This is an automated email from the git hooks/post-receive script. guillem pushed a commit to branch master in repository dpkg.
commit 0b1391fd2c30e9ad955fde84c90c30509877b5c4 Author: Guillem Jover <[email protected]> Date: Sun Aug 20 02:22:16 2017 +0200 Dpkg::Source::Package: Auto-convert binary signatures to OpenPGP ASCII Armor When we are building a source package, if we find a binary signature in the form of a .sig file, we should try to auto-convert it to the format that we expect to include in the source package, which is an OpenPGP ASCII Armor. --- debian/changelog | 2 + scripts/Dpkg/OpenPGP.pm | 80 ++++++++++++++++++++++++ scripts/Dpkg/Source/Package/V1.pm | 4 ++ scripts/Dpkg/Source/Package/V2.pm | 7 +++ scripts/Makefile.am | 5 ++ scripts/po/POTFILES.in | 1 + scripts/t/Dpkg_OpenPGP.t | 56 +++++++++++++++++ scripts/t/Dpkg_OpenPGP/package_1.0.orig.tar | 0 scripts/t/Dpkg_OpenPGP/package_1.0.orig.tar.asc | 16 +++++ scripts/t/Dpkg_OpenPGP/package_1.0.orig.tar.sig | Bin 0 -> 566 bytes 10 files changed, 171 insertions(+) diff --git a/debian/changelog b/debian/changelog index be4d7d5..f2230e3 100644 --- a/debian/changelog +++ b/debian/changelog @@ -102,6 +102,8 @@ dpkg (1.19.0) UNRELEASED; urgency=medium method, by storing the first character in a variable. - Optimize field/value parsing in Dpkg::Control::HashCore parse method, by switching from a capturing regex to split() plus a checking regex. + - Auto-convert binary signatures to OpenPGP ASCII Armor in + Dpkg::Source::Package when building source packages. * Documentation: - Document currently accepted syntax for changelogs in deb-changelog(5). Closes: #858579 diff --git a/scripts/Dpkg/OpenPGP.pm b/scripts/Dpkg/OpenPGP.pm new file mode 100644 index 0000000..858d3ef --- /dev/null +++ b/scripts/Dpkg/OpenPGP.pm @@ -0,0 +1,80 @@ +# Copyright © 2017 Guillem Jover <[email protected]> +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <https://www.gnu.org/licenses/>. + +package Dpkg::OpenPGP; + +use strict; +use warnings; + +use Exporter qw(import); +use File::Copy; + +use Dpkg::Gettext; +use Dpkg::ErrorHandling; +use Dpkg::Path qw(find_command); + +our $VERSION = '0.01'; +our @EXPORT = qw( + openpgp_sig_to_asc +); + +sub openpgp_sig_to_asc +{ + my ($sig, $asc) = @_; + + if (-e $sig) { + my $is_openpgp_ascii_armor = 0; + + open my $fh_sig, '<', $sig or syserr(g_('cannot open %s'), $sig); + while (<$fh_sig>) { + if (m/^-----BEGIN PGP /) { + $is_openpgp_ascii_armor = 1; + last; + } + } + close $fh_sig; + + if ($is_openpgp_ascii_armor) { + notice(g_('signature file is already OpenPGP ASCII armor, copying')); + copy($sig, $asc); + return; + } + + if (not find_command('gpg')) { + warning(g_('cannot OpenPGP ASCII armor signature file due to missing gpg')); + } + + open my $fh_asc, '>', $asc + or syserr(g_('cannot create signature file %s'), $asc); + open my $fh_gpg, '-|', 'gpg', '-o', '-', '--enarmor', $sig + or syserr(g_('cannot execute %s program'), 'gpg'); + while (my $line = <$fh_gpg>) { + next if $line =~ m/^Comment: /; + + $line =~ s/ARMORED FILE/SIGNATURE/; + + print { $fh_asc } $line; + } + + close $fh_gpg or subprocerr('gpg'); + close $fh_asc or syserr(g_('cannot write signature file %s'), $asc); + + return $sig; + } + + return; +} + +1; diff --git a/scripts/Dpkg/Source/Package/V1.pm b/scripts/Dpkg/Source/Package/V1.pm index 10d33b4..e7748c0 100644 --- a/scripts/Dpkg/Source/Package/V1.pm +++ b/scripts/Dpkg/Source/Package/V1.pm @@ -36,6 +36,7 @@ use Dpkg::Source::Patch; use Dpkg::Exit qw(push_exit_handler pop_exit_handler); use Dpkg::Source::Functions qw(erasedir); use Dpkg::Source::Package::V3::Native; +use Dpkg::OpenPGP; use parent qw(Dpkg::Source::Package); @@ -409,6 +410,9 @@ sub do_build { } $self->add_file($tarname) if $tarname; + if (-e "$tarname.sig" and not -e "$tarname.asc") { + openpgp_sig_to_asc("$tarname.sig", "$tarname.asc"); + } $self->add_file($tarsign) if $tarsign and -e $tarsign; if ($sourcestyle =~ m/[kpKP]/) { diff --git a/scripts/Dpkg/Source/Package/V2.pm b/scripts/Dpkg/Source/Package/V2.pm index 4abb786..818e32d 100644 --- a/scripts/Dpkg/Source/Package/V2.pm +++ b/scripts/Dpkg/Source/Package/V2.pm @@ -42,6 +42,7 @@ use Dpkg::Source::Functions qw(erasedir is_binary fs_time); use Dpkg::Vendor qw(run_vendor_hook); use Dpkg::Control; use Dpkg::Changelog::Parse; +use Dpkg::OpenPGP; use parent qw(Dpkg::Source::Package); @@ -408,11 +409,17 @@ sub _generate_patch { $tarfile = $file; push @origtarballs, $file; $self->add_file($file); + if (-e "$file.sig" and not -e "$file.asc") { + openpgp_sig_to_asc("$file.sig", "$file.asc"); + } $self->add_file("$file.asc") if -e "$file.asc"; } elsif ($file =~ /\.orig-([[:alnum:]-]+)\.tar\.$comp_ext_regex$/) { $addonfile{$1} = $file; push @origtarballs, $file; $self->add_file($file); + if (-e "$file.sig" and not -e "$file.asc") { + openpgp_sig_to_asc("$file.sig", "$file.asc"); + } $self->add_file("$file.asc") if -e "$file.asc"; } } diff --git a/scripts/Makefile.am b/scripts/Makefile.am index 3dac552..28bb4a7 100644 --- a/scripts/Makefile.am +++ b/scripts/Makefile.am @@ -89,6 +89,7 @@ nobase_dist_perllib_DATA = \ Dpkg/Interface/Storable.pm \ Dpkg/IPC.pm \ Dpkg/Lock.pm \ + Dpkg/OpenPGP.pm \ Dpkg/Package.pm \ Dpkg/Path.pm \ Dpkg/Shlibs.pm \ @@ -228,6 +229,7 @@ test_scripts = \ t/Dpkg_Path.t \ t/Dpkg_Vars.t \ t/Dpkg_Interface_Storable.t \ + t/Dpkg_OpenPGP.t \ t/Dpkg_Vendor.t \ t/Dpkg_Changelog.t \ t/Dpkg_Changelog_Ubuntu.t \ @@ -251,6 +253,9 @@ test_scripts = \ $(nil) test_data = \ + t/Dpkg_OpenPGP/package_1.0.orig.tar \ + t/Dpkg_OpenPGP/package_1.0.orig.tar.asc \ + t/Dpkg_OpenPGP/package_1.0.orig.tar.sig \ t/Dpkg_Shlibs/symbols.blacklisted \ t/Dpkg_Shlibs/symbols.blacklist-groups \ t/Dpkg_Shlibs/symbols.blacklist-filter \ diff --git a/scripts/po/POTFILES.in b/scripts/po/POTFILES.in index 7584619..dea8cde 100644 --- a/scripts/po/POTFILES.in +++ b/scripts/po/POTFILES.in @@ -56,6 +56,7 @@ scripts/Dpkg/IPC.pm scripts/Dpkg/Index.pm scripts/Dpkg/Interface/Storable.pm scripts/Dpkg/Lock.pm +scripts/Dpkg/OpenPGP.pm scripts/Dpkg/Package.pm scripts/Dpkg/Path.pm scripts/Dpkg/Shlibs.pm diff --git a/scripts/t/Dpkg_OpenPGP.t b/scripts/t/Dpkg_OpenPGP.t new file mode 100644 index 0000000..ee78da6 --- /dev/null +++ b/scripts/t/Dpkg_OpenPGP.t @@ -0,0 +1,56 @@ +#!/usr/bin/perl +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <https://www.gnu.org/licenses/>. + +use strict; +use warnings; + +use Test::More tests => 3; +use Test::Dpkg qw(:paths); + +use File::Compare; + +use Dpkg::ErrorHandling; + +BEGIN { + use_ok('Dpkg::OpenPGP'); +} + +report_options(quiet_warnings => 1); + +my $datadir = test_get_data_path('t/Dpkg_OpenPGP'); +my $tmpdir = 't.tmp/Dpkg_OpenPGP'; + +mkdir $tmpdir; + +openpgp_sig_to_asc("$datadir/package_1.0.orig.tar.sig", + "$tmpdir/package_1.0.orig.tar.sig2asc"); + +ok(compare("$tmpdir/package_1.0.orig.tar.sig2asc", + "$datadir/package_1.0.orig.tar.asc") == 0, + 'binary signature converted to OpenPGP ASCII Armor'); + +# Grab the output messages. +eval { + openpgp_sig_to_asc("$datadir/package_1.0.orig.tar.asc", + "$tmpdir/package_1.0.orig.tar.asc2asc"); +}; + +ok(compare("$tmpdir/package_1.0.orig.tar.asc2asc", + "$datadir/package_1.0.orig.tar.asc") == 0, + 'OpenPGP ASCII Armor copied to destination'); + +# TODO: Add actual test cases. + +1; diff --git a/scripts/t/Dpkg_OpenPGP/package_1.0.orig.tar b/scripts/t/Dpkg_OpenPGP/package_1.0.orig.tar new file mode 100644 index 0000000..e69de29 diff --git a/scripts/t/Dpkg_OpenPGP/package_1.0.orig.tar.asc b/scripts/t/Dpkg_OpenPGP/package_1.0.orig.tar.asc new file mode 100644 index 0000000..06f2ab0 --- /dev/null +++ b/scripts/t/Dpkg_OpenPGP/package_1.0.orig.tar.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEETz509DYFDBD1aWV0uXK/PqSuV6MFAlnijuMACgkQuXK/PqSu +V6Oiuw/+P0+5BMH/WfsyhDrykF90tp2q6+eQvbgny8Mo1SJT647cS0bXFrZqd1Zr +22hFouKLbbqmJVm7GqIyWzg6mWvRJ85tvKMhwaUHiNKBrwOguw6crk8TdRidvS1p +m7E70wYdoPGvLt0Sr7nDWyaj82r3QkqTWTMxiD9jD4Z3w5Ztz08rpho6CJcGcAlv +09WGRVo+AiQLDRT70T7598lilHviFNGJdC9sVOrkEyFVDJZirnTvqXgqTJAy5Lve +DjTnfYAzmivtsQUXkYIj31XWLsiFa5mfpl6FSmFUSBPXALO++sZrL+mQZoUqnBv/ +bxCg3RYbPA6dpZ9IB/gyAvvEOEECeA4v5gDqGn67FeZsALPOEhvAYclkMtLOQBxr +sJD9GPCQtT2QfObmaUlqabXASNjzguayprh+a8CJChyBKWSvn6LoSdsBzesPT/bh +DJenc5M9jvIVShiwqQYCdYotebdKYDIvelblz0TbaTs5RZNGrizgj4Mrl0CaKVHs +51M8Vpb+w1TM+jm3b+5Na+v9TuS0TxGKI1FTyfjZMjF92AF3A13KanSWMg+37eE1 +R1R4pPuJ2s4xYULQNh+BTHlrGso43nxzc2gkJbsPRa6n3fZFRVdYfkIJgv4kzaQD +Lgsnhzrz1onBWvfnFWlJaRZ/ti4/3EEHAFvt25ZLMyJC2WOCG4I= +=N2cG +-----END PGP SIGNATURE----- diff --git a/scripts/t/Dpkg_OpenPGP/package_1.0.orig.tar.sig b/scripts/t/Dpkg_OpenPGP/package_1.0.orig.tar.sig new file mode 100644 index 0000000..a15acec Binary files /dev/null and b/scripts/t/Dpkg_OpenPGP/package_1.0.orig.tar.sig differ -- Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/dpkg/dpkg.git
