RPM Package Manager, CVS Repository
http://rpm5.org/cvs/
____________________________________________________________________________
Server: rpm5.org Name: Ralf S. Engelschall
Root: /v/rpm/cvs Email: rse@rpm5.org
Module: rpm Date: 28-Dec-2007 15:00:30
Branch: HEAD Handle: 2007122814002901
Modified files:
rpm CHANGES
rpm/lib depends.c
Log:
Allow assertion of a particular GnuPG signing key via "gnupg(<path>)
= <fingerprint>" in dependencies -- instead of just checking whether
<path> was signed by _ANY_ key present in the GnuPG key ring.
Summary:
Revision Changes Path
1.2032 +1 -0 rpm/CHANGES
1.375 +15 -6 rpm/lib/depends.c
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: rpm/CHANGES
============================================================================
$ cvs diff -u -r1.2031 -r1.2032 CHANGES
--- rpm/CHANGES 28 Dec 2007 13:20:22 -0000 1.2031
+++ rpm/CHANGES 28 Dec 2007 14:00:29 -0000 1.2032
@@ -1,4 +1,5 @@
5.0b3 -> 5.0b4:
+ - rse: allow assertion of a particular GnuPG signing key via "gnupg(<path>) = <fingerprint>" in dependencies
- rse: fix invocaction of GnuPG's gpg(1) command for gnupg(<path>) dependency assertions
- afb: hide the rpmlib Version/Timestamp/Vendor markers spew unless verbose.
- rse: fix %{@foo} macro stack expansion including also the value at the stack bottom
@@ .
patch -p0 <<'@@ .'
Index: rpm/lib/depends.c
============================================================================
$ cvs diff -u -r1.374 -r1.375 depends.c
--- rpm/lib/depends.c 28 Dec 2007 13:20:22 -0000 1.374
+++ rpm/lib/depends.c 28 Dec 2007 14:00:30 -0000 1.375
@@ -822,12 +822,21 @@
}
if (NSType == RPMNS_TYPE_GNUPG) {
- static const char gnupg_pre[] = "%(%{__gpg} --batch --no-tty --quiet --verify ";
- static const char gnupg_post[] = " 2>/dev/null; echo $?)";
- const char * t = rpmExpand(gnupg_pre, Name, gnupg_post, NULL);
-
- rc = (t && t[0] == '0') ? 0 : 1;
- t = _free(t);
+ const char * EVR = rpmdsEVR(dep);
+ if (!(EVR && *EVR)) {
+ static const char gnupg_pre[] = "%(%{__gpg} --batch --no-tty --quiet --verify ";
+ static const char gnupg_post[] = " 2>/dev/null; echo $?)";
+ const char * t = rpmExpand(gnupg_pre, Name, gnupg_post, NULL);
+ rc = (t && t[0] == '0') ? 0 : 1;
+ t = _free(t);
+ }
+ else {
+ static const char gnupg_pre[] = "%(%{__gpg} --batch --no-tty --quiet --verify ";
+ static const char gnupg_post[] = " 2>&1 | grep '^Primary key fingerprint:' | sed -e 's;^.*: *;;' -e 's; *;;g')";
+ const char * t = rpmExpand(gnupg_pre, Name, gnupg_post, NULL);
+ rc = ((Flags & RPMSENSE_EQUAL) && strcasecmp(EVR, t) == 0) ? 0 : 1;
+ t = _free(t);
+ }
if (Flags & RPMSENSE_MISSINGOK)
goto unsatisfied;
rpmdsNotify(dep, _("(gnupg probe)"), rc);
@@ .
Received on Fri Dec 28 15:00:30 2007