[dak/master] And also catch double-sign-edit-failure-sign-whatever files

To: debian-dak@lists.debian.org,dak@commit.ganneff.de
Subject: [dak/master] And also catch double-sign-edit-failure-sign-whatever files
From: Joerg Jaspert <joerg@debian.org>
Date: Sat, 03 Mar 2012 17:34:26 +0000
Message-id: <[🔎] E1S3sqg-0000gs-89@franck.debian.org>

Signed-off-by: Joerg Jaspert <joerg@debian.org>
---
 scripts/debian/buildd-add-keys |   12 +++++++++++-
 1 files changed, 11 insertions(+), 1 deletions(-)

diff --git a/scripts/debian/buildd-add-keys b/scripts/debian/buildd-add-keys
index 61cd154..619a514 100755
--- a/scripts/debian/buildd-add-keys
+++ b/scripts/debian/buildd-add-keys
@@ -176,7 +176,17 @@ for file in ${KEYS}; do
 
     TEMPKEYDATA=$(mktemp -p "${TMPDIR}" BDKEYS.XXXXXX)
 
-    gpg ${DEFGPGOPT} --with-colons "${GPGOUTF}" > "${TEMPKEYDATA}"
+    # We also need to ensure this works, otherwise manually mangled files can break us here
+    if ! gpg ${DEFGPGOPT} --with-colons "${GPGOUTF}" > "${TEMPKEYDATA}"; then
+        log "For some reason we could validate the sig but failed on getting key details"
+        DATE=$(date -Is)
+        mv "${INCOMING}/${file}" "${ERRORS}/badsig.${file}.${DATE}"
+        mv "${GPGSTATUS}" "${ERRORS}/badsig.${file}.gpgstatus.${DATE}"
+        mv "${GPGLOGS}" "${ERRORS}/badsig.${file}.gpglogs.${DATE}"
+        rm -f "${GPGOUTF}"
+        rm -f "${TMPKEYDATA}"
+        continue
+    fi
 
     # Read in the TEMPKEYDATAFILE, but avoid using a subshell like a
     # while read line otherwise would do
-- 
1.7.2.5

Reply to:

Prev by Date: [dak/master] forget a comment, break the scripts. no more
Next by Date: [PATCH] fix reading of dak.conf in home, if one is found
Previous by thread: [dak/master] forget a comment, break the scripts. no more
Next by thread: [PATCH] fix reading of dak.conf in home, if one is found
Index(es):
- Date
- Thread