diff options
| -rw-r--r-- | NEWS | 4 | ||||
| -rwxr-xr-x | indexgen.sh | 28 | ||||
| -rwxr-xr-x | upload | 1 |
3 files changed, 32 insertions, 1 deletions
@@ -2,6 +2,8 @@ (The `lines' figures total .c, .h, .l, and .y files under version control.) +fetchmail-5.8.9 (Sun Jun 24 20:30:49 EDT 2001), 20922 lines: + * HMH's snprintf/strncat cleanup patch. * Fixes for Debian bugs #101792, #101950. * Updated Danish translation by Byrial Jensen. @@ -10,6 +12,8 @@ the list of domains to be queried in ETRN and ODMR modes. Instead, use the `fetchdomains' option. +There are 353 people on fetchmail-friends and 599 on fetchmail-announce. + fetchmail-5.8.8 (Wed Jun 20 17:22:26 EDT 2001), 20782 lines: * Fix bug that prevented messages from being marked oversized unless -v was on. diff --git a/indexgen.sh b/indexgen.sh index b65c213d..ebb5009c 100755 --- a/indexgen.sh +++ b/indexgen.sh @@ -33,6 +33,11 @@ then done fi +# Cryptographically sign checksums +gpg --clearsign checksums +mv checksums.asc checksums +gpg --detach-sign --armor fetchmail-$(VERSION).tar.gz + cat >index.html <<EOF <!doctype HTML public "-//W3O//DTD W3 HTML 3.2//EN"> <HTML> @@ -137,7 +142,21 @@ You can get any of the following leading-edge resources here: Source RPM of fetchmail $version</a> </UL> -MD5 <a href="checksums">checksums</a> are available for these files.<p> +The <a href="fetchmail-$version.tar.gz.asc">detached GPG signature</a> for the +binary tarball can be used to check it for correctness, with the command + +<listing> +gpg --verify fetchmail-$version.tar.gz.asc fetchmail-$version.tar.gz +</listing> + +MD5 <a href="checksums">checksums</a> are available for these files; the +checksum file is cryptographically signed and can be verified with the +command: + +<listing> +gpg --verify checksums.asc +</listing> + EOF if [ $version != $goldvers ] @@ -155,6 +174,13 @@ Or you can get the last \`gold' version, $goldname: <LI> <a href="fetchmail-$goldvers-1.src.rpm"> Source RPM of fetchmail $goldname</a> </UL> +The <a href="fetchmail-$goldvers.tar.gz.asc">detached GPG signature</a> for the +binary tarball can be used to check it for correctness, with the command + +<listing> +gpg --verify fetchmail-$goldvers.tar.gz.asc fetchmail-$goldvers.tar.gz +</listing> + For differences between the leading-edge $version and gold $goldname versions, see the distribution <a href="NEWS">NEWS</a> file.<p> EOF @@ -11,6 +11,7 @@ echo "Beginning web upload..." # First, copy to primary website dest=esr@${WWWHOST}:${WWWDIR}/fetchmail scp fetchmail-${version}.tar.gz $dest +scp fetchmail-${version}.tar.gz.asc $dest scp fetchmail-FAQ.html $dest scp fetchmail-${version}-1.i386.rpm $dest scp fetchmail-${version}-1.src.rpm $dest |