Commit Graph

25 Commits

Author SHA1 Message Date
UdjinM6
f7218d1899 Make shellcheck happy 2020-07-29 11:20:12 -05:00
UdjinM6
35fbb5992f More of "export LC_ALL=C" 2020-07-29 11:04:30 -05:00
Wladimir J. van der Laan
cb5d0d8b99 Merge #13454: Make sure LC_ALL=C is set in all shell scripts
47776a958b08382d76d69b5df7beed807af168b3 Add linter: Make sure all shell scripts opt out of locale dependence using "export LC_ALL=C" (practicalswift)
3352da8da1243c03fc83ba678d2f5d193bd5a0c2 Add "export LC_ALL=C" to all shell scripts (practicalswift)

Pull request description:

  ~~Make sure `LC_ALL=C` is set when using `grep` range expressions.~~

  Make sure `LC_ALL=C` is set in all shell scripts.

  From the `grep(1)` documentation:

  > Within a bracket expression, a range expression consists of two characters separated by a hyphen. It matches any single character that sorts between the two characters, inclusive, using the locale's collating sequence and character set. For example, in the default C locale, `[a-d]` is equivalent to `[abcd]`. Many  locales sort characters in dictionary order, and in these locales `[a-d]` is typically not equivalent to `[abcd]`; it might be equivalent to `[aBbCcDd]`, for example. To obtain the traditional interpretation of bracket expressions, you can use the C locale by setting the `LC_ALL` environment variable to the value C.

  Context: [Locale issue found when reviewing #13450](https://github.com/bitcoin/bitcoin/pull/13450/files#r194877736)

Tree-SHA512: fd74d2612998f9b49ef9be24410e505d8c842716f84d085157fc7f9799d40e8a7b4969de783afcf99b7fae4f91bbb4559651f7dd6578a6a081a50bdea29f0909
2020-07-28 21:35:31 -05:00
Wladimir J. van der Laan
3979f24d3f Merge #13479: contrib: Fix CVE-2018-12356 by hardening the regex
9e2e5626dabb7208dafedcc9904940b666be1c3b Fix CVE-2018-12356 by hardening the regex. (Loganaden Velvindron)

Pull request description:

  Detailed write-up here:
  https://neopg.io/blog/pass-signature-spoof/

Tree-SHA512: 2020474ff4c7b5e7f1bea932c63da62aca48d3dc6dcd04507afefad6c40f2977ed2d2916defe2e8e7936a2d498125c578077870147954a7af9b29b823cbb0b10
2020-07-07 11:48:28 -05:00
UdjinM6
7d75dbda22 More of 10773 2020-04-01 12:43:18 -05:00
Pieter Wuille
a7a3ecc354 Merge #10773: Shell script cleanups
13a81b19d Add quotes to variable assignment (as requested by @TheBlueMatt) (practicalswift)
683b9d280 Fix valid path output (practicalswift)
193c2fb4c Use bash instead of POSIX sh. POSIX sh does not support arrays. (practicalswift)
80f5f28d3 Fix incorrect quoting of quotes (the previous quotes had no effect beyond unquoting) (practicalswift)
564a172df Add required space to [[ -n "$1" ]] (previously [[ -n"$1" ]]) (practicalswift)
1e44ae0e1 Add error handling: exit if cd fails (practicalswift)
b9e79ab41 Remove "\n" from echo argument. echo does not support escape sequences. (practicalswift)
f6b3382fa Remove unused variables (practicalswift)

Pull request description:

  Shell script cleanups:
  * Add required space to `[ -n ]`.
  * Avoid quote within quote.
  * Exit if `cd` fails.
  * Remove `\n` which is not handled by `echo`.
  * ~~Remove redundant `$` in arithmetic variable expression.~~
  * ~~Use `$(command)` instead of legacy form `` `command` ``.~~
  * Arrays are not supported in POSIX `sh`. Use `bash` when arrays are used.
  * ~~`[ foo -a bar ]` is not well defined, use `[ foo ] && [ bar ]` instead.~~
  * ~~`[ foo -o bar ]` is not well defined, use `[ foo ] || [ bar ]` instead.~~

Tree-SHA512: 80f6ded58bce625b15b4da30d69d2714c633e184e62b21ed67d2c58e2ebaa08b4147593324012694d02bf4f1f252844cdff2fd1cf5e817ddb07e2777db7a6390
2020-04-01 12:43:18 -05:00
Pieter Wuille
f32949fa91
Merge #11834: [verify-commits] Fix gpg.sh's echoing for commits with '\n'
a38686cea [verify-commits] Fix gpg.sh's echoing for commits with '\n' (Matt Corallo)

Pull request description:

  Should fix master travis failures

Tree-SHA512: 1e96476e4db0474f1dc2c6973cdb1154316b7cec13d3fe46f3383cfe4f1ed30c2eee08a0d047931f20b2fa83baaacb4687f39e1cab6f264009cd0292134facdd
2020-01-30 07:32:32 -06:00
Wladimir J. van der Laan
e357bda75b
Merge #11467: Fix typos. Use nullptr instead of NULL.
0aacfa4 Remove accidental stray semicolon (practicalswift)
68feb49 Use nullptr instead of NULL (practicalswift)
c6b07fd Fix a vs. an typo (practicalswift)

Pull request description:

  Minor cleanups:
  * Typo: Fix a vs. an typo
  * Typo: Remove accidental stray semicolon (only remaining instance in repo)
  * Correctness/consistency: Use `nullptr` instead of `NULL` (only remaining instance in repo)

Tree-SHA512: 47142e557da9d3fa0b532c46edeb7f356a1f6dc5973e60b0e496badff3581ff696eade542d49da777ac7f2e895129cc8487ccdb1984ff828434fa86f9a56dad0
2020-01-16 09:22:46 -06:00
Wladimir J. van der Laan
7919c96818 Merge #11539: [verify-commits] Allow revoked keys to expire
d23be30 [verify-commits] Allow revoked keys to expire (Matt Corallo)

Pull request description:

  This should fix verify-commits on master.

Tree-SHA512: 9bfca41fdfcdb11f6d07fcbc80a7b2de37706051e963292e0fbb4c608f146c87b65ab1e8395792197b4a7099e89fa045f278a60276672f6540b68d5e15b5a4a7
2019-09-30 08:33:16 +02:00
Pasta
c3eb0c7887 reset file perms 2019-02-26 16:50:25 -06:00
Wladimir J. van der Laan
c55e019bf7 Merge #9940: Fix verify-commits on OSX, update for new bad Tree-SHA512, point travis to different keyservers
df5bae2 Update trusted-sha512-root-commit for new bad tree hash (Matt Corallo)
efc06c2 If GNU sha512sum is missing, try perl shasum in verify-commits (Matt Corallo)
8ed849f Fix travis failing to fetch keys from the sks keyserver pool (Matt Corallo)
fd5e905 Make verify-commits.sh non-recursive (Matt Corallo)

Tree-SHA512: 457cc81d6e0a77ab32d030ecd058c59857f22cb998a1394593e115639081f3fdc74a6376035b77be0712ad5cb9143bc3f498b77e99eb66034492dbbb38c39bc6
2019-02-26 16:41:05 -06:00
UdjinM6
0b552be20b
Fix file permissions broken in 2682 (#2717) 2019-02-20 12:03:48 +03:00
Wladimir J. van der Laan
8a436ec36a Merge #9932: Fix verify-commits on travis and always check top commit's tree
b3ec305 Fix bashisms in verify-commits and always check top commit's tree (Matt Corallo)
f20e664 Check gpg version before setting --weak-digest (Matt Corallo)

Tree-SHA512: f87247008ae6a265e3fd371f00aec0e84f1feb713bf5859eab139a88a4e205e1f26de7b510bcc2c3ab538d5443978a48ec920d25b52b9601e625d198fa2d725f
2019-02-04 19:58:15 -06:00
Wladimir J. van der Laan
6addbe0747 Merge #9880: Verify Tree-SHA512s in merge commits, enforce sigs are not SHA1
bbd7579 Fix regsig checking for subkey sigs in verify-commits (Matt Corallo)
d025bc7 Allow any subkey in verify-commits (Matt Corallo)
eddc77a Add comment re: why SHA1 is disabled (Peter Todd)
d9c450f Verify Tree-SHA512s in merge commits, enforce sigs are not SHA1 (Matt Corallo)
be908a6 Fail merge if there are any symlinks (Matt Corallo)

Tree-SHA512: bb66c59cc1c6b1c86d7d8be7adb0769c6598c0e28ad927409941f30af87d390521e82fc13700ee22e92db1bd571db3e19a152ec7b2c0349c6e06f5de62c0b65f
2019-02-04 19:58:07 -06:00
UdjinM6
1c9917e227
Fix CVE-2018-12356 by hardening the regex (#2126) 2018-06-18 19:08:27 +03:00
Wladimir J. van der Laan
a5a9e46042 Merge #8700: [copyright] add MIT license headers to .sh scripts where missing
0766d1c [copyright] add MIT license headers to .sh scripts where missing (isle2983)
2018-01-11 13:20:57 +01:00
Wladimir J. van der Laan
573d9314e8 Merge #7713: Fixes for verify-commits script
1e9aab0 Remove sipa's old revoked key from verify-commits (Peter Todd)
966151e Add README for verify-commits (Peter Todd)
11164ec Remove keys that are no longer used for merging (Peter Todd)
22421fa Remove pointless warning (Peter Todd)
9523e8a Make verify-commits path-independent (Matt Corallo)
f7d4a25 Make verify-commits POSIX-compliant (Matt Corallo)
2017-12-28 11:44:59 +01:00
UdjinM6
b3d1140800 more bitcoin->dash 2016-03-04 12:09:03 +03:00
Jonas Schnelli
a5bc8de1ba
add jonasschnellis key to git-verify-commits trusted-keys 2015-11-13 14:52:17 +01:00
Matt Corallo
9ea7762e2c Use Pieter's signing subkey instead of his primary key
This commit is signed.
2015-11-06 15:19:31 -08:00
Matt Corallo
6e800c2b41
Add Pieter's new PGP key to verify-commits/trusted-keys 2015-10-27 17:06:13 -07:00
Matt Corallo
1d94b72019 Whitelist commits signed with Pieter's now-revoked key 2015-10-23 02:05:42 -07:00
Matt Corallo
27252b7389 Fix pre-push-hook regexes 2015-10-22 19:50:01 -07:00
Matt Corallo
0186228d61 Update trusted-git-root to the most recent unsigned commit 2015-09-14 12:54:25 -04:00
Matt Corallo
adaa568722 Add script to verify all merge commits are signed 2014-12-20 00:39:42 -05:00