Bug#232916: [dpkg-buildpackage] Cannot sign packages with PGP any longer (-ppgp broken)

To: submit@bugs.debian.org
Subject: Bug#232916: [dpkg-buildpackage] Cannot sign packages with PGP any longer (-ppgp broken)
From: Javier Fernández-Sanguino Peña <jfs@computer.org>
Date: Sun, 15 Feb 2004 20:38:19 +0100
Message-id: <[🔎] 20040215193819.GA30997@dat.etsit.upm.es>
Reply-to: Javier Fernández-Sanguino Peña <jfs@computer.org>, 232916@bugs.debian.org

Package: dpkg-dev
Version: 1.10.18
Priority: important
Tags: patch

Ok, here's the deal, I've been using pgp to sign my packages since I
started as a Debian maintainer (so I always run 'dpkg-buildpackage -ppgp')
, yesterday, however:

[This is a sample run with _very_ dummy package, it just has a barebones
debian/directory]
dpkg-deb: building package `dummy' in `../dummy_0.1_all.deb'.
 signfile dummy_0.1.dsc
 
You need a passphrase to unlock the secret key for
user: "Javier Fernandez-Sanguino Pen~a <jfs@computer.org>"
1024-bit RSA key, ID A436AD25, created 1997-11-17
 
                   
 dpkg-genchanges
dpkg-genchanges: error: syntax error in source control file 
../dummy_0.1.dsc at line 22: expected blank line before PGP signature
[!!!!]

Now, let's see dummy_0.1.dsc:
--------------------------dummy.dsc---------------------------------
      1 -----BEGIN PGP SIGNED MESSAGE-----
      2
      3 Format: 1.0
      4 Source: dummy
      5 Version: 0.1
      6 Binary: dummy
      7 Maintainer: Javier Fernandez-Sanguino Pen~a <jfs@computer.org>
      8 Architecture: all
      9 Standards-Version: 3.5.8
     10 Files:
     11  2bb5b874f34ca4eb5f64f3686aad28be 1294 dummy_0.1.tar.gz
     12 -----BEGIN PGP SIGNATURE-----
     13 Version: GnuPG v1.2.4 (GNU/Linux)
     14
     15 iQCVAwUBQC/GnftEPvakNq0lAQGdJAP/ch1475RDHKEvoixBgHwvATysGneM/+kR
     16 Mulrl0ljbQRIyOb2wRqgUGKRySgCpNpxITMGcIL+nJdnJUtaYoo7nVnheCwbVec6
     17 NQCU2xr3TIMPnvMuzVZIEkCdbEwzmqj2NUp/GqRn1UhN90y1u+/ueMIaPIs+uAbV
     18 U4UgOQCqPO8=
     19 =l+Q3
     20 -----END PGP SIGNATURE-----
--------------------------dummy.dsc--------------------------

Ok. I can build the package if I run 'dpkg-buildpackage -pgpg', so this 
seems like an odd behaviour:

$ perl -d /usr/bin/dpkg-genchanges
 
Loading DB routines from perl5db.pl version 1.23
Editor support available.
 
Enter h or `h h' for help, or `man perldebug' for more help.
 
main::(/usr/bin/dpkg-genchanges:3):
3:      $dpkglibdir="/usr/lib/dpkg"; # This line modified by Makefile
  DB<1> r
dpkg-genchanges: error: syntax error in source control file 
../dummy_0.1.dsc at line 22: expected blank line before PGP signature
        main::error('syntax error in source control file ../dummy_0.1.dsc 
at line ...') called at /usr/lib/dpkg/controllib.pl line 309
        main::syntax('expected blank line before PGP signature') called at 
/usr/lib/dpkg/controllib.pl line 276
        main::parsecdata('S',-1,'source control file ../dummy_0.1.dsc') 
called at /usr/bin/dpkg-genchanges line 276
Debugged program terminated.  Use q to quit or R to restart,
  use O inhibit_exit to avoid stopping after program termination,
  h q, h R or h O to get additional info.

If I manually introduce a blank line in the dsc file at line 12 in the dsc 
file above the .changes file is generated properly (dpkg-genchanges does 
not stop)

Now, the funny thing is that the signed .dsc file generated by gpg is:

      1 -----BEGIN PGP SIGNED MESSAGE-----
      2 Hash: SHA1
      3
      4 Format: 1.0
      5 Source: dummy
      6 Version: 0.1
      7 Binary: dummy
      8 Maintainer: Javier Fernandez-Sanguino Pen~a <jfs@computer.org>
      9 Architecture: all
     10 Standards-Version: 3.5.8
     11 Files:
     12  2dda1dc1024616425f5df0905984677d 1915 dummy_0.1.tar.gz
     13
     14 -----BEGIN PGP SIGNATURE-----
     15 Version: GnuPG v1.2.4 (GNU/Linux)
     16
     17 iD8DBQFAL8X3sandgtyBSwkRAkE7AJoDzKJ2gqYgIdBQGpJ8JlNhzx+M9ACeJEsB
     18 5kxNYphR0hiSRV6GqUOfMwo=
     19 =/ZAY
     20 -----END PGP SIGNATURE-----

And it does contain the blank line, but if I run gpg manually over the file
that blank file does not appear. Why so? Because dpkg-buildpackage's
signfile does the following:

        (cat "../$1" ; echo "") | \
        $signcommand --local-user "${signkey:-$maintainer}" --clearsign --armor \
                  --textmode  > "../$1.asc"

The 'echo ""' there forces the introduction of a blank line, but this is 
not done for pgp! Modifying signfile so that it is done for both fixes this 
issue. Please apply the attached patch.

Regards

Javier

--- dpkg-buildpackage.orig	2004-02-15 20:32:11.000000000 +0100
+++ dpkg-buildpackage	2004-02-15 20:32:45.000000000 +0100
@@ -163,7 +163,8 @@
 		$signcommand --local-user "${signkey:-$maintainer}" --clearsign --armor \
 			--textmode  > "../$1.asc" 
 	else
-		$signcommand -u "${signkey:-$maintainer}" +clearsig=on -fast <"../$1" \
+		(cat "../$1" ; echo "") | \
+		$signcommand -u "${signkey:-$maintainer}" +clearsig=on -fast  \
 			>"../$1.asc"
 	fi
 	echo

Attachment: signature.asc
Description: Digital signature

Reply to:

Prev by Date: Processed: your mail
Next by Date: Bug#233282: Please dpkg-reconfigure to dpkg man page see also section
Previous by thread: Processed: your mail
Next by thread: Bug#233282: Please dpkg-reconfigure to dpkg man page see also section
Index(es):
- Date
- Thread