|
|
@ -3302,15 +3302,18 @@ sub main() {
|
|
|
|
$gpghome, '--no-auto-check-trustdb',
|
|
|
|
$gpghome, '--no-auto-check-trustdb',
|
|
|
|
'--trust-model', 'always'
|
|
|
|
'--trust-model', 'always'
|
|
|
|
);
|
|
|
|
);
|
|
|
|
my ($ret, $fh, $message);
|
|
|
|
my ($ret, $message);
|
|
|
|
{
|
|
|
|
{
|
|
|
|
# change warning handler to prevent message
|
|
|
|
my $fh;
|
|
|
|
# Can't exec "gpg": No such file or directory
|
|
|
|
{
|
|
|
|
local $SIG{__WARN__} = sub { $message = shift; };
|
|
|
|
# change warning handler to prevent message
|
|
|
|
$ret = open $fh, '-|', @gpgcmd, '--version';
|
|
|
|
# Can't exec "gpg": No such file or directory
|
|
|
|
|
|
|
|
local $SIG{__WARN__} = sub { $message = shift; };
|
|
|
|
|
|
|
|
$ret = open $fh, '-|', @gpgcmd, '--version';
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
# we only want to check if the gpg command exists
|
|
|
|
|
|
|
|
close $fh;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
# we only want to check if the gpg command exists
|
|
|
|
|
|
|
|
close $fh;
|
|
|
|
|
|
|
|
if ($? != 0 || !defined $ret || defined $message) {
|
|
|
|
if ($? != 0 || !defined $ret || defined $message) {
|
|
|
|
info "gpg --version failed: cannot determine the right"
|
|
|
|
info "gpg --version failed: cannot determine the right"
|
|
|
|
. " signed-by value";
|
|
|
|
. " signed-by value";
|
|
|
@ -3336,15 +3339,17 @@ sub main() {
|
|
|
|
$signedby = " [signed-by=\"$keyring\"]";
|
|
|
|
$signedby = " [signed-by=\"$keyring\"]";
|
|
|
|
last;
|
|
|
|
last;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
open my $fh, '-|', @gpgcmd, @keyringopts, '--with-colons',
|
|
|
|
{
|
|
|
|
'--list-keys' // error "failed to fork(): $!";
|
|
|
|
open my $fh, '-|', @gpgcmd, @keyringopts, '--with-colons',
|
|
|
|
while (my $line = <$fh>) {
|
|
|
|
'--list-keys' // error "failed to fork(): $!";
|
|
|
|
if ($line !~ /^fpr:::::::::([^:]+):/) {
|
|
|
|
while (my $line = <$fh>) {
|
|
|
|
next;
|
|
|
|
if ($line !~ /^fpr:::::::::([^:]+):/) {
|
|
|
|
|
|
|
|
next;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
push @aptfingerprints, $1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
push @aptfingerprints, $1;
|
|
|
|
close $fh;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
close $fh;
|
|
|
|
|
|
|
|
if ($? != 0) {
|
|
|
|
if ($? != 0) {
|
|
|
|
error "gpg failed";
|
|
|
|
error "gpg failed";
|
|
|
|
}
|
|
|
|
}
|
|
|
@ -3356,21 +3361,23 @@ sub main() {
|
|
|
|
# are known by apt and only add signed-by option if that's not
|
|
|
|
# are known by apt and only add signed-by option if that's not
|
|
|
|
# the case
|
|
|
|
# the case
|
|
|
|
my @suitefingerprints = ();
|
|
|
|
my @suitefingerprints = ();
|
|
|
|
open my $suitefh, '-|', @gpgcmd, '--keyring', $keyring,
|
|
|
|
{
|
|
|
|
'--with-colons',
|
|
|
|
open my $fh, '-|', @gpgcmd, '--keyring', $keyring,
|
|
|
|
'--list-keys' // error "failed to fork(): $!";
|
|
|
|
'--with-colons',
|
|
|
|
while (my $line = <$suitefh>) {
|
|
|
|
'--list-keys' // error "failed to fork(): $!";
|
|
|
|
if ($line !~ /^fpr:::::::::([^:]+):/) {
|
|
|
|
while (my $line = <$fh>) {
|
|
|
|
next;
|
|
|
|
if ($line !~ /^fpr:::::::::([^:]+):/) {
|
|
|
|
}
|
|
|
|
next;
|
|
|
|
# if this fingerprint is not known by apt, then we need to
|
|
|
|
}
|
|
|
|
# add the signed-by option
|
|
|
|
# if this fingerprint is not known by apt, then we need
|
|
|
|
if (none { $_ eq $1 } @aptfingerprints) {
|
|
|
|
#to add the signed-by option
|
|
|
|
$signedby = " [signed-by=\"$keyring\"]";
|
|
|
|
if (none { $_ eq $1 } @aptfingerprints) {
|
|
|
|
last;
|
|
|
|
$signedby = " [signed-by=\"$keyring\"]";
|
|
|
|
|
|
|
|
last;
|
|
|
|
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
close $fh;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
close $suitefh;
|
|
|
|
|
|
|
|
if ($? != 0) {
|
|
|
|
if ($? != 0) {
|
|
|
|
error "gpg failed";
|
|
|
|
error "gpg failed";
|
|
|
|
}
|
|
|
|
}
|
|
|
|