Control: tags 783605 patch pending Christoph Biedl wrote...
> Find below the debdiff for a NMU I've prepared for dpkg-sig (versioned
> as 0.13.1+nmu3), upload to DELAYED/2 will follow shortly. Please feel
> free to tell me if I should delay it longer.
Later I found there's another pending issue so I included the
suggested patch after some testing. Updated debdiff below, another
upload to DELAYED/2 will follow shortly.
Christoph
diff -Nru dpkg-sig-0.13.1+nmu2/debian/changelog
dpkg-sig-0.13.1+nmu4/debian/changelog
--- dpkg-sig-0.13.1+nmu2/debian/changelog 2014-06-10 19:53:58.000000000
+0200
+++ dpkg-sig-0.13.1+nmu4/debian/changelog 2016-12-20 00:02:40.000000000
+0100
@@ -1,3 +1,18 @@
+dpkg-sig (0.13.1+nmu4) unstable; urgency=medium
+
+ * Non-maintainer upload
+ * Exit non-zero upon unsigned .deb. Patch by Paul Harvey.
+ Closes: #783605
+
+ -- Christoph Biedl <[email protected]> Tue, 20 Dec 2016
00:02:40 +0100
+
+dpkg-sig (0.13.1+nmu3) unstable; urgency=medium
+
+ * Non-maintainer upload
+ * Bump debhelper compat level. Closes: #817437
+
+ -- Christoph Biedl <[email protected]> Sun, 18 Dec 2016
12:41:15 +0100
+
dpkg-sig (0.13.1+nmu2) unstable; urgency=medium
* Non-maintainer upload.
diff -Nru dpkg-sig-0.13.1+nmu2/debian/compat dpkg-sig-0.13.1+nmu4/debian/compat
--- dpkg-sig-0.13.1+nmu2/debian/compat 2014-06-10 17:37:24.000000000 +0200
+++ dpkg-sig-0.13.1+nmu4/debian/compat 2016-12-18 12:37:50.000000000 +0100
@@ -1 +1 @@
-4
+10
diff -Nru dpkg-sig-0.13.1+nmu2/debian/control
dpkg-sig-0.13.1+nmu4/debian/control
--- dpkg-sig-0.13.1+nmu2/debian/control 2014-06-10 17:37:52.000000000 +0200
+++ dpkg-sig-0.13.1+nmu4/debian/control 2016-12-18 12:37:50.000000000 +0100
@@ -3,7 +3,7 @@
Priority: optional
Uploaders: Andreas Barth <[email protected]>
Maintainer: Marc 'HE' Brockschmidt <[email protected]>
-Build-Depends: debhelper (>= 4), perl
+Build-Depends: debhelper (>= 10~), perl
Standards-Version: 3.6.2
Package: dpkg-sig
diff -Nru dpkg-sig-0.13.1+nmu2/dpkg-sig dpkg-sig-0.13.1+nmu4/dpkg-sig
--- dpkg-sig-0.13.1+nmu2/dpkg-sig 2014-06-09 08:37:43.000000000 +0200
+++ dpkg-sig-0.13.1+nmu4/dpkg-sig 2016-12-19 22:49:11.000000000 +0100
@@ -140,6 +140,7 @@
print @verify_output;
exit 2 if grep { /^BADSIG/ } @verify_output;
exit 3 if grep { /^UNKNOWNSIG/ } @verify_output;
+ exit 4 if grep { /^NOSIG/ } @verify_output;
} elsif ($list) {
for (get_deb_parts($file)) {
print "$1\n" if ($_->[0] =~ /_gpg(.+)/);
@@ -181,6 +182,7 @@
print @verify_output;
exit 2 if grep { /^BADSIG/ }
@verify_output;
exit 3 if grep { /^UNKNOWNSIG/ }
@verify_output;
+ exit 4 if grep { /^NOSIG/ }
@verify_output;
} elsif ($list) {
for (get_deb_parts($deb)) {
print "$1\n" if ($_->[0] =~
/_gpg(.+)/);
@@ -502,6 +504,7 @@
#Get MD5 sums:
my $digests = get_deb_digests($deb);
+ my $found_sigs;
for (my $n=0;$n<@$digests;$n++) {
my ($part_name, $size, $sha1sum, $md5sum) = @{@$digests[$n]};
@@ -517,12 +520,15 @@
if ($sig =~ /BEGIN PGP SIGNED MESSAGE/) {
$status = verify_deb_sig_v4($part_name, $n, $digests,
\@info, \@return);
+ $found_sigs = 1;
}
if ($check_v3_sig && (!$status || $status eq "BAD")) {
$status = verify_deb_sig_v3($part_name, $n, $digests,
\@info, \@return);
+ $found_sigs = 1;
}
if ($check_v2_sig && (!$status || $status eq "BAD")) {
$status = verify_deb_sig_v2($part_name, $n, $digests,
\@info, \@return);
+ $found_sigs = 1;
}
if ($status && $status eq "GOOD") {
@@ -533,6 +539,9 @@
push @return, "BADSIG $part_name\n"
}
}
+ if (!$found_sigs) {
+ push @return, "NOSIG\n"
+ }
return @return;
}
signature.asc
Description: Digital signature
