From b9769d5af5e4be7a1c285ccf06df8a608d9d5825 Mon Sep 17 00:00:00 2001 From: Luke Shumaker Date: Sun, 31 May 2015 13:28:57 -0600 Subject: librefetch: Don't try to use makepkg to create .sig files. --- src/librefetch/librefetch | 76 +++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 67 insertions(+), 9 deletions(-) (limited to 'src/librefetch/librefetch') diff --git a/src/librefetch/librefetch b/src/librefetch/librefetch index 49a8565..ea90e5b 100755 --- a/src/librefetch/librefetch +++ b/src/librefetch/librefetch @@ -3,6 +3,15 @@ # # Copyright (C) 2013-2015 Luke Shumaker # +# For just the create_signature() function: +# Copyright (C) 2006-2013 Pacman Development Team +# Copyright (C) 2002-2006 Judd Vinet +# Copyright (C) 2005 Aurelien Foret +# Copyright (C) 2006 Miklos Vajna +# Copyright (C) 2005 Christian Hamar +# Copyright (C) 2006 Alex Smith +# Copyright (C) 2006 Andras Voroskoi +# # License: GNU GPLv3+ # # This file is part of Parabola. @@ -20,6 +29,9 @@ # You should have received a copy of the GNU General Public License # along with Parabola. If not, see . +# create_signature() is taken from pacman:makepkg, which is GPLv2+, +# so we take the '+' to combine it with our GPLv3+. + . "$(librelib conf)" . "$(librelib messages)" setup_traps @@ -46,9 +58,14 @@ usage() { beginning of a URL, 'libre://' expands to the first configured mirror." echo - prose "In create mode, it looks at a build script, and uses that to - create the source tarball. SOURCE_URL is ignored, except that it - is used to set the default value of OUTPUT_FILE." + prose "In create mode, it either looks at a build script and uses that + to create the source tarball, or it uses GPG to create a + signature (if OUTPUT_FILE ends with \`.sig\` or \`.sig.part\`). + If it is using GPG to create a signature, but the file that it is + trying to sign doesn't exist yet, it recurses on itself to first + create that file. SOURCE_URL is ignored, except that it is used + to set the default value of OUTPUT_FILE, and that it may be used + when recursing." echo prose "The default build script is 'PKGBUILD', or 'SRCBUILD' if it exists." @@ -83,6 +100,10 @@ main() { exit 1 fi + doit +} + +doit() { # Mode: help ########################################################### if [[ $mode =~ help ]]; then @@ -183,13 +204,26 @@ main() { # Mode: create ######################################################### if [[ $mode =~ create ]]; then - PKGEXT=${dst##*/} - export PKGEXT=${PKGEXT%.part} - export PKGDEST=${dst%/*} - export pkg_file=$dst + local base_dst=${dst%.part} + local suffix=${dst#"$base_dst"} - cd "$BUILDFILEDIR" - "$makepkg" "${makepkg_opts[@]}" -p "$srcbuild" >&2 || exit $? + if [[ $base_dst == *.sig ]]; then + if ! [[ -e $base_dst ]]; then + extra_opts=("${src%.sig}" "${base_dst%.sig}") + doit || exit $? + fi + create_signature "${base_dst%.sig}" || exit $? + if [[ -n $suffix ]]; then + mv -f "$base_dst" "$dst" + fi + else + export PKGEXT=${base_dst##*/} + export PKGDEST=${dst%/*} + export pkg_file=$dst + + cd "$BUILDFILEDIR" + "$makepkg" "${makepkg_opts[@]}" -p "$srcbuild" >&2 || exit $? + fi fi } @@ -393,4 +427,28 @@ modified_srcbuild() { printf '%s\n' "$new" } +################################################################################ + +# This function is taken almost verbatim from makepkg +create_signature() { + local ret=0 + local filename="$1" + msg "Signing package..." + + local SIGNWITHKEY=() + if [[ -n $GPGKEY ]]; then + SIGNWITHKEY=(-u "${GPGKEY}") + fi + # The signature will be generated directly in ascii-friendly format + gpg --detach-sign --use-agent "${SIGNWITHKEY[@]}" "$filename" || ret=$? + + + if (( ! ret )); then + msg2 "Created signature file %s." "$filename.sig" + else + error "Failed to sign package file." + return $ret + fi +} + main "$@" -- cgit v1.2.2