[pacman-dev] [PATCH 1/3] rankmirrors: properly sort resulting times
- Properly read each sorted line into a new array, instead of breaking on every word. - LC_COLLATE should apply to the sort portion of the pipeline, not the printing. Signed-off-by: Dave Reisner <dreisner@archlinux.org> --- scripts/rankmirrors.sh.in | 3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/scripts/rankmirrors.sh.in b/scripts/rankmirrors.sh.in index a0ff6d5..875a143 100644 --- a/scripts/rankmirrors.sh.in +++ b/scripts/rankmirrors.sh.in @@ -92,7 +92,8 @@ getfetchurl() { # This exists to remove the need for a separate interrupt function finaloutput() { - IFS=$'\n' sortedarray=( $(LC_COLLATE=C printf "%s\n" "${timesarray[@]}" | sort) ) + IFS=$'\n' read -r -d '' -a sortedarray < \ + <(printf '%s\n' "${timesarray[@]}" | LC_COLLATE=C sort) # Final output for mirrorfile numiterator="0" -- 1.7.6.1
We seem to enjoy using bash regex capabilities, but never referencing the result with BASH_REMATCH. Replace almost all regexes with equivalent extglobs which are faster and functionally equivalent in these cases. Signed-off-by: Dave Reisner <dreisner@archlinux.org> --- The only remaining regexes are in lib{depends,provides} logic and I'm not really comfortable touching those. There's a lot of cleanup that should be done separately for that code where removal of those regexes can be handled accordingly... scripts/makepkg.sh.in | 16 +++++++++------- 1 files changed, 9 insertions(+), 7 deletions(-) diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index 2f06b9b..75d168b 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -81,6 +81,8 @@ FORCE_VER="" PACMAN_OPTS= +shopt -s extglob + ### SUBROUTINES ### plain() { @@ -341,7 +343,7 @@ in_array() { source_has_signatures(){ local file for file in "${source[@]}"; do - if [[ $file =~ \.(sig|asc)$ ]]; then + if [[ $file = *.@(sig|asc) ]]; then return 0 fi done @@ -420,7 +422,7 @@ download_file() { run_pacman() { local cmd printf -v cmd "%q " "$PACMAN" $PACMAN_OPTS "$@" - if (( ! ASROOT )) && [[ ! $1 =~ ^-(T|Qq)$ ]]; then + if (( ! ASROOT )) && [[ ! $1 = -@(T|Qq) ]]; then if type -p sudo >/dev/null; then cmd="sudo $cmd" else @@ -709,7 +711,7 @@ check_pgpsigs() { for file in "${source[@]}"; do file="$(get_filename "$file")" - if [[ ! $file =~ \.(sig|asc)$ ]]; then + if [[ ! $file = *.@(sig|asc) ]]; then continue fi @@ -1451,7 +1453,7 @@ check_sanity() { awk -F'=' '/^[[:space:]]*pkgver=/ { $1=""; print $0 }' "$BUILDFILE" | while read -r i; do eval i=\"$(sed 's/^\(['\''"]\)\(.*\)\1$/\2/' <<< "$i")\" - if [[ $i =~ [[:space:]:-] ]]; then + if [[ $i = *+([[:space:]:-])* ]]; then error "$(gettext "%s is not allowed to contain colons, hyphens or whitespace.")" "pkgver" return 1 fi @@ -1460,7 +1462,7 @@ check_sanity() { awk -F'=' '/^[[:space:]]*pkgrel=/ { $1=""; print $0 }' "$BUILDFILE" | while read -r i; do eval i=\"$(sed 's/^\(['\''"]\)\(.*\)\1$/\2/' <<< "$i")\" - if [[ $i =~ [[:space:]-] ]]; then + if [[ $i = *+([[:space:]-])* ]]; then error "$(gettext "%s is not allowed to contain hyphens or whitespace.")" "pkgrel" return 1 fi @@ -1469,7 +1471,7 @@ check_sanity() { awk -F'=' '/^[[:space:]]*epoch=/ { $1=""; print $0 }' "$BUILDFILE" | while read -r i; do eval i=\"$(sed 's/^\(['\''"]\)\(.*\)\1$/\2/' <<< "$i")\" - if [[ ! $i =~ ^[0-9]*$ ]]; then + if [[ $i && $i != +([0-9]) ]]; then error "$(gettext "%s must be an integer.")" "epoch" return 1 fi @@ -1526,7 +1528,7 @@ check_sanity() { sed -e "s/optdepends=/optdepends_list+=/" -e "s/#.*//" -e 's/\\$//') for i in "${optdepends_list[@]}"; do local pkg=${i%%:*} - if [[ ! $pkg =~ ^[[:alnum:]\>\<\=\.\+\_\-]+$ ]]; then + if [[ $pkg != +([[:alnum:]><=.+_-]) ]]; then error "$(gettext "Invalid syntax for %s : '%s'")" "optdepend" "$i" ret=1 fi -- 1.7.6.1
On 05/09/11 14:57, Dave Reisner wrote:
We seem to enjoy using bash regex capabilities, but never referencing the result with BASH_REMATCH. Replace almost all regexes with equivalent extglobs which are faster and functionally equivalent in these cases.
Signed-off-by: Dave Reisner<dreisner@archlinux.org>
I have no objections to this. So ack with minor comments below.
--- The only remaining regexes are in lib{depends,provides} logic and I'm not really comfortable touching those. There's a lot of cleanup that should be done separately for that code where removal of those regexes can be handled accordingly...
One day I will get to finishing my adjustments there... honest!
scripts/makepkg.sh.in | 16 +++++++++------- 1 files changed, 9 insertions(+), 7 deletions(-)
diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index 2f06b9b..75d168b 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -81,6 +81,8 @@ FORCE_VER=""
PACMAN_OPTS=
+shopt -s extglob + ### SUBROUTINES ###
plain() { @@ -341,7 +343,7 @@ in_array() { source_has_signatures(){ local file for file in "${source[@]}"; do - if [[ $file =~ \.(sig|asc)$ ]]; then + if [[ $file = *.@(sig|asc) ]]; then return 0 fi done @@ -420,7 +422,7 @@ download_file() { run_pacman() { local cmd printf -v cmd "%q " "$PACMAN" $PACMAN_OPTS "$@" - if (( ! ASROOT ))&& [[ ! $1 =~ ^-(T|Qq)$ ]]; then + if (( ! ASROOT ))&& [[ ! $1 = -@(T|Qq) ]]; then if type -p sudo>/dev/null; then cmd="sudo $cmd" else @@ -709,7 +711,7 @@ check_pgpsigs() {
for file in "${source[@]}"; do file="$(get_filename "$file")" - if [[ ! $file =~ \.(sig|asc)$ ]]; then + if [[ ! $file = *.@(sig|asc) ]]; then continue fi
@@ -1451,7 +1453,7 @@ check_sanity() { awk -F'=' '/^[[:space:]]*pkgver=/ { $1=""; print $0 }' "$BUILDFILE" | while read -r i; do eval i=\"$(sed 's/^\(['\''"]\)\(.*\)\1$/\2/'<<< "$i")\" - if [[ $i =~ [[:space:]:-] ]]; then + if [[ $i = *+([[:space:]:-])* ]]; then error "$(gettext "%s is not allowed to contain colons, hyphens or whitespace.")" "pkgver" return 1 fi @@ -1460,7 +1462,7 @@ check_sanity() { awk -F'=' '/^[[:space:]]*pkgrel=/ { $1=""; print $0 }' "$BUILDFILE" | while read -r i; do eval i=\"$(sed 's/^\(['\''"]\)\(.*\)\1$/\2/'<<< "$i")\" - if [[ $i =~ [[:space:]-] ]]; then + if [[ $i = *+([[:space:]-])* ]]; then error "$(gettext "%s is not allowed to contain hyphens or whitespace.")" "pkgrel" return 1 fi @@ -1469,7 +1471,7 @@ check_sanity() { awk -F'=' '/^[[:space:]]*epoch=/ { $1=""; print $0 }' "$BUILDFILE" | while read -r i; do eval i=\"$(sed 's/^\(['\''"]\)\(.*\)\1$/\2/'<<< "$i")\" - if [[ ! $i =~ ^[0-9]*$ ]]; then + if [[ $i&& $i != +([0-9]) ]]; then
Do we need the test for $i there given it should be non-null for us not to exit the while loop? Also, should we use [:digit:] rather than [0-9]?
error "$(gettext "%s must be an integer.")" "epoch" return 1 fi @@ -1526,7 +1528,7 @@ check_sanity() { sed -e "s/optdepends=/optdepends_list+=/" -e "s/#.*//" -e 's/\\$//') for i in "${optdepends_list[@]}"; do local pkg=${i%%:*} - if [[ ! $pkg =~ ^[[:alnum:]\>\<\=\.\+\_\-]+$ ]]; then + if [[ $pkg != +([[:alnum:]><=.+_-]) ]]; then
Any chance you want to fix this for versioned optdepends containing an epoch at the same time? The optdepends work requires a colon followed by a space before the description. So I guess: local pkg=${i%%: *} if [[ $pkg != +([[:alnum:]><=.+_-:]) ]]; then should do that?
error "$(gettext "Invalid syntax for %s : '%s'")" "optdepend" "$i" ret=1 fi
On Tue, Sep 06, 2011 at 05:23:06PM +1000, Allan McRae wrote:
On 05/09/11 14:57, Dave Reisner wrote:
We seem to enjoy using bash regex capabilities, but never referencing the result with BASH_REMATCH. Replace almost all regexes with equivalent extglobs which are faster and functionally equivalent in these cases.
Signed-off-by: Dave Reisner<dreisner@archlinux.org>
I have no objections to this. So ack with minor comments below.
--- The only remaining regexes are in lib{depends,provides} logic and I'm not really comfortable touching those. There's a lot of cleanup that should be done separately for that code where removal of those regexes can be handled accordingly...
One day I will get to finishing my adjustments there... honest!
scripts/makepkg.sh.in | 16 +++++++++------- 1 files changed, 9 insertions(+), 7 deletions(-)
diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index 2f06b9b..75d168b 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -81,6 +81,8 @@ FORCE_VER=""
PACMAN_OPTS=
+shopt -s extglob + ### SUBROUTINES ###
plain() { @@ -341,7 +343,7 @@ in_array() { source_has_signatures(){ local file for file in "${source[@]}"; do - if [[ $file =~ \.(sig|asc)$ ]]; then + if [[ $file = *.@(sig|asc) ]]; then return 0 fi done @@ -420,7 +422,7 @@ download_file() { run_pacman() { local cmd printf -v cmd "%q " "$PACMAN" $PACMAN_OPTS "$@" - if (( ! ASROOT ))&& [[ ! $1 =~ ^-(T|Qq)$ ]]; then + if (( ! ASROOT ))&& [[ ! $1 = -@(T|Qq) ]]; then if type -p sudo>/dev/null; then cmd="sudo $cmd" else @@ -709,7 +711,7 @@ check_pgpsigs() {
for file in "${source[@]}"; do file="$(get_filename "$file")" - if [[ ! $file =~ \.(sig|asc)$ ]]; then + if [[ ! $file = *.@(sig|asc) ]]; then continue fi
@@ -1451,7 +1453,7 @@ check_sanity() { awk -F'=' '/^[[:space:]]*pkgver=/ { $1=""; print $0 }' "$BUILDFILE" | while read -r i; do eval i=\"$(sed 's/^\(['\''"]\)\(.*\)\1$/\2/'<<< "$i")\" - if [[ $i =~ [[:space:]:-] ]]; then + if [[ $i = *+([[:space:]:-])* ]]; then error "$(gettext "%s is not allowed to contain colons, hyphens or whitespace.")" "pkgver" return 1 fi @@ -1460,7 +1462,7 @@ check_sanity() { awk -F'=' '/^[[:space:]]*pkgrel=/ { $1=""; print $0 }' "$BUILDFILE" | while read -r i; do eval i=\"$(sed 's/^\(['\''"]\)\(.*\)\1$/\2/'<<< "$i")\" - if [[ $i =~ [[:space:]-] ]]; then + if [[ $i = *+([[:space:]-])* ]]; then error "$(gettext "%s is not allowed to contain hyphens or whitespace.")" "pkgrel" return 1 fi @@ -1469,7 +1471,7 @@ check_sanity() { awk -F'=' '/^[[:space:]]*epoch=/ { $1=""; print $0 }' "$BUILDFILE" | while read -r i; do eval i=\"$(sed 's/^\(['\''"]\)\(.*\)\1$/\2/'<<< "$i")\" - if [[ ! $i =~ ^[0-9]*$ ]]; then + if [[ $i&& $i != +([0-9]) ]]; then
Do we need the test for $i there given it should be non-null for us not to exit the while loop? Also, should we use [:digit:] rather than [0-9]?
You're correct that the -n test can go. [0-9] and [:digit:] are actually equivalent -- locale isn't an issue here, but I'll change it in favor of consistency/safety.
error "$(gettext "%s must be an integer.")" "epoch" return 1 fi @@ -1526,7 +1528,7 @@ check_sanity() { sed -e "s/optdepends=/optdepends_list+=/" -e "s/#.*//" -e 's/\\$//') for i in "${optdepends_list[@]}"; do local pkg=${i%%:*} - if [[ ! $pkg =~ ^[[:alnum:]\>\<\=\.\+\_\-]+$ ]]; then + if [[ $pkg != +([[:alnum:]><=.+_-]) ]]; then
Any chance you want to fix this for versioned optdepends containing an epoch at the same time? The optdepends work requires a colon followed by a space before the description. So I guess:
local pkg=${i%%: *} if [[ $pkg != +([[:alnum:]><=.+_-:]) ]]; then
should do that?
Seems reasonable. We probably have some packages that don't fit this criteria of having a colon followed by a whitespace and description (e.g. extra/weechat). Are we going to add that to our sanity checks? d
error "$(gettext "Invalid syntax for %s : '%s'")" "optdepend" "$i" ret=1 fi
On 06/09/11 20:03, Dave Reisner wrote:
On Tue, Sep 06, 2011 at 05:23:06PM +1000, Allan McRae wrote:
On 05/09/11 14:57, Dave Reisner wrote:
We seem to enjoy using bash regex capabilities, but never referencing the result with BASH_REMATCH. Replace almost all regexes with equivalent extglobs which are faster and functionally equivalent in these cases.
Signed-off-by: Dave Reisner<dreisner@archlinux.org>
I have no objections to this. So ack with minor comments below.
--- The only remaining regexes are in lib{depends,provides} logic and I'm not really comfortable touching those. There's a lot of cleanup that should be done separately for that code where removal of those regexes can be handled accordingly...
One day I will get to finishing my adjustments there... honest!
scripts/makepkg.sh.in | 16 +++++++++------- 1 files changed, 9 insertions(+), 7 deletions(-)
diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index 2f06b9b..75d168b 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -81,6 +81,8 @@ FORCE_VER=""
PACMAN_OPTS=
+shopt -s extglob + ### SUBROUTINES ###
plain() { @@ -341,7 +343,7 @@ in_array() { source_has_signatures(){ local file for file in "${source[@]}"; do - if [[ $file =~ \.(sig|asc)$ ]]; then + if [[ $file = *.@(sig|asc) ]]; then return 0 fi done @@ -420,7 +422,7 @@ download_file() { run_pacman() { local cmd printf -v cmd "%q " "$PACMAN" $PACMAN_OPTS "$@" - if (( ! ASROOT ))&& [[ ! $1 =~ ^-(T|Qq)$ ]]; then + if (( ! ASROOT ))&& [[ ! $1 = -@(T|Qq) ]]; then if type -p sudo>/dev/null; then cmd="sudo $cmd" else @@ -709,7 +711,7 @@ check_pgpsigs() {
for file in "${source[@]}"; do file="$(get_filename "$file")" - if [[ ! $file =~ \.(sig|asc)$ ]]; then + if [[ ! $file = *.@(sig|asc) ]]; then continue fi
@@ -1451,7 +1453,7 @@ check_sanity() { awk -F'=' '/^[[:space:]]*pkgver=/ { $1=""; print $0 }' "$BUILDFILE" | while read -r i; do eval i=\"$(sed 's/^\(['\''"]\)\(.*\)\1$/\2/'<<< "$i")\" - if [[ $i =~ [[:space:]:-] ]]; then + if [[ $i = *+([[:space:]:-])* ]]; then error "$(gettext "%s is not allowed to contain colons, hyphens or whitespace.")" "pkgver" return 1 fi @@ -1460,7 +1462,7 @@ check_sanity() { awk -F'=' '/^[[:space:]]*pkgrel=/ { $1=""; print $0 }' "$BUILDFILE" | while read -r i; do eval i=\"$(sed 's/^\(['\''"]\)\(.*\)\1$/\2/'<<< "$i")\" - if [[ $i =~ [[:space:]-] ]]; then + if [[ $i = *+([[:space:]-])* ]]; then error "$(gettext "%s is not allowed to contain hyphens or whitespace.")" "pkgrel" return 1 fi @@ -1469,7 +1471,7 @@ check_sanity() { awk -F'=' '/^[[:space:]]*epoch=/ { $1=""; print $0 }' "$BUILDFILE" | while read -r i; do eval i=\"$(sed 's/^\(['\''"]\)\(.*\)\1$/\2/'<<< "$i")\" - if [[ ! $i =~ ^[0-9]*$ ]]; then + if [[ $i&& $i != +([0-9]) ]]; then
Do we need the test for $i there given it should be non-null for us not to exit the while loop? Also, should we use [:digit:] rather than [0-9]?
You're correct that the -n test can go. [0-9] and [:digit:] are actually equivalent -- locale isn't an issue here, but I'll change it in favor of consistency/safety.
error "$(gettext "%s must be an integer.")" "epoch" return 1 fi @@ -1526,7 +1528,7 @@ check_sanity() { sed -e "s/optdepends=/optdepends_list+=/" -e "s/#.*//" -e 's/\\$//') for i in "${optdepends_list[@]}"; do local pkg=${i%%:*} - if [[ ! $pkg =~ ^[[:alnum:]\>\<\=\.\+\_\-]+$ ]]; then + if [[ $pkg != +([[:alnum:]><=.+_-]) ]]; then
Any chance you want to fix this for versioned optdepends containing an epoch at the same time? The optdepends work requires a colon followed by a space before the description. So I guess:
local pkg=${i%%: *} if [[ $pkg != +([[:alnum:]><=.+_-:]) ]]; then
should do that?
Seems reasonable. We probably have some packages that don't fit this criteria of having a colon followed by a whitespace and description (e.g. extra/weechat). Are we going to add that to our sanity checks?
Having no description is fine too. We just are enforcing that if there is a description, then it comes after ": ". Allan
This also fixes a missing newline in the output for this particular case. Before: ==> Verifying source file signatures with gpg... stunnel-4.42.tar.gz ... ==> WARNING: Unknown public key FCD53E9D74C732D1 ==> WARNING: Warnings have occurred while verifying the signatures. Please make sure you really trust them. After: ==> Verifying source file signatures with gpg... stunnel-4.42.tar.gz ... FAILED ==> WARNING: Unknown public key FCD53E9D74C732D1 ==> WARNING: Warnings have occurred while verifying the signatures. Please make sure you really trust them. Signed-off-by: Dave Reisner <dreisner@archlinux.org> --- scripts/makepkg.sh.in | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index 75d168b..58d47ed 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -730,11 +730,11 @@ check_pgpsigs() { fi if ! gpg --quiet --batch --status-file "$statusfile" --verify "$file" "$sourcefile" 2> /dev/null; then + echo "$(gettext "FAILED")" >&2 if grep "NO_PUBKEY" "$statusfile" > /dev/null; then warning "$(gettext "Unknown public key") $(awk '/NO_PUBKEY/ {print $3}' $statusfile)" >&2 warnings=1 else - echo "$(gettext "FAILED")" >&2 errors=1 fi else -- 1.7.6.1
On 05/09/11 14:57, Dave Reisner wrote:
This also fixes a missing newline in the output for this particular case.
Before: ==> Verifying source file signatures with gpg... stunnel-4.42.tar.gz ... ==> WARNING: Unknown public key FCD53E9D74C732D1 ==> WARNING: Warnings have occurred while verifying the signatures. Please make sure you really trust them.
After: ==> Verifying source file signatures with gpg... stunnel-4.42.tar.gz ... FAILED ==> WARNING: Unknown public key FCD53E9D74C732D1 ==> WARNING: Warnings have occurred while verifying the signatures. Please make sure you really trust them.
Signed-off-by: Dave Reisner<dreisner@archlinux.org> ---
Why not do something consistent with the three "Passed" warning messages that follow this? Allan
- use our warning() and error() functions - use printf instead of echo - ensure a newline always follows the result of the check - properly error on a revoked key (matching pacman's behavior) Signed-off-by: Dave Reisner <dreisner@archlinux.org> --- refactored the whole thing as per allan's suggestion. scripts/makepkg.sh.in | 34 ++++++++++++++++++---------------- 1 files changed, 18 insertions(+), 16 deletions(-) diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index 75d168b..b2295a6 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -704,7 +704,7 @@ check_pgpsigs() { msg "$(gettext "Verifying source file signatures with %s...")" "gpg" - local file + local file pubkey local warning=0 local errors=0 local statusfile=$(mktemp) @@ -715,40 +715,42 @@ check_pgpsigs() { continue fi - echo -n " ${file%.*} ... " >&2 + printf " %s ... " "${file%.*}" >&2 if ! file="$(get_filepath "$file")"; then - echo "$(gettext "SIGNATURE NOT FOUND")" >&2 + error "$(gettext "SIGNATURE NOT FOUND")" >&2 errors=1 continue fi if ! sourcefile="$(get_filepath "${file%.*}")"; then - echo "$(gettext "SOURCE FILE NOT FOUND")" >&2 + error "$(gettext "SOURCE FILE NOT FOUND")" >&2 errors=1 continue fi if ! gpg --quiet --batch --status-file "$statusfile" --verify "$file" "$sourcefile" 2> /dev/null; then - if grep "NO_PUBKEY" "$statusfile" > /dev/null; then - warning "$(gettext "Unknown public key") $(awk '/NO_PUBKEY/ {print $3}' $statusfile)" >&2 + printf '%s\n' "$(gettext "FAILED")" >&2 + if ! pubkey=$(awk '/NO_PUBKEY/ { print $3; exit 1; }' "$statusfile"); then + warning "$(gettext "Unknown public key") $pubkey" >&2 warnings=1 else - echo "$(gettext "FAILED")" >&2 errors=1 fi else - if grep "REVKEYSIG" "$statusfile" > /dev/null; then - echo "$(gettext "Passed")" "-" "$(gettext "Warning: the key has been revoked.")" >&2 + if grep -q "REVKEYSIG" "$statusfile"; then + printf '%s\n' "$(gettext "FAILED")" >&2 + error "$(gettext "the key has been revoked.")" >&2 errors=1 - elif grep "EXPSIG" "$statusfile" > /dev/null; then - echo "$(gettext "Passed")" "-" "$(gettext "Warning: the signature has expired.")" >&2 - warnings=1 - elif grep "EXPKEYSIG" "$statusfile" > /dev/null; then - echo "$(gettext "Passed")" "-" "$(gettext "Warning: the key has expired.")" >&2 - warnings=1 else - echo $(gettext "Passed") >&2 + printf '%s\n' "$(gettext "Passed")" >&2 + if grep -q "EXPSIG" "$statusfile"; then + warning "$(gettext "the signature has expired.")" >&2 + warnings=1 + elif grep -q "EXPKEYSIG" "$statusfile"; then + warning "$(gettext "the key has expired.")" >&2 + warnings=1 + fi fi fi done -- 1.7.6.1
On 06/09/11 01:22, Dave Reisner wrote:
- use our warning() and error() functions - use printf instead of echo - ensure a newline always follows the result of the check - properly error on a revoked key (matching pacman's behavior)
Signed-off-by: Dave Reisner<dreisner@archlinux.org> --- refactored the whole thing as per allan's suggestion.
Not quite... Now this output is split over two lines and is inconsistent with the output when we check_checksums (for at least the "SIGNATURE NOT FOUND" and "SOURCE FILE NOT FOUND" lines. I am fine with the other lines being split) Allan
scripts/makepkg.sh.in | 34 ++++++++++++++++++---------------- 1 files changed, 18 insertions(+), 16 deletions(-)
diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index 75d168b..b2295a6 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -704,7 +704,7 @@ check_pgpsigs() {
msg "$(gettext "Verifying source file signatures with %s...")" "gpg"
- local file + local file pubkey local warning=0 local errors=0 local statusfile=$(mktemp) @@ -715,40 +715,42 @@ check_pgpsigs() { continue fi
- echo -n " ${file%.*} ... ">&2 + printf " %s ... " "${file%.*}">&2
if ! file="$(get_filepath "$file")"; then - echo "$(gettext "SIGNATURE NOT FOUND")">&2 + error "$(gettext "SIGNATURE NOT FOUND")">&2 errors=1 continue fi
if ! sourcefile="$(get_filepath "${file%.*}")"; then - echo "$(gettext "SOURCE FILE NOT FOUND")">&2 + error "$(gettext "SOURCE FILE NOT FOUND")">&2 errors=1 continue fi
if ! gpg --quiet --batch --status-file "$statusfile" --verify "$file" "$sourcefile" 2> /dev/null; then - if grep "NO_PUBKEY" "$statusfile"> /dev/null; then - warning "$(gettext "Unknown public key") $(awk '/NO_PUBKEY/ {print $3}' $statusfile)">&2 + printf '%s\n' "$(gettext "FAILED")">&2 + if ! pubkey=$(awk '/NO_PUBKEY/ { print $3; exit 1; }' "$statusfile"); then + warning "$(gettext "Unknown public key") $pubkey">&2 warnings=1 else - echo "$(gettext "FAILED")">&2 errors=1 fi else - if grep "REVKEYSIG" "$statusfile"> /dev/null; then - echo "$(gettext "Passed")" "-" "$(gettext "Warning: the key has been revoked.")">&2 + if grep -q "REVKEYSIG" "$statusfile"; then + printf '%s\n' "$(gettext "FAILED")">&2 + error "$(gettext "the key has been revoked.")">&2 errors=1 - elif grep "EXPSIG" "$statusfile"> /dev/null; then - echo "$(gettext "Passed")" "-" "$(gettext "Warning: the signature has expired.")">&2 - warnings=1 - elif grep "EXPKEYSIG" "$statusfile"> /dev/null; then - echo "$(gettext "Passed")" "-" "$(gettext "Warning: the key has expired.")">&2 - warnings=1 else - echo $(gettext "Passed")>&2 + printf '%s\n' "$(gettext "Passed")">&2 + if grep -q "EXPSIG" "$statusfile"; then + warning "$(gettext "the signature has expired.")">&2 + warnings=1 + elif grep -q "EXPKEYSIG" "$statusfile"; then + warning "$(gettext "the key has expired.")">&2 + warnings=1 + fi fi fi done
participants (2)
-
Allan McRae
-
Dave Reisner