#!/bin/sh # Sign files and upload them. scriptversion=2018-05-19.18; # UTC # Copyright (C) 2004-2021 Free Software Foundation, Inc. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2, or (at your option) # any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # Originally written by Alexandre Duret-Lutz . # The master copy of this file is maintained in the gnulib Git repository. # Please send bug reports and feature requests to bug-gnulib@gnu.org. set -e GPG=gpg # Choose the proper version of gpg, so as to avoid a # "gpg-agent is not available in this session" error # when gpg-agent is version 2 but gpg is still version 1. # FIXME-2020: remove, once all major distros ship gpg version 2 as /usr/bin/gpg gpg_agent_version=`(gpg-agent --version) 2>/dev/null | sed -e '2,$d' -e 's/^[^0-9]*//'` case "$gpg_agent_version" in 2.*) gpg_version=`(gpg --version) 2>/dev/null | sed -e '2,$d' -e 's/^[^0-9]*//'` case "$gpg_version" in 1.*) if (type gpg2) >/dev/null 2>/dev/null; then # gpg2 is present. GPG=gpg2 else # gpg2 is missing. Ubuntu users should install the package 'gnupg2'. echo "WARNING: Using 'gpg', which is too old. You should install 'gpg2'." 1>&2 fi ;; esac ;; esac GPG="${GPG} --batch --no-tty" conffile=.gnuploadrc to= dry_run=false replace= symlink_files= delete_files= delete_symlinks= collect_var= dbg= nl=' ' usage="Usage: $0 [OPTION]... [CMD] FILE... [[CMD] FILE...] Sign all FILES, and process them at the destinations specified with --to. If CMD is not given, it defaults to uploading. See examples below. Commands: --delete delete FILES from destination --symlink create symbolic links --rmsymlink remove symbolic links -- treat the remaining arguments as files to upload Options: --to DEST specify a destination DEST for FILES (multiple --to options are allowed) --user NAME sign with key NAME --replace allow replacements of existing files --symlink-regex[=EXPR] use sed script EXPR to compute symbolic link names -n, --dry-run do nothing, show what would have been done (including the constructed directive file) --version output version information and exit -h, --help print this help text and exit If --symlink-regex is given without EXPR, then the link target name is created by replacing the version information with '-latest', e.g.: foo-1.3.4.tar.gz -> foo-latest.tar.gz Recognized destinations are: alpha.gnu.org:DIRECTORY savannah.gnu.org:DIRECTORY savannah.nongnu.org:DIRECTORY ftp.gnu.org:DIRECTORY build directive files and upload files by FTP download.gnu.org.ua:{alpha|ftp}/DIRECTORY build directive files and upload files by SFTP [user@]host:DIRECTORY upload files with scp Options and commands are applied in order. If the file $conffile exists in the current working directory, its contents are prepended to the actual command line options. Use this to keep your defaults. Comments (#) and empty lines in $conffile are allowed. gives some further background. Examples: 1. Upload foobar-1.0.tar.gz to ftp.gnu.org: gnupload --to ftp.gnu.org:foobar foobar-1.0.tar.gz 2. Upload foobar-1.0.tar.gz and foobar-1.0.tar.xz to ftp.gnu.org: gnupload --to ftp.gnu.org:foobar foobar-1.0.tar.gz foobar-1.0.tar.xz 3. Same as above, and also create symbolic links to foobar-latest.tar.*: gnupload --to ftp.gnu.org:foobar \\ --symlink-regex \\ foobar-1.0.tar.gz foobar-1.0.tar.xz 4. Create a symbolic link foobar-latest.tar.gz -> foobar-1.0.tar.gz and likewise for the corresponding .sig file: gnupload --to ftp.gnu.org:foobar \\ --symlink foobar-1.0.tar.gz foobar-latest.tar.gz \\ foobar-1.0.tar.gz.sig foobar-latest.tar.gz.sig or (equivalent): gnupload --to ftp.gnu.org:foobar \\ --symlink foobar-1.0.tar.gz foobar-latest.tar.gz \\ --symlink foobar-1.0.tar.gz.sig foobar-latest.tar.gz.sig 5. Upload foobar-0.9.90.tar.gz to two sites: gnupload --to alpha.gnu.org:foobar \\ --to sources.redhat.com:~ftp/pub/foobar \\ foobar-0.9.90.tar.gz 6. Delete oopsbar-0.9.91.tar.gz and upload foobar-0.9.91.tar.gz (the -- terminates the list of files to delete): gnupload --to alpha.gnu.org:foobar \\ --to sources.redhat.com:~ftp/pub/foobar \\ --delete oopsbar-0.9.91.tar.gz \\ -- foobar-0.9.91.tar.gz gnupload executes a program ncftpput to do the transfers; if you don't happen to have an ncftp package installed, the ncftpput-ftp script in the build-aux/ directory of the gnulib package (https://savannah.gnu.org/projects/gnulib) may serve as a replacement. Send patches and bug reports to ." # Read local configuration file if test -r "$conffile"; then echo "$0: Reading configuration file $conffile" conf=`sed 's/#.*$//;/^$/d' "$conffile" | tr "\015$nl" ' '` eval set x "$conf \"\$@\"" shift fi while test -n "$1"; do case $1 in -*) collect_var= case $1 in -h | --help) echo "$usage" exit $? ;; --to) if test -z "$2"; then echo "$0: Missing argument for --to" 1>&2 exit 1 elif echo "$2" | grep 'ftp-upload\.gnu\.org' >/dev/null; then echo "$0: Use ftp.gnu.org:PKGNAME or alpha.gnu.org:PKGNAME" >&2 echo "$0: for the destination, not ftp-upload.gnu.org (which" >&2 echo "$0: is used for direct ftp uploads, not with gnupload)." >&2 echo "$0: See --help and its examples if need be." >&2 exit 1 else to="$to $2" shift fi ;; --user) if test -z "$2"; then echo "$0: Missing argument for --user" 1>&2 exit 1 else GPG="$GPG --local-user $2" shift fi ;; --delete) collect_var=delete_files ;; --replace) replace="replace: true" ;; --rmsymlink) collect_var=delete_symlinks ;; --symlink-regex=*) symlink_expr=`expr "$1" : '[^=]*=\(.*\)'` ;; --symlink-regex) symlink_expr='s|-[0-9][0-9\.]*\(-[0-9][0-9]*\)\{0,1\}\.|-latest.|' ;; --symlink) collect_var=symlink_files ;; -n | --dry-run) dry_run=: ;; --version) echo "gnupload $scriptversion" exit $? ;; --) shift break ;; -*) echo "$0: Unknown option '$1', try '$0 --help'" 1>&2 exit 1 ;; esac ;; *) if test -z "$collect_var"; then break else eval "$collect_var=\"\$$collect_var $1\"" fi ;; esac shift done dprint() { echo "Running $* ..." } if $dry_run; then dbg=dprint fi if test -z "$to"; then echo "$0: Missing destination sites" >&2 exit 1 fi if test -n "$symlink_files"; then x=`echo "$symlink_files" | sed 's/[^ ]//g;s/ //g'` if test -n "$x"; then echo "$0: Odd number of symlink arguments" >&2 exit 1 fi fi if test $# = 0; then if test -z "${symlink_files}${delete_files}${delete_symlinks}"; then echo "$0: No file to upload" 1>&2 exit 1 fi else # Make sure all files exist. We don't want to ask # for the passphrase if the script will fail. for file do if test ! -f $file; then echo "$0: Cannot find '$file'" 1>&2 exit 1 elif test -n "$symlink_expr"; then linkname=`echo $file | sed "$symlink_expr"` if test -z "$linkname"; then echo "$0: symlink expression produces empty results" >&2 exit 1 elif test "$linkname" = $file; then echo "$0: symlink expression does not alter file name" >&2 exit 1 fi fi done fi # Make sure passphrase is not exported in the environment. unset passphrase unset passphrase_fd_0 GNUPGHOME=${GNUPGHOME:-$HOME/.gnupg} # Reset PATH to be sure that echo is a built-in. We will later use # 'echo $passphrase' to output the passphrase, so it is important that # it is a built-in (third-party programs tend to appear in 'ps' # listings with their arguments...). # Remember this script runs with 'set -e', so if echo is not built-in # it will exit now. if $dry_run || grep -q "^use-agent" $GNUPGHOME/gpg.conf; then :; else PATH=/empty echo -n "Enter GPG passphrase: " stty -echo read -r passphrase stty echo echo passphrase_fd_0="--passphrase-fd 0" fi if test $# -ne 0; then for file do echo "Signing $file ..." rm -f $file.sig echo "$passphrase" | $dbg $GPG $passphrase_fd_0 -ba -o $file.sig $file done fi # mkdirective DESTDIR BASE FILE STMT # Arguments: See upload, below mkdirective () { stmt="$4" if test -n "$3"; then stmt=" filename: $3$stmt" fi cat >${2}.directive<&2 fi $dbg ncftpput savannah.gnu.org /incoming/savannah/$destdir $files ;; savannah.nongnu.org:*) if test -z "$files"; then echo "$0: warning: standalone directives not applicable for $dest" >&2 fi $dbg ncftpput savannah.nongnu.org /incoming/savannah/$destdir $files ;; download.gnu.org.ua:alpha/*|download.gnu.org.ua:ftp/*) destdir_p1=`echo "$destdir" | sed 's,^[^/]*/,,'` destdir_topdir=`echo "$destdir" | sed 's,/.*,,'` mkdirective "$destdir_p1" "$base" "$file" "$stmt" echo "$passphrase" | $dbg $GPG $passphrase_fd_0 --clearsign $base.directive for f in $files $base.directive.asc do echo put $f done | $dbg sftp -b - puszcza.gnu.org.ua:/incoming/$destdir_topdir ;; /*) dest_host=`echo "$dest" | sed 's,:.*,,'` mkdirective "$destdir" "$base" "$file" "$stmt" echo "$passphrase" | $dbg $GPG $passphrase_fd_0 --clearsign $base.directive $dbg cp $files $base.directive.asc $dest_host ;; *) if test -z "$files"; then echo "$0: warning: standalone directives not applicable for $dest" >&2 fi $dbg scp $files $dest ;; esac rm -f $base.directive $base.directive.asc } ##### # Process any standalone directives stmt= if test -n "$symlink_files"; then stmt="$stmt `mksymlink $symlink_files`" fi for file in $delete_files do stmt="$stmt archive: $file" done for file in $delete_symlinks do stmt="$stmt rmsymlink: $file" done if test -n "$stmt"; then for dest in $to do destdir=`echo $dest | sed 's/[^:]*://'` upload "$dest" "$destdir" "`hostname`-$$" "" "$stmt" done fi # Process actual uploads for dest in $to do for file do echo "Uploading $file to $dest ..." stmt= # # allowing file replacement is all or nothing. if test -n "$replace"; then stmt="$stmt $replace" fi # files="$file $file.sig" destdir=`echo $dest | sed 's/[^:]*://'` if test -n "$symlink_expr"; then linkname=`echo $file | sed "$symlink_expr"` stmt="$stmt symlink: $file $linkname symlink: $file.sig $linkname.sig" fi upload "$dest" "$destdir" "$file" "$file" "$stmt" "$files" done done exit 0 # Local variables: # eval: (add-hook 'before-save-hook 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" # time-stamp-time-zone: "UTC0" # time-stamp-end: "; # UTC" # End: