Bug#133470: dpkg-dev: dpkg-buildpackage signinterface check
Package: dpkg-dev
Version: 1.9.18
Severity: minor
Tags: patch
The test for valid signinterface in dpkg-buildpackage (lines 120
onwards) is not quite adequate:
if test -n "$forcesigninterface" ; then
signinterface=$forcesigninterface
if [ "$signinterface" != "gpg" -a "$signinterface" != "pgp" ] ; then
echo >&2 "$progname: invalid sign interface specified"
exit 1
fi
else
signinterface=$signcommand
fi
Note that $forcesigninterface can only be gpg or pgp by the design of
the program, whereas $signcommand could be anything.
So this replacement should be much more effective at doing the
necessary checks. You could always leave the first check in as well,
in case the -s* options are dealt with by stripping -s off at a later
date.
if test -n "$forcesigninterface" ; then
signinterface=$forcesigninterface
else
signinterface=$signcommand
if [ "$signinterface" != "gpg" -a "$signinterface" != "pgp" ] ; then
echo >&2 "$progname: need to specify sign interface as gpg or pgp"
exit 1
fi
fi
Julian
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Julian Gilbey, Dept of Maths, Debian GNU/Linux Developer
Queen Mary, Univ. of London see http://people.debian.org/~jdg/
http://www.maths.qmul.ac.uk/~jdg/ or http://www.debian.org/
Visit http://www.thehungersite.com/ to help feed the hungry
Reply to: