diff options
-rwxr-xr-x | build-tor-sources | 274 | ||||
-rwxr-xr-x | sbuild-stuff | 51 |
2 files changed, 325 insertions, 0 deletions
diff --git a/build-tor-sources b/build-tor-sources new file mode 100755 index 0000000..bd81dd9 --- /dev/null +++ b/build-tor-sources @@ -0,0 +1,274 @@ +#!/bin/bash + +# helper script to build tor debian releases + +# Copyright 2007,2008,2009,2010,2011 Peter Palfrader +# +# Permission is hereby granted, free of charge, to any person obtaining +# a copy of this software and associated documentation files (the +# "Software"), to deal in the Software without restriction, including +# without limitation the rights to use, copy, modify, merge, publish, +# distribute, sublicense, and/or sell copies of the Software, and to +# permit persons to whom the Software is furnished to do so, subject to +# the following conditions: +# +# The above copyright notice and this permission notice shall be +# included in all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE +# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION +# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +set -e +set -x + +# this is hardcoded to weasel's directory layout. sorry. +GITDIR="$HOME/projects/tor/tor" + +assert_files_dont_exist () { + local debian_version="$1"; + if [ -z "$debian_version" ]; then + echo "assert_files_dont_exist called without debian_version" >&2 + exit 1; + fi + + if [ -e "tor_$debian_version.diff.gz" ] ; then + echo "tor_$debian_version.diff.gz already exists" >&2 + exit 1; + fi + if [ -e "tor_$debian_version.dsc" ] ; then + echo "tor_$debian_version.dsc already exists" >&2 + exit 1; + fi + if [ -e "tor_$debian_version""_i386.deb" ] ; then + echo "tor_$debian_version""_i386.deb already exists" >&2 + exit 1; + fi + if [ -e "tor_$debian_version""_i386.changes" ] ; then + echo "tor_$debian_version""_i386.changes already exists" >&2 + exit 1; + fi +} + +get_debian_version() { + local dir="$1"; shift + local which="${1:-}"; shift + + if [ -z "$which" ]; then + ( cd $dir && dpkg-parsechangelog | grep-dctrl -n -s Version '' ) + else + local v=$(get_debian_version $dir) + case "$which" in + upstream) echo "${v%-*}" ;; + debrev) echo "${v##*-}" ;; + *) + echo >&2 "Unknown key '$which' in get_debian_version" + exit 1 + esac + fi +} + +# remove_completely ... 0 replace hardening-includes with hardening-wrapper +# 1 get rid entirely +hardening_backport() { + local remove_completely="$1" + + sed -i -e '/^Build-Depends/ s/, *hardening-includes//' debian/control + if [ "$remove_completely" = 0 ]; then + sed -i -e '/^Build-Depends/ s/$/, hardening-wrapper/' debian/control + fi + + if [ "$remove_completely" = 0 ]; then + sed -i -e 's#include /usr/share/hardening-includes/hardening.make#export DEB_BUILD_HARDENING=1#' debian/rules + sed -i -e '/export DEB_BUILD_HARDENING=1/ a export DEB_BUILD_HARDENING_DEBUG=1' debian/rules + else + sed -i -e 's#include /usr/share/hardening-includes/hardening.make##' debian/rules + fi + + if [ "$remove_completely" = 0 ]; then + dch "Replace hardening-includes use with hardening-wrapper." + else + dch "Completely remove hardening-includes use." + fi +} + +bp1() { + local dir="$1"; shift + local sid_debian_version="$1"; shift + local dist="$1"; shift + + dpkg-source -x tor_$sid_debian_version.dsc + (cd $dir; backport $dist) +} +bp2() { + local dir="$1"; shift + local origtar="$1"; shift + + local debian_version=$(get_debian_version $dir) + assert_files_dont_exist $debian_version + dpkg-source -b $dir $origtar + rm -r $dir +} + + +[ -d local-build ] || mkdir local-build + +ORIGTAR="$1" +if [ -z "$ORIGTAR" ] ; then + echo "Usage: $0 <orig.tar.gz> [version]" >&2 + exit 1; +fi +DEB_REVISION="${2:-1}" + + +if [ ! -e "$ORIGTAR" ] ; then + echo "$ORIGTAR does not exist." >&2 + exit 1; +fi + +if [ "${ORIGTAR#tor-}" != $ORIGTAR ]; then + ver="$ORIGTAR" + ver=${ver#tor-} + ver=${ver%.tar.gz} + neworig="tor_$ver.orig.tar.gz" + if ! [ -e "$neworig" ]; then + ln -v "$ORIGTAR" "$neworig" + fi + echo "Using $neworig instead of $ORIGTAR" + ORIGTAR="$neworig" +fi + +DIR=`tar tzf $ORIGTAR | head -n1` +DIR="${DIR%%/}" +DIR_VERSION="${DIR##tor-}" +if [ -e "$DIR" ] ; then + echo "$DIR already exists." >&2 + exit 1; +fi +tar xzf $ORIGTAR +git clone -n -s "$GITDIR" git-"$DIR" +TAG="debian-tor-$DIR_VERSION-$DEB_REVISION" +(cd "git-$DIR" && git checkout $TAG) +if diff -qr "git-$DIR" "$DIR" --exclude .git | grep -v '^Only in ' | grep --color .; then + echo "Differenced detected." + exit 1 +fi +(cd "git-$DIR" && echo "\"`git rev-parse --short=16 "$TAG"`\"" > "debian/micro-revision.i") +cp -av "git-$DIR/debian" "$DIR" +rm -rf "git-$DIR" + + +debian_upstream_version=$(get_debian_version $DIR upstream) +if [ "$ORIGTAR" != "tor_$debian_upstream_version.orig.tar.gz" ] ; then + echo "possible mismatch: $ORIGTAR but $debian_upstream_version in debian/changelog" >&2 + exit 1; +fi + +debian_version=$(get_debian_version $DIR) +sid_debian_version="$debian_version" +assert_files_dont_exist $debian_version +dpkg-source -b $DIR $ORIGTAR +rm -r $DIR + + + +# local +################################################# +cd local-build +dpkg-source -x ../tor_$debian_version.dsc +cd tor-$debian_upstream_version +debuild -j2 -rfakeroot -uc -us +cd ../.. + +# SID +################################################# +# null + +# LENNY +################################################# +bp1 $DIR $sid_debian_version lenny +(cd $DIR; hardening_backport 0) +bp2 $DIR $ORIGTAR + +# SQUEEZE +################################################# +bp1 $DIR $sid_debian_version squeeze +bp2 $DIR $ORIGTAR + +# WHEEZY +################################################# +bp1 $DIR $sid_debian_version wheezy +bp2 $DIR $ORIGTAR + + +# DAPPER (EOL: June 2011) +################################################# +bp1 $DIR $sid_debian_version dapper +if grep -q texlive "$DIR/debian/control"; then + sed -i -e '/^Build-Depends:/ s/texlive[a-z0-9-]*,\? *//g; /^Build-Depends: / s/$/, tetex-bin, tetex-extra/' "$DIR/debian/control" + ( cd $DIR; dch "Revert Build-Depends to tetex for backport" ) +fi +sed -i -e 's/source:Version\|binary:Version/Source-Version/' "$DIR/debian/control" +(cd $DIR; dch "Change source:Version and binary:Version to Source-Version in depends") +(echo "/Conflicts:"; echo d; echo w) | ed "$DIR/debian/control" +sed -i -e 's/move_away_keys=1/: ;# not on this version of debian# move_away_keys=1/' "$DIR/debian/tor.postinst" +(cd $DIR; dch "No need to move away keys on dapper") +sed -i -e '/^Build-Depends:/ s/ghostscript/gs/' "$DIR/debian/control" +(cd $DIR; dch "Build-Depend on gs instead of ghostscript") +(cd $DIR; hardening_backport 1) +bp2 $DIR $ORIGTAR + + +# HARDY (EOL: April 2013) +################################################# +bp1 $DIR $sid_debian_version hardy +(echo "/Conflicts:"; echo d; echo i; echo "Conflicts: libssl0.9.8 (<< 0.9.8g-4ubuntu3.1)"; echo . ; echo w) | ed "$DIR/debian/control" +(cd $DIR; dch "Conflict with libssl0.9.8 (<< 0.9.8g-4ubuntu3.1) on hardy") +(cd $DIR; hardening_backport 0) +bp2 $DIR $ORIGTAR + +# KARMIC (EOL: April 2011) +################################################# +bp1 $DIR $sid_debian_version karmic +(cd $DIR; hardening_backport 0) +bp2 $DIR $ORIGTAR + +# LUCID (EOL: April 2015) +################################################# +bp1 $DIR $sid_debian_version lucid +(cd $DIR; hardening_backport 0) +bp2 $DIR $ORIGTAR + +# MAVERICK (EOL: April 2012) +################################################# +bp1 $DIR $sid_debian_version maverick +(cd $DIR; hardening_backport 0) +bp2 $DIR $ORIGTAR + + + +################################################# +## BPO +################################################# + +# LENNY-BPO +################################################# +bp1 $DIR $sid_debian_version lenny-bpo +(cd $DIR; hardening_backport 0) +bp2 $DIR $ORIGTAR + +# SQUEEZE-BPO +################################################# +bp1 $DIR $sid_debian_version squeeze-bpo +(cd $DIR; hardening_backport 0) +bp2 $DIR $ORIGTAR + +mkdir bpo +mv *'~bpo'* bpo/ + +echo +echo "All done" diff --git a/sbuild-stuff b/sbuild-stuff new file mode 100755 index 0000000..5f282fd --- /dev/null +++ b/sbuild-stuff @@ -0,0 +1,51 @@ +#!/bin/bash + +set -e +set -u + +if [ "${1:-}" == "--binary-only" ]; then + BINARY_ARCH="--binary-arch" + BINARCH=1 + shift +else + BINARCH=0 +fi; + +DSC="${1:-}"; shift +if [ -z "$DSC" ] || [ -z "$BINARCH" ]; then + echo "Usage: $0 [--binary-arch] <foo.dsc>" >&2 + exit 1; +fi + +package=`echo $DSC | sed -e 's/_.*//'` +debian_version=`echo $DSC | sed -e 's/^[^_]*_//' -e s/\.dsc$//` + +if [ -z "${DIST:-}" ]; then + DIST=sid + for d in lenny squeeze wheezy dapper hardy karmic lucid maverick; do + if echo $debian_version | grep -q "$d" ; then + DIST="$d" + break + fi + done +fi + + +if [ -z "${ARCH:-}" ]; then + if [ "`uname -m`" = "x86_64" ]; then + ARCH="amd64" + elif [ "`uname -m`" = "i386" ] || [ "`uname -m`" = "i686" ]; then + ARCH="i386" + else + echo >&2 "Do not know arch" + exit 1 + fi +fi + +if [ "$BINARCH" = 1 ]; then + extra="" +else + extra="-s --arch-all" +fi + +sbuild --arch="$ARCH" --dist="$DIST" --apt-update $extra "$DSC" |