$Id: OpenSSL-release.html,v 1.25 2005/06/13 03:53:57 levitte Exp $
The following stuff needs to be done for a release
| Todo Beta | Todo Release | ||
|---|---|---|---|
| 0. | If you don't have it yet, check out the current release branch of OpenSSL, otherwise just make sure it's updated. For the 0.9.6 releases, the branch is OpenSSL_0_9_6-stable. | ||
| 1. | do a make update and commit it. | ||
| 2. | Change OPENSSL_VERSION_NUMBER in crypto/opensslv.h to the correct number (for example 0x00906002L for the 0.9.6-beta2) and change the texts accordingly. Also change version number in README. Change the information in STATUS appropriately. Check the version information in openssl.spec and change it if necessary. Commit. | Change OPENSSL_VERSION_NUMBER in crypto/opensslv.h to the correct number (for example 0x0090600fL for the 0.9.6 release) and change the texts accordingly. Also change version number in README and FAQ (the question about the current version). Change the date information in CHANGES and change the information in STATUS appropriately. Add necessary information in NEWS. Check the version information in openssl.spec and change it if necessary. Commit. | |
| 3. | tag with OpenSSL_x_y_xp-betan, where x, y, z and p are the major, minor and edit numbers and the possible patch letter (for version 0.9.5 beta2, that would be OpenSSL_0_9_5-beta2, for 0.9.6a beta2, it would be OpenSSL_0_9_6a-beta2). | tag with OpenSSL_x_y_xp, where x, y, z and p are the major, minor and edit numbers and the possible patch letter (for version 0.9.5, that would be OpenSSL_0_9_5, for 0.9.6a, it would be OpenSSL_0_9_6a). | |
| 4. | Update CHANGES by adding something like the following
(this applies to the moments after 0.9.5 was released) at the
top:
Finish up by commiting.Changes between 0.9.5 and 0.9.6 [xx XXX xxxx] *) |
||
| 5. | Change OPENSSL_VERSION_NUMBER in crypto/opensslv.h to the next beta, with "-dev" in OPENSSL_VERSION_TEXT. For betas, there's no difference in OPENSSL_VERSION_NUMBER between the development of a beta and the release of the same beta, so both 0.9.7-beta5-dev and 0.9.7-beta5 have the number 0x00907005L). Make similar changes to the version information and date in README and openssl.spec. Commit. | Change OPENSSL_VERSION_NUMBER in crypto/opensslv.h to the next number, flagged as development version (for 0.9.7-dev, that would be 0x00907000L) and change the texts accordingly. Make similar changes to the version information and date in README and openssl.spec. Commit. | |
| 6. | export into a separate directory with
the tag used in 3. (that's quite relevant for me, since I store a number of junk files in my work directory, and they should definitely not become part of any release) |
||
| 7. | build the tarball (doing a make
-f Makefile.org dist) NOTE:The 0.9.6x distribution comes in two variants, where the [engine] one is to be handled in a special way:
|
||
| 8. | do an openssl md5 over the tarball,
using the following command (or similar, on other platforms than
Unix):
openssl md5 < TARBALL > TARBALL.md5
or:
openssl md5 TARBALL | awk '{print $2}' > TARBALL.md5
|
||
| 9. | sign the tarball into a .asc file,
using your own key With pgp 2.6.x, that's done with the command pgp -sba file NOTE: PGP tends to make the .asc files readable only to the owner. You need to change that, for example with the command chmod a+r file.asc |
||
| 10. | Place the files from 7-9 in /e/openssl/ftp/source Place the files from 7 in /e/openssl/web/source (the best is to make a hard link to the copy in /e/openssl/ftp/source, to save space) |
Place the files from 7-9 in /e/openssl/ftp/source Place the files from 7 in /e/openssl/web/source (the best is to make a hard link to the copy in /e/openssl/ftp/source, to save space) Remove the beta releases of this release. |
|
| 11. | Add a newsflash in
openssl-web/news/newsflash.txt. |
Add a newsflash in
openssl-web/news/newsflash.txt. Change the info appropriately in openssl-web/source/index.current (it includes the name of the current tarball, is all) and openssl-web/news/state.wmk. Change openssl-web/news/announce.{wml,txt} to reflect the new release (use the latest possible NEWS file), add names of new developers and remove names of old (emeritae?) developers. Do not forget to set the MD5 checksum(s) for the distribution(s). Commit. |
|
| 12. | On dev.openssl.org, do the following:
|
On dev.openssl.org, do the following:
|
|
| 13. | Write an announcement like this, and sign
it with PGP, using the same key you used to sign the tarballs.
With PGP 2.6.x, that's done with the command
pgp -sta file, resulting in a file like
beta-announce.txt.asc. Send the result to: openssl-announce@openssl.org, comp.os.linux.announce Login as openssl@dev.openssl.org (if you have an ssh key for it), run mutt, wait for a "BOUNCE: openssl-announce needs approval" message and approve your announcement by pressing "A" (big A) in mutt's message menu. |
Sign announce.txt with PGP, using the same key you
used to sign the tarballs. With PGP 2.6.x, that's done with the
command pgp -sta file, resulting in a file
announce.txt.asc. Send announce.txt.asc to: openssl-announce@openssl.org, Note that some addresses may require you to be subscribed. It's usually not too hard to have them be post only, so you don't have to listen to all the chatter. comp.os.linux.announce Login as openssl@dev.openssl.org (if you have an ssh key for it), run mutt, wait for a "BOUNCE: openssl-announce needs approval" message and approve your announcement by pressing "A" (big A) in mutt's message menu. |
|
| 14. | Tell www.freshmeat.net. | ||