diff options
author | Ian Jackson <ijackson@chiark.greenend.org.uk> | 2016-10-23 21:12:02 +0100 |
---|---|---|
committer | Ian Jackson <ijackson@chiark.greenend.org.uk> | 2016-10-30 19:50:48 +0000 |
commit | df1c835ec8cea9ea7cbab65d9726a9a5881b66e1 (patch) | |
tree | 7f0d7d6de24a87d993fadf82f68c9beb894dd907 | |
parent | c646a7f57da1b79467aab438ecf1d80d185a0456 (diff) |
import-dsc: Support --require-valid-signature
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
-rwxr-xr-x | dgit | 23 |
1 files changed, 21 insertions, 2 deletions
@@ -5276,6 +5276,19 @@ sub cmd_quilt_fixup { } sub cmd_import_dsc { + my $needsig = 0; + + while (@ARGV) { + last unless $ARGV[0] =~ m/^-/; + $_ = shift @ARGV; + last if m/^--?$/; + if (m/^--require-valid-signature$/) { + $needsig = 1; + } else { + badusage "unknown dgit import-dsc sub-option \`$_'"; + } + } + badusage "usage: dgit import-dsc .../PATH/TO/.DSC BRANCH" unless @ARGV==2; my ($dscfn, $dstbranch) = @ARGV; @@ -5307,13 +5320,19 @@ sub cmd_import_dsc { # we don't normally need this so import it here use Dpkg::Source::Package; - my $dp = new Dpkg::Source::Package filename => $dscfn; + my $dp = new Dpkg::Source::Package filename => $dscfn, + require_valid_signature => $needsig; { - local $SIG{__WARN__} = undef; + local $SIG{__WARN__} = sub { + return unless $needsig; + print STDERR $_[0]; + fail "import-dsc signature check failed"; + }; if (!$dp->is_signed()) { warn "$us: warning: importing unsigned .dsc\n"; } else { my $r = $dp->check_signature(); + die "->check_signature => $r" if $needsig && $r; } } |