This is an automated email from the git hooks/post-receive script. guillem pushed a commit to branch master in repository dpkg.
View the commit online: https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=21199ee1c25538ee24cdacc0a133ac6ff3502821 commit 21199ee1c25538ee24cdacc0a133ac6ff3502821 (HEAD -> master) Author: Guillem Jover <[email protected]> AuthorDate: Tue Nov 26 13:17:45 2019 +0100 Dpkg::Source::Package: Honor require_valid_signature option We need to pass this option forward to the verify_signature() calls, otherwise we use the default. Fixes: commit 139dfc4c78593d995610c0aa180300a9a7dd94ac Fixes: commit 3821f024d92aabf24a333025c1c1956d8a45e718 --- scripts/Dpkg/Source/Package.pm | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/scripts/Dpkg/Source/Package.pm b/scripts/Dpkg/Source/Package.pm index 337000cb8..3e7f40ebb 100644 --- a/scripts/Dpkg/Source/Package.pm +++ b/scripts/Dpkg/Source/Package.pm @@ -417,10 +417,14 @@ sub check_original_tarball_signature { my $keyring = File::Temp->new(UNLINK => 1, SUFFIX => '.gpg'); Dpkg::OpenPGP::import_key($upstream_key, keyring => $keyring); + + my %opts = ( + keyrings => [ $keyring ], + require_valid_signature => $self->{options}{require_valid_signature}, + ); foreach my $asc (@asc) { - Dpkg::OpenPGP::verify_signature($asc, - datafile => $asc =~ s/\.asc$//r, - keyrings => [ $keyring ]); + $opts{datafile} = $asc =~ s/\.asc$//r; + Dpkg::OpenPGP::verify_signature($asc, %opts); } } @@ -460,7 +464,11 @@ sub check_signature { } } - Dpkg::OpenPGP::verify_signature($dsc, keyrings => \@keyrings); + my %opts = ( + keyrings => \@keyrings, + require_valid_signature => $self->{options}{require_valid_signature}, + ); + Dpkg::OpenPGP::verify_signature($dsc, %opts); } sub describe_cmdline_options { -- Dpkg.Org's dpkg
