[dak/master] Add support for detached upstream signatures
Upstream tarballs usually come with detached signatures, which would be
useful to have in the source package, as an additional check that could
be performed to verify its integrity and provenance.
dpkg-source supports this since 1.17.20.
Closes: #759401
---
daklib/utils.py | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/daklib/utils.py b/daklib/utils.py
index 9d45cdc..5ac015c 100644
--- a/daklib/utils.py
+++ b/daklib/utils.py
@@ -316,8 +316,10 @@ def check_dsc_files(dsc_filename, dsc, dsc_files):
(r'tar.gz', ('native_tar_gz', 'native_tar')),
(r'debian\.tar\.(gz|bz2|xz)', ('debian_tar',)),
(r'orig\.tar\.(gz|bz2|xz)', ('orig_tar',)),
+ (r'orig\.tar\.(gz|bz2|xz)\.asc', ('orig_tar_sig',)),
(r'tar\.(gz|bz2|xz)', ('native_tar',)),
(r'orig-.+\.tar\.(gz|bz2|xz)', ('more_orig_tar',)),
+ (r'orig-.+\.tar\.(gz|bz2|xz)\.asc', ('more_orig_tar_sig',)),
)
for f in dsc_files:
@@ -341,7 +343,7 @@ def check_dsc_files(dsc_filename, dsc, dsc_files):
reject("%s: unexpected source file '%s'" % (dsc_filename, f))
# Check for multiple files
- for file_type in ('orig_tar', 'native_tar', 'debian_tar', 'debian_diff'):
+ for file_type in ('orig_tar', 'orig_tar_sig', 'native_tar', 'debian_tar', 'debian_diff'):
if has[file_type] > 1:
rejmsg.append("%s: lists multiple %s" % (dsc_filename, file_type))
--
2.1.4
Reply to: