On Tue, 2008-12-02 at 09:49 -0500, James Vega wrote:
> On Tue, Dec 02, 2008 at 12:08:35PM -0000, Adam D. Barratt wrote:
> > Hi,
> >
> > Loïc Minier wrote:
> >> debsign doesn't work with pinentry-curses because it seems to use
> >> stdin/stdout to draw the password prompt and read the password but
> >> debsign redirects them.
> > [...]
> >> full solution is to create a temp dir with with a new $1 + newline
> >> file, run gpg on this in batch mode (prevents "Are you sure you want
> >> to overwrite" prompting) and outputting to a real .asc file, then
> >> moving this back.
> >
> > I've attached a (-w to avoid clutter from reindenting in a couple of
> > places) diff addressing this bug and #507482; any comments / complaints
> > welcome.
>
> Looks good from my quick read through.
Thanks. I spotted a tiny issue with it, however, in that it only worked
if the files to be signed were in the current directory. Oops.
(Updated diff attached)
> The one thing I noticed was a cd
> without a directory argument (in the second hunk of the diff). It looks
> like you were simply splitting a line with two-commands into two lines
> and forgot to carry over the argument.
That was actually intentional - it was intended as a "cd to somewhere
safe before we remove the temporary remote-files directory". However, if
the directory exists then we must be in it and its parent must be
writable, so I've restored the previous "cd ..".
Regards,
Adam
Index: scripts/debsign.sh
===================================================================
--- scripts/debsign.sh (revision 1743)
+++ scripts/debsign.sh (working copy)
@@ -41,8 +41,34 @@
PROGNAME=`basename $0`
MODIFIED_CONF_MSG='Default settings modified by devscripts configuration files:'
+# Temporary directories
+signingdir=""
+remotefilesdir=""
+
+trap "cleanup_tmpdir" 0 1 2 3 9 11 13 15
+
# --- Functions
+mksigningdir () {
+ if [ -z "$signingdir" ]; then
+ signingdir=$(mktemp -dt debsign.XXXXXXXX) || {
+ echo "$PROGNAME: Can't create temporary directory" >&2
+ echo "Aborting..." >&2
+ exit 1
+ }
+ fi
+}
+
+mkremotefilesdir () {
+ if [ -z "$remotefilesdir" ]; then
+ remotefilesdir=$(mktemp -dt debsign.XXXXXXXX) || {
+ echo "$PROGNAME: Can't create temporary directory" >&2
+ echo "Aborting..." >&2
+ exit 1
+ }
+ fi
+}
+
usage () {
echo \
"Usage: debsign [options] [changes, dsc or commands file]
@@ -111,11 +137,18 @@
}
cleanup_tmpdir () {
+ if [ -n "$remotefilesdir" ]; then
if [ "$PRECIOUS_FILES" -gt 0 ]; then
echo "$PROGNAME: aborting with $PRECIOUS_FILES signed files in `pwd`" >&2
else
- cd ..; rm -rf debsign.$$
+ cd ..
+ rm -rf "$remotefilesdir"
fi
+ fi
+
+ if [ -n "$signingdir" ]; then
+ rm -rf "$signingdir"
+ fi
}
mustsetvar () {
@@ -137,27 +170,32 @@
local savestty=$(stty -g 2>/dev/null) || true
if [ $signinterface = gpg ]
then
- ASCII_SIGNED_FILE="$(temp_filename "$1" "asc")"
+ mksigningdir
+ UNSIGNED_FILE="$signingdir/$(basename "$1")"
+ ASCII_SIGNED_FILE="${UNSIGNED_FILE}.asc"
gpgversion=`gpg --version | head -n 1 | cut -d' ' -f3`
gpgmajorversion=`echo $gpgversion | cut -d. -f1`
gpgminorversion=`echo $gpgversion | cut -d. -f2`
+
if [ $gpgmajorversion -gt 1 -o $gpgminorversion -ge 4 ]
then
- (cat "$1" ; echo "") | \
+ (cat "$1" ; echo "") > "$UNSIGNED_FILE"
$signcommand --local-user "$2" --clearsign \
--list-options no-show-policy-urls \
- --armor --textmode --output - - > "$ASCII_SIGNED_FILE" || \
+ --armor --textmode --output "$ASCII_SIGNED_FILE"\
+ "$UNSIGNED_FILE" || \
{ SAVESTAT=$?
echo "$PROGNAME: gpg error occurred! Aborting...." >&2
stty $savestty 2>/dev/null || true
exit $SAVESTAT
}
else
- (cat "$1" ; echo "") | \
+ (cat "$1" ; echo "") > "$UNSIGNED_FILE"
$signcommand --local-user "$2" --clearsign \
--no-show-policy-url \
- --armor --textmode --output - - > "$ASCII_SIGNED_FILE" || \
+ --armor --textmode --output "$ASCII_SIGNED_FILE" \
+ "$UNSIGNED_FILE" || \
{ SAVESTAT=$?
echo "$PROGNAME: gpg error occurred! Aborting...." >&2
stty $savestty 2>/dev/null || true
@@ -372,13 +410,8 @@
# Do we have to download the changes file?
if [ -n "$remotehost" ]
then
- cd ${TMPDIR:-/tmp}
- if [ ! -d "debsign.$$" ]
- then
- mkdir debsign.$$ || { echo "$PROGNAME: Can't mkdir!" >&2; exit 1; }
- fi
- trap "cleanup_tmpdir" 0 1 2 3 7 10 13 15
- cd debsign.$$
+ mkremotefilesdir
+ cd $remotefilesdir
remotechanges=$changes
remotedsc=$dsc
