Use sha256 for hashes in the release process

I just came across the GDB 10.1 release notes and saw that md5 is still
being used in those. I thought it would be a good idea to instead have a
more modern, secure and wildly available hash function such as SHA256 as
part of the release process.

The changes have been done rather mechnically via sed but executing the
`src-release.sh -b gdb` did work so I am confident about the result.

While this does not directly address the release mails, I was wasn't
able to find the template/script used for those, this is probably still
an improvement.

ChangeLog:
	* src-release.sh: Use sha256sum instead of md5sum.

binutils/ChangeLog:
	* README-how-to-make-a-release: Use sha256sum instead of md5sum.

Change-Id: I9cf19ea40699137c45463b8514f6e29271af2347

ChangeLog

@@ -1,3 +1,7 @@
+2020-10-26  Andreas Rammhold <andreas@rammhold.de>
+
+	* src-release.sh: Use sha256sum instead of md5sum.
+
 2020-10-14  Andrew Burgess  <andrew.burgess@embecosm.com>
 
 	* Makefile.in: Rebuild.

binutils/ChangeLog

@@ -1,3 +1,7 @@
+2020-10-26  Andreas Rammhold <andreas@rammhold.de>
+
+	* README-how-to-make-a-release: Use sha256sum instead of md5sum.
+
 2020-10-28  Nick Clifton  <nickc@redhat.com>
 
 	PR 26795

binutils/README-how-to-make-a-release

@@ -124,7 +124,7 @@ How to perform a release.
 
           cd <branch-sources>
           scp binutils-<OLD_VERSION>.90.tar.xz sourceware.org:~ftp/pub/binutils/snapshots
-          ssh sourceware.org md5sum ~ftp/pub/binutils/snapshots/binutils-<OLD_VERSION>.90.tar.xz
+          ssh sourceware.org sha256sum ~ftp/pub/binutils/snapshots/binutils-<OLD_VERSION>.90.tar.xz
 
      e. Clean up the source directory again.
 
@@ -364,7 +364,7 @@ Cheers
       David Edelsohn <dje.gcc@gmail.com> announcing the new release.
       Sign the email and include the checksum:
 
-          md5sum binutils-2.3x.tar.*
+          sha256sum binutils-2.3x.tar.*
 
       (The email to Davis is so that he can update the GNU Toolchain
       social media).  Something like this:

src-release.sh

@@ -26,7 +26,7 @@ BZIPPROG=bzip2
 GZIPPROG=gzip
 LZIPPROG=lzip
 XZPROG=xz
-MD5PROG=md5sum
+SHA256PROG=sha256sum
 MAKE=make
 CC=gcc
 CXX=g++
@@ -168,15 +168,15 @@ do_proto_toplev()
 
 CVS_NAMES='-name CVS -o -name .cvsignore'
 
-# Add an md5sum to the built tarball
+# Add a sha256sum to the built tarball
-do_md5sum()
+do_sha256sum()
 {
-    echo "==> Adding md5 checksum to top-level directory"
+    echo "==> Adding sha256 checksum to top-level directory"
     (cd proto-toplev && find * -follow \( $CVS_NAMES \) -prune \
 	-o -type f -print \
-	| xargs $MD5PROG > ../md5.new)
+	| xargs $SHA256PROG > ../sha256.new)
-    rm -f proto-toplev/md5.sum
+    rm -f proto-toplev/sha256.sum
-    mv md5.new proto-toplev/md5.sum
+    mv sha256.new proto-toplev/sha256.sum
 }
 
 # Build the release tarball
@@ -276,7 +276,7 @@ tar_compress()
     verdir=${5:-$tool}
     ver=$(getver $verdir)
     do_proto_toplev $package $ver $tool "$support_files"
-    do_md5sum
+    do_sha256sum
     do_tar $package $ver
     do_compress $package $ver "$compressors"
 }
@@ -290,7 +290,7 @@ gdb_tar_compress()
     compressors=$4
     ver=$(getver $tool)
     do_proto_toplev $package $ver $tool "$support_files"
-    do_md5sum
+    do_sha256sum
     do_djunpack $package $ver
     do_tar $package $ver
     do_compress $package $ver "$compressors"