#!/bin/bash # helper script to build tor debian releases # Copyright 2007,2008,2009,2010,2011 Peter Palfrader # # Permission is hereby granted, free of charge, to any person obtaining # a copy of this software and associated documentation files (the # "Software"), to deal in the Software without restriction, including # without limitation the rights to use, copy, modify, merge, publish, # distribute, sublicense, and/or sell copies of the Software, and to # permit persons to whom the Software is furnished to do so, subject to # the following conditions: # # The above copyright notice and this permission notice shall be # included in all copies or substantial portions of the Software. # # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, # EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF # MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND # NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE # LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION # OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION # WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. set -e set -x # this is hardcoded to weasel's directory layout. sorry. case "$(basename $0)" in build-obfsproxy-sources) GITDIR="$HOME/projects/debian/debian/obfsproxy/obfsproxy" PKG="obfsproxy" SKIP_HARDY=1 ;; *) GITDIR="$HOME/projects/tor/tor" PKG="tor" esac assert_files_dont_exist () { local debian_version="$1"; if [ -z "$debian_version" ]; then echo "assert_files_dont_exist called without debian_version" >&2 exit 1; fi if [ -e "${PKG}_$debian_version.diff.gz" ] ; then echo "${PKG}_$debian_version.diff.gz already exists" >&2 exit 1; fi if [ -e "${PKG}_$debian_version.dsc" ] ; then echo "${PKG}_$debian_version.dsc already exists" >&2 exit 1; fi if [ -e "${PKG}_$debian_version""_amd64.deb" ] ; then echo "${PKG}_$debian_version""_amd64.deb already exists" >&2 exit 1; fi if [ -e "${PKG}_$debian_version""_amd64.changes" ] ; then echo "${PKG}_$debian_version""_amd64.changes already exists" >&2 exit 1; fi } get_debian_version() { local dir="$1"; shift local which="${1:-}"; shift if [ -z "$which" ]; then ( cd $dir && dpkg-parsechangelog | grep-dctrl -n -s Version '' ) else local v=$(get_debian_version $dir) case "$which" in upstream) echo "${v%-*}" ;; debrev) echo "${v##*-}" ;; *) echo >&2 "Unknown key '$which' in get_debian_version" exit 1 esac fi } # remove_completely ... 0 replace hardening-includes with hardening-wrapper # 1 get rid entirely hardening_backport() { local remove_completely="$1" sed -i -e '/^Build-Depends/ s/, *hardening-includes//' debian/control if [ "$remove_completely" = 0 ]; then sed -i -e '/^Build-Depends/ s/$/, hardening-wrapper/' debian/control fi if [ "$remove_completely" = 0 ]; then sed -i -e 's#include /usr/share/hardening-includes/hardening.make#export DEB_BUILD_HARDENING=1#' debian/rules sed -i -e '/export DEB_BUILD_HARDENING=1/ a export DEB_BUILD_HARDENING_DEBUG=1' debian/rules else sed -i -e 's#include /usr/share/hardening-includes/hardening.make##' debian/rules fi if [ "$remove_completely" = 0 ]; then dch "Replace hardening-includes use with hardening-wrapper." else dch "Completely remove hardening-includes use." fi } remove_apparmor() { if grep -q dh-apparmor debian/control; then sed -i -e '/^Build-Depends/ s/, *dh-apparmor//' debian/control sed -i -e 's/dh_apparmor/# &/' debian/rules dch "Remove apparmor support for backport." fi } bp1() { local dir="$1"; shift local sid_debian_version="$1"; shift local dist="$1"; shift dpkg-source -x ${PKG}_$sid_debian_version.dsc (cd $dir; backport $dist) } bp2() { local dir="$1"; shift local origtar="$1"; shift local debian_version=$(get_debian_version $dir) assert_files_dont_exist $debian_version dpkg-source -b $dir $origtar rm -r $dir } [ -d local-build ] || mkdir local-build ORIGTAR="$1" if [ -z "$ORIGTAR" ] ; then echo "Usage: $0 [version]" >&2 exit 1; fi DEB_REVISION="${2:-1}" if [ ! -e "$ORIGTAR" ] ; then echo "$ORIGTAR does not exist." >&2 exit 1; fi if [ "${ORIGTAR#${PKG}-}" != $ORIGTAR ]; then ver="$ORIGTAR" ver=${ver#${PKG}-} ver=${ver%.tar.gz} neworig="${PKG}_$ver.orig.tar.gz" if ! [ -e "$neworig" ]; then ln -v "$ORIGTAR" "$neworig" fi echo "Using $neworig instead of $ORIGTAR" ORIGTAR="$neworig" fi DIR=`tar tzf $ORIGTAR | head -n1` DIR="${DIR%%/}" DIR_VERSION="${DIR##${PKG}-}" if [ -e "$DIR" ] ; then echo "$DIR already exists." >&2 exit 1; fi tar xzf $ORIGTAR git clone -n -s "$GITDIR" git-"$DIR" TAG="debian-${PKG}-$DIR_VERSION-$DEB_REVISION" (cd "git-$DIR" && git checkout $TAG) if diff -qr "git-$DIR" "$DIR" --exclude .git | grep -v '^Only in ' | grep --color .; then echo "Differenced detected." exit 1 fi (cd "git-$DIR" && echo "\"`git rev-parse --short=16 "$TAG"`\"" > "debian/micro-revision.i") cp -av "git-$DIR/debian" "$DIR" rm -rf "git-$DIR" debian_upstream_version=$(get_debian_version $DIR upstream) if [ "$ORIGTAR" != "${PKG}_$debian_upstream_version.orig.tar.gz" ] ; then echo "possible mismatch: $ORIGTAR but $debian_upstream_version in debian/changelog" >&2 exit 1; fi debian_version=$(get_debian_version $DIR) sid_debian_version="$debian_version" assert_files_dont_exist $debian_version dpkg-source -b $DIR $ORIGTAR rm -r $DIR # local ################################################# cd local-build dpkg-source -x ../${PKG}_$debian_version.dsc cd ${PKG}-$debian_upstream_version remove_apparmor debuild -j8 -rfakeroot -uc -us cd ../.. # SID ################################################# # null # LENNY ################################################# bp1 $DIR $sid_debian_version lenny (cd $DIR; hardening_backport 0) (cd $DIR; remove_apparmor) bp2 $DIR $ORIGTAR # SQUEEZE ################################################# bp1 $DIR $sid_debian_version squeeze (cd $DIR; remove_apparmor) bp2 $DIR $ORIGTAR # WHEEZY ################################################# bp1 $DIR $sid_debian_version wheezy bp2 $DIR $ORIGTAR # HARDY (EOL: April 2013) ################################################# if [ -z "${SKIP_HARDY:-}" ] || [ "${SKIP_HARDY:-}" -eq 0 ]; then bp1 $DIR $sid_debian_version hardy (echo "/Conflicts:"; echo d; echo i; echo "Conflicts: libssl0.9.8 (<< 0.9.8g-4ubuntu3.1)"; echo . ; echo w) | ed "$DIR/debian/control" (cd $DIR; dch "Conflict with libssl0.9.8 (<< 0.9.8g-4ubuntu3.1) on hardy") # hardy's dpkg-parsechangelog cannot deal with dots in the distribution field, remove them. (cd $DIR; dch --force-distribution --distribution "$(dpkg-parsechangelog | grep-dctrl -n -s Distribution '' | tr -d .)" '') (cd $DIR; hardening_backport 0) (cd $DIR; remove_apparmor) bp2 $DIR $ORIGTAR fi # LUCID (EOL: April 2015) ################################################# bp1 $DIR $sid_debian_version lucid (cd $DIR; remove_apparmor) bp2 $DIR $ORIGTAR # MAVERICK (EOL: April 2012) ################################################# bp1 $DIR $sid_debian_version maverick (cd $DIR; remove_apparmor) bp2 $DIR $ORIGTAR # NATTY (EOL: October 2012) ################################################# bp1 $DIR $sid_debian_version natty (cd $DIR; remove_apparmor) bp2 $DIR $ORIGTAR # ONEIRIC (EOL: April 2013) ################################################# bp1 $DIR $sid_debian_version oneiric (cd $DIR; remove_apparmor) bp2 $DIR $ORIGTAR # PRECISE (EOL: April 2017) ################################################# bp1 $DIR $sid_debian_version precise bp2 $DIR $ORIGTAR ################################################# ## BPO ################################################# # SQUEEZE-BPO ################################################# bp1 $DIR $sid_debian_version squeeze-bpo bp2 $DIR $ORIGTAR mkdir bpo mv *'~bpo'* bpo/ echo echo "All done"