X-Original-To: alpine-devel@lists.alpinelinux.org Delivered-To: alpine-devel@mail.alpinelinux.org Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.alpinelinux.org (Postfix) with ESMTPS id E8A70DC7390 for ; Fri, 5 Jul 2013 04:21:49 +0000 (UTC) Received: from compute4.internal (compute4.nyi.mail.srv.osa [10.202.2.44]) by gateway1.nyi.mail.srv.osa (Postfix) with ESMTP id 04CA4207BC for ; Fri, 5 Jul 2013 00:21:44 -0400 (EDT) Received: from frontend2.nyi.mail.srv.osa ([10.202.2.161]) by compute4.internal (MEProxy); Fri, 05 Jul 2013 00:21:44 -0400 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=from:to:subject:date:message-id :in-reply-to:references; s=smtpout; bh=IUB3yTeeVcD5S1e/kWA7/O185 BM=; b=IaIslTZaE/rm+uRYijDrd0PLgegJO1UUGEDezDxZ0OhETp/ktn0EyY7b9 pXZGvbMUVHAYZBmdEj5W+fTnh8e8Ieg8Qe/+Pb9EJ57LQX0WyOhl83jfhw4wLU75 2bQ3obLFp8aWtY+gXUHuI6i7o1z5USDAhyZkhGhmuuPZZ9q04I= X-Sasl-enc: w9dqMdiNxf3zv7c0thU5Cbmq9PgTMAL4DR00Q+/ilXxL 1372998103 Received: from localhost (unknown [69.86.161.244]) by mail.messagingengine.com (Postfix) with ESMTPA id BF0F66804C2 for ; Fri, 5 Jul 2013 00:21:43 -0400 (EDT) From: Dubiousjim To: alpine-devel@lists.alpinelinux.org Subject: [alpine-devel] [PATCH 06/31] abuild-sign: refactor Date: Fri, 5 Jul 2013 00:21:15 -0400 Message-Id: X-Mailer: git-send-email 1.8.3.1 In-Reply-To: References: X-Mailinglist: alpine-devel Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: --- abuild-sign.in | 47 +++++++++++++++++++++++++---------------------- 1 file changed, 25 insertions(+), 22 deletions(-) diff --git a/abuild-sign.in b/abuild-sign.in index 3ff32e0..73aabc7 100644 --- a/abuild-sign.in +++ b/abuild-sign.in @@ -18,6 +18,30 @@ die() { exit 1 } +do_sign() { + # we are actually only interested in the name, not the file itself + keyname=${pubkey##*/} + + for f; do + i=$(readlink -f $f) + [ -d "$i" ] && i="$i/APKINDEX.tar.gz" + repo="${i%/*}" + cd "$repo" || die "Failed to sign $i" + sig=".SIGN.RSA.$keyname" + openssl dgst -sha1 -sign "$privkey" -out "$sig" "$i" || die "Failed to sign $i" + tmptargz=$(mktemp) + tar -c "$sig" | abuild-tar --cut | gzip -9 > "$tmptargz" + tmpsigned=$(mktemp) + cat "$tmptargz" "$i" > "$tmpsigned" + rm -f "$tmptargz" "$sig" + mv "$tmpsigned" "$i" + chmod 644 "$i" + if [ -z "$quiet" ]; then + echo "Signed $i" + fi + done +} + usage() { echo "abuild-sign $abuild_ver" echo "usage: abuild-sign [-hq] [-k PRIVKEY] [-p PUBKEY] INDEXFILE..." @@ -61,26 +85,5 @@ if [ -z "$pubkey" ]; then pubkey=${PACKAGER_PUBKEY:-"${privkey}.pub"} fi -# we are actually only interested in the name, not the file itself -keyname=${pubkey##*/} - -for f in "$@"; do - i=$(readlink -f $f) - [ -d "$i" ] && i="$i/APKINDEX.tar.gz" - repo="${i%/*}" - cd "$repo" || die "Failed to sign $i" - sig=".SIGN.RSA.$keyname" - openssl dgst -sha1 -sign "$privkey" -out "$sig" "$i" || die "Failed to sign $i" - tmptargz=$(mktemp) - tar -c "$sig" | abuild-tar --cut | gzip -9 > "$tmptargz" - tmpsigned=$(mktemp) - cat "$tmptargz" "$i" > "$tmpsigned" - rm -f "$tmptargz" "$sig" - mv "$tmpsigned" "$i" - chmod 644 "$i" - if [ -z "$quiet" ]; then - echo "Signed $i" - fi -done - +do_sign "$@" exit 0 -- 1.8.3.1 --- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---