summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xsrc/abslibre-tools/librerelease61
-rw-r--r--src/libretools.conf4
2 files changed, 45 insertions, 20 deletions
diff --git a/src/abslibre-tools/librerelease b/src/abslibre-tools/librerelease
index aff13fa..540472c 100755
--- a/src/abslibre-tools/librerelease
+++ b/src/abslibre-tools/librerelease
@@ -4,6 +4,21 @@
# Copyright 2010 Nicolás Reynolds
# Copyright 2013 Luke Shumaker
+# For just the create_signature() function:
+# Copyright (c) 2006-2013 Pacman Development Team <pacman-dev@archlinux.org>
+# Copyright (c) 2002-2006 by Judd Vinet <jvinet@zeroflux.org>
+# Copyright (c) 2005 by Aurelien Foret <orelien@chez.com>
+# Copyright (c) 2006 by Miklos Vajna <vmiklos@frugalware.org>
+# Copyright (c) 2005 by Christian Hamar <krics@linuxforum.hu>
+# Copyright (c) 2006 by Alex Smith <alex@alex-smith.me.uk>
+# Copyright (c) 2006 by Andras Voroskoi <voroskoi@frugalware.org>
+# Copyright (c) 2006-2013 Pacman Development Team <pacman-dev@archlinux.org>
+# Copyright (c) 2002-2006 by Judd Vinet <jvinet@zeroflux.org>
+# Copyright (c) 2005 by Aurelien Foret <orelien@chez.com>
+# Copyright (c) 2006 by Miklos Vajna <vmiklos@frugalware.org>
+# Copyright (c) 2005 by Christian Hamar <krics@linuxforum.hu>
+# Copyright (c) 2006 by Alex Smith <alex@alex-smith.me.uk>
+# Copyright (c) 2006 by Andras Voroskoi <voroskoi@frugalware.org>
#
# This file is part of Parabola.
#
@@ -44,6 +59,27 @@ function list_packages {
done
}
+# This function is taken almost verbatim from makepkg
+create_signature() {
+ local ret=0
+ local filename="$1"
+ msg "$(gettext "Signing package...")"
+
+ local SIGNWITHKEY=""
+ if [[ -n $GPGKEY ]]; then
+ SIGNWITHKEY="-u ${GPGKEY}"
+ fi
+ # The signature will be generated directly in ascii-friendly format
+ gpg --detach-sign --use-agent ${SIGNWITHKEY} "$filename" &>/dev/null || ret=$?
+
+
+ if (( ! ret )); then
+ msg2 "$(gettext "Created signature file %s.")" "$filename.sig"
+ else
+ warning "$(gettext "Failed to sign package file.")"
+ fi
+}
+
function sign_packages {
if [ -z "${GPG_AGENT_INFO}" ]; then
warning "It's better to use gpg-agent to sign packages in batches"
@@ -51,27 +87,18 @@ function sign_packages {
find "${WORKDIR}/staging/" -type f -iname '*.pkg.tar.?z' -printf '%h/%f\n' |
while read -r package; do
- if [ -f "${package}${SIGEXT}" ]; then
-
- warning "Package signature found, verifying..."
+ if [ -f "${package}.sig" ]; then
+ msg2 "Package signature found, verifying..."
# Verify that the signature is correct, else remove for re-signing
- if ! gpg --quiet --verify "${package}${SIGEXT}" >/dev/null 2>&1; then
+ if ! gpg --quiet --verify "${package}.sig" >/dev/null 2>&1; then
error "Failed! Re-signing..."
- rm -f "${package}${SIGEXT}"
+ rm -f "${package}.sig"
fi
fi
- if ! [ -f "${package}${SIGEXT}" ]; then
- msg2 "Signing ${package}..."
- if ! gpg \
- --default-key "${SIGID}" \
- --output "${package}${SIGEXT}" \
- --detach-sig "${package}"
- then
- error "Signing failed"
- return 2
- fi
+ if ! [ -f "${package}.sig" ]; then
+ create_signature "$package" || return 2
fi
done
}
@@ -123,8 +150,10 @@ function main {
return 0
fi
+ load_files makepkg
+ check_vars makepkg GPGKEY
load_files libretools
- check_vars libretools WORKDIR PARABOLAHOST LIBREDESTDIR SIGID SIGEXT || return 1
+ check_vars libretools WORKDIR PARABOLAHOST LIBREDESTDIR || return 1
# The following variables are actually optional
#check_vars libretools HOOKPRERELEASE HOOKPOSTRELEASE || return 1
diff --git a/src/libretools.conf b/src/libretools.conf
index 5c6fa67..68f07c7 100644
--- a/src/libretools.conf
+++ b/src/libretools.conf
@@ -26,10 +26,6 @@ REPOS=('core' 'libre' 'extra' 'community' 'libre-testing' 'social' 'sugar' 'pcr'
# The dir where you work on
WORKDIR=/home/$LIBREUSER/packages
-## Package signing
-SIGEXT=".sig"
-#SIGID="0xYOURID"
-
## Parabola hostname
PARABOLAHOST=parabola
## Assumes something similar in your .ssh/config: