[devscripts] 01/03: dscverify: Add support for .buildinfo files
Mattia Rizzolo
mattia at debian.org
Fri Jan 27 13:46:30 UTC 2017
This is an automated email from the git hooks/post-receive script.
mattia pushed a commit to branch master
in repository devscripts.
commit a39de3301fb41893a12a5ac78205a06c102a8e50
Author: Guillem Jover <guillem at debian.org>
Date: Fri Jan 27 14:02:44 2017 +0100
dscverify: Add support for .buildinfo files
Closes: #852801
Signed-off-by: Guillem Jover <guillem at debian.org>
Signed-off-by: Mattia Rizzolo <mattia at debian.org>
---
scripts/dscverify.1 | 11 +++++++----
scripts/dscverify.pl | 10 +++++-----
2 files changed, 12 insertions(+), 9 deletions(-)
diff --git a/scripts/dscverify.1 b/scripts/dscverify.1
index 48b41a2..1082147 100644
--- a/scripts/dscverify.1
+++ b/scripts/dscverify.1
@@ -2,15 +2,17 @@
.SH NAME
dscverify \- verify the validity of a Debian package
.SH SYNOPSIS
-\fBdscverify\fR [\fB\-\-keyring \fIkeyring\fR] ... \fIchanges_or_dsc_filename\fR ...
+\fBdscverify\fR [\fB\-\-keyring \fIkeyring\fR] ... \fIchanges_or_buildinfo_or_dsc_filename\fR ...
.SH DESCRIPTION
\fBdscverify\fR checks that the GPG signatures on the given
-\fI.changes\fR or \fI.dsc\fR files are good signatures made by keys in
+\fI.changes\fR, \fI.buildinfo\fP or \fI.dsc\fR files are good signatures
+made by keys in
the current Debian keyrings, found in the \fIdebian-keyring\fR
and \fIdebian-maintainers\fR
packages. (Additional keyrings can be specified using the
\fB--keyring\fR option any number of times.) It then checks that the
-other files listed in the \fI.changes\fR or \fI.dsc\fR files have the
+other files listed in the \fI.changes\fR, \fI.buildinfo\fP or \fI.dsc\fR
+files have the
correct sizes and checksums (MD5 plus SHA1 and SHA256 if the latter are
present). The exit status is 0 if there are no problems and non-zero
otherwise.
@@ -28,7 +30,8 @@ first option given on the command-line.
.TP
\fB\-\-nosigcheck\fR, \fB\-\-no\-sig\-check\fR, \fB-u\fR
Skip the signature verification step. That is, only verify the sizes and
-checksums of the files listed in the \fI.changes\fR or \fI.dsc\fR files.
+checksums of the files listed in the \fI.changes\fR, \fI.buildinfo\fP or
+\fI.dsc\fR files.
.TP
\fB\-\-verbose\fR
Do not suppress GPG output.
diff --git a/scripts/dscverify.pl b/scripts/dscverify.pl
index 9760085..8bc0857 100755
--- a/scripts/dscverify.pl
+++ b/scripts/dscverify.pl
@@ -46,7 +46,7 @@ my $havegpg = first { !system('sh', '-c', "command -v $_ >/dev/null 2>&1") } qw
sub usage {
print <<"EOF";
-Usage: $progname [options] dsc-or-changes-file ...
+Usage: $progname [options] changes-or-buildinfo-dsc-file ...
Options: --help Display this message
--version Display version and copyright information
--keyring <keyring>
@@ -213,7 +213,7 @@ sub process_file {
}
}
- my @spec = map { split /\n/ } $out =~ /^Files:\s*\n((?:[ \t]+.*\n)+)/mgi;
+ my @spec = map { split /\n/ } $out =~ /^(?:Checksums-Md5|Files):\s*\n((?:[ \t]+.*\n)+)/mgi;
unless (@spec) {
xwarn "no file spec lines in $file\n";
return;
@@ -342,7 +342,7 @@ sub process_file {
close FILE;
- if ($filename =~ /\.dsc$/ && $verify_sigs) {
+ if ($filename =~ /\.(?:dsc|buildinfo)$/ && $verify_sigs) {
$sigcheck = check_signature $filename, @rings;
if ($sigcheck) {
xwarn "$filename failed signature check:\n$sigcheck";
@@ -358,7 +358,7 @@ sub process_file {
}
sub main {
- @ARGV or xdie "no .changes or .dsc files specified\n";
+ @ARGV or xdie "no .changes, .buildinfo or .dsc files specified\n";
my @rings;
@@ -416,7 +416,7 @@ sub main {
'verbose' => \$verbose,
) or do { usage; exit 1 };
- @ARGV or xdie "no .changes or .dsc files specified\n";
+ @ARGV or xdie "no .changes, .buildinfo or .dsc files specified\n";
@rings = get_rings @rings if $use_default_keyrings and $verify_sigs;
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/collab-maint/devscripts.git
More information about the devscripts-devel
mailing list