt Johnston <matt@ucc.asn.au> parents: 1720 diff changeset	42 TAR=gtar
552bb9b4f16a Make releases tarballs more deterministic Matt Johnston <matt@ucc.asn.au> parents: 1720 diff changeset	43 fi
948 f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	44
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	45 if test -e $RELDIR; then
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	46 echo "$RELDIR exists"
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	47 exit 1
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	48 fi
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	49
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	50 if test -e $ARCHIVE; then
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	51 echo "$ARCHIVE exists"
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	52 exit 1
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	53 fi
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	54
1900 6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	55 if [ -d .hg ]; then
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	56 hg archive "$RELDIR" \|\| exit 2
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	57 # .hg_archival.txt seems to differ between hg versions, isn't good for reproducibility
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	58 rm "$RELDIR/.hg_archival.txt"
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	59 elif [ -d .git ]; then
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	60 git -c tar.umask=0022 archive --format tar -o /dev/stdout --prefix=dropbear-$VERSION/ HEAD \| tar xf - -C $WORKDIR \|\| exit 2
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	61 else
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	62 echo "This isn't a hg or git checkout"
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	63 exit 1
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	64 fi
948 f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	65
1900 6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	66 chmod -R a+rX $RELDIR
1137 40434003bd96 remove .hgtags from release Matt Johnston <matt@ucc.asn.au> parents: 1010 diff changeset	67
1812 552bb9b4f16a Make releases tarballs more deterministic Matt Johnston <matt@ucc.asn.au> parents: 1720 diff changeset	68 RELDATE=$(head -n1 CHANGES \| cut -d - -f 2)
1814 f78e67527731 Add configure script to version control. Set timezone for release tarball Matt Johnston <matt@ucc.asn.au> parents: 1812 diff changeset	69 # timezone keeps it consistent, choose a plausible release time
f78e67527731 Add configure script to version control. Set timezone for release tarball Matt Johnston <matt@ucc.asn.au> parents: 1812 diff changeset	70 RELTIME="22:30:00 +0800"
1812 552bb9b4f16a Make releases tarballs more deterministic Matt Johnston <matt@ucc.asn.au> parents: 1720 diff changeset	71
552bb9b4f16a Make releases tarballs more deterministic Matt Johnston <matt@ucc.asn.au> parents: 1720 diff changeset	72 # from https://reproducible-builds.org/docs/archives/
552bb9b4f16a Make releases tarballs more deterministic Matt Johnston <matt@ucc.asn.au> parents: 1720 diff changeset	73 TAROPTS="--sort=name --owner=0 --group=0 --numeric-owner"
1814 f78e67527731 Add configure script to version control. Set timezone for release tarball Matt Johnston <matt@ucc.asn.au> parents: 1812 diff changeset	74 (cd "$RELDIR/.." && $TAR cjf $ARCHIVE $TAROPTS --mtime="$RELDATE $RELTIME" `basename "$RELDIR"`) \|\| exit 2
948 f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	75
f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: diff changeset	76 ls -l $ARCHIVE
1645 0276c0f8c2b8 use "openssl sha256" Matt Johnston <matt@ucc.asn.au> parents: 1183 diff changeset	77 openssl sha256 $ARCHIVE
1183 d10468395a49 release.sh reminds how to sign Matt Johnston <matt@ucc.asn.au> parents: 1137 diff changeset	78 echo Done to
d10468395a49 release.sh reminds how to sign Matt Johnston <matt@ucc.asn.au> parents: 1137 diff changeset	79 echo "$ARCHIVE"
1900 6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	80
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	81 if [ $TESTREL -eq 0 ]; then
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	82 echo Sign it with
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	83 echo gpg2 --detach-sign -a -u F29C6773 "$ARCHIVE"
6110afb6f581 Add release.sh --testrel, github action Matt Johnston <matt@ucc.asn.au> parents: 1817 diff changeset	84 fi

Mercurial > dropbear

annotate release.sh @ 1902:4a6725ac957c