annotate release.sh @ 1888:a7b66ea18632

Don't set pubkey_info directly in checkpubkey_line This makes it safe to use from fuzzer-pubkey without leaking the value since the cleanup isn't called
author Matt Johnston <matt@ucc.asn.au>
date Wed, 16 Mar 2022 18:35:23 +0800
parents 209711833f15
children 6110afb6f581
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
948
f92eb625c48d - Don't use multichar constants since recent gcc complains
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1 #!/bin/sh
1812
552bb9b4f16a Make releases tarballs more deterministic
Matt Johnston <matt@ucc.asn.au>
parents: 1720
diff changeset
2
552bb9b4f16a Make releases tarballs more deterministic
Matt Johnston <matt@ucc.asn.au>
parents: 1720
diff changeset
3 set -e
552bb9b4f16a Make releases tarballs more deterministic
Matt Johnston <matt@ucc.asn.au>
parents: 1720
diff changeset
4
948
f92eb625c48d - Don't use multichar constants since recent gcc complains
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
5 VERSION=$(echo '#include "sysoptions.h"\necho DROPBEAR_VERSION' | cpp - | sh)
f92eb625c48d - Don't use multichar constants since recent gcc complains
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
6 echo Releasing version "$VERSION" ...
f92eb625c48d - Don't use multichar constants since recent gcc complains
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
7 if ! head -n1 CHANGES | grep -q $VERSION ; then
f92eb625c48d - Don't use multichar constants since recent gcc complains
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
8 echo "CHANGES needs updating"
f92eb625c48d - Don't use multichar constants since recent gcc complains
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
9 exit 1
f92eb625c48d - Don't use multichar constants since recent gcc complains
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
10 fi
f92eb625c48d - Don't use multichar constants since recent gcc complains
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
11
f92eb625c48d - Don't use multichar constants since recent gcc complains
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
12 if ! head -n1 debian/changelog | grep -q $VERSION ; then
1007
cbd674d63cd4 changelog for 2015.67
Matt Johnston <matt@ucc.asn.au>
parents: 949
diff changeset
13 echo "debian/changelog needs updating"
948
f92eb625c48d - Don't use multichar constants since recent gcc complains
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
14 exit 1
f92eb625c48d - Don't use multichar constants since recent gcc complains
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
15 fi
f92eb625c48d - Don't use multichar constants since recent gcc complains
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
16
f92eb625c48d - Don't use multichar constants since recent gcc complains
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
17 head -n1 CHANGES
f92eb625c48d - Don't use multichar constants since recent gcc complains
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
18
1812
552bb9b4f16a Make releases tarballs more deterministic
Matt Johnston <matt@ucc.asn.au>
parents: 1720
diff changeset
19 if tar --version | grep -q 'GNU tar'; then
552bb9b4f16a Make releases tarballs more deterministic
Matt Johnston <matt@ucc.asn.au>
parents: 1720
diff changeset
20 TAR=tar
552bb9b4f16a Make releases tarballs more deterministic
Matt Johnston <matt@ucc.asn.au>
parents: 1720
diff changeset
21 else
552bb9b4f16a Make releases tarballs more deterministic
Matt Johnston <matt@ucc.asn.au>
parents: 1720
diff changeset
22 TAR=gtar
552bb9b4f16a Make releases tarballs more deterministic
Matt Johnston <matt@ucc.asn.au>
parents: 1720
diff changeset
23 fi
948
f92eb625c48d - Don't use multichar constants since recent gcc complains
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
24
f92eb625c48d - Don't use multichar constants since recent gcc complains
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
25 RELDIR=$PWD/../dropbear-$VERSION
f92eb625c48d - Don't use multichar constants since recent gcc complains
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
26 ARCHIVE=${RELDIR}.tar.bz2
f92eb625c48d - Don't use multichar constants since recent gcc complains
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
27 if test -e $RELDIR; then
f92eb625c48d - Don't use multichar constants since recent gcc complains
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
28 echo "$RELDIR exists"
f92eb625c48d - Don't use multichar constants since recent gcc complains
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
29 exit 1
f92eb625c48d - Don't use multichar constants since recent gcc complains
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
30 fi
f92eb625c48d - Don't use multichar constants since recent gcc complains
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
31
f92eb625c48d - Don't use multichar constants since recent gcc complains
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
32 if test -e $ARCHIVE; then
f92eb625c48d - Don't use multichar constants since recent gcc complains
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
33 echo "$ARCHIVE exists"
f92eb625c48d - Don't use multichar constants since recent gcc complains
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
34 exit 1
f92eb625c48d - Don't use multichar constants since recent gcc complains
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
35 fi
f92eb625c48d - Don't use multichar constants since recent gcc complains
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
36
f92eb625c48d - Don't use multichar constants since recent gcc complains
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
37 hg archive "$RELDIR" || exit 2
f92eb625c48d - Don't use multichar constants since recent gcc complains
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
38
1137
40434003bd96 remove .hgtags from release
Matt Johnston <matt@ucc.asn.au>
parents: 1010
diff changeset
39 rm "$RELDIR/.hgtags"
1817
209711833f15 Don't include .hg_archival.txt in tarballs. They're now reproducible.
Matt Johnston <matt@ucc.asn.au>
parents: 1814
diff changeset
40 # .hg_archival.txt seems to differ between hg versions, isn't good for reproducibility
209711833f15 Don't include .hg_archival.txt in tarballs. They're now reproducible.
Matt Johnston <matt@ucc.asn.au>
parents: 1814
diff changeset
41 rm "$RELDIR/.hg_archival.txt"
1137
40434003bd96 remove .hgtags from release
Matt Johnston <matt@ucc.asn.au>
parents: 1010
diff changeset
42
1812
552bb9b4f16a Make releases tarballs more deterministic
Matt Johnston <matt@ucc.asn.au>
parents: 1720
diff changeset
43 RELDATE=$(head -n1 CHANGES | cut -d - -f 2)
1814
f78e67527731 Add configure script to version control. Set timezone for release tarball
Matt Johnston <matt@ucc.asn.au>
parents: 1812
diff changeset
44 # timezone keeps it consistent, choose a plausible release time
f78e67527731 Add configure script to version control. Set timezone for release tarball
Matt Johnston <matt@ucc.asn.au>
parents: 1812
diff changeset
45 RELTIME="22:30:00 +0800"
1812
552bb9b4f16a Make releases tarballs more deterministic
Matt Johnston <matt@ucc.asn.au>
parents: 1720
diff changeset
46
552bb9b4f16a Make releases tarballs more deterministic
Matt Johnston <matt@ucc.asn.au>
parents: 1720
diff changeset
47 # from https://reproducible-builds.org/docs/archives/
552bb9b4f16a Make releases tarballs more deterministic
Matt Johnston <matt@ucc.asn.au>
parents: 1720
diff changeset
48 TAROPTS="--sort=name --owner=0 --group=0 --numeric-owner"
1814
f78e67527731 Add configure script to version control. Set timezone for release tarball
Matt Johnston <matt@ucc.asn.au>
parents: 1812
diff changeset
49 (cd "$RELDIR/.." && $TAR cjf $ARCHIVE $TAROPTS --mtime="$RELDATE $RELTIME" `basename "$RELDIR"`) || exit 2
948
f92eb625c48d - Don't use multichar constants since recent gcc complains
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
50
f92eb625c48d - Don't use multichar constants since recent gcc complains
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
51 ls -l $ARCHIVE
1645
0276c0f8c2b8 use "openssl sha256"
Matt Johnston <matt@ucc.asn.au>
parents: 1183
diff changeset
52 openssl sha256 $ARCHIVE
1183
d10468395a49 release.sh reminds how to sign
Matt Johnston <matt@ucc.asn.au>
parents: 1137
diff changeset
53 echo Done to
d10468395a49 release.sh reminds how to sign
Matt Johnston <matt@ucc.asn.au>
parents: 1137
diff changeset
54 echo "$ARCHIVE"
d10468395a49 release.sh reminds how to sign
Matt Johnston <matt@ucc.asn.au>
parents: 1137
diff changeset
55 echo Sign it with
d10468395a49 release.sh reminds how to sign
Matt Johnston <matt@ucc.asn.au>
parents: 1137
diff changeset
56 echo gpg2 --detach-sign -a -u F29C6773 "$ARCHIVE"