[linux-signed] 02/02: LOCAL: fetch signaturs from dak-test; don't check gpg signature

[debian-kernel at lists.debian.org]

This is an automated email from the git hooks/post-receive script.

benh pushed a commit to branch benh/byhand-code-sign
in repository linux-signed.

commit a51a5c3a438553cd3a76b68582b9d6b82e195208
Author: Ben Hutchings <ben at decadent.org.uk>
Date:   Thu Jun 30 17:47:58 2016 +0200

    LOCAL: fetch signaturs from dak-test; don't check gpg signature
---
 debian/bin/sign.py | 32 ++++++++++++++++----------------
 debian/rules.defs  |  2 +-
 2 files changed, 17 insertions(+), 17 deletions(-)

diff --git a/debian/bin/sign.py b/debian/bin/sign.py
index b803c5c..fe474704 100755
--- a/debian/bin/sign.py
+++ b/debian/bin/sign.py
@@ -32,21 +32,21 @@ def get_release_data(mirror, suite):
         # Validate against keyring.  deb822.Release doesn't support
         # signatures (inline or detached) for some reason so call gpgv
         # directly.
-        with tempfile.NamedTemporaryFile() as release_file, \
-             tempfile.NamedTemporaryFile() as release_sig_file:
-            release_file.write(release_raw)
-            release_file.flush()
-            release_sig_file.write(release_sig_raw)
-            release_sig_file.flush()
-            output = subprocess.check_output(
-                ['gpgv', '--status-fd', '1',
-                 '--keyring', '/usr/share/keyrings/debian-archive-keyring.gpg',
-                 '--ignore-time-conflict', release_sig_file.name,
-                 release_file.name])
-            if not re.search(r'^\[GNUPG:\]\s+VALIDSIG\s', codecs.decode(output),
-                             re.MULTILINE):
-                os.write(2, output) # bytes not str!
-                raise ArchiveMetadataError('gpgv rejected %s' % url)
+        # with tempfile.NamedTemporaryFile() as release_file, \
+        #      tempfile.NamedTemporaryFile() as release_sig_file:
+        #     release_file.write(release_raw)
+        #     release_file.flush()
+        #     release_sig_file.write(release_sig_raw)
+        #     release_sig_file.flush()
+        #     output = subprocess.check_output(
+        #         ['gpgv', '--status-fd', '1',
+        #          '--keyring', '/usr/share/keyrings/debian-archive-keyring.gpg',
+        #          '--ignore-time-conflict', release_sig_file.name,
+        #          release_file.name])
+        #     if not re.search(r'^\[GNUPG:\]\s+VALIDSIG\s', codecs.decode(output),
+        #                      re.MULTILINE):
+        #         os.write(2, output) # bytes not str!
+        #         raise ArchiveMetadataError('gpgv rejected %s' % url)
 
         release_stream = io.TextIOWrapper(io.BytesIO(release_raw), 'utf-8')
 
@@ -103,7 +103,7 @@ def sign(config_name, imageversion_str, mirror_url, suite):
         shutil.rmtree(signature_dir)
     os.makedirs('debian/signatures')
 
-    for arch in iter(config['base', ]['arches']):
+    for arch in ['amd64']:
         for featureset in config['base', arch].get('featuresets', ()):
             if (config.merge('base', None, featureset).get('enabled', True) and
                 config.merge('build', arch, featureset).get('signed-modules', False)):
diff --git a/debian/rules.defs b/debian/rules.defs
index ffd894f..50e3da7 100644
--- a/debian/rules.defs
+++ b/debian/rules.defs
@@ -6,5 +6,5 @@ KERNEL_IMAGE_VERSION := 4.9.18-1
 # Note: any version suffix must sort *lower* than +deb
 SIGNED_VERSION_SUFFIX :=
 
-MIRROR_URL = http://deb.debian.org/debian/
+MIRROR_URL = http://192.168.122.9/debian/
 MIRROR_SUITE = unstable

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/kernel/linux-signed.git