diff options
author | Bernhard Schmidt <berni@debian.org> | 2020-08-15 21:29:50 +0200 |
---|---|---|
committer | Bernhard Schmidt <berni@debian.org> | 2020-08-15 21:29:50 +0200 |
commit | 1079962e4c06f88a54e50d997c1b7e84303d30b4 (patch) | |
tree | 4d019426928435425214ccedd6f89b70dbdf035d /dev-tools | |
parent | 620785fe268a1221c1ba7a9cb5a70f3140a4f1ca (diff) |
New upstream version 2.5~beta1upstream/2.5_beta1
Diffstat (limited to 'dev-tools')
-rwxr-xr-x | dev-tools/gen-release-tarballs.sh | 247 | ||||
-rwxr-xr-x | dev-tools/lz4-rebaser.sh | 68 | ||||
-rwxr-xr-x | dev-tools/reformat-all.sh | 136 | ||||
-rw-r--r-- | dev-tools/reformat-patches/after_include_openvpn-plugin.h.in.patch | 13 | ||||
-rw-r--r-- | dev-tools/reformat-patches/before_include_openvpn-plugin.h.in.patch | 13 | ||||
-rw-r--r-- | dev-tools/special-files.lst | 4 | ||||
-rw-r--r-- | dev-tools/uncrustify.conf | 76 | ||||
-rwxr-xr-x | dev-tools/update-copyright.sh | 50 |
8 files changed, 607 insertions, 0 deletions
diff --git a/dev-tools/gen-release-tarballs.sh b/dev-tools/gen-release-tarballs.sh new file mode 100755 index 0000000..9c4600e --- /dev/null +++ b/dev-tools/gen-release-tarballs.sh @@ -0,0 +1,247 @@ +#!/bin/sh +# gen-release-tarballs.sh - Generates release tarballs with signatures +# +# Copyright (C) 2017-2018 - David Sommerseth <davids@openvpn.net> +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +# +set -u + +if [ $# -ne 4 ]; then + echo "Usage: $0 <remote-name> <tag-name> <sign-key> <dest-dir>" + echo "" + echo " remote-name -- valid remotes: `git remote | tr \\\n ' '`" + echo " tag-name -- An existing release tag" + echo " sign-key -- PGP key used to sign all files" + echo " dest-dir -- Where to put the complete set of release tarballs" + echo "" + echo " Example: $0 origin v2.4.2 /tmp/openvpn-release" + echo + exit 1 +fi + +arg_remote_name="$1" +arg_tag_name="$2" +arg_sign_key="$3" +arg_dest_dir="$4" + +# +# Sanity checks +# + +# Check that the tag exists +git tag | grep "$arg_tag_name" 1>/dev/null +if [ $? -ne 0 ]; then + echo "** ERROR ** The tag '$arg_tag_name' does not exist" + exit 2 +fi + +# Extract the git URL +giturl="`git remote get-url $arg_remote_name 2>/dev/null`" +if [ $? -ne 0 ]; then + echo "** ERROR ** Invalid git remote name: $arg_remote_name" + exit 2 +fi + +# Check we have the needed signing key +echo "test" | gpg -a --clearsign -u "$arg_sign_key" 2>/dev/null 1>/dev/null +if [ $? -ne 0 ]; then + echo "** ERROR ** Failed when testing the PGP signing. Wrong signing key?" + exit 2; +fi + + +# +# Helper functions +# + +get_filename() +{ + local wildcard="$1" + + res="`find . -maxdepth 1 -type f -name \"$wildcard\" | head -n1 | cut -d/ -f2-`" + if [ $? -ne 0 ]; then + echo "-- 'find' failed." + exit 5 + fi + if [ -z "$res" ]; then + echo "-- Could not find a file with the wildcard: $wildcard" + exit 4 + fi + echo "$res" +} + +copy_files() +{ + local fileext="$1" + local dest="$2" + + file="`get_filename openvpn-*.*.*.$fileext`" + if [ -z "$file" ]; then + echo "** ERROR Failed to find source file" + exit 5 + fi + echo "-- Copying $file" + cp "$file" "$dest" + if [ $? -ne 0 ]; then + echo "** ERROR ** Failed to copy $file to $destdir" + exit 3; + fi +} + +sign_file() +{ + local signkey="$1" + local srchfile="$2" + local signtype="$3" + local file="`get_filename $srchfile`" + + echo "-- Signing $file ..." + case "$signtype" in + inline) + # Have the signature in the same file as the data + gpg -a --clearsign -u "$signkey" "$file" 2>/dev/null + res=$? + if [ $res -eq 0 ]; then + rm -f "$file" + fi + ;; + + detached) + # Have the signature in a separate file + gpg -a --detach-sign -u "$signkey" "$file" 2>/dev/null + res=$? + ;; + + *) + echo "** ERROR ** Unknown signing type \"$signtype\"." + exit 4; + esac + + if [ $res -ne 0 ]; then + echo "** ERROR ** Failed to sign the file $PWD/$file" + exit 4; + fi +} + + +# +# Preparations +# + +# Create the destination directory, using a sub-dir with the tag-name +destdir="" +case "$arg_dest_dir" in + /*) # Absolute path + destdir="$arg_dest_dir/$arg_tag_name" + ;; + *) # Make absolute path from relative path + destdir="$PWD/$arg_dest_dir/$arg_tag_name" + ;; +esac +echo "-- Destination directory: $destdir" +if [ -e "$destdir" ]; then + echo "** ERROR ** Destination directory already exists. " + echo " Please check your command line carefully." + exit 2 +fi + +mkdir -p "$destdir" +if [ $? -ne 0 ]; then + echo "** ERROR ** Failed to create destination directory" + exit 2 +fi + +# +# Start the release process +# + +# Clone the remote repository +workdir="`mktemp -d -p /var/tmp openvpn-build-release-XXXXXX`" +cd $workdir +echo "-- Working directory: $workdir" +echo "-- git clone $giturl" +git clone $giturl openvpn-gen-tarball 2> "$workdir/git-clone.log" 1>&2 +if [ $? -ne 0 ]; then + echo "** ERROR ** git clone failed. See $workdir/git-clone.log for details" + exit 3; +fi +cd openvpn-gen-tarball + +# Check out the proper release tag +echo "-- Checking out tag $arg_tag_name ... " +git checkout -b mkrelease "$arg_tag_name" 2> "$workdir/git-checkout-tag.log" 1>&2 +if [ $? -ne 0 ]; then + echo "** ERROR ** git checkout failed. See $workdir/git-checkout-tag.log for details" + exit 3; +fi + +# Prepare the source tree +echo "-- Running autoreconf + a simple configure ... " +(autoreconf -vi && ./configure) 2> "$workdir/autotools-prep.log" 1>&2 +if [ $? -ne 0 ]; then + echo "** ERROR ** Failed running autotools. See $workdir/autotools-prep.log for details" + exit 3; +fi + +# Generate the tar/zip files +echo "-- Running make distcheck (generates .tar.gz) ... " +(make distcheck) 2> "$workdir/make-distcheck.log" 1>&2 +if [ $? -ne 0 ]; then + echo "** ERROR ** make distcheck failed. See $workdir/make-distcheck.log for details" + exit 3; +fi +copy_files tar.gz "$destdir" + +echo "-- Running make dist-xz (generates .tar.xz) ... " +(make dist-xz) 2> "$workdir/make-dist-xz.log" 1>&2 +if [ $? -ne 0 ]; then + echo "** ERROR ** make dist-xz failed. See $workdir/make-dist-xz.log for details" + exit 3; +fi +copy_files tar.xz "$destdir" + +echo "-- Running make dist-zip (generates .zip) ... " +(make dist-zip) 2> "$workdir/make-dist-zip.log" 1>&2 +if [ $? -ne 0 ]; then + echo "** ERROR ** make dist-zip failed. See $workdir/make-dist-zip.log for details" + exit 3; +fi +copy_files zip "$destdir" + +# Generate SHA256 checksums +cd "$destdir" +sha256sum openvpn-*.tar.{gz,xz} openvpn-*.zip > "openvpn-$arg_tag_name.sha256sum" + +# Sign all the files +echo "-- Signing files ... " +sign_file "$arg_sign_key" "openvpn-$arg_tag_name.sha256sum" inline +sign_file "$arg_sign_key" "openvpn-*.tar.gz" detached +sign_file "$arg_sign_key" "openvpn-*.tar.xz" detached +sign_file "$arg_sign_key" "openvpn-*.zip" detached + +# Create a tar-bundle with everything +echo "-- Creating final tarbundle with everything ..." +tar cf "openvpn-$arg_tag_name.tar" openvpn-*.{tar.gz,tar.xz,zip}{,.asc} openvpn-*.sha256sum.asc + +echo "-- Cleaning up ..." +# Save the log files +mkdir -p "$destdir/logs" +mv $workdir/*.log "$destdir/logs" + +# Finally, done! +rm -rf "$workdir" +echo "-- Done" +exit 0 diff --git a/dev-tools/lz4-rebaser.sh b/dev-tools/lz4-rebaser.sh new file mode 100755 index 0000000..03debcb --- /dev/null +++ b/dev-tools/lz4-rebaser.sh @@ -0,0 +1,68 @@ +#!/bin/sh +# lz4-rebaser.sh - Does the LZ4 rebase process in an automated fashion +# +# Copyright (C) 2017-2018 David Sommerseth <davids@openvpn.net> +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +# + +# Basic shell sanity +set -eu + +# Simple argument control +if [ $# -ne 1 ]; then + echo "Usage: $0 <Path to upstream LZ4 source tree>" + exit 1 +fi + +# Check that we have the files we need before starting the rebase +LZ4_C="$1/lib/lz4.c" +LZ4_H="$1/lib/lz4.h" +if [ ! -r "$LZ4_C" -o ! -r "$LZ4_H" ]; then + echo "Could not locate $LZ4_H and/or $LZ4_C" + exit 1 +fi + +# Extract the upstream LZ4 commit base +lz4_tag="$(git --git-dir $1/.git tag --contains HEAD)" +lz4_commit="$(git --git-dir $1/.git rev-parse --short=20 HEAD)" + +# Do the rebase +srcroot="$(git rev-parse --show-toplevel)" +echo "* Copying upstream lz4.h to compat-lz4.h" +cp "$LZ4_H" "${srcroot}/src/compat/compat-lz4.h" + +echo "* Porting upstream lz4.c to compat-lz4.c" +{ + cat <<EOF +/* This file has been backported by $0 + * from upstream lz4 commit $lz4_commit ($lz4_tag) + */ +#ifdef HAVE_CONFIG_H +#include "config.h" +#elif defined(_MSC_VER) +#include "config-msvc.h" +#endif + +#ifdef NEED_COMPAT_LZ4 +EOF + sed 's/\"lz4\.h\"/\"compat-lz4.h"/' "$LZ4_C" +cat <<EOF +#endif /* NEED_COMPAT_LZ4 */ +EOF +} > "${srcroot}/src/compat/compat-lz4.c" + +echo "* Running 'git add'" +git add src/compat/compat-lz4.[ch] diff --git a/dev-tools/reformat-all.sh b/dev-tools/reformat-all.sh new file mode 100755 index 0000000..befc589 --- /dev/null +++ b/dev-tools/reformat-all.sh @@ -0,0 +1,136 @@ +#!/bin/sh +# reformat-all.sh - Reformat all git files in the checked out +# git branch using uncrustify. +# +# Copyright (C) 2016-2018 - David Sommerseth <davids@openvpn.net> +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +# + +tstamp="$(date +%Y%m%d-%H%M%S)" +files="$(pwd)/reformat-all_files-$tstamp.lst" +log="$(pwd)/reformat-all_log-$tstamp.txt" + +srcroot="$(git rev-parse --show-toplevel)" +cfg="$srcroot/dev-tools/uncrustify.conf" +specialfiles="$srcroot/dev-tools/special-files.lst" + +export gitfiles=0 +export procfiles=0 + +# Go to the root of the source tree +cd "$srcroot" + +{ + echo -n "** Starting $0: " + date + + # Find all C source/header files + git ls-files | grep -E ".*\.[ch](\.in$|$)" > "${files}.git" + + # Manage files which needs special treatment + awk -F\# '{gsub("\n| ", "", $1); print $1}' "$specialfiles" > "${files}.sp" + while read srcfile + do + res=$(grep "$srcfile" "${files}.sp" 2>/dev/null) + if [ $? -ne 0 ]; then + # If grep didn't find the file among special files, + # process it normally + echo "$srcfile" >> "$files" + else + mode=$(echo "$res" | cut -d: -f1) + case "$mode" in + E) + echo "** INFO ** Excluding '$srcfile'" + ;; + P) + echo "** INFO ** Pre-patching '$srcfile'" + patchfile="${srcroot}"/dev-tools/reformat-patches/before_$(echo "$srcfile" | tr "/" "_").patch + if [ -r "$patchfile" ]; then + git apply "$patchfile" + if [ $? -ne 0 ]; then + echo "** ERROR ** Failed to apply pre-patch file: $patchfile" + exit 2 + fi + else + echo "** WARN ** Pre-patch file for $srcfile is missing: $patchfile" + fi + echo "$srcfile" >> "${files}.postpatch" + echo "$srcfile" >> "$files" + ;; + *) + echo "** WARN ** Unknown mode '$mode' for file '$srcfile'" + ;; + esac + fi + done < "${files}.git" + rm -f "${files}.git" "${files}.sp" + + # Kick off uncrustify + echo + echo "** INFO ** Running: uncrustify -c $cfg --no-backup -l C -p debug.uncr -F $files" + uncrustify -c "$cfg" --no-backup -l C -p debug.uncr -F "$files" 2>&1 + res=$? + echo "** INFO ** Uncrustify completed (exit code $res)" +} | tee "${log}-1" # Log needs to be closed here, to be processed in next block + +{ + # Check the results + gitfiles=$(wc -l "$files" | cut -d\ -f1) + procfiles=$(grep "Parsing: " "${log}-1" | wc -l) + echo + echo "C source/header files checked into git: $gitfiles" + echo "Files processed by uncrustify: $procfiles" + echo + + # Post-Patch files modified after we uncrustify have adjusted them + if [ -r "${files}.postpatch" ]; then + while read srcfile; + do + patchfile="${srcroot}"/dev-tools/reformat-patches/after_$(echo "$srcfile" | tr "/" "_").patch + if [ -r "$patchfile" ]; then + echo "** INFO ** Post-patching '$srcfile'" + git apply "$patchfile" + if [ $? -ne 0 ]; then + echo "** WARN ** Failed to apply $patchfile" + fi + else + echo "** WARN ** Post-patch file for $srcfile is missing: $patchfile" + fi + done < "${files}.postpatch" + rm -f "${files}.postpatch" + fi +} | tee "${log}-2" # Log needs to be closed here, to be processed in next block + +cat "${log}-1" "${log}-2" > "$log" + +{ + ec=1 + echo + if [ "$gitfiles" -eq "$procfiles" ]; then + echo "Reformatting completed successfully" + ec=0 + else + last=$(tail -n1 "${log}-1") + echo "** ERROR ** Reformating failed to process all files." + echo " uncrustify exit code: $res" + echo " Last log line: $last" + echo + fi + rm -f "${log}-1" "${log}-2" +} | tee -a "$log" +rm -f "${files}" + +exit $ec diff --git a/dev-tools/reformat-patches/after_include_openvpn-plugin.h.in.patch b/dev-tools/reformat-patches/after_include_openvpn-plugin.h.in.patch new file mode 100644 index 0000000..100da07 --- /dev/null +++ b/dev-tools/reformat-patches/after_include_openvpn-plugin.h.in.patch @@ -0,0 +1,13 @@ +diff --git a/include/openvpn-plugin.h.in b/include/openvpn-plugin.h.in +index 05bffab..05b4b6a 100644 +--- a/include/openvpn-plugin.h.in ++++ b/include/openvpn-plugin.h.in +@@ -169,7 +169,7 @@ typedef void *openvpn_plugin_handle_t; + /* + * We are compiling OpenVPN. + */ +-/* #define OPENVPN_PLUGIN_DEF typedef */ ++#define OPENVPN_PLUGIN_DEF typedef + #define OPENVPN_PLUGIN_FUNC(name) (*name) + + #else /* ifdef OPENVPN_PLUGIN_H */ diff --git a/dev-tools/reformat-patches/before_include_openvpn-plugin.h.in.patch b/dev-tools/reformat-patches/before_include_openvpn-plugin.h.in.patch new file mode 100644 index 0000000..679c414 --- /dev/null +++ b/dev-tools/reformat-patches/before_include_openvpn-plugin.h.in.patch @@ -0,0 +1,13 @@ +diff --git a/include/openvpn-plugin.h.in b/include/openvpn-plugin.h.in +index 34ad18b..f4c5472 100644 +--- a/include/openvpn-plugin.h.in ++++ b/include/openvpn-plugin.h.in +@@ -169,7 +169,7 @@ typedef void *openvpn_plugin_handle_t; + /* + * We are compiling OpenVPN. + */ +-#define OPENVPN_PLUGIN_DEF typedef ++// #define OPENVPN_PLUGIN_DEF typedef + #define OPENVPN_PLUGIN_FUNC(name) (*name) + + #else diff --git a/dev-tools/special-files.lst b/dev-tools/special-files.lst new file mode 100644 index 0000000..f3f77ea --- /dev/null +++ b/dev-tools/special-files.lst @@ -0,0 +1,4 @@ +E:doc/doxygen/doc_key_generation.h # @verbatim section gets mistreated, exclude it +E:src/compat/compat-lz4.c # Preserve LZ4 upstream formatting +E:src/compat/compat-lz4.h # Preserve LZ4 upstream formatting +P:include/openvpn-plugin.h.in # uncrustify segfaults, patch it before+after diff --git a/dev-tools/uncrustify.conf b/dev-tools/uncrustify.conf new file mode 100644 index 0000000..25eb4cd --- /dev/null +++ b/dev-tools/uncrustify.conf @@ -0,0 +1,76 @@ +# Use Allman-style +indent_columns=4 +indent_braces=false +indent_else_if=false +indent_switch_case=4 +indent_label=1 +nl_if_brace=add +nl_brace_else=add +nl_elseif_brace=add +nl_else_brace=add +nl_else_if=remove +nl_for_brace=add +nl_while_brace=add +nl_switch_brace=add +nl_fdef_brace=add +nl_do_brace=add +sp_func_proto_paren=Remove +sp_func_def_paren=Remove +sp_func_call_paren=Remove +sp_sizeof_paren=Remove + +# No tabs, spaces only +indent_with_tabs=0 +align_with_tabs=false +cmt_convert_tab_to_spaces=true + +# Do not put spaces between the # and preprocessor statements +pp_space=remove + +# Various whitespace fiddling +sp_assign=add +sp_before_sparen=add +sp_inside_sparen=remove +sp_cond_colon=add +sp_cond_question=add +sp_bool=add +sp_else_brace=add +sp_brace_else=add +pos_arith=Lead +pos_bool=Lead +nl_func_type_name=add +nl_before_case=true +nl_assign_leave_one_liners=true +nl_enum_leave_one_liners=true +nl_brace_fparen=add +nl_max=4 +nl_after_func_proto=2 + +# Always use scoping braces for conditionals +mod_full_brace_if=add +mod_full_brace_if_chain=false +mod_full_brace_while=add +mod_full_brace_for=add +mod_full_brace_do=add + +# Annotate #else and #endif statements +mod_add_long_ifdef_endif_comment=20 +mod_add_long_ifdef_else_comment=5 + +# Misc cleanup +mod_remove_extra_semicolon=true + +# leave blank at end of empty for() statements +sp_after_semi_for_empty=Add + +# Use C-style comments (/* .. */) +cmt_c_nl_end=true +cmt_star_cont=true +cmt_cpp_to_c=true + +# Use "char **a"-style pointer stars/dereferences +sp_before_ptr_star=Add +sp_between_ptr_star=Remove +sp_after_ptr_star=Remove +sp_before_byref=Add +sp_after_byref=Remove diff --git a/dev-tools/update-copyright.sh b/dev-tools/update-copyright.sh new file mode 100755 index 0000000..a874631 --- /dev/null +++ b/dev-tools/update-copyright.sh @@ -0,0 +1,50 @@ +#!/bin/sh +# update-copyright-sh - Simple tool to update the Copyright lines +# in all files checked into git +# +# Copyright (C) 2016-2018 David Sommerseth <davids@openvpn.net> +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +# + +# Basic shell sanity +set -eu + +# Simple argument control +if [ $# -ne 1 ]; then + echo "Usage: $0 <New Copyright Year>" + exit 1 +fi + +# Only update Copyright lines with these owners +# The 'or' operator is GNU sed specific, and must be \| +UPDATE_COPYRIGHT_LINES="@openvpn\.net\|@fox-it\.com\|@sophos.com\|@eurephia\.net\|@greenie\.muc\.de" +COPY_YEAR="$1" + +cd "$(git rev-parse --show-toplevel)" +for file in $(git ls-files | grep -v vendor/); +do + echo -n "Updating $file ..." + # The first sed operation covers 20xx-20yy copyright lines, + # The second sed operation changes 20xx -> 20xx-20yy + sed -e "/$UPDATE_COPYRIGHT_LINES/s/\(Copyright (C) 20..-\)\(20..\)[[:blank:]]\+/\1$COPY_YEAR /" \ + -e "/$UPDATE_COPYRIGHT_LINES/s/\(Copyright (C) \)\(20..\)[[:blank:]]\+/\1\2-$COPY_YEAR /" \ + -i $file + echo " Done" +done +echo +echo "** All files updated with $COPY_YEAR as the ending copyright year" +echo +exit 0 |