This is an automated email from the git hooks/post-receive script. guillem pushed a commit to branch main in repository dpkg.
View the commit online: https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=9c64d540c5ba1c75b2fabc531c38be4025d8572f commit 9c64d540c5ba1c75b2fabc531c38be4025d8572f Author: Guillem Jover <[email protected]> AuthorDate: Fri Jul 29 23:25:39 2022 +0200 dpkg-buildpackage: Add --sign-backend to specify the OpenPGP backend The default OpenPGP backend is auto-detected, but can now be specified explicitly. There was a historical -s(gpg|pgp) option which we are not reusing as it was confusing with the options that control the source package contents. This should be rare enough to be needed on the command-line that a long option should be fine, and it can always be configured on the config file. --- man/dpkg-buildpackage.pod | 29 +++++++++++++++++++++-------- scripts/dpkg-buildpackage.pl | 7 +++++++ 2 files changed, 28 insertions(+), 8 deletions(-) diff --git a/man/dpkg-buildpackage.pod b/man/dpkg-buildpackage.pod index b5b2f33a4..6c8d06695 100644 --- a/man/dpkg-buildpackage.pod +++ b/man/dpkg-buildpackage.pod @@ -117,7 +117,7 @@ with B<--check-command>). =item B<11.> -It runs the B<sign> hook and calls B<gpg> (as long as it +It runs the B<sign> hook and signs using the OpenPGP backend (as long as it is not an UNRELEASED build, or B<--no-sign> is specified) to sign the B<.dsc> file (if any, unless B<-us> or B<--unsigned-source> is specified), the B<.buildinfo> @@ -517,15 +517,28 @@ Set the I<filename> for the generated B<.buildinfo> file (since dpkg 1.21.0). Pass option I<opt> to B<dpkg-genbuildinfo> (since dpkg 1.18.11). Can be used multiple times. +=item B<--sign-backend=>I<sign-backend> + +Specify an OpenPGP backend interface to use when invoking the I<sign-command> +(since dpkg 1.21.10). + +The default is B<auto>, where the best current backend available will be used. +The specific OpenPGP backends supported in order of preference are: + +=over 2 + +=item B<gpg> (from GnuPG) + +=back + =item B<-p>, B<--sign-command=>I<sign-command> -When B<dpkg-buildpackage> needs to execute GPG to sign a source -control (B<.dsc>) file or a B<.changes> file it will run -I<sign-command> (searching the B<PATH> if necessary) instead of -B<gpg> (long option since dpkg 1.18.8). -I<sign-command> will get all the arguments -that B<gpg> would have gotten. I<sign-command> -should not contain spaces or any other shell metacharacters. +When B<dpkg-buildpackage> needs to execute an OpenPGP backend command to +sign a source control (B<.dsc>) file or a B<.changes> file it will run +I<sign-command> (searching the B<PATH> if necessary) instead of the +default or auto-detected backend command (long option since dpkg 1.18.8). +I<sign-command> will get all the arguments defined by the B<--sign-backend>. +I<sign-command> should not contain spaces or any other shell metacharacters. =item B<-k>, B<--sign-keyid=>I<key-id> diff --git a/scripts/dpkg-buildpackage.pl b/scripts/dpkg-buildpackage.pl index 440edf0dd..e10ff8303 100755 --- a/scripts/dpkg-buildpackage.pl +++ b/scripts/dpkg-buildpackage.pl @@ -109,6 +109,9 @@ sub usage { --buildinfo-option=<opt> pass option <opt> to dpkg-genbuildinfo. --changes-file=<file> set the .changes filename to generate. + --sign-backend=<backend> + OpenPGP backend to use to sign + (default is auto). -p, --sign-command=<command> command to sign .dsc and/or .changes files (default is gpg). @@ -160,6 +163,7 @@ sub usage { my $admindir; my @debian_rules = ('debian/rules'); my @rootcommand = (); +my $signbackend; my $signcommand; my $preclean = 1; my $postclean = 0; @@ -289,6 +293,8 @@ while (@ARGV) { } elsif (/^(--buildinfo-id)=.*$/) { # Deprecated option warning(g_('%s is deprecated; it is without effect'), $1); + } elsif (/^--sign-backend=(.*)$/) { + $signbackend = $1; } elsif (/^(?:-p|--sign-command=)(.*)$/) { $signcommand = $1; } elsif (/^--sign-keyfile=(.*)$/) { @@ -544,6 +550,7 @@ my $signkey = Dpkg::OpenPGP::KeyHandle->new( signkey_validate(); my $openpgp = Dpkg::OpenPGP->new( + backend => $signbackend // 'auto', cmd => $signcommand // 'auto', needs => { keystore => $signkey->needs_keystore(), -- Dpkg.Org's dpkg
