Hello community,
here is the log from the commit of package gpg-offline for openSUSE:Factory
checked in at 2013-09-13 14:43:58
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/gpg-offline (Old)
and /work/SRC/openSUSE:Factory/.gpg-offline.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "gpg-offline"
Changes:
--------
--- /work/SRC/openSUSE:Factory/gpg-offline/gpg-offline.changes 2012-12-19
20:45:58.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.gpg-offline.new/gpg-offline.changes
2013-09-13 14:43:59.000000000 +0200
@@ -1,0 +2,12 @@
+Wed Sep 11 20:09:18 CEST 2013 - sbra...@suse.cz
+
+- Do not attempt to parse gpg --verify arguments.
+ It breaks verification from stdin.
+
+-------------------------------------------------------------------
+Wed Dec 19 20:44:18 CET 2012 - sbra...@suse.cz
+
+- Add --trust-model=always where appropriate.
+- Manpage fix.
+
+-------------------------------------------------------------------
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ gpg-offline.spec ++++++
--- /var/tmp/diff_new_pack.oZlKAd/_old 2013-09-13 14:44:00.000000000 +0200
+++ /var/tmp/diff_new_pack.oZlKAd/_new 2013-09-13 14:44:00.000000000 +0200
@@ -1,7 +1,7 @@
#
# spec file for package gpg-offline
#
-# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
++++++ genopts ++++++
--- /var/tmp/diff_new_pack.oZlKAd/_old 2013-09-13 14:44:00.000000000 +0200
+++ /var/tmp/diff_new_pack.oZlKAd/_new 2013-09-13 14:44:00.000000000 +0200
@@ -1,6 +1,8 @@
#! /bin/bash
# genopts: Generator of Bash based option parser.
+# Version 1.3, Stanislav Brabec <sbra...@suse.cz>, 2004:
+# Support for automake (write to current directory).
# Version 1.2, Stanislav Brabec <sbra...@suse.cz>, 2004:
# Fixed @options_only.
# Added @multioption.
@@ -20,8 +22,8 @@
if [ -e $1.gopts ]
then
- exec 0<$1.gopts 1>$1
- chmod +x $1
+ exec 0<$1.gopts 1>${1##*/}
+ chmod +x ${1##*/}
else
echo "Input file $1.gopts doesn't exist."
exit 1
++++++ gpg-offline.gopts ++++++
--- /var/tmp/diff_new_pack.oZlKAd/_old 2013-09-13 14:44:00.000000000 +0200
+++ /var/tmp/diff_new_pack.oZlKAd/_new 2013-09-13 14:44:00.000000000 +0200
@@ -68,7 +68,7 @@
lists keyring contents (exactly equal to --review --offline)
@switch VERIFY -c --verify
-verifies signature of selected source files
+verifies selected signatures files
@switch OFFLINE -O --offline
does not verify up-to-date status online (use with --add, --review or
--refresh)
@@ -162,13 +162,11 @@
else
AUTO_KEY_RETRIEVE=""
fi
- for ID in "${ARGV[@]}" ; do
- vvrun "Extract minimal form of the key $ID in binary form:"\
- gpg
--keyserver-options=${AUTO_KEY_RETRIEVE}auto-key-retrieve --armor
--export-options no-export-attributes,export-clean,export-minimal --export
"$ID" >${TEMP}key.$$
- vvrun "Import the new key to the temporary keyring:"\
- gpg --no-default-keyring --keyring gpg-offline.$$
--import <${TEMP}key.$$
- done
+ vvrun "Extract minimal form of the key $ID in binary form:"\
+ gpg --keyserver-options=${AUTO_KEY_RETRIEVE}auto-key-retrieve
--armor --export-options no-export-attributes,export-clean,export-minimal
--export "${ARGV[@]}" >${TEMP}key.$$
+ vvrun "Import the new key to the temporary keyring:"\
+ gpg --no-default-keyring --keyring gpg-offline.$$ --import
<${TEMP}key.$$
}
function keyring_op_delete {
@@ -182,7 +180,7 @@
if ! $OPTARG_OFFLINE ; then
vvrun "Refreshing keys from the key server:"\
- gpg --no-default-keyring --keyring gpg-offline.$$
--refresh-keys
+ gpg --trust-model=always --no-default-keyring --keyring
gpg-offline.$$ --refresh-keys
fi
}
@@ -205,7 +203,7 @@
function keyring_required {
if ! test -f "$KEYRING" ; then
- echo >&2 "$0: $KEYRING not found."
+ echo >&2 "$0: Keyring \"$KEYRING\" not found."
exit 1
fi
}
@@ -250,18 +248,13 @@
filespec_required
keyring_required
- RC=0
rm -rf ~/.gnupg/gpg-offline.$$*
trap "rm -rf ~/.gnupg/gpg-offline.$$*" EXIT
vvrun "Import armored $KEYRING to the temporary keyring:"\
gpg --no-default-keyring --keyring gpg-offline.$$ --import
<"$KEYRING"
- for SIGNATURE in "${ARGV[@]}" ; do
- # "--trust-model=always" always generates warning "Using
untrusted key!". "--quiet" suppresses it.
- vvrun "Verifying $SIGNATURE against the temporary keyring
only:"\
- gpg --quiet --trust-model=always
--keyserver-options=no-auto-key-retrieve --no-default-keyring
--keyring=gpg-offline.$$ --verify "$SIGNATURE"
- let RC+=$?
- done
- if test $RC -gt 0 ; then
+ # "--trust-model=always" always generates warning "Using untrusted
key!". "--quiet" suppresses it.
+ if ! vvrun "Verifying $SIGNATURE against the temporary keyring only:"\
+ gpg --quiet --trust-model=always
--keyserver-options=no-auto-key-retrieve --no-default-keyring
--keyring=gpg-offline.$$ --verify "${ARGV[@]}" ; then
exit 1
fi
exit 0
++++++ gpg-offline.man.in ++++++
--- /var/tmp/diff_new_pack.oZlKAd/_old 2013-09-13 14:44:00.000000000 +0200
+++ /var/tmp/diff_new_pack.oZlKAd/_new 2013-09-13 14:44:00.000000000 +0200
@@ -14,12 +14,12 @@
\fB\-p\fR, \fB\-\-package\fR=\fIPACKAGE\fR
specify the package (either \fB\-\-package\fR or \fB\-\-keyring\fR are
mandatory)
Tool will access file named
-.FN \fIPACKAGE\fR.keyring
+\fIPACKAGE\fR.keyring
in the directory specified by \fB\-\-package\fR.
.TP
\fB\-\-directory\fR \fIDIR\fR
specifies directory where
-.FN \fIPACKAGE\fR.keyring
+\fIPACKAGE\fR.keyring
will be searched.
.TP
\fB\-f\fR, \fB\-\-keyring\fR=\fIFILE\fR
@@ -43,7 +43,7 @@
removes signing key(s) KEY_ID of upstream package from the keyring
file.
.TP
-\fB\-c\fR, \fB\-\-verify\fR \fISIGNATURE\fR...
+\fB\-c\fR, \fB\-\-verify\fR \fIGPG_ARGS\fR...
verifies that the signature is valid. Signature is validated only
against keys included in the keyring file. Any other keys are not
accepted.
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
