bin/sign-unsigned-dsc-and-changes
branchdist
changeset 0 98411ab74262
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/bin/sign-unsigned-dsc-and-changes	Fri Jul 03 15:23:10 2009 +0200
@@ -0,0 +1,54 @@
+#!/usr/bin/perl
+
+# Some source packages come unsigned. This wouldnt be a problem if it wouldnt
+# cause reprepro to spit messages like: 'Data seems not to be signed trying to
+# use directly...' which may be confusing when you think that it is related to
+# a changes file 
+use strict;
+
+use IO::File;
+use File::Basename;
+use Symbol qw(gensym);
+
+my $arch = 'i386';
+my $incoming = "/home/apt/incoming";
+
+my @unsigned = qw(
+
+  nagios-client-check_1.4.5-1.dsc
+  freeradius_1.0.0+cvs20040609-0.hs.dsc
+  libnss-ldap_238-1.schlittermann.1.dsc
+
+);
+
+my $cv = "/usr/bin/gpg --verify";
+my $cc = "/usr/bin/gpg --clearsign";
+my $cu = "/usr/bin/changestool";
+
+for (@unsigned) {
+
+  my $cmd;
+
+  my $sf = "$incoming/$_";
+  (my $cf = $sf) =~ s/\.dsc$/_${arch}.changes/;
+
+  # we assume that the changes have been successfully resigned too when the dsc
+  # files can be verified
+  my $r = qx/$cv $sf 2>&1/;
+  next unless $?;
+
+  print "Attempting to sign [$sf] .. ";
+  $cmd = "$cc $sf";
+  system($cmd) == 0 or warn "[system($cmd)] failed: [$?] [$!]\n";
+  rename("$sf.asc", $sf) or warn "rename([$sf.asc], [$sf]) failed: [$!]\n";
+  print "finished\n";
+
+  print "Attempting to update and sign [$cf] .. ";
+  $cmd = "$cu $cf updatechecksums $sf";
+  system("$cmd") == 0 or warn "[system($cmd)] failed: [$?] [$!]\n";
+  $cmd = "$cc $cf";
+  system($cmd) == 0 or warn "[system($cmd)] failed: [$?] [$!]\n";
+  rename("$cf.asc", $cf) or warn "rename([$cf.asc], [$cf]) failed: [$!]\n";
+  print "finished\n";
+
+}