Author: adam-guest
Date: 2008-03-27 18:17:37 +0000 (Thu, 27 Mar 2008)
New Revision: 1211
Modified:
trunk/debian/changelog
trunk/scripts/dscverify.1
trunk/scripts/dscverify.pl
Log:
dscverify:
+ Add debian-maintainers to the default set of keyrings
+ Add a --no-default-keyrings option to override the default keyrings
Modified: trunk/debian/changelog
===================================================================
--- trunk/debian/changelog 2008-03-26 22:07:45 UTC (rev 1210)
+++ trunk/debian/changelog 2008-03-27 18:17:37 UTC (rev 1211)
@@ -16,6 +16,9 @@
* dget: Pass --all-versions to apt-cache show in case the user has
configured it to only show the candidate version. Thanks HÃ¥kon Stordahl
(Closes: #472747)
+ * dscverify:
+ + Add debian-maintainers to the default set of keyrings
+ + Add a --no-default-keyrings option to override the default keyrings
* who-uploads: Mention the debian-maintainers keyring in --help
-- Adam D. Barratt <[EMAIL PROTECTED]> Tue, 25 Mar 2008 18:51:59 +0000
Modified: trunk/scripts/dscverify.1
===================================================================
--- trunk/scripts/dscverify.1 2008-03-26 22:07:45 UTC (rev 1210)
+++ trunk/scripts/dscverify.1 2008-03-27 18:17:37 UTC (rev 1211)
@@ -7,7 +7,8 @@
\fBdscverify\fR checks that the GPG or PGP signatures on the given
\fI.changes\fR or \fI.dsc\fR files are good signatures made by keys in
the current Debian keyrings, found in the \fIdebian-keyring\fR
-package. (Additional keyrings can be specified using the
+and \fIdebian-maintainers\fR
+packages. (Additional keyrings can be specified using the
\fB--keyring\fR option any number of times.) It then checks that the
other files listed in the \fI.changes\fR or \fI.dsc\fR files have the
correct sizes and MD5 sums. The exit status is 0 if there are no
@@ -17,6 +18,9 @@
.BI \-\-keyring " " \fIkeyring\fR
Add \fIkeyring\fR to the list of keyrings to be used.
.TP
+\fB\-\-no-default-keyrings\fR
+Do not use the default set of keyrings.
+.TP
\fB\-\-no-conf\fR, \fB\-\-noconf\fR
Do not read any configuration files. This can only be used as the
first option given on the command-line.
Modified: trunk/scripts/dscverify.pl
===================================================================
--- trunk/scripts/dscverify.pl 2008-03-26 22:07:45 UTC (rev 1210)
+++ trunk/scripts/dscverify.pl 2008-03-27 18:17:37 UTC (rev 1211)
@@ -43,6 +43,7 @@
my $Exit = 0;
my $start_dir = cwd;
my $verify_sigs = 1;
+my $use_default_keyrings = 1;
sub usage {
print <<"EOF";
@@ -51,6 +52,8 @@
--version Display version and copyright information
--keyring <keyring>
Add <keyring> to the list of keyrings used
+ --no-default-keyrings
+ Do not check against the default keyrings
--nosigcheck, --no-sig-check
Do not verify the GPG signature
--no-conf, --noconf
@@ -90,7 +93,8 @@
for (qw(/org/keyring.debian.org/keyrings/debian-keyring.gpg
/usr/share/keyrings/debian-keyring.gpg
/org/keyring.debian.org/keyrings/debian-keyring.pgp
- /usr/share/keyrings/debian-keyring.pgp)) {
+ /usr/share/keyrings/debian-keyring.pgp
+ /usr/share/keyrings/debian-maintainers.gpg)) {
push @rings, $_ if -r;
}
return @rings if @rings;
@@ -264,6 +268,10 @@
if ($ARGV[0] =~ /^--no-?conf$/) {
xdie "$ARGV[0] is only acceptable as the first command-line
option!\n";
}
+ if ($ARGV[0] eq '--no-default-keyrings') {
+ $use_default_keyrings = 0;
+ shift @ARGV;
+ }
if ($ARGV[0] eq '--keyring') {
shift @ARGV;
if (@ARGV > 0) {
@@ -297,7 +305,7 @@
@ARGV or xdie "no .changes or .dsc files specified\n";
- @rings = get_rings @rings unless $verify_sigs == 0;
+ @rings = get_rings @rings if $use_default_keyrings and $verify_sigs;
for my $file (@ARGV) {
process_file $file, @rings;
--
To unsubscribe, send mail to [EMAIL PROTECTED]
