![](https://seccdn.libravatar.org/avatar/e2145bc5cf53dda95c308a3c75e8fef3.jpg?s=120&d=mm&r=g)
Hello community, here is the log from the commit of package mkdud for openSUSE:Factory checked in at 2015-02-11 16:46:06 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/mkdud (Old) and /work/SRC/openSUSE:Factory/.mkdud.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "mkdud" Changes: -------- --- /work/SRC/openSUSE:Factory/mkdud/mkdud.changes 2015-02-10 20:23:09.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.mkdud.new/mkdud.changes 2015-02-11 16:46:10.000000000 +0100 @@ -1,0 +2,6 @@ +Wed Feb 11 11:42:33 CET 2015 - snwint@suse.com + +- create and read directly (non-detached) signed updates +- 1.15 + +------------------------------------------------------------------- Old: ---- mkdud-1.14.tar.xz New: ---- mkdud-1.15.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ mkdud.spec ++++++ --- /var/tmp/diff_new_pack.VieQuh/_old 2015-02-11 16:46:11.000000000 +0100 +++ /var/tmp/diff_new_pack.VieQuh/_new 2015-02-11 16:46:11.000000000 +0100 @@ -23,7 +23,7 @@ Summary: Create driver update from rpms License: GPL-3.0+ Group: Hardware/Other -Version: 1.14 +Version: 1.15 Release: 0 Source: %{name}-%{version}.tar.xz Url: https://github.com/wfeldt/mkdud ++++++ mkdud-1.14.tar.xz -> mkdud-1.15.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mkdud-1.14/VERSION new/mkdud-1.15/VERSION --- old/mkdud-1.14/VERSION 2015-02-09 14:13:17.000000000 +0100 +++ new/mkdud-1.15/VERSION 2015-02-11 11:28:25.000000000 +0100 @@ -1 +1 @@ -1.14 +1.15 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mkdud-1.14/changelog new/mkdud-1.15/changelog --- old/mkdud-1.14/changelog 2015-02-09 14:13:17.000000000 +0100 +++ new/mkdud-1.15/changelog 2015-02-11 11:28:25.000000000 +0100 @@ -1,3 +1,6 @@ +2015-02-11: 1.15 + - create and read directly (non-detached) signed updates + 2015-02-09: 1.14 - support creating signed driver updates diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mkdud-1.14/mkdud new/mkdud-1.15/mkdud --- old/mkdud-1.14/mkdud 2015-02-09 14:13:17.000000000 +0100 +++ new/mkdud-1.15/mkdud 2015-02-11 11:28:25.000000000 +0100 @@ -130,6 +130,7 @@ my @opt_condition; my $opt_format; my $opt_sign; +my $opt_sign_direct; my $opt_sign_key; # global variables @@ -142,6 +143,7 @@ my $format_archive = "cpio"; my $format_compr = "gz"; my $sign_key_dir; +my $sign_key_ok; # linuxrc versions in service packs my $servicepack; @@ -167,7 +169,8 @@ 'may-replace-yast' => \$opt_force, 'no-docs' => \$opt_no_docs, 'keep-docs' => sub { $opt_no_docs = 0 }, - 'sign' => \$opt_sign, + 'detached-sign' => \$opt_sign, + 'sign' => sub { $opt_sign = 1; $opt_sign_direct = 1 }, 'sign-key=s' => \$opt_sign_key, 'force' => \$opt_force, 'format=s' => \$opt_format, @@ -213,6 +216,7 @@ my $tmp_mnt = $tmp->dir('mnt'); my $tmp_err = $tmp->file('err'); my $tmp_archive = $tmp->file('dud.xxx'); +$sign_key_dir = $tmp->dir('gpg'); set_format; @@ -357,7 +361,8 @@ --format FORMAT Specify archive format for DUD. FORMAT=(cpio|tar)[.(gz|xz)]. Default FORMAT is cpio.gz (gzip compressed cpio archive). Note: don't change the default. See README. - --sign Sign the driver update. This creates a detached signature. + --sign Sign the driver update. + --detached-sign Sign the driver update. This creates a detached signature. --sign-key KEY_FILE Use this key for signing. Alternatively, use the 'sign-key' entry in ~/.mkdudrc. @@ -474,6 +479,8 @@ local $_; my $dud; my @i; + my $gpg = "gpg --homedir=$sign_key_dir --yes --output - 2>/dev/null"; + my $gpg_sign; if(!-e $_[0]) { print STDERR "$_[0]: error: no such file or directory\n"; @@ -620,6 +627,21 @@ return; } } + else { + for (`gpg --homedir=$sign_key_dir --verify $_[0] 2>&1`) { + chomp; + $gpg_sign = $1, last if /^gpg: Signature made\s*(.*)$/; + } + if($gpg_sign) { + my $z = `$gpg $_[0] | file -b -`; + if($z =~ /^(gzip|XZ) compressed data/) { + my $cmd = "\L$1"; + my $f = $cmd ne 'gzip' ? $cmd : 'gz'; + my $z = `$gpg $_[0] | $cmd -dc | file -b -`; + $dud = "$1.$f" if $z =~ / (cpio|tar) archive/; + } + } + } if($dud) { my $duds = 0; @@ -632,7 +654,12 @@ my $compr = 'cat'; $compr = 'gzip -dc' if $3 eq 'gz'; $compr = 'xz -dc' if $3 eq 'xz'; - system "$compr $_[0] | ( cd $old ; $cmd 2>/dev/null)"; + if($gpg_sign) { + system "$gpg $_[0] | $compr | ( cd $old ; $cmd 2>/dev/null)"; + } + else { + system "$compr $_[0] | ( cd $old ; $cmd 2>/dev/null)"; + } } elsif($dud eq 'dir') { copy_dud $_[0], $old; @@ -641,7 +668,7 @@ $duds = 1; } - $duds = analyze_dud $old if $dud ne 'dummy'; + $duds = analyze_dud $old, $gpg_sign if $dud ne 'dummy'; return if $duds; } @@ -701,12 +728,15 @@ { local $_; my $src = shift; + my $sign = shift; my $duds = 0; my $global_files = 0; if(-d "$src/linux/suse") { my $ft = { type => 'dud', file => $src }; + $ft->{sign} = $sign if $sign; + push @files, $ft; $duds++; @@ -719,6 +749,8 @@ next unless s#(/\d+)/linux/suse$#$1#; my $ft = { type => 'dud', file => $_ }; + $ft->{sign} = $sign if $sign; + if($global_files) { $global_files = 0; $ft->{global_files} = $src; @@ -1252,14 +1284,17 @@ $compr = 'xz --check=crc32 -c' if $format_compr eq 'xz'; system "cd $tmp_src; $cmd_archive | $compr >$tmp_archive"; - system "cp $tmp_archive $file_name"; if($opt_sign) { sign_file $tmp_archive; - system "cp ${tmp_archive}.asc ${file_name}.asc"; - print "created detached signature ${file_name}.asc\n"; + if(!$opt_sign_direct) { + system "cp ${tmp_archive}.asc ${file_name}.asc"; + print "created detached signature ${file_name}.asc\n"; + } } + system "cp $tmp_archive $file_name"; + return $tmp_src; } @@ -1349,6 +1384,10 @@ print "=== Update #$dud_cnt ===\n"; + if($dud->{sign}) { + print " = Signed: $dud->{sign} =\n"; + } + if($dud->{global_files}) { for (glob("$dud->{global_files}/*")) { if(-f $_) { @@ -1820,8 +1859,6 @@ die "no sign key specified\n" if !$opt_sign_key; - my $gpg_dir = $tmp->dir(); - my $key = $opt_sign_key; $key =~ s/^~/$ENV{HOME}/; die "$key: no such key file\n" unless -f $key; @@ -1842,9 +1879,9 @@ } if($priv && $date) { - $sign_key_dir = $gpg_dir; + $sign_key_ok = 1; - system "gpg --homedir=$gpg_dir --import $key >/dev/null 2>&1"; + system "gpg --homedir=$sign_key_dir --import $key >/dev/null 2>&1"; print "using signing key, keyid = $keyid\n"; } @@ -1864,8 +1901,14 @@ { my $file = $_[0]; - return if !$sign_key_dir; + return if !$sign_key_ok; - system "gpg --homedir=$sign_key_dir --batch --yes --armor --detach-sign $file"; + if($opt_sign_direct) { + system "gpg --homedir=$sign_key_dir --yes --sign $file"; + rename "$file.gpg", $file; + } + else { + system "gpg --homedir=$sign_key_dir --batch --yes --armor --detach-sign $file"; + } } -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org