#!/usr/bin/perl

# Some source packages come unsigned. This wouldnt be a problem if it wouldnt
# cause reprepro to spit messages like: 'Data seems not to be signed trying to
# use directly...' which may be confusing when you think that it is related to
# a changes file 
use strict;

use IO::File;
use File::Basename;
use Symbol qw(gensym);

my $arch = 'i386';
my $incoming = "/home/apt/incoming";

my @unsigned = qw(

  nagios-client-check_1.4.5-1.dsc
  freeradius_1.0.0+cvs20040609-0.hs.dsc
  libnss-ldap_238-1.schlittermann.1.dsc

);

my $cv = "/usr/bin/gpg --verify";
my $cc = "/usr/bin/gpg --clearsign";
my $cu = "/usr/bin/changestool";

for (@unsigned) {

  my $cmd;

  my $sf = "$incoming/$_";
  (my $cf = $sf) =~ s/\.dsc$/_${arch}.changes/;

  # we assume that the changes have been successfully resigned too when the dsc
  # files can be verified
  my $r = qx/$cv $sf 2>&1/;
  next unless $?;

  print "Attempting to sign [$sf] .. ";
  $cmd = "$cc $sf";
  system($cmd) == 0 or warn "[system($cmd)] failed: [$?] [$!]\n";
  rename("$sf.asc", $sf) or warn "rename([$sf.asc], [$sf]) failed: [$!]\n";
  print "finished\n";

  print "Attempting to update and sign [$cf] .. ";
  $cmd = "$cu $cf updatechecksums $sf";
  system("$cmd") == 0 or warn "[system($cmd)] failed: [$?] [$!]\n";
  $cmd = "$cc $cf";
  system($cmd) == 0 or warn "[system($cmd)] failed: [$?] [$!]\n";
  rename("$cf.asc", $cf) or warn "rename([$cf.asc], [$cf]) failed: [$!]\n";
  print "finished\n";

}
