[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#247824: Patch adding dpkg-sig support to dpkg-buildpackage



tag 247824 + patch
thanks

Hi,

I've tried to create a patch to allow dpkg-buildpackage users to call
dpkg-sig instead of just signing the .dsc and .changes.

This patch adds a -ds option, which replaces the internal signfile()
calls with dpkg-sig. It tries to use the -uc and -us options, but
dpkg-sig is not able to sign only the .dsc and not the .changes.

Marc
-- 
BOFH #256:
You need to install an RTFM interface.

diff -Nru dpkg-1.10.24/scripts/dpkg-buildpackage.sh dpkg-1.10.24.he/scripts/dpkg-buildpackage.sh
--- dpkg-1.10.24/scripts/dpkg-buildpackage.sh	2004-10-27 11:06:43.000000000 +0200
+++ dpkg-1.10.24.he/scripts/dpkg-buildpackage.sh	2004-11-07 17:29:46.000000000 +0100
@@ -18,6 +18,7 @@
          -p<sign-command>
 	 -d            do not check build dependencies and conflicts
 	 -D            check build dependencies and conflicts
+	 -ds           sign files with dpkg-sig
 	 -k<keyid>     the key to use for signing
          -sgpg         the sign-command is called like GPG
          -spgp         the sign-command is called like PGP 
@@ -68,6 +69,9 @@
 desc=''
 noclean=false
 usepause=false
+usedpkg_sig=false
+dpkg_sig_changes_mode='full'
+dpkg_sig_options=''
 warnable_error=0
 passopts=''
 
@@ -83,8 +87,10 @@
 	-D)	checkbuilddep=true ;;
 	-sgpg)  forcesigninterface=gpg ;;
 	-spgp)  forcesigninterface=pgp ;;
-	-us)	signsource=: ;;
-	-uc)	signchanges=: ;;
+	-us)	signsource=: 
+            dpkg_sig_changes_mode="yes" ;;
+	-uc)	signchanges=:
+            dpkg_sig_changes_mode="no" ;;
 	-ap)	usepause="true";;
 	-a*)    targetarch="$value"; checkbuilddep=false ;;
 	-si)	sourcestyle=-si ;;
@@ -101,6 +107,7 @@
 			{ echo >&2 "$progname: cannot combine $1 and -S" ; exit 2 ; } ;;
 	-S)	sourceonly=-S; checkbuilddep=false; [ "$binaryonly" ] && \
 			{ echo >&2 "$progname: cannot combine $binaryonly and $1" ; exit 2 ; } ;;
+	-ds)    usedpkg_sig="true" ;;
 	-v*)	since="$value" ;;
 	-m*)	maint="$value" ;;
 	-e*)	changedby="$value" ;;
@@ -128,6 +135,10 @@
   signinterface=$signcommand
 fi
 
+if ! [ -x $(which dpkg-sig) ] ; then
+    echo >&2 "progname: dpkg-sig isn't installed"
+    exit 1
+fi
 
 mustsetvar () {
 	if [ "x$2" = x ]; then
@@ -205,7 +216,7 @@
     read dummy_stuff
 fi
 
-if [ x$binaryonly = x ]; then
+if [ x$binaryonly = x ] && [ $usedpkg_sig = "false" ]; then
         $signsource "$pv.dsc"
 fi
 chg=../"$pva.changes"
@@ -242,7 +253,18 @@
 	fi
 fi
 
-$signchanges "$pva.changes"
+if [ $usedpkg_sig = "true" ]; then
+    if [ "x$signkey" != "x" ]; then
+        dpkg_sig_options="$dpkg_sig_options -k \"$signkey\""
+	fi
+    if [ "x$maintainer" != "x" ]; then
+        dpkg_sig_options="$dpkg_sig_options -m \"$maintainer\""
+    fi
+    echo >&2 " dpkg-sig $dpkg_sig_options --sign-changes $dpkg_sig_changes_mode --sign builder \""$chg"\""
+	eval dpkg-sig $dpkg_sig_options --sign-changes $dpkg_sig_changes_mode --sign builder \""$chg"\"
+else
+    $signchanges "$pva.changes"
+fi
 
 if $cleansource; then
 	withecho $rootcommand debian/rules clean
diff -Nru dpkg-1.10.24/scripts/dpkg-source.1 dpkg-1.10.24.he/scripts/dpkg-source.1
--- dpkg-1.10.24/scripts/dpkg-source.1	2004-10-27 11:06:43.000000000 +0200
+++ dpkg-1.10.24.he/scripts/dpkg-source.1	2004-11-07 17:10:16.000000000 +0100
@@ -609,6 +609,10 @@
 .BR "debian/rules clean" )
 after the package has been built.
 .TP
+.B \-ds
+Sign the binary files and the .changes file with 
+.BR dpkg-sig .
+.TP
 .BR \-us ", " \-uc
 Do not sign the source package or the .changes file, respectively.
 .TP

Attachment: pgpa40T47XuFD.pgp
Description: PGP signature


Reply to: