[pacman-dev] [PATCH] makepkg: refactor check_pgpsigs output

Allan McRae allan at archlinux.org
Mon Sep 5 19:11:00 EDT 2011 

On 06/09/11 01:22, Dave Reisner wrote:
> - use our warning() and error() functions
> - use printf instead of echo
> - ensure a newline always follows the result of the check
> - properly error on a revoked key (matching pacman's behavior)
>
> Signed-off-by: Dave Reisner<dreisner at archlinux.org>
> ---
> refactored the whole thing as per allan's suggestion.


Not quite...   Now this output is split over two lines and is 
inconsistent with the output when we check_checksums  (for at least the 
"SIGNATURE NOT FOUND" and "SOURCE FILE NOT FOUND" lines.   I am fine 
with the other lines being split)

Allan



>   scripts/makepkg.sh.in |   34 ++++++++++++++++++----------------
>   1 files changed, 18 insertions(+), 16 deletions(-)
>
> diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in
> index 75d168b..b2295a6 100644
> --- a/scripts/makepkg.sh.in
> +++ b/scripts/makepkg.sh.in
> @@ -704,7 +704,7 @@ check_pgpsigs() {
>
>   	msg "$(gettext "Verifying source file signatures with %s...")" "gpg"
>
> -	local file
> +	local file pubkey
>   	local warning=0
>   	local errors=0
>   	local statusfile=$(mktemp)
> @@ -715,40 +715,42 @@ check_pgpsigs() {
>   			continue
>   		fi
>
> -		echo -n "    ${file%.*} ... ">&2
> +		printf "    %s ... " "${file%.*}">&2
>
>   		if ! file="$(get_filepath "$file")"; then
> -			echo "$(gettext "SIGNATURE NOT FOUND")">&2
> +			error "$(gettext "SIGNATURE NOT FOUND")">&2
>   			errors=1
>   			continue
>   		fi
>
>   		if ! sourcefile="$(get_filepath "${file%.*}")"; then
> -			echo "$(gettext "SOURCE FILE NOT FOUND")">&2
> +			error "$(gettext "SOURCE FILE NOT FOUND")">&2
>   			errors=1
>   			continue
>   		fi
>
>   		if ! gpg --quiet --batch --status-file "$statusfile" --verify "$file" "$sourcefile" 2>  /dev/null; then
> -			if grep "NO_PUBKEY" "$statusfile">  /dev/null; then
> -				warning "$(gettext "Unknown public key") $(awk '/NO_PUBKEY/ {print $3}' $statusfile)">&2
> +			printf '%s\n' "$(gettext "FAILED")">&2
> +			if ! pubkey=$(awk '/NO_PUBKEY/ { print $3; exit 1; }' "$statusfile"); then
> +				warning "$(gettext "Unknown public key") $pubkey">&2
>   				warnings=1
>   			else
> -				echo "$(gettext "FAILED")">&2
>   				errors=1
>   			fi
>   		else
> -			if grep "REVKEYSIG" "$statusfile">  /dev/null; then
> -				echo "$(gettext "Passed")" "-" "$(gettext "Warning: the key has been revoked.")">&2
> +			if grep -q "REVKEYSIG" "$statusfile"; then
> +				printf '%s\n' "$(gettext "FAILED")">&2
> +				error "$(gettext "the key has been revoked.")">&2
>   				errors=1
> -			elif grep "EXPSIG" "$statusfile">  /dev/null; then
> -				echo "$(gettext "Passed")" "-" "$(gettext "Warning: the signature has expired.")">&2
> -				warnings=1
> -			elif grep "EXPKEYSIG" "$statusfile">  /dev/null; then
> -				echo "$(gettext "Passed")" "-" "$(gettext  "Warning: the key has expired.")">&2
> -				warnings=1
>   			else
> -				echo $(gettext "Passed")>&2
> +				printf '%s\n' "$(gettext "Passed")">&2
> +				if grep -q "EXPSIG" "$statusfile"; then
> +					warning "$(gettext "the signature has expired.")">&2
> +					warnings=1
> +				elif grep -q "EXPKEYSIG" "$statusfile"; then
> +					warning "$(gettext "the key has expired.")">&2
> +					warnings=1
> +				fi
>   			fi
>   		fi
>   	done

More information about the pacman-dev mailing list