Bug#428538: marked as done (gpgsigs: Add information about incoming signatures)

Sun, 17 Jun 2007 04:36:50 -0700 

Your message dated Sun, 17 Jun 2007 10:47:04 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#428538: fixed in signing-party 0.4.11-1
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message --- 
Package: signing-party
Version: 0.4.10-1
Severity: wishlist
File: /usr/bin/gpgsigs
Tags: patch

Hi,

for DebConf 7, I implemented a change that adds information about
incoming signatures to the output, for each own non-revoked uid.

The attached patch also adds support for SHA256 hashes.

Thanks,
Joachim


-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.21.otto
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages signing-party depends on:
ii  gnupg                         1.4.6-2    GNU privacy guard - a free PGP rep
ii  libgnupg-interface-perl       0.33-6     Perl interface to GnuPG
ii  libmailtools-perl             1.74-1     Manipulate email in perl programs
ii  libmime-perl                  5.420-1    Perl5 modules for MIME-compliant m
ii  libtext-template-perl         1.44-1.1   Text::Template perl module

Versions of packages signing-party recommends:
ii  dialog                    1.1-20070604-1 Displays user-friendly dialog boxe
ii  exim4                     4.67-1         metapackage to ease exim MTA (v4) 
ii  exim4-daemon-light [mail- 4.67-1         lightweight exim MTA (v4) daemon
ii  libintl-perl              1.16-3         Uniforum message translations syst
ii  libpaper-utils            1.1.21         Library for handling paper charact
ii  libtext-iconv-perl        1.4-3          converts between character sets in
ii  whiptail                  0.52.2-10      Displays user-friendly dialog boxe

-- no debconf information

--- /usr/bin/gpgsigs    2007-03-02 13:02:00.000000000 +0000
+++ ./gpgsigs   2007-06-12 11:08:47.000000000 +0100
@@ -115,6 +115,7 @@
 
 my @mykeys = split /,/, $mykey;
 map { s/^0x//i; } @mykeys;
+my %myuids = map { $_ => [] } @mykeys;
 
 if ([EMAIL PROTECTED] || scalar @ARGV) {
        usage(*STDERR, 1);
@@ -148,17 +149,25 @@
 open SIGS, "gpg --fixed-list-mode --with-colons --list-sigs @keys 2>/dev/null 
|"
        or die "can't get gpg listing";
 
-my ($key, $uid, $sigs);
+my ($key, $uid, $sigs, $uidstatus);
 while (<SIGS>) {
        if ( m/^pub:(?:.*?:){3,3}([0-9A-F]{16,16}):/ ) {
                $key = $1;
                print STDERR ".";
                next;
        }
-       if ( m/^uid:(?:.*?:){8,8}(.*):/s ) {
-               $uid = $1;
+       if ( m/^uid:(.):(?:.*?:){7,7}(.*):/s ) {
+               $uidstatus = $1;
+               $uid = $2;
                $uid =~ s/\\x([0-9a-f][0-9a-f])/ chr(hex($1)) /gie;
                $uid = myrecode($uid, "UTF-8", $charset);
+
+               my ($shortkey) = substr $key, -8;
+               # Remember own, non-revoced uids
+               if (exists $myuids{$shortkey} and $uidstatus ne "r") {
+                       push @{$myuids{$shortkey}}, $uid
+               }
+
                next;
        }
        if ( 
m/^sig:(?:.*?:){3,3}([0-9A-F]{8})([0-9A-F]{8}):(?:.*?:){5,5}(.*?):/ ) {
@@ -215,22 +224,31 @@
 open MD, "gpg --with-colons --print-md sha1 $keytxt|" or warn "can't get gpg 
sha1\n";
 my $SHA1 = <MD>;
 close MD;
+open MD, "gpg --with-colons --print-md sha256 $keytxt|" or warn "can't get gpg 
sha256\n";
+my $SHA256 = <MD>;
+close MD;
 
 my @MD5 = split /:/, $MD5;
 my @SHA1 = split /:/, $SHA1;
+my @SHA256 = split /:/, $SHA256;
 $MD5 = $MD5[2];
 $SHA1 = $SHA1[2];
+$SHA256 = $SHA256[2];
 
 $MD5 =~ s/(.{16})/$1 /;
 $SHA1 =~ s/(.{20})/$1 /;
+$SHA256 =~ s/(.{32})/$1 /;
 $MD5 =~ s/([0-9A-Z]{2})/$1 /ig;
 $SHA1 =~ s/([0-9A-Z]{4})/$1 /ig;
+$SHA256 =~ s/([0-9A-Z]{4})/$1 /ig;
 
 chomp $MD5;
 chomp $SHA1;
+chomp $SHA256;
 my $metatxt = quotemeta($keytxt);
 $MD5 =~ s/^$metatxt:\s*//;
 $SHA1 =~ s/^$metatxt:\s*//;
+$SHA256 =~ s/^$metatxt:\s*//;
 
 
 # write out result
@@ -267,6 +285,9 @@
        if (/^SHA1 Checksum:/ && defined $SHA1) {
                s/[_[:xdigit:]][_ [:xdigit:]]+_/$SHA1/;
        }
+       if (/^SHA256 Checksum:/ && defined $SHA256) {
+               s/[_[:xdigit:]][_ [:xdigit:]]+_/$SHA256/;
+       }
        if ( m/^pub  +(?:\d+)[DR]\/([0-9A-F]{8}) [0-9]{4}-[0-9]{2}-[0-9]{2} 
*(.*)/ ) {
                $key = $1;
                $uid = $2;
@@ -274,6 +295,16 @@
                #       print WRITE print_tag($key, $uid) . " $_";
                #       next;
                #}
+               print WRITE;
+               foreach my $mykey (@mykeys) {
+                       foreach my $myuid (@{$myuids{$mykey}}) {
+                               my $testuid = 'Joachim Breitner <[EMAIL 
PROTECTED]>';
+                               my $r .= defined 
$sigs->{$mykey}->{$myuid}->{$key} ? $sigs->{$mykey}->{$myuid}->{$key} : ' ';
+                               print WRITE "Incoming Signature: [$r] $mykey 
$myuid\n";
+                       }
+               }
+               next
+
        }
        if ( m/^uid +(.*)$/ ) {
                $uid = $1;

Attachment: gpgsigs
Description: Perl program


--- End Message ---
--- Begin Message --- 
Source: signing-party
Source-Version: 0.4.11-1

We believe that the bug you reported is fixed in the latest version of
signing-party, which is due to be installed in the Debian FTP archive:

signing-party_0.4.11-1.diff.gz
  to pool/main/s/signing-party/signing-party_0.4.11-1.diff.gz
signing-party_0.4.11-1.dsc
  to pool/main/s/signing-party/signing-party_0.4.11-1.dsc
signing-party_0.4.11-1_all.deb
  to pool/main/s/signing-party/signing-party_0.4.11-1_all.deb
signing-party_0.4.11.orig.tar.gz
  to pool/main/s/signing-party/signing-party_0.4.11.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Christoph Berg <[EMAIL PROTECTED]> (supplier of updated signing-party package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sun, 17 Jun 2007 12:32:21 +0200
Source: signing-party
Binary: signing-party
Architecture: source all
Version: 0.4.11-1
Distribution: unstable
Urgency: low
Maintainer: Thijs Kinkhorst <[EMAIL PROTECTED]>
Changed-By: Christoph Berg <[EMAIL PROTECTED]>
Description: 
 signing-party - Various OpenPGP related tools
Closes: 428538
Changes: 
 signing-party (0.4.11-1) unstable; urgency=low
 .
   The "Debconf 7" release.
   * gpgsigs: Apply patch by Joachim Breitner to also show incoming signatures
     and support sha256 checksum (Closes: #428538).
Files: 
 69fda0f8cf873ffdfe57a6559205b905 790 misc extra signing-party_0.4.11-1.dsc
 70380cbc8cd58d768bff50245ce4f0d2 43726 misc extra 
signing-party_0.4.11.orig.tar.gz
 4e1141109cc536418944c66ae08318f7 7067 misc extra signing-party_0.4.11-1.diff.gz
 78baa333dd4568ce52eb9581448b5076 60494 misc extra 
signing-party_0.4.11-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGdRBVxa93SlhRC1oRAmEhAJ9gn4OBECpO/FXPvCf8WGQyWDp0ZwCgxT3J
e6P2eZA4WLy+d08ga9/tq+A=
=8QIA
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to