Home Explore Help
Sign In
SaschaMester
/
dak
mirror of https://ftp-master.debian.org/git/dak.git
Watch 1
Star 0
Fork 0
Files Issues 0 Wiki
Branch: master
Branches Tags
dak
/
scripts
/
debian
/
gpgverify

gpgverify 848 B
Permalink History Raw

12345678910111213141516171819202122232425262728293031 
  1. #!/bin/bash
    2. 

  2. 

  3. set -e
    4. 

  4. set -u
    5. 

  5. 

  6. TMPDIR=${TMPDIR:-"/tmp"}
    7. 

  7. 

  8. GPGSTATUS=$(mktemp -p "${TMPDIR}" GPGSTATUS.XXXXXX)
    9. 

  9. trap 'rm -f -- "${GPGSTATUS:?}"' EXIT
    10. 

  10. GPGLOGS=$(mktemp -p "${TMPDIR}" GPGLOGS.XXXXXX)
    11. 

  11. trap 'rm -f -- "${GPGLOGS:?}"' EXIT
    12. 

  12. 

  13. DEFGPGOPT="--no-default-keyring --batch --no-tty --no-options --exit-on-status-write-error --no-greeting --with-colons --keyring /srv/keyring.debian.org/keyrings/debian-keyring.gpg"
    14. 

  14. /usr/bin/gpg ${DEFGPGOPT} --status-file ${GPGSTATUS} --logger-file ${GPGLOGS} $3 $4 -
    15. 

  15. 

  16. declare -A TOKENS
    17. 

  17. while read gpgtag TOKEN something; do
    18. 

  18.     TOKENS[$TOKEN]=1
    19. 

  19. done < <(cat ${GPGSTATUS})
    20. 

  20. 

  21. # Heyho, we just verified, but git verify-commit is silly and wants to redo our work...
    22. 

  22. cat ${GPGSTATUS}
    23. 

  23. rm -f ${GPGSTATUS}
    24. 

  24. rm -f ${GPGLOGS}
    25. 

  25. 

  26. if [[ ${TOKENS[VALIDSIG]} == 1 ]] && [[ ${TOKENS[GOODSIG]} == 1 ]]; then
    27. 

  27.     exit 0
    28. 

  28. else
    29. 

  29.     exit 1
    30. 

  30. fi
    31. 

  31.