tag 48711 patch
thanks

I've made a more sophisticated patch than the one already present in
the bug report. It hides any output of gpg from the user in case
gpg returns 0 (since I don't think that things like wether the key
has a trust path from your own key doesn't really warrant the flood
on stderr gpg produces...). I also error out if the signature is bad,
I really think this should be fatal. Feel free to change it back to
&warn though. If there is no signature or gpg isn't installed I still
issue a warning.

[EMAIL PROTECTED]/dpkg--devel--1.13--patch-20 attached.

Gruesse,
-- 
Frank Lichtenheld <[EMAIL PROTECTED]>
www: http://www.djpig.de/
* looking for [EMAIL PROTECTED]/dpkg--devel--1.13--patch-19 to compare with
* comparing to [EMAIL PROTECTED]/dpkg--devel--1.13--patch-19
M  scripts/dpkg-source.pl
M  debian/changelog
M  ChangeLog

* modified files

--- orig/ChangeLog
+++ mod/ChangeLog
@@ -1,3 +1,13 @@
+2005-10-03  Matt Zimmerman  <[EMAIL PROTECTED]>,
+           Frank Lichtenheld  <[EMAIL PROTECTED]>
+
+       * scripts/dpkg-source.pl: If gpg is installed, check
+       the signature of the .dsc file before unpacking.
+       Allow the unpacking to suceed if the .dsc is unsigned
+       but error out if the signature is bad. If gpg exits
+       with a code >2 (e.g. missing key), show the user the gpg
+       output but continue.
+
 2005-10-03  Frank Lichtenheld  <[EMAIL PROTECTED]>
 
        * scripts/dpkg-gencontrol.pl: Make -isp the default


--- orig/debian/changelog
+++ mod/debian/changelog
@@ -9,6 +9,9 @@
     - Check for illegal architecture strings in dpkg-gencontrol and
       dpkg-source. dpkg-gencontrol will only issue a warning while
       dpkg-source will error out. Closes: #96920
+    - Check the gpg signatures of .dsc files before unpacking. See
+      the upstream changelog for a full description of the semantics.
+      Based on a patch by Matt Zimmerman. Closes: #48711
 
  --
 


--- orig/scripts/dpkg-source.pl
+++ mod/scripts/dpkg-source.pl
@@ -514,7 +514,7 @@
     }
     exit(0);
 
-} else {
+} else { # -> opmode ne 'build'
 
     $sourcestyle =~ y/X/p/;
     $sourcestyle =~ m/[pun]/ ||
@@ -533,6 +533,32 @@
        ! -e $newdirectory || &error("unpack target exists: $newdirectory");
     }
 
+    my $is_signed = 0;
+    open(DSC,"< $dsc") || &error("cannot open .dsc file $dsc: $!");
+    while (<DSC>) {
+       next if /^\s*$/o;
+       $is_signed = 1 if /^-----BEGIN PGP SIGNED MESSAGE-----$/o;
+       last;
+    }
+    close(DSC);
+
+    if ($is_signed) {
+       if (-x '/usr/bin/gpg') {
+           my $gpg_command = 'gpg -q --verify '.quotemeta($dsc).' 2>&1';
+           my @gpg_output = `$gpg_command`;
+           my $gpg_status = $? >> 8;
+           if ($gpg_status) {
+               print STDERR join("",@gpg_output);
+               &error("failed to verify signature on $dsc")
+                   if ($gpg_status == 1);
+           }
+       } else {
+           &warn("could not verify signature on $dsc since gpg isn't 
installed");
+       }
+    } else {
+       &warn("extracting unsigned source package ($dsc)");
+    }
+
     open(CDATA,"< $dsc") || &error("cannot open .dsc file $dsc: $!");
     &parsecdata('S',-1,"source control file $dsc");
     close(CDATA);



Reply via email to