You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by mt...@apache.org on 2010/02/23 09:32:47 UTC
svn commit: r915239 - in /tomcat/jk/trunk/tools: jkrelease.sh signfile.sh
Author: mturk
Date: Tue Feb 23 08:32:47 2010
New Revision: 915239
URL: http://svn.apache.org/viewvc?rev=915239&view=rev
Log:
Split sign logic to a separate script so it can be used for signing binaries as well
Added:
tomcat/jk/trunk/tools/signfile.sh (with props)
Modified:
tomcat/jk/trunk/tools/jkrelease.sh
Modified: tomcat/jk/trunk/tools/jkrelease.sh
URL: http://svn.apache.org/viewvc/tomcat/jk/trunk/tools/jkrelease.sh?rev=915239&r1=915238&r2=915239&view=diff
==============================================================================
--- tomcat/jk/trunk/tools/jkrelease.sh (original)
+++ tomcat/jk/trunk/tools/jkrelease.sh Tue Feb 23 08:32:47 2010
@@ -38,6 +38,7 @@
COPY_NATIVE="LICENSE NOTICE"
COPY_BUILD="docs"
COPY_CONF="httpd-jk.conf uriworkermap.properties workers.properties workers.properties.minimal"
+SIGN_OPTS=""
#################### NO CHANGE BELOW THIS LINE ##############
@@ -50,6 +51,7 @@
echo " -b: package from branch BRANCH"
echo " -T: package from trunk"
echo " -d: package from local directory"
+ echo " -p: GNU PG passphrrase used for signing"
}
copy_files() {
@@ -65,22 +67,15 @@
done
}
-sign_and_verify() {
- item=$1
- echo "Signing $item..."
- gpg -ba $item
- echo "Verifying signature for $item..."
- gpg --verify $item.asc
-}
-
#################### MAIN ##############
conflict=0
-while getopts :t:r:b:d:T c
+while getopts :t:r:b:d:p:T c
do
case $c in
t) tag=$OPTARG;;
r) revision=$OPTARG;;
+ p) SIGN_OPTS="--passphrase $OPTARG";;
b) branch=$OPTARG
conflict=$(($conflict+1));;
T) trunk=trunk
@@ -292,27 +287,9 @@
perl ${JK_DIST}/tools/lineends.pl --cr ${JK_DIST}
zip -9 -r ${JK_DIST}.zip ${JK_DIST}
-# Try to locate a MD5 binary
-md5_bin="`which md5sum 2>/dev/null || type md5sum 2>&1`"
-if [ -x "$md5_bin" ]; then
- MD5SUM="$md5_bin --binary "
-else
- MD5SUM="echo 00000000000000000000000000000000 "
-fi
-# Try to locate a SHA1 binary
-sha1_bin="`which sha1sum 2>/dev/null || type sha1sum 2>&1`"
-if [ -x "$sha1_bin" ]; then
- SHA1SUM="$sha1_bin --binary "
-else
- SHA1SUM="echo 0000000000000000000000000000000000000000 "
-fi
# Create detached signature and verify it
archive=${JK_DIST}.tar.gz
-sign_and_verify $archive
-$MD5SUM $archive > $archive.md5
-$SHA1SUM $archive > $archive.sha1
+${JK_DIST}/tools/signfile.sh $SIGN_OPTS $archive
archive=${JK_DIST}.zip
-sign_and_verify $archive
-$MD5SUM $archive > $archive.md5
-$SHA1SUM $archive > $archive.sha1
+${JK_DIST}/tools/signfile.sh $SIGN_OPTS $archive
Added: tomcat/jk/trunk/tools/signfile.sh
URL: http://svn.apache.org/viewvc/tomcat/jk/trunk/tools/signfile.sh?rev=915239&view=auto
==============================================================================
--- tomcat/jk/trunk/tools/signfile.sh (added)
+++ tomcat/jk/trunk/tools/signfile.sh Tue Feb 23 08:32:47 2010
@@ -0,0 +1,59 @@
+#!/bin/sh
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+gpgopts="-ba"
+for o
+do
+ case "$o" in
+ *=*) a=`echo "$o" | sed 's/^[-_a-zA-Z0-9]*=//'`
+ ;;
+ *) a=''
+ ;;
+ esac
+ case "$o" in
+ --passphrase=* )
+ gpgopts="$gpgopts --passphrase $a"
+ shift
+ ;;
+ * )
+ break
+ ;;
+ esac
+done
+
+# Try to locate a MD5 binary
+md5_bin="`which md5sum 2>/dev/null || type md5sum 2>&1`"
+if [ -x "$md5_bin" ]; then
+ MD5SUM="$md5_bin --binary "
+else
+ MD5SUM="echo 00000000000000000000000000000000 "
+fi
+# Try to locate a SHA1 binary
+sha1_bin="`which sha1sum 2>/dev/null || type sha1sum 2>&1`"
+if [ -x "$sha1_bin" ]; then
+ SHA1SUM="$sha1_bin --binary "
+else
+ SHA1SUM="echo 0000000000000000000000000000000000000000 "
+fi
+
+for o
+do
+ echo gpg $gpgopts $o
+ gpg $gpgopts $o
+ $MD5SUM $o > $o.md5
+ $SHA1SUM $o > $o.sha1
+done
+
Propchange: tomcat/jk/trunk/tools/signfile.sh
------------------------------------------------------------------------------
svn:eol-style = LF
Propchange: tomcat/jk/trunk/tools/signfile.sh
------------------------------------------------------------------------------
svn:executable = *
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org