On 06/09/11 01:22, Dave Reisner wrote:
- use our warning() and error() functions - use printf instead of echo - ensure a newline always follows the result of the check - properly error on a revoked key (matching pacman's behavior)
Signed-off-by: Dave Reisner<dreisner@archlinux.org> --- refactored the whole thing as per allan's suggestion.
Not quite... Now this output is split over two lines and is inconsistent with the output when we check_checksums (for at least the "SIGNATURE NOT FOUND" and "SOURCE FILE NOT FOUND" lines. I am fine with the other lines being split) Allan
scripts/makepkg.sh.in | 34 ++++++++++++++++++---------------- 1 files changed, 18 insertions(+), 16 deletions(-)
diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index 75d168b..b2295a6 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -704,7 +704,7 @@ check_pgpsigs() {
msg "$(gettext "Verifying source file signatures with %s...")" "gpg"
- local file + local file pubkey local warning=0 local errors=0 local statusfile=$(mktemp) @@ -715,40 +715,42 @@ check_pgpsigs() { continue fi
- echo -n " ${file%.*} ... ">&2 + printf " %s ... " "${file%.*}">&2
if ! file="$(get_filepath "$file")"; then - echo "$(gettext "SIGNATURE NOT FOUND")">&2 + error "$(gettext "SIGNATURE NOT FOUND")">&2 errors=1 continue fi
if ! sourcefile="$(get_filepath "${file%.*}")"; then - echo "$(gettext "SOURCE FILE NOT FOUND")">&2 + error "$(gettext "SOURCE FILE NOT FOUND")">&2 errors=1 continue fi
if ! gpg --quiet --batch --status-file "$statusfile" --verify "$file" "$sourcefile" 2> /dev/null; then - if grep "NO_PUBKEY" "$statusfile"> /dev/null; then - warning "$(gettext "Unknown public key") $(awk '/NO_PUBKEY/ {print $3}' $statusfile)">&2 + printf '%s\n' "$(gettext "FAILED")">&2 + if ! pubkey=$(awk '/NO_PUBKEY/ { print $3; exit 1; }' "$statusfile"); then + warning "$(gettext "Unknown public key") $pubkey">&2 warnings=1 else - echo "$(gettext "FAILED")">&2 errors=1 fi else - if grep "REVKEYSIG" "$statusfile"> /dev/null; then - echo "$(gettext "Passed")" "-" "$(gettext "Warning: the key has been revoked.")">&2 + if grep -q "REVKEYSIG" "$statusfile"; then + printf '%s\n' "$(gettext "FAILED")">&2 + error "$(gettext "the key has been revoked.")">&2 errors=1 - elif grep "EXPSIG" "$statusfile"> /dev/null; then - echo "$(gettext "Passed")" "-" "$(gettext "Warning: the signature has expired.")">&2 - warnings=1 - elif grep "EXPKEYSIG" "$statusfile"> /dev/null; then - echo "$(gettext "Passed")" "-" "$(gettext "Warning: the key has expired.")">&2 - warnings=1 else - echo $(gettext "Passed")>&2 + printf '%s\n' "$(gettext "Passed")">&2 + if grep -q "EXPSIG" "$statusfile"; then + warning "$(gettext "the signature has expired.")">&2 + warnings=1 + elif grep -q "EXPKEYSIG" "$statusfile"; then + warning "$(gettext "the key has expired.")">&2 + warnings=1 + fi fi fi done