Changeset 2191


Ignore:
Timestamp:
Mar 3, 2017, 4:07:38 AM (3 years ago)
Author:
bruno
Message:
  • Add function pb_sign_setenv_rpm calling pb_sign_setenv which just sets up env var.
  • Remove usage of Crypt::OpenPGP function not available on some distros.
File:
1 edited

Legend:

Unmodified
Added
Removed
  • devel/pb/bin/pb

    r2190 r2191  
    49534953$ENV{'PBPASSFILE'} = $passfile->{$ENV{'PBPROJ'}} if ((not defined $ENV{'PBPASSFILE'})&& (defined $passfile->{$ENV{'PBPROJ'}})) ;
    49544954$ENV{'PBPASSPATH'} = $passpath->{$ENV{'PBPROJ'}} if ((not defined $ENV{'PBPASSPATH'})&& (defined $passpath->{$ENV{'PBPROJ'}})) ;
     4955}
     4956
     4957sub pb_sign_setenv_rpm {
     4958
     4959pb_sign_setenv();
    49554960
    49564961eval
     
    49664971    return(undef) if (((not defined $ENV{'PBPASSPHRASE'}) and (not defined $ENV{'PBPASSFILE'})) || (not defined $ENV{'PBPACKAGER'}) || (not defined $ENV{'PBPASSPATH'}));
    49674972    my $sign = RPM4::Sign->new(
    4968         passphrase => $ENV{'PBPASSPHRASE'},
    4969         name => $ENV{'PBPACKAGER'},
     4973        passphrase => $ENV{'PBPASSPHRASE'},
     4974        name => $ENV{'PBPACKAGER'},
    49704975        path => $ENV{'PBPASSPATH'},
    4971         password_file => $ENV{'PBPASSFILE'},
     4976        password_file => $ENV{'PBPASSFILE'},
    49724977    );
    49734978    return(undef) if (not defined $sign);
     
    49874992my $file = shift;
    49884993
    4989 eval
    4990 {
    4991     require Crypt::OpenPGP;
    4992     Crypt::OpenPGP->import();
    4993 };
    4994 if ($@) {
    4995     # Crypt::OpenPGP not found
    4996     pb_log(1,"WARNING: Install Crypt::OpenPGP to benefit from debian Release file signing.\n");
    4997 } else {
    4998     my $sign = pb_sign_setenv();
    4999     my $pgp = Crypt::OpenPGP->new;
    5000     my $pgpsign = $pgp->sign(
    5001         Filename   => $file,
    5002         KeyID      => $sign->{keyid},
    5003         Passphrase => $sign->{passphrase},
    5004         Detach     => 1,
    5005         Armour     => 1,
    5006     );
    5007     open(DEST, "> $file.gpg") || confess "Unable to write to $file.gpg";
    5008     print DEST $pgpsign if (defined $pgpsign);
    5009     close(DEST);
    5010 }
     4994pb_sign_setenv();
     4995pb_log(0,"Signing Debian Release file as $ENV{'PBPACKAGER'}...\n");
     4996
     4997if (not defined $ENV{'PBPASSPHRASE'}) {
     4998    if (not defined $ENV{'PBPASSFILE'}) {
     4999        confess("No pbpassphrase nor pbpassfile defined, unable to handle GPG Release file\n");
     5000    } else {
     5001        open(PASS,"$ENV{'PBPASSFILE'}") || confess("Unable to open $ENV{'PBPASSFILE'}\n");
     5002        my $pass = <PASS>;
     5003        chomp($pass);
     5004        $ENV{'PBPASSPHRASE'} = $pass;
     5005        close(PASS);
     5006    }
     5007}
     5008
     5009unlink("$file.gpg");
     5010pb_system("echo \"$ENV{'PBPASSPHRASE'}\" | gpg --sign --detach -a -o $file.gpg -r \"$ENV{'PBPACKAGER'}\" -b --use-agent --passphrase-fd 0 $file","Creating the signed version of $file with $ENV{'PBPACKAGER'} GPG key...\n");
    50115011}
    50125012
     
    50235023
    50245024if ($pbos->{'type'} eq "rpm") {
    5025     my $sign = pb_sign_setenv();
     5025    my $sign = pb_sign_setenv_rpm();
    50265026    if (defined $sign) {
    5027         pb_log(0,"Signing RPM packages...\n");
     5027        pb_log(0,"Signing RPM packages as $ENV{'PBPACKAGER'}...\n");
    50285028        pb_log(2,"pb_sign_pkg: pkgs:".Dumper(split(/ /,$made))."\n");
    50295029        $sign->rpmssign(split(/ /,$made));
     
    50355035    }
    50365036    my $debsigncmd = pb_check_req("debsign",1);
    5037     pb_system("$debsigncmd -m\'$ENV{'PBPACKAGER'}\' $changes","Signing DEB packages","mayfail") if (($changes ne "") && (defined $debsigncmd));
     5037    pb_system("$debsigncmd -m\'$ENV{'PBPACKAGER'}\' $changes","Signing DEB packages as $ENV{'PBPACKAGER'}...","mayfail") if (($changes ne "") && (defined $debsigncmd));
    50385038} else {
    50395039    pb_log(0,"I don't know yet how to sign packages for type $pbos->{'type'}.\nPlease give feedback to dev team\n");
Note: See TracChangeset for help on using the changeset viewer.