From: Ian Jackson <ijackson@chiark.greenend.org.uk>
Date: Sun, 23 Oct 2016 20:12:02 +0000 (+0100)
Subject: import-dsc: Support --require-valid-signature
X-Git-Tag: archive/debian/2.9~43
X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=dgit.git;a=commitdiff_plain;h=df1c835ec8cea9ea7cbab65d9726a9a5881b66e1;hp=c646a7f57da1b79467aab438ecf1d80d185a0456;ds=sidebyside

import-dsc: Support --require-valid-signature

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
---

diff --git a/dgit b/dgit
index c6d1be7b..19245e0e 100755
--- a/dgit
+++ b/dgit
@@ -5276,6 +5276,19 @@ sub cmd_quilt_fixup {
 }
 
 sub cmd_import_dsc {
+    my $needsig = 0;
+
+    while (@ARGV) {
+	last unless $ARGV[0] =~ m/^-/;
+	$_ = shift @ARGV;
+	last if m/^--?$/;
+	if (m/^--require-valid-signature$/) {
+	    $needsig = 1;
+	} else {
+	    badusage "unknown dgit import-dsc sub-option \`$_'";
+	}
+    }
+
     badusage "usage: dgit import-dsc .../PATH/TO/.DSC BRANCH" unless @ARGV==2;
     my ($dscfn, $dstbranch) = @ARGV;
 
@@ -5307,13 +5320,19 @@ sub cmd_import_dsc {
 
     # we don't normally need this so import it here
     use Dpkg::Source::Package;
-    my $dp = new Dpkg::Source::Package filename => $dscfn;
+    my $dp = new Dpkg::Source::Package filename => $dscfn,
+	require_valid_signature => $needsig;
     {
-	local $SIG{__WARN__} = undef;
+	local $SIG{__WARN__} = sub {
+	    return unless $needsig;
+	    print STDERR $_[0];
+	    fail "import-dsc signature check failed";
+	};
 	if (!$dp->is_signed()) {
 	    warn "$us: warning: importing unsigned .dsc\n";
 	} else {
 	    my $r = $dp->check_signature();
+	    die "->check_signature => $r" if $needsig && $r;
 	}
     }