|
|
|
@ -91,7 +91,7 @@ Dir.foreach(release_path) do |signer_dir|
|
|
|
|
|
system("gpg --keyserver pgp.mit.edu --recv-keys `gpg --quiet --batch --verify \"#{File.join(signer_path, 'signature.pgp')}\" \"#{result_path}\" 2>&1 | head -n1 | grep \"key ID\" | awk '{ print $15 }'` > /dev/null 2>&1")
|
|
|
|
|
out = `gpg --quiet --batch --verify \"#{sig_path}\" \"#{result_path}\" 2>&1`
|
|
|
|
|
if $? != 0
|
|
|
|
|
out.each do |line|
|
|
|
|
|
out.each_line do |line|
|
|
|
|
|
if line =~ /^gpg: Signature made/
|
|
|
|
|
info(line)
|
|
|
|
|
else
|
|
|
|
@ -101,7 +101,7 @@ Dir.foreach(release_path) do |signer_dir|
|
|
|
|
|
puts "#{signer_dir}: BAD SIGNATURE"
|
|
|
|
|
did_fail = true
|
|
|
|
|
elsif current_manifest and (result['out_manifest'] != current_manifest or result['release'] != release or result['name'] != package_name)
|
|
|
|
|
out.each do |line|
|
|
|
|
|
out.each_line do |line|
|
|
|
|
|
if line =~ /^gpg: Signature made/
|
|
|
|
|
info(line)
|
|
|
|
|
elsif line =~ /^gpg: Good signature/
|
|
|
|
@ -115,7 +115,7 @@ Dir.foreach(release_path) do |signer_dir|
|
|
|
|
|
puts "#{signer_dir}: MISMATCH"
|
|
|
|
|
did_fail = true
|
|
|
|
|
else
|
|
|
|
|
out.each do |line|
|
|
|
|
|
out.each_line do |line|
|
|
|
|
|
if line =~ /^gpg: Signature made/
|
|
|
|
|
info(line)
|
|
|
|
|
elsif line =~ /^gpg: Good signature/
|
|
|
|
|