On 28/02/14 04:22, Thomas Bächler wrote:
Files hosted on kernel.org only provide signatures for the uncompress tarball. Support this scheme by transparently uncompressing the archives and piping the data into gpg. --- scripts/makepkg.sh.in | 23 ++++++++++++++++++++--- 1 file changed, 20 insertions(+), 3 deletions(-)
diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index b69c071..4f5db99 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -1250,7 +1250,7 @@ check_pgpsigs() {
msg "$(gettext "Verifying source file signatures with %s...")" "gpg"
- local file pubkey + local file pubkey ext decompress found local warning=0 local errors=0 local statusfile=$(mktemp) @@ -1269,13 +1269,30 @@ check_pgpsigs() { continue fi
- if ! sourcefile="$(get_filepath "${file%.*}")"; then + found=0 + for ext in "" gz bz2 xz lrz lzo Z; do + if sourcefile="$(get_filepath "${file%.*}${ext:+.$ext}")"; then + found=1 + break; + fi + done + if (( ! found )); then printf '%s\n' "$(gettext "SOURCE FILE NOT FOUND")" >&2 errors=1 continue fi
- if ! gpg --quiet --batch --status-file "$statusfile" --verify "$file" "$sourcefile" 2> /dev/null; then + case "$ext" in + gz) decompress="gzip -c -d -f" ;; + bz2) decompress="bzip2 -c -d -f" ;; + xz) decompress="xz -c -d" ;; + lrz) decompress="lrzip -q -d" ;; + lzo) decompress="lzop -c -d -q" ;; + Z) decompress="uncompress -c -f" ;; + "") decompress="cat" ;; + esac + + if ! cat "$sourcefile" | $decompress | gpg --quiet --batch --status-file "$statusfile" --verify "$file" - 2> /dev/null; then
Looks like an unnecessary cat there. if ! $decompress "$sourcefile" | gpg ...
printf '%s' "$(gettext "FAILED")" >&2 if ! pubkey=$(awk '/NO_PUBKEY/ { print $3; exit 1; }' "$statusfile"); then printf ' (%s)' "$(gettext "unknown public key") $pubkey" >&2