kc3-lang/automake/lib/gnupload

Branch : - branch - master v1.18 - tag - Release-0-25 Release-0-26 Release-0-27 Release-0-28 Release-0-29 Release-0-30 Release-0-31 Release-0-32 Release-0-33 Release-1-0 Release-1-10 Release-1-1a Release-1-1b Release-1-1c Release-1-1d Release-1-1e Release-1-1f Release-1-1g Release-1-1h Release-1-1i Release-1-1k Release-1-1l Release-1-1m Release-1-1o Release-1-1p Release-1-2 Release-1-2b Release-1-2c Release-1-2d Release-1-2e Release-1-2g Release-1-2h Release-1-3 Release-1-3b Release-1-3d Release-1-4 Release-1-4b Release-1-4d Release-1-4f Release-1-4h Release-1-4j Release-1-5b Release-1-5d Release-1-6 Release-1-6-1b Release-1-6b Release-1-6d Release-1-6f Release-1-7 Release-1-7-2b Release-1-7-3b Release-1-7b Release-1-7d Release-1-7f Release-1-7h Release-1-8 Release-1-8b Release-1-8d Release-1-9 Release-1-9b branchpoint-1-10 branchpoint-1-5 branchpoint-1-6 branchpoint-1-7 branchpoint-1-8 branchpoint-1-9 branchpoint-real-1-5 handle-languages last-merge-into-user-dep-gen-branch merging-into-user-dep-gen ng-0.5a pre-depend-change pre-ian-conditionals user-dep-gen-branchpoint v1.10b v1.11 v1.11b v1.11d v1.12 v1.12.0b v1.12.1 v1.12.2 v1.12.3 v1.12.4 v1.12.5 v1.12.6 v1.12b v1.13 v1.13.1 v1.13.1b v1.13.1d v1.13.2 v1.13.2b v1.13.3 v1.13.4 v1.13b v1.14 v1.14.1 v1.15 v1.15.1 v1.16 v1.16.1 v1.16.2 v1.16.3 v1.16.4 v1.16.5 v1.16.90 v1.16.92 v1.16i v1.17 v1.17.90 v1.17.92 v1.18.1

• Show log

  Commit

• Author : Jim Meyering
  Date : 2007-12-18 17:49:49
  Hash : 6130d102
  Message : * lib/gnupload (GPG): Don't use an absolute path. This reverts part of the 2004-01-28 change. If the hypothetical cracker ever gets in to my (or any developer's) system with sufficient privilege to modify the contents of directories in my PATH (or change my PATH altogether), they can already compromise my development work in so many ways that using such absolute names in gnupload gives reduced functionality with no added security.

• lib/gnupload

• #!/bin/sh
  # Sign files and upload them.
  
  scriptversion=2007-12-18.17
  
  # Copyright (C) 2004, 2005, 2006, 2007  Free Software Foundation
  #
  # This program is free software; you can redistribute it and/or modify
  # it under the terms of the GNU General Public License as published by
  # the Free Software Foundation; either version 3, or (at your option)
  # any later version.
  #
  # This program is distributed in the hope that it will be useful,
  # but WITHOUT ANY WARRANTY; without even the implied warranty of
  # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  # GNU General Public License for more details.
  #
  # You should have received a copy of the GNU General Public License
  # along with this program.  If not, see <http://www.gnu.org/licenses/>.
  
  # Originally written by Alexandre Duret-Lutz <adl@gnu.org>.
  
  set -e
  
  GPG='gpg --batch --no-tty'
  to=
  
  usage="Usage: $0 [OPTIONS]... FILES...
  
  Sign all FILES, and upload them to selected destinations, according to
  <http://www.gnu.org/prep/maintain/html_node/Automated-FTP-Uploads.html>.
  
  Options:
    --help                   print this help text and exit
    --to DEST                specify one destination for FILES
                             (multiple --to options are allowed)
    --user NAME              sign with key NAME
    --version                output version information and exit
  
  Recognized destinations are:
    alpha.gnu.org:DIRECTORY
    savannah.gnu.org:DIRECTORY
    savannah.nongnu.org:DIRECTORY
    ftp.gnu.org:DIRECTORY
                             build directive files and upload files by FTP
    [user@]host:DIRECTORY    upload files with scp
  
  Example:
    gnupload --to sources.redhat.com:~ftp/pub/automake \\
             --to alpha.gnu.org:automake \\
             automake-1.8.2b.tar.gz automake-1.8.2b.tar.bz2
  
  Report bugs to <bug-automake@gnu.org>.
  Send patches to <automake-patches@gnu.org>."
  
  while test -n "$1"; do
    case $1 in
      --help)
        echo "$usage"
        exit $?
        ;;
      --to)
        if test -z "$2"; then
  	echo "$0: Missing argument for --to" 1>&2
          exit 1
        else
          to="$to $2"
          shift 2
        fi
        ;;
      --user)
        if test -z "$2"; then
  	echo "$0: Missing argument for --user" 1>&2
          exit 1
        else
          GPG="$GPG --local-user $2"
          shift 2
        fi
        ;;
      --version)
        echo "gnupload $scriptversion"
        exit $?
        ;;
      -*)
        echo "$0: Unknown option \`$1', try \`$0 --help'" 1>&2
        exit 1
        ;;
      *)
        break
        ;;
    esac
  done
  
  if test $# = 0; then
    echo "$0: No file to upload" 1>&2
    exit 1
  else
    :
  fi
  
  # Make sure all files exist.  We don't want to ask
  # for the passphrase if the script will fail.
  for file
  do
    if test ! -f $file; then
      echo "$0: Cannot find \`$file'" 1>&2
      exit 1
    else
      :
    fi
  done
  
  # Make sure passphrase is not exported in the environment.
  unset passphrase
  
  # Reset PATH to be sure that echo is a built-in.  We will later use
  # `echo $passphrase' to output the passphrase, so it is important that
  # it is a built-in (third-party programs tend to appear in `ps'
  # listings with their arguments...).
  # Remember this script runs with `set -e', so if echo is not built-in
  # it will exit now.
  PATH=/empty echo -n "Enter GPG passphrase: "
  stty -echo
  read -r passphrase
  stty echo
  echo
  
  for file
  do
    echo "Signing $file..."
    rm -f $file.sig
    echo $passphrase | $GPG --passphrase-fd 0 -ba -o $file.sig $file
  done
  
  for dest in $to
  do
    for file
    do
      echo "Uploading $file to $dest..."
      files="$file $file.sig"
      destdir=`echo $dest | sed 's/[^:]*://'`
      case $dest in
        alpha.gnu.org:*)
  	rm -f $file.directive $file.directive.asc
  	cat >$file.directive<<EOF
  version: 1.1
  directory: $destdir
  filename: $file
  EOF
  	echo "$passphrase" | $GPG --passphrase-fd 0 --clearsign $file.directive
          ncftpput ftp-upload.gnu.org /incoming/alpha $files $file.directive.asc
  	rm -f $file.directive $file.directive.asc
  	;;
        ftp.gnu.org:*)
  	rm -f $file.directive $file.directive.asc
  	cat >$file.directive<<EOF
  version: 1.1
  directory: $destdir
  filename: $file
  EOF
  	echo "$passphrase" | $GPG --passphrase-fd 0 --clearsign $file.directive
          ncftpput ftp-upload.gnu.org /incoming/ftp $files $file.directive.asc
  	rm -f $file.directive $file.directive.asc
  	;;
        savannah.gnu.org:*)
          ncftpput savannah.gnu.org /incoming/savannah/$destdir $files
  	;;
        savannah.nongnu.org:*)
          ncftpput savannah.nongnu.org /incoming/savannah/$destdir $files
  	;;
        *)
  	scp $files $dest
  	;;
      esac
    done
  done
  
  # Local variables:
  # eval: (add-hook 'write-file-hooks 'time-stamp)
  # time-stamp-start: "scriptversion="
  # time-stamp-format: "%:y-%02m-%02d.%02H"
  # time-stamp-end: "$"
  # End: