diff -Nru dpkg-sig-0.13.1+nmu7~xenial/debian/changelog dpkg-sig-0.13.1+nmu8~xenial/debian/changelog --- dpkg-sig-0.13.1+nmu7~xenial/debian/changelog 2018-07-27 08:37:33.000000000 +0000 +++ dpkg-sig-0.13.1+nmu8~xenial/debian/changelog 2020-01-08 12:19:58.000000000 +0000 @@ -1,4 +1,10 @@ -dpkg-sig (0.13.1+nmu7~xenial) xenial; urgency=medium +dpkg-sig (0.13.1+nmu8~xenial) xenial; urgency=medium + + * Fix correcting debian changes sha1 and sha256 section. + + -- Like Ma Tue, 07 Jan 2020 19:21:00 +0800 + +dpkg-sig (0.13.1+nmu7) unstable; urgency=medium * Use native format instead of patch. diff -Nru dpkg-sig-0.13.1+nmu7~xenial/dpkg-sig dpkg-sig-0.13.1+nmu8~xenial/dpkg-sig --- dpkg-sig-0.13.1+nmu7~xenial/dpkg-sig 2018-07-27 08:32:22.000000000 +0000 +++ dpkg-sig-0.13.1+nmu8~xenial/dpkg-sig 2020-01-07 11:57:24.000000000 +0000 @@ -46,12 +46,19 @@ use File::Basename qw(dirname basename); $| = 1; -#Global variables (used for configuration and/or command line stuff) + +use constant { + MD5SUM => 0, + SHA1SUM => 3, + SHA256SUM => 4, +}; + +#Global variables (used for configuration and/or command line stuff) my ($sign, $list, $verify, $verify_role, $verify_exact, $client, $cache_pass, $pass_file, $key, $maintainer, $maintainer_pr, $verbose, %config, $tempdir, - %part_cache, $check_v2_sig, $check_v3_sig, $batch, $gpgoptions, - $passphrase, $remote_dpkg_sig, %ssh_connections, $sign_changes, - $get_hashes, $sign_hashes, $write_signature, $help, $DEBUG, + %part_cache, $check_v2_sig, $check_v3_sig, $batch, $gpgoptions, + $passphrase, $remote_dpkg_sig, %ssh_connections, $sign_changes, + $get_hashes, $sign_hashes, $write_signature, $help, $DEBUG, $verify_pattern, $remote_ssh_port); my @configfiles = qw(/etc/devscripts.conf ~/.devscripts); @@ -89,14 +96,14 @@ die _die("$_: Make sure all files were generated by dpkg-sig --get-hashes file\n"); } } - + for my $file (@files) { if ($sign_hashes) { print "Processing $file...\n"; sign_hashes($file); print "Signed hashes in $file...\n"; } else { - print "Processing $file...\n"; + print "Processing $file...\n"; my @done = write_signature($file); print "Added signature to $_\n" for (@done); } @@ -151,7 +158,7 @@ add_part_to_ar_archive ("$file.dpkg-sig-hashes", "deb\n$get_hashes\n$file ".get_file_md5sum($file)."\n" , "control"); add_part_to_ar_archive ("$file.dpkg-sig-hashes", _read_file("$tempdir/digests"), "deb0"); } - + } else { print "--- Processing changes file $file:\n"; my $changes_signed = 0; @@ -172,7 +179,7 @@ for my $deb (get_debs_from_changes($file, \$changes_signed)) { print "Processing $deb...\n"; - + if ($sign) { my $r = sign_deb($sign, $deb); $new_debs{$r->[2]} = $r; @@ -201,7 +208,7 @@ add_part_to_ar_archive ("$file.dpkg-sig-hashes", $sums_control_data , "control"); for (my $i=0; $i<@deb_md5sums; $i++) { add_part_to_ar_archive ("$file.dpkg-sig-hashes", $deb_md5sums[$i], "deb$i"); - } + } } undef $maintainer if ($maintainer_from_changes); @@ -308,7 +315,7 @@ push @data, "Signer: $signer_name\n"; push @data, "Date: " . localtime() . "\n"; push @data, "Role: $1\n" if $sig_name =~ /^_gpg(\S+?)[A-Z0-9]?$/; - + push @data, "Files: \n"; for my $part_info (@$digests) { push @data, "\t" . join (" ", reverse @$part_info) . "\n"; @@ -343,7 +350,7 @@ sub sign_hashes { my ($file) = @_; - unlink ($tempdir."/digests"); + unlink ($tempdir."/digests"); unlink ($tempdir."/digests.asc"); unlink ($tempdir."/hashes.signed"); @@ -364,7 +371,7 @@ print STDERR "W: $file contains $part_name, which shouldn't happen in dpkg-sig hash archive\n"; } elsif ($part_name =~ /^deb\d+/) { my $data = get_archive_part($file, $part_name); - + if ($data =~ /-----BEGIN PGP SIGNATURE-----/) { die _die("$file seems to be already signed!\n"); } @@ -436,7 +443,7 @@ my ($name, $md5sum) = split / /, $control[$num + 2]; my $path; - + #Try to find the deb in this dir: if (file_readable(basename($name)) && get_file_md5sum(basename($name)) eq $md5sum) { $path = basename($name); @@ -467,7 +474,7 @@ print "Corrected changes file ".basename($1)."\n"; } elsif (file_readable($1)) { correct_changes_file($1, \%new_debs); - print "Corrected changes file $1\n"; + print "Corrected changes file $1\n"; } else { print STDERR "Can't find changes file $1, so won't correct it.\n"; } @@ -509,7 +516,7 @@ for (my $n=0;$n<@$digests;$n++) { my ($part_name, $size, $sha1sum, $md5sum) = @{@$digests[$n]}; next if $part_name !~ /$verify_pattern/; - + unlink ($tempdir."/digests.asc"); unlink ($tempdir."/digests"); @@ -607,13 +614,13 @@ push @$return, "$part_name: v$data{version} signature, dpkg-sig is too old to check it.\n"; return "FORCE_BAD"; } - + my %seen_files; for my $file_info (split /\n/, $data{files}) { my ($md5sum, $sha1sum, $size, $name) = split /\s+/, $file_info; $seen_files{$name} = 1; - my $checked_something=0; + my $checked_something=0; for my $member_info (@$digests) { if ($member_info->[0] eq $name) { $checked_something = 1; @@ -629,7 +636,7 @@ } } } - + unless ($checked_something) { push @$return, "$part_name: ${name} signed, but not in the deb.\n" if $verbose; return "FORCE_BAD"; @@ -722,12 +729,12 @@ push @cmdline, "$tempdir/digests.asc", "$tempdir/digests"; push @$return, "$part_name: Invalid v3 sig ... Trying v2\n" if $verbose; - + open (FH, ">", $tempdir."/digests") || die _die("Couldn't open $tempdir/digests: $!"); print FH join "\n", map { $_->[3] . " " . $_->[0] } @$digests[0..$part_number-1]; print FH "\n"; close FH; - + my $res= qx/@cmdline/; @$info = split(/ /, $1 ) if $res =~ /^\[GNUPG:\] VALIDSIG (.*)$/m; if ($res =~ /^\[GNUPG:\] NO_PUBKEY \S{8}(\S{8})/m) { @@ -772,10 +779,10 @@ =head2 correct_changes_file (I<$changes>, I<\%new_deb_info>) -Receives a path to a changes file I<$changes> and a hash reference +Receives a path to a changes file I<$changes> and a hash reference I<\%new_deb_info> containing new sizes and md5sums of debs in that changes file. It'll parse the changes file, replace the old values by the new ones. -If the file is signed, the signature will be stripped (as it would be +If the file is signed, the signature will be stripped (as it would be invalid anyway). =cut @@ -788,7 +795,7 @@ my ($readerfh, $writerfh, $prot_version) = get_ssh_connection($user, $host); print $writerfh "correct_changes_file $file\n"; - + my ($response, $t); $response = ''; do { read($readerfh, $t, 1); $response .= $t } while ($t ne "\n"); @@ -799,7 +806,7 @@ print $writerfh join (" ", @{$new_deb_info->{$_}}), "\n"; } print $writerfh ".\n"; - + $response = ''; do { read($readerfh, $t, 1); $response .= $t } while ($t ne "\n"); chomp($response); @@ -811,28 +818,35 @@ die _die("remote dpkg-sig on $host seems to be weird. Can't parse \"$response\""); } } else { - my ($new_changes, $in_files) = ('', 0); + my ($new_changes, $in_csums) = ('', -1); open (CHANGES, "+<", $changes) || die _die("$changes: Can't open file: $!"); while () { if (/^-----BEGIN PGP SIGNED MESSAGE-----$/) { while () { last if /^\s*$/ }; next } - if ($in_files) { - chomp; + if (/^Files:/) { + $in_csums = MD5SUM; + $new_changes .= $_; + } elsif (/^Checksums-Sha1:/) { + $in_csums = SHA1SUM; + $new_changes .= $_; + } elsif (/^Checksums-Sha256:/) { + $in_csums = SHA256SUM; + $new_changes .= $_; + } elsif ($in_csums >= 0) { + chomp; last if ! s/^ //; - my ($md5sum, $size, $section, $priority, $file_name) = split / /, $_; + my @fields = split / /, $_; + my $file_name= $fields[-1]; if ($new_deb_info->{$file_name}) { - $md5sum = $new_deb_info->{$file_name}->[0]; - $size = $new_deb_info->{$file_name}->[1]; - chomp($md5sum); + $fields[0] = $new_deb_info->{$file_name}->[$in_csums]; + $fields[1] = $new_deb_info->{$file_name}->[1]; } - $new_changes .= " " . join (" ", ($md5sum, $size, $section, $priority, $file_name)). "\n"; + $new_changes .= " " . join (" ", @fields). "\n"; } else { $new_changes .= $_; } - - $in_files = "yes" if /^Files:/; } - + seek(CHANGES, 0, 0) || die _die("$changes: Can't rewind file: $!"); truncate(CHANGES, 0) || die _die("$changes: Can't truncate file: $!"); @@ -847,7 +861,7 @@ =head2 I<\@new_file_info> = add_sig_to_deb (I<$file>, I<$new_data>, I<$new_name>) -Adds I<$new_data> to I<$file> as new ar archiv part, using $new_name as +Adds I<$new_data> to I<$file> as new ar archiv part, using $new_name as filename. If I<$file> doesn't exist, a new ar archive is created. Returns the new md5sum and size of I<$file>. @@ -856,7 +870,7 @@ sub add_part_to_ar_archive { return add_sig_to_deb(@_); } sub add_sig_to_deb { my ($deb, $sig, $sig_name) = @_; - my ($new_md5sum, $new_file_size); + my ($new_md5sum, $new_file_size, $new_sha1sum, $new_sha256sum); if ($deb =~ m!^ssh://!) { my ($user, $host, $file) = split_ssh_uri($deb); @@ -875,7 +889,7 @@ print $writerfh $_, "\n"; } print $writerfh ".\n"; - + $response = ''; do { read($readerfh, $t, 1); $response .= $t } while ($t ne "\n"); chomp($response); @@ -883,11 +897,11 @@ if ($response !~ /^200 /) { die _die("remote dpkg-sig on $host returned \"$response\""); } else { - + $response = ''; do { read($readerfh, $t, 1); $response .= $t } while ($t ne "\n"); chomp($response); - ($new_md5sum, $new_file_size) = split (/ /, $response); + ($new_md5sum, $new_file_size, $new_sha1sum, $new_sha256sum) = split (/ /, $response); } } else { die _die("remote dpkg-sig on $host seems to be weird. Can't parse \"$response\""); @@ -910,11 +924,12 @@ close DEB; $new_md5sum = get_file_md5sum($deb); - + $new_sha1sum = get_file_checksum($deb, "sha1sum"); + $new_sha256sum = get_file_checksum($deb, "sha256sum"); $new_file_size = (stat($deb))[7]; } - return [$new_md5sum, $new_file_size, basename($deb)]; + return [$new_md5sum, $new_file_size, basename($deb), $new_sha1sum, $new_sha256sum]; } =pod @@ -953,7 +968,7 @@ } } else { open(DEB, "<", (glob $deb)[0]) || die _die("Couldn't open $deb: $!"); - + if (read(DEB, $_, 8) != 8) { die _die("Couldn't open $deb: ar format b0rken [Couldn't read first 8 bytes]"); } elsif ($_ ne "!\n") { @@ -969,7 +984,7 @@ my $length = substr($line, 48, 10); $length =~ s/\s*//g; next if (!$name && $length && $length =~ /^\d+\s*$/); - + seek (DEB, $length, 1) or die _die("Couldn't read $name in $deb: File too short!"); if ($length % 2) { seek (DEB, 1, 1) or die _die("Couldn't read $name in $deb: File too short!"); @@ -1010,7 +1025,7 @@ if ($response !~ /^200 /) { die _die("remote dpkg-sig on $host returned \"$response\""); } else { - $$changes_signed = "yes" if $response =~ /^200 ok debs in signed/; + $$changes_signed = "yes" if $response =~ /^200 ok debs in signed/; while (<$readerfh>) { last if (/^\.$/); s/^\.\././; @@ -1024,7 +1039,7 @@ } } else { open (CHANGES, "<", $changes) || die _die("$changes: Can't open file: $!"); - while () { + while () { $$changes_signed = "yes" if /-----BEGIN PGP SIGNED MESSAGE-----/; last if /^Files:/ } @@ -1050,7 +1065,7 @@ =head2 I<\@digests> = get_deb_digests (I<$deb>) Parses I<$deb> and returns the meta-data of the included files. The read -data is piped to md5sums and sha1sums, which create the respective +data is piped to md5sums and sha1sums, which create the respective digests. The digests, the filename and the size are put in an anymous array looking like this: [B<$name>, B<$size>, B<$sha1sum>, B<$md5sum>]. One of these arrays is pushed to I<@digests> for every file in I<$deb>. @@ -1060,7 +1075,7 @@ sub get_deb_digests { my $deb = shift; my @digests; - + if ($deb =~ m!^ssh://!) { my ($user, $host, $file) = split_ssh_uri($deb); my ($readerfh, $writerfh, $prot_version) = get_ssh_connection($user, $host); @@ -1082,7 +1097,7 @@ } } else { open(DEB, "<", (glob $deb)[0]) || die _die("Couldn't open $deb: $!"); - + if (read(DEB, $_, 8) != 8) { die _die("Couldn't open $deb: ar format b0rken [Couldn't read first 8 bytes]"); } elsif ($_ ne "!\n") { @@ -1093,7 +1108,7 @@ my $line = ; if ($line =~ /\S/) { #This should help with additional newlines my ($name, $size, $md5sum, $sha1sum); - + #debian-binary 1075243548 0 0 100644 4 ` $name = substr($line, 0, 16); $name =~ s{/?\s*$}{}g; @@ -1101,7 +1116,7 @@ $length =~ s/\s*//g; next if (!$name && $length && $length =~ /^\d+\s*$/); $size = $length; - + my ($part, $read_length, $md5sum_input, $md5sum_output, $sha1sum_input, $sha1sum_output); open2($md5sum_output, $md5sum_input, qq{md5sum}); if (-x "/usr/bin/sha1sum") { @@ -1117,9 +1132,9 @@ $length -= $read_length; if (read (DEB, $part, $read_length) != $read_length) { die _die("Couldn't read $name in $deb: File too short!"); - } + } if ($read_length % 2 && read (DEB, $_, 1) != 1) { - die _die("Couldn't read $name in $deb: File too short!"); + die _die("Couldn't read $name in $deb: File too short!"); } print $md5sum_input $part; print $sha1sum_input $part; @@ -1141,41 +1156,55 @@ =pod -=head2 I<$md5sum> = get_file_md5sum (I<$file>) +=head2 I<$checksum> = get_file_checksum (I<$file>, I<$type>) -Returns the md5sum for I<$file>. +Returns the checksum for I<$file>. =cut -sub get_file_md5sum { +sub get_file_checksum { my $file = shift; - my $md5sum; + my $type = shift; + my $res; if ($file =~ m!^ssh://!) { my ($user, $host, $file) = split_ssh_uri($file); my ($readerfh, $writerfh, $prot_version) = get_ssh_connection($user, $host); if ($prot_version < 5) { - die _die("remote dpkg-sig on $host is too old and can't return the needed md5sum of a file."); + die _die("remote dpkg-sig on $host is too old and can't return the needed $type of a file."); } - print $writerfh "get_file_md5sum $file\n"; + print $writerfh "get_file_$type $file\n"; my ($response, $t); $response = ''; do { read($readerfh, $t, 1); $response .= $t } while ($t ne "\n"); chomp($response); - if ($response =~ /^200 ok md5sum is (\S+)/) { - $md5sum = $1; + if ($response =~ /^200 ok $type is (\S+)/) { + $res = $1; } else { die _die("remote dpkg-sig on $host returned \"$response\""); } } else { - chomp ($md5sum = `md5sum $file | cut -d " " -f 1`); + chomp ($res = `$type $file | cut -d " " -f 1`); } - return $md5sum; + return $res; +} + +=pod + +=head2 I<$checksum> = get_file_md5sum (I<$file>) + +Returns the md5sum for I<$file>. + +=cut + +sub get_file_md5sum { + my $file = shift; + return get_file_checksum($file, "md5sum"); } =pod @@ -1208,7 +1237,7 @@ } } else { open(DEB, "<", $deb) || die _die("Couldn't open $deb: $!"); - + if (read(DEB, $_, 8) != 8) { die _die("Couldn't open $deb: ar format b0rken [Couldn't read first 8 bytes]"); } elsif ($_ ne "!\n") { @@ -1222,13 +1251,13 @@ $name =~ s{/?\s*$}{}g; my $length = substr($line, 48, 10); next if (!$name && $length && $length =~ /^\d+\s*$/); - + my $tmp_part; if (read (DEB, $tmp_part, $length) != $length) { die _die("Couldn't read $name in $deb: File too short!"); } if ($length % 2 && read (DEB, $_, 1) != 1) { - die _die("Couldn't read $name in $deb: File too short!"); + die _die("Couldn't read $name in $deb: File too short!"); } if ($name eq $part_name) { @@ -1247,7 +1276,7 @@ =head2 I<@file_data> = read_control_file (I<$file>) -Returns the content of I<$file> as array with one line per element. +Returns the content of I<$file> as array with one line per element. =cut @@ -1278,7 +1307,7 @@ push @file_data, $_; } } - + } else { open (FH, $file) or die _die("Can't open $file: $!"); @file_data = ; @@ -1316,7 +1345,7 @@ $response = ''; do { read($readerfh, $t, 1); $response .= $t } while ($t ne "\n"); chomp($response); - + if ($response =~ /^300 /) { print $writerfh @$data; print $writerfh ".\n"; @@ -1333,7 +1362,7 @@ } } else { die _die("remote dpkg-sig on $host seems to be weird. Can't parse \"$response\""); - } + } } else { _write_file($file, @$data); @@ -1355,7 +1384,7 @@ sub glob_exp { my $exp = shift; my @files; - + if ($exp =~ m!^ssh://!) { my ($user, $host, $file) = split_ssh_uri($exp); my ($readerfh, $writerfh, $prot_version) = get_ssh_connection($user, $host); @@ -1435,15 +1464,15 @@ my ($uri) = @_; my ($user, $host, $path); - + #ssh://$USER@$HOST:$PATH if ($uri =~ m!^ssh://(?:([^@\s]+)@)?(\S+):(.+)!) { ($user, $host, $path) = ($1, $2, $3); $user ||= undef; - + die _die("$uri: Please specify at least a host to connect to.") if !$host; - die _die("$uri: Please specify a path on the remote host.") if !$path; + die _die("$uri: Please specify a path on the remote host.") if !$path; } else { die _die("$uri is no ssh uri!"); } @@ -1455,7 +1484,7 @@ =head2 I<@ssh_connection_info> = get_ssh_connection (I<$user>, I<$host>) -Opens a ssh connection to I<$host> as user I<$user>, directly calling +Opens a ssh connection to I<$host> as user I<$user>, directly calling B. It checks if the remote B is compatible to the current version and returns the B<$pid>, the Read-Filehandle B<$readerfh> and the Write-Filehandle B<$writerfh>. @@ -1472,9 +1501,9 @@ if (! $ssh_connections{$connection_id} ) { my ($readerfh, $writerfh); die _die("No ssh installed, we need it to connect to the remote host.") if (not `which ssh`); - + my $pid = open2($readerfh, $writerfh, qq{ssh $remote_ssh_port $connection_id '$remote_dpkg_sig --client $DEBUG 2>/dev/null || echo "No dpkg-sig available"' 2>&1}); - + my $response = <$readerfh>; if ($response && $response !~ /protocol version/i) { if ($response && $response =~ /No dpkg-sig available/) { @@ -1487,11 +1516,11 @@ } } } - + if ($response !~ /protocol version (\d+)$/i || $1 < 6) { die _die("dpkg-sig on $host is too old (we need protocol version 6)"); } - + $ssh_connections{$connection_id} = [$pid, $readerfh, $writerfh, $1]; } @@ -1537,7 +1566,7 @@ my @data = read_control_file($dsc); for (my $i=0;$i<@data;$i++) { if ($data[$i] =~ /^-----BEGIN PGP SIGNED MESSAGE-----$/) { - if ($sign_changes eq "force_full") { + if ($sign_changes eq "force_full") { $sign_dsc = 1; } elsif (! $batch) { print "The .dsc file is already signed.\nWould you like to use the current signature? [Yn] "; @@ -1567,7 +1596,7 @@ print "Signed .dsc $dsc\n" unless $batch; } } - + #Now the changes file: open (CHANGES, ">", $tempdir."/changes.unsigned") || die _die("Can't open $tempdir/changes.unsigned: $!"); my $basename_dsc = basename($dsc) if $dsc; @@ -1581,13 +1610,13 @@ close CHANGES; sign_file($tempdir."/changes.unsigned",$tempdir."/changes.signed", "no_detach"); - + my @data; open (CHANGES, $tempdir."/changes.signed") || die _die("Can't open $tempdir/changes.signed: $!"); @data = ; close CHANGES; write_control_file($file, \@data); - print "Signed .changes $file\n" unless $batch; + print "Signed .changes $file\n" unless $batch; } @@ -1628,7 +1657,7 @@ push (@cmdline, $gpgoptions) if $gpgoptions; - print "Signing $in_file with key ".($key || "of $maintainer")."\n" if $verbose; + print "Signing $in_file with key ".($key || "of $maintainer")."\n" if $verbose; push (@cmdline, $in_file, "2>&1"); open (GPG, "| ".join " ", @cmdline) || die _die("Signing failed: $!"); print GPG $passphrase, "\n" if $passphrase; @@ -1638,9 +1667,9 @@ sub read_cmds { $DEBUG && (open (LOG, ">", "/tmp/dpkg-sig.log") || die _die("Couldn't open log: $!")); - $DEBUG && select LOG; $|=1; + $DEBUG && select LOG; $|=1; $DEBUG && select STDOUT; - + sub send { print STDOUT @_; $DEBUG && print LOG "Sent: ", @_; } sub read { $_ = ; $DEBUG && print LOG "Received: ", $_; return $_ } ; @@ -1702,39 +1731,39 @@ my @r = eval { get_debs_from_changes ($1, \$changes_signed) }; if ($@) { chomp($@); $@ =~ s/\n/\t/g; - &send("500 error: $@\n"); + &send("500 error: $@\n"); } else { if ($changes_signed) { - &send("200 ok debs in signed $1 follow\n"); + &send("200 ok debs in signed $1 follow\n"); } else { &send("200 ok debs in $1 follow\n"); } for (@r) { - s/^\./../; + s/^\./../; &send("$_\n"); } &send(".\n"); } } elsif (/^glob_exp (.+)$/) { - my @r = eval { glob_exp ($1) }; + my @r = eval { glob_exp ($1) }; if ($@) { chomp($@); $@ =~ s/\n/\t/g; - &send("500 error: $@\n"); + &send("500 error: $@\n"); } else { - &send("200 ok files matching \"$1\" follow\n"); + &send("200 ok files matching \"$1\" follow\n"); for (@r) { - s/^\./../; + s/^\./../; &send("$_\n"); } &send(".\n"); } } elsif (/^file_readable (.+)$/) { - my $r = eval { file_readable ($1) }; + my $r = eval { file_readable ($1) }; if ($@) { chomp($@); $@ =~ s/\n/\t/g; - &send("500 error: $@\n"); + &send("500 error: $@\n"); } else { if ($r) { &send("200 ok file readable\n"); @@ -1743,20 +1772,20 @@ } } - } elsif (/^get_file_md5sum (.+)$/) { - my $r = eval { get_file_md5sum ($1) }; + } elsif (/^get_file_([^\S]+) (.+)$/) { + my $r = eval { get_file_checksum ($2, $1) }; if ($@) { chomp($@); $@ =~ s/\n/\t/g; - &send("500 error: $@\n"); + &send("500 error: $@\n"); } else { - &send("200 ok md5sum is $r\n"); + &send("200 ok $1 is $r\n"); } } elsif (/^add_sig_to_deb ([^ ]+) (.+)$/) { my ($sig_name, $deb, $sig) = ($1, $2, ''); &send("300 ok waiting for data\n"); - while ($_ = &read()) { + while ($_ = &read()) { last if (/^\.$/); s/^\.\././; $sig .= $_; @@ -1774,7 +1803,7 @@ } elsif (/^correct_changes_file (.+)$/) { my ($changes, $new_changes_data) = ($1, {}); &send("300 ok waiting for data\n"); - while ($_ = &read()) { + while ($_ = &read()) { last if (/^\.$/); s/^\.\././; chomp; @@ -1792,9 +1821,9 @@ } elsif (/^write_control_file (.+)$/) { my ($file, @data) = ($1, ()); - + &send("300 ok waiting for data\n"); - while ($_ = &read()) { + while ($_ = &read()) { last if (/^\.$/); s/^\.\././; push @data, $_; @@ -1847,13 +1876,13 @@ ); $check_v2_sig = ($check_v2_sig && $check_v2_sig eq "false"?0:"yes"); $check_v3_sig = ($check_v3_sig && $check_v3_sig eq "false"?0:"yes"); - + die _die('Please use only one of --sign, --list, --verify[-role|-exact], --get-hashes, --write-signature, --help and --client!') if (! !$sign + ! !$list + ! !$verify + ! !$verify_role + ! !$verify_exact + ! !$client + ! !$get_hashes + ! !$sign_hashes + ! !$write_signature + ! ! $help> 1); - + $maintainer_pr && ($maintainer = $maintainer_pr); if (!$sign && !$list && !$verify && !$verify_role && !$verify_exact && - !$client && !$get_hashes && !$sign_hashes && !$write_signature && + !$client && !$get_hashes && !$sign_hashes && !$write_signature && !$help) { if (@ARGV) { $verify = 1; @@ -1869,7 +1898,7 @@ for my $configfile (@configfiles) { $configfile = (glob($configfile))[0]; - + if ($configfile && -r $configfile) { %config = %{read_config_file($configfile) || {}}; } @@ -1885,10 +1914,10 @@ } elsif (! grep {$sign_changes eq $_} qw(no auto yes full force_full)) { if ($sign_changes =~ /(?:deb|changes)$/) { push @files, $sign_changes; - $sign_changes = "yes"; + $sign_changes = "yes"; } else { print "W: Unrecognized argument to --sign-changes, using \"auto\": $sign_changes\n"; - $sign_changes = "auto"; + $sign_changes = "auto"; } } @@ -1941,12 +1970,12 @@ Short usage: If not stated otherwise, all commands have one or more .deb or .changes files as argument. In the case of .changes files, dpkg-sig will work on - all .deb files named in there. + all .deb files named in there. - -s,--sign Sign files + -s,--sign Sign files -c,--verify Verify signatures on files -l,--list List signatures on files - + --get-hashes Get hashes file for files --sign-hashes Sign hashes file --write-hashes Write sigs from signed hashes file @@ -1969,13 +1998,13 @@ sub _die { chomp(my $msg = shift || "No error msg given! This is a bug, hurt the author!"); my $i = 0; - + while ($_ = (caller($i++))[3]) { if ($_ && $_ eq "(eval)") { return $msg; } } - + my $code = shift || 1; my $line = (caller)[2]; print STDERR "E: $msg\n"; @@ -1985,7 +2014,7 @@ sub _read_file { my $file = shift; my $content; - + open (FH, $file) or die _die "Can't open $file: $!"; $content = join "", ; close FH; @@ -1996,7 +2025,7 @@ sub _write_file { my $file = shift; my @content = @_; - + open (FH, ">", $file) or die _die "Can't open $file for writing: $!"; print FH @content; close FH; @@ -2006,10 +2035,10 @@ =head1 AUTHOR -B and this manpage were written by Andreas Barth und Marc -Brockschmidt. They are Copyright (C) 2003, 2004 by them and released +B and this manpage were written by Andreas Barth und Marc +Brockschmidt. They are Copyright (C) 2003, 2004 by them and released under the GNU General Public Licence version 2 or later; there is NO -WARRANTY. See F and +WARRANTY. See F and F for details. =cut