Skip to content

Commit

Permalink
Release v3.1.5
Browse files Browse the repository at this point in the history
* update build script to sign/verify using gpg
* update ChangeLog for release

Signed-off-by: Eric F Crist <[email protected]>
  • Loading branch information
ecrist committed Jun 10, 2023
1 parent a24578a commit a8d43bc
Show file tree
Hide file tree
Showing 2 changed files with 41 additions and 2 deletions.
3 changes: 2 additions & 1 deletion ChangeLog
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
Easy-RSA 3 ChangeLog

3.1.5 (2023-06-12)
3.1.5 (2023-06-10)
* Build Update: script now supports signing and verifying
* Automate support-file creation (Free packaging) (#964)
* build-ca: New command option 'raw-ca', abbrevation: 'raw' (#963)

Expand Down
40 changes: 39 additions & 1 deletion build/build-dist.sh
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ build-dist options:
--no-windows do not build for Windows
--no-unix do not build for UNIX
--no-compress do not create zip/tar
--sign Use GPG to sign and verify packages
--dist-clean rm -rf the DIST_ROOT w/out prompts
__EOF__

Expand Down Expand Up @@ -56,6 +56,38 @@ main() {
$SKIP_ZIP || make_zip
}

# perform sign and verify
sign_verify() {
# make sure gpg exists
gpgbin=$(which gpg)
if [ $? -ne 0 ];
then
echo "No gpg binary found in path."
return 1
fi

# $1 is our filename, it should exist
if [ -e "$1" ]; then
sign_out=$(gpg -qb "$1" 2>&1 )
# if signing worked, let's verify it
if [ $? -eq 0 ];
then
verify_out=$(gpg -q --verify "$1.sig" 2>&1 )
# if it's verified, return true
if [ $? -eq 0 ];
then
note "Sign and verify successful!"
return 0
fi
fi
# signing failed
note "Signing failed."
return 1
else
note "The file $1 doesn't exist or isn't readable."
fi
}

# prep DIST_ROOT
dist_clean() {
if [ -e "$DIST_ROOT" ]; then
Expand Down Expand Up @@ -142,20 +174,23 @@ stage_win() {
make_tar() {
(cd "$DIST_ROOT/unix/"; tar -czf "../${PV}.tgz" "$PV") || die "tar failed"
note "tarball created at: $DIST_ROOT/${PV}.tgz"
$SKIP_SIGN || sign_verify "$DIST_ROOT/${PV}.tgz"
}

make_zip() {
for win in win32 win64;
do
(cd "$DIST_ROOT/$win/"; zip -qr "../${PV}-$win.zip" "$PV") || die "zip failed"
note "zip file created at: $DIST_ROOT/${PV}-$win.zip"
$SKIP_SIGN || sign_verify "$DIST_ROOT/${PV}-$win.zip"
done
}

SKIP_WIN=false
SKIP_UNIX=false
SKIP_ZIP=false
SKIP_TAR=false
SKIP_SIGN=true
# parse CLI options:
while [ -n "$1" ]
do
Expand All @@ -180,6 +215,9 @@ do
# shellcheck disable=SC2034
BIN_DEST="$val"
;;
--sign)
SKIP_SIGN=false
;;
--dist-clean)
DISTCLEAN=1
;;
Expand Down

0 comments on commit a8d43bc

Please sign in to comment.