SVN devscripts commit: r561 - in trunk: debian scripts
Adam D. Barratt
adam-guest at alioth.debian.org
Mon Mar 12 22:12:46 CET 2007
Author: adam-guest
Date: 2007-03-12 21:12:45 +0000 (Mon, 12 Mar 2007)
New Revision: 561
Modified:
trunk/debian/changelog
trunk/scripts/dscverify.1
trunk/scripts/dscverify.pl
Log:
Add --nosigcheck (#397720)
Modified: trunk/debian/changelog
===================================================================
--- trunk/debian/changelog 2007-03-12 18:23:33 UTC (rev 560)
+++ trunk/debian/changelog 2007-03-12 21:12:45 UTC (rev 561)
@@ -72,6 +72,7 @@
(Closes: #414200)
- use bugs.d.o/mbox:NNNN to download the mbox
- attempt to download version graphs in "full caching" mode
+ * dscverify: Add --nosigcheck (Closes: #397720)
[ James Vega ]
* debian/control: Add myself to the Uploaders list.
@@ -80,7 +81,7 @@
* scripts/Makefile: Specify an include directory when running Perl in order
to handle the source restructuring.
- -- James Vega <jamessan at debian.org> Mon, 12 Mar 2007 14:18:32 -0400
+ -- Adam D. Barratt <debian-bts at adam-barratt.org.uk> Mon, 12 Mar 2007 21:10:36 +0000
devscripts (2.9.27) unstable; urgency=low
Modified: trunk/scripts/dscverify.1
===================================================================
--- trunk/scripts/dscverify.1 2007-03-12 18:23:33 UTC (rev 560)
+++ trunk/scripts/dscverify.1 2007-03-12 21:12:45 UTC (rev 561)
@@ -21,6 +21,10 @@
Do not read any configuration files. This can only be used as the
first option given on the command-line.
.TP
+\fB\-\-nosigcheck\fR, \fB\-\-no\-sig\-check\fR
+Skip the signature verification step. That is, only verify the sizes and
+MD5 sums of the files listed in the \fI.changes\fR or \fI.dsc\fR files.
+.TP
.BR \-\-help ", " \-h
Display a help message and exit successfully.
.TP
Modified: trunk/scripts/dscverify.pl
===================================================================
--- trunk/scripts/dscverify.pl 2007-03-12 18:23:33 UTC (rev 560)
+++ trunk/scripts/dscverify.pl 2007-03-12 21:12:45 UTC (rev 561)
@@ -42,6 +42,7 @@
my $modified_conf_msg;
my $Exit = 0;
my $start_dir = cwd;
+my $verify_sigs = 1;
sub usage {
print <<"EOF";
@@ -50,6 +51,8 @@
--version Display version and copyright information
--keyring <keyring>
Add <keyring> to the list of keyrings used
+ --nosigcheck, --no-sig-check
+ Do not verify the GPG signature
--no-conf, --noconf
Do not read the devscripts config file
@@ -113,6 +116,7 @@
sub process_file {
my ($file, @rings) = @_;
my ($filedir, $filebase);
+ my $sigcheck;
print "$file:\n";
@@ -139,12 +143,14 @@
return;
}
- my $sigcheck = check_signature $filebase, @rings;
- if ($sigcheck) {
- xwarn "$file failed signature check:\n$sigcheck";
- return;
- } else {
- print " Good signature found\n";
+ if ($verify_sigs == 1) {
+ $sigcheck = check_signature $filebase, @rings;
+ if ($sigcheck) {
+ xwarn "$file failed signature check:\n$sigcheck";
+ return;
+ } else {
+ print " Good signature found\n";
+ }
}
my @spec = map { split /\n/ } $out =~ /^Files:\s*\n((?:[ \t]+.*\n)+)/mg;
@@ -197,7 +203,7 @@
close FILE;
- if ($filename =~ /\.dsc$/) {
+ if ($filename =~ /\.dsc$/ && $verify_sigs == 1) {
$sigcheck = check_signature $filename, @rings;
if ($sigcheck) {
xwarn "$filename failed signature check:\n$sigcheck";
@@ -258,6 +264,7 @@
while (@ARGV > 0) {
if ($ARGV[0] eq '--help') { usage; exit 0; }
if ($ARGV[0] eq '--version') { print $version; exit 0; }
+ if ($ARGV[0] =~ /^--no(sig|-sig-)check$/) { $verify_sigs = 0; shift @ARGV; }
if ($ARGV[0] =~ /^--no-?conf$/) {
xdie "$ARGV[0] is only acceptable as the first command-line option!\n";
}
@@ -294,7 +301,7 @@
@ARGV or xdie "no .changes or .dsc files specified\n";
- @rings = get_rings @rings;
+ @rings = get_rings @rings unless $verify_sigs == 0;
for my $file (@ARGV) {
process_file $file, @rings;
More information about the Devscripts-devel
mailing list