[devscripts] 03/03: uscan: Set $keyring properly
Osamu Aoki
osamu at moszumanska.debian.org
Thu Nov 12 14:33:16 UTC 2015
This is an automated email from the git hooks/post-receive script.
osamu pushed a commit to branch multitar
in repository devscripts.
commit d798261d8fa6a88a9c80b01e62eeb532d68de40b
Author: Osamu Aoki <osamu at debian.org>
Date: Thu Nov 12 23:22:12 2015 +0900
uscan: Set $keyring properly
Set $keyring in process_watchfile by moving code out from
process_watchline
---
scripts/uscan.pl | 44 +++++++++++++++++++-------------------------
1 file changed, 19 insertions(+), 25 deletions(-)
diff --git a/scripts/uscan.pl b/scripts/uscan.pl
index 9f5e3eb..2b7ddec 100755
--- a/scripts/uscan.pl
+++ b/scripts/uscan.pl
@@ -2553,21 +2553,17 @@ sub process_watchline ($$$$$$)
}
# Allow 2 char shorthands for opts="pgpmode=..." and check
- my $needkeyring;
if ($options{'pgpmode'} =~ m/^au/) {
$options{'pgpmode'} = 'auto';
- $needkeyring = 1;
if (defined $options{'pgpsigurlmangle'}) {
uscan_warn "Ignore pgpsigurlmangle because pgpmode=auto\n";
delete $options{'pgpsigurlmangle'};
}
} elsif ($options{'pgpmode'} =~ m/^ma/) {
$options{'pgpmode'} = 'mangle';
- $needkeyring = 1;
if (not defined $options{'pgpsigurlmangle'}) {
uscan_warn "Missing pgpsigurlmangle. Setting pgpmode=default\n";
$options{'pgpmode'} = 'default';
- $needkeyring = 0;
}
} elsif ($options{'pgpmode'} =~ m/^no/) {
$options{'pgpmode'} = 'none';
@@ -2576,36 +2572,15 @@ sub process_watchline ($$$$$$)
} elsif ($options{'pgpmode'} =~ m/^pr/) {
$options{'pgpmode'} = 'previous';
$options{'versionmode'} = 'previous'; # no other value allowed
- $needkeyring = 1;
} elsif ($options{'pgpmode'} =~ m/^se/) {
$options{'pgpmode'} = 'self';
- $needkeyring = 1;
} else {
$options{'pgpmode'} = 'default';
}
- # XXX This needs to be moved out to process_watchfile XXX
# If PGP used, check required programs and generate files
uscan_debug "\$options{'pgpmode'}=$options{'pgpmode'}, \$options{'pgpsigurlmangle'}=$options{'pgpsigurlmangle'}\n" if defined $options{'pgpsigurlmangle'};
uscan_debug "\$options{'pgpmode'}=$options{'pgpmode'}, \$options{'pgpsigurlmangle'}=undef\n" if ! defined $options{'pgpsigurlmangle'};
- if ($needkeyring) {
- # upstream-signing-key.pgp is deprecated
- $keyring = first { -r $_ } qw(debian/upstream/signing-key.pgp debian/upstream/signing-key.asc debian/upstream-signing-key.pgp);
- if (defined $keyring) {
- uscan_verbose "Found upstream signing keyring: $keyring\n";
- } else {
- uscan_verbose "PGP signature used, but the upstream keyring does not exist\n";
- }
-
- if ($keyring =~ m/\.asc$/) {
- # Need to convert an armored key to binary for use by gpgv
- $gpghome = tempdir(CLEANUP => 1);
- my $newkeyring = "$gpghome/trustedkeys.gpg";
- spawn(exec => [$havegpg, '--homedir', $gpghome, '--no-options', '-q', '--batch', '--no-default-keyring', '--output', $newkeyring, '--dearmor', $keyring],
- wait_child => 1);
- $keyring = $newkeyring
- }
- }
# Check component for duplication and set $orig to the proper extension string
if ($options{'pgpmode'} ne 'previous') {
@@ -3440,6 +3415,9 @@ EOF
$newfile_base =~ s/^(.*?)\.[^\.]+$/$1/;
if ($signature == -1) {
uscan_warn("SKIP Checking OpenPGP signature (by request).\n");
+ } elsif (! defined $keyring) {
+ uscan_warn("FAIL Checking OpenPGP signature (no keyring).\n");
+ return 1;
} elsif ($download_available == 0) {
uscan_warn "FAIL Checking OpenPGP signature (no signed upstream tarball downloaded).\n";
return 1;
@@ -3877,6 +3855,22 @@ sub process_watchfile ($$$$)
%dehs_tags = ();
uscan_verbose "Process $dir/$watchfile (package=$package version=$version)\n";
+
+ # set $keyring: upstream-signing-key.pgp is deprecated
+ $keyring = first { -r $_ } qw(debian/upstream/signing-key.pgp debian/upstream/signing-key.asc debian/upstream-signing-key.pgp);
+ if (defined $keyring) {
+ uscan_verbose "Found upstream signing keyring: $keyring\n";
+ }
+
+ if ($keyring =~ m/\.asc$/) {
+ # Need to convert an armored key to binary for use by gpgv
+ $gpghome = tempdir(CLEANUP => 1);
+ my $newkeyring = "$gpghome/trustedkeys.gpg";
+ spawn(exec => [$havegpg, '--homedir', $gpghome, '--no-options', '-q', '--batch', '--no-default-keyring', '--output', $newkeyring, '--dearmor', $keyring],
+ wait_child => 1);
+ $keyring = $newkeyring
+ }
+
unless (open WATCH, $watchfile) {
uscan_warn "could not open $watchfile: $!\n";
return 1;
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/collab-maint/devscripts.git
More information about the devscripts-devel
mailing list