Adding a slightly untested DSA-signing step to our release process.
authorZachary West <zacw@adiumx.com>
Fri, 27 Mar 2009 15:16:28 +0000
changeset 1329 8fd6d3b09119
parent 1328 437972c05641
child 1330 0998704033ef
Adding a slightly untested DSA-signing step to our release process.
Adium.xcodeproj/project.pbxproj
Plists/Info.plist
Release/Makefile
Release/sign_update.rb
Resources/dsa_pub.pem
--- a/Adium.xcodeproj/project.pbxproj	Fri Mar 27 12:32:23 2009 +0000
+++ b/Adium.xcodeproj/project.pbxproj	Fri Mar 27 15:16:28 2009 +0000
@@ -82,6 +82,7 @@
 		111DDF3A0E8E7D2F00114FCA /* AIAutomaticStatus.m in Sources */ = {isa = PBXBuildFile; fileRef = 111DDF390E8E7D2F00114FCA /* AIAutomaticStatus.m */; };
 		112523190F5F7F86003FC58A /* AITwitterURLHandler.m in Sources */ = {isa = PBXBuildFile; fileRef = 112523180F5F7F86003FC58A /* AITwitterURLHandler.m */; };
 		112527740F5F9E63003FC58A /* AITwitterAccountView.nib in Resources */ = {isa = PBXBuildFile; fileRef = 112527730F5F9E63003FC58A /* AITwitterAccountView.nib */; };
+		113589870F7D243700CC9121 /* dsa_pub.pem in Resources */ = {isa = PBXBuildFile; fileRef = 113589860F7D243700CC9121 /* dsa_pub.pem */; };
 		113891830F6B6AFF00A7D7DC /* AILaconicaService.m in Sources */ = {isa = PBXBuildFile; fileRef = 113891820F6B6AFF00A7D7DC /* AILaconicaService.m */; };
 		1138918A0F6B6B2800A7D7DC /* AILaconicaAccount.m in Sources */ = {isa = PBXBuildFile; fileRef = 113891890F6B6B2800A7D7DC /* AILaconicaAccount.m */; };
 		1138918D0F6B6B3F00A7D7DC /* AILaconicaPlugin.m in Sources */ = {isa = PBXBuildFile; fileRef = 1138918C0F6B6B3F00A7D7DC /* AILaconicaPlugin.m */; };
@@ -1793,6 +1794,7 @@
 		112523170F5F7F86003FC58A /* AITwitterURLHandler.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = AITwitterURLHandler.h; path = "Plugins/Twitter Plugin/AITwitterURLHandler.h"; sourceTree = "<group>"; };
 		112523180F5F7F86003FC58A /* AITwitterURLHandler.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; name = AITwitterURLHandler.m; path = "Plugins/Twitter Plugin/AITwitterURLHandler.m"; sourceTree = "<group>"; };
 		112527730F5F9E63003FC58A /* AITwitterAccountView.nib */ = {isa = PBXFileReference; lastKnownFileType = wrapper.nib; name = AITwitterAccountView.nib; path = "Plugins/Twitter Plugin/AITwitterAccountView.nib"; sourceTree = "<group>"; };
+		113589860F7D243700CC9121 /* dsa_pub.pem */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = dsa_pub.pem; sourceTree = "<group>"; };
 		113891810F6B6AFF00A7D7DC /* AILaconicaService.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = AILaconicaService.h; path = "Plugins/Twitter Plugin/AILaconicaService.h"; sourceTree = "<group>"; };
 		113891820F6B6AFF00A7D7DC /* AILaconicaService.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; name = AILaconicaService.m; path = "Plugins/Twitter Plugin/AILaconicaService.m"; sourceTree = "<group>"; };
 		113891880F6B6B2800A7D7DC /* AILaconicaAccount.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = AILaconicaAccount.h; path = "Plugins/Twitter Plugin/AILaconicaAccount.h"; sourceTree = "<group>"; };
@@ -7637,6 +7639,7 @@
 		F50A325A03B5798301A8010A /* Resources */ = {
 			isa = PBXGroup;
 			children = (
+				113589860F7D243700CC9121 /* dsa_pub.pem */,
 				34D8326107CBD598006466F2 /* AccountPrefs.plist */,
 				340E9B1F0E34EB900032BEA6 /* Info.plist */,
 				07C6EA3C0C06676400B79CBD /* AdiumHelp */,
@@ -9045,6 +9048,7 @@
 				1109634C0F61C1D00064CA0E /* AITwitterReplyWindow.nib in Resources */,
 				113892270F6B70CA00A7D7DC /* laconica-small.png in Resources */,
 				113892280F6B70CA00A7D7DC /* laconica.png in Resources */,
+				113589870F7D243700CC9121 /* dsa_pub.pem in Resources */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 		};
--- a/Plists/Info.plist	Fri Mar 27 12:32:23 2009 +0000
+++ b/Plists/Info.plist	Fri Mar 27 15:16:28 2009 +0000
@@ -428,6 +428,8 @@
 	<string>AIApplication</string>
 	<key>OSAScriptingDefinition</key>
 	<string>Adium.sdef</string>
+	<key>SUPublicDSAKeyFile</key>
+	<string>dsa_pub.pem</string>
 	<key>SUCheckAtStartup</key>
 	<true/>
 	<key>SUFeedURL</key>
--- a/Release/Makefile	Fri Mar 27 12:32:23 2009 +0000
+++ b/Release/Makefile	Fri Mar 27 15:16:28 2009 +0000
@@ -179,6 +179,10 @@
 	./ensureCustomIconsExtracted $(ART_DIR)
 	./make-diskimage.sh $(BUILD_DIR)/$(RELEASE_NAME).dmg $(ADIUM_DIR) "Adium X $(VERSION)" dmg_adium.scpt $(ART_DIR)
 	
+ifeq ($(OFFICIAL_BUILD),TRUE)
+	@echo DSA for Sparkle: `ruby sign_update.rb "$(BUILD_DIR)/$(RELEASE_NAME_ESCAPED).dmg" "~/.ssh/dsa_priv.pem"`
+endif
+
 	@echo Build finished. `md5 $(BUILD_DIR)/$(RELEASE_NAME_ESCAPED).dmg`
 
 #This is what nightly builds use. Does not update because buildbot does.
@@ -188,6 +192,7 @@
 	md5 -q $(BUILD_DIR)/$(RELEASE_NAME).tgz >> $(BUILD_DIR)/latest
 	ls -l $(BUILD_DIR)/$(RELEASE_NAME).tgz | awk '{print $$5}' >>$(BUILD_DIR)/latest
 	echo $(VERSION) >> $(BUILD_DIR)/latest
+	`ruby sign_update.rb "$(BUILD_DIR)/$(RELEASE_NAME_ESCAPED).dmg" "~/.ssh/dsa_priv.pem"` >> $(BUILD_DIR)/latest
 
 tarballapp:
 	rm $(BUILD_DIR)/$(RELEASE_NAME).tgz || true
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/Release/sign_update.rb	Fri Mar 27 15:16:28 2009 +0000
@@ -0,0 +1,7 @@
+#!/usr/bin/ruby
+if ARGV.length < 2
+  puts "Usage: ruby sign_update.rb update_archive private_key"
+  exit
+end
+
+puts `openssl dgst -sha1 -binary < "#{ARGV[0]}" | openssl dgst -dss1 -sign "#{ARGV[1]}" | openssl enc -base64`
\ No newline at end of file
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/Resources/dsa_pub.pem	Fri Mar 27 15:16:28 2009 +0000
@@ -0,0 +1,20 @@
+-----BEGIN PUBLIC KEY-----
+MIIDOzCCAi0GByqGSM44BAEwggIgAoIBAQC0zpH/cl5dWmvhd/oKoTr2a//nfd1s
+uLVouun1ErNuBKa30wh1PszZUNoAmq634DPbH1Ng4R62nPPZP6wfNHYHBTSh4dMe
+VK+QmxfBTzgYZhnsD+2BAzruYOvKaExdWyXxKEJ4jIu3toFvrt4RmXB1BBxFPjYX
+c+lEebiGZxATWY/OldKBbCjxl+IT/p4co4iReuXJFHKrQvE91BDzmtJxH2dwA6OS
+pNdQccxeKLv5uZIjSDnTM8It9F7i6gac/lniiHO1o+Woke2jbEWtCJC7HLgDPGLJ
+zaB0chQMd9QGLeKIb/blPhY4+L5OnIF77bTmx2pgO4/x4QxA2PdWsSIXAhUA5duY
+VS417jk39izIQWEkXkiaTe8CggEASN6ROzOeWR+G0Rg7B6fAhxDoMUyjCM2t+Jtd
+MkeFdjI4vYFVqJxF22Rgoxk0Nxp2O+fd73KlmCtjbcgGgSDhavDXiTj7RUgv6/u7
+svdMuCJbtb7BXECP3imrEhixmEy3VJAJa/V1OHUxg0o/5ZuxZgbsr0aBeCR0a10o
+twAdghSiKbsy1AN4ZZMbivQCQiDLcDLrShnsR8QdtFbvIc94KM0ndNBDA5oaEk3V
+/5dbyCGrIoMx51rJSqj9P3DPYQ5ubNwrpEWr5yZDDsyYmmVgN5RuKRzt+TNa7dBx
+DvcnzXBnXK+CN14I0iY0dT3Omnu9JHyu87B2AJSP4p/TdgMEywOCAQYAAoIBAQCf
+HrSCSMcNFVvWMxEH2vhjRk3gs5hv0/IfDG6jGrpSuCPJ+xrtl3LoJxiWK+YODl8j
+XhGHq5G637JI79/XP4uGgefaDMoKZ8H9q02f999+iwGkeXbXtz4NZi6ETl+uH3r0
+Si4QGpjP5NOtUlN8Iq1wJu1efunE74+nQ0TNaBfS4BHJeOAoSUypEBssOBZ5P0tf
+ACSt73XeeCwt+DnhPYnAxMDWvX4xYyvOwPoW0flwcPSr5NfelizKDep8CeMo4n3n
+1aphmMuBYjl/S/d4UZQvUS+V6G6p5mUXjV8AaiBYjEJs5wUxkNEMDjsiXAhaNonp
+MtvnspmzvaLNE+8/f4tQ
+-----END PUBLIC KEY-----