Hi!
On Mon, 2014-10-06 at 09:25:00 -0400, Daniel Kahn Gillmor wrote:
> On Sat 2014-09-06 20:08:38 -0400, Guillem Jover wrote:
> > On Fri, 2014-09-05 at 16:01:30 -0400, Daniel Kahn Gillmor wrote:
> >> On Thu 2014-08-28 11:47:17 -0400, Daniel Kahn Gillmor wrote:
> >> > On 08/27/2014 11:06 AM, Guillem Jover wrote:
> >> >> But I'm not comfortable just adding it as is,
> >> >> I'd probably want to bump the minor version of the format. As this gets
> >> >> us to the problem that we currently conflate the .dsc file format
> >> >> version
> >> >> with the actual source format version.
> >> >
> >> > I think you're saying you'd bump the minor version of the .dsc format,
> >>
> >> Is this something that can be done for dpkg before the jessie freeze?
> >
> > Yeah, that was my plan. I've just been thinking how to best introduce
> > it.
> The freeze for jessie is approaching, have you had a chance to look into
> this more? I'd love to see jessie's dpkg able to cope with these
> upstream signature files, even if none of them ship in jessie. it would
> make it possible to update the archive post-jessie to start including
> them.
Sure, I wanted to start a discussion on d-d, but got entangled in
other stuff in dpkg. Anyway, I'm planning on sending a quick note to
d-d, and include a cleaned up version of the attached patch in dpkg
1.17.20, to be uploaded before the 25th so that it can get in before
the freeze.
> Let me know if you need anything from me to make this happen.
The error messages are a bit suboptimal, but if you could play a bit
with the patch, and let me know if that works for you, that'd be
very helpful.
Thanks,
Guillem
commit 0ddd9825a99aad3c00da23b30adf06f20e2cf698
Author: Guillem Jover <guil...@debian.org>
Date: Tue Oct 14 20:05:54 2014 +0200
Dpkg::Source::Package::V2: Allow detached upstream signatures
diff --git a/scripts/Dpkg/Source/Package/V2.pm b/scripts/Dpkg/Source/Package/V2.pm
index cd8354b..9f5f1ee 100644
--- a/scripts/Dpkg/Source/Package/V2.pm
+++ b/scripts/Dpkg/Source/Package/V2.pm
@@ -116,16 +116,23 @@ sub do_extract {
my $basenamerev = $self->get_basename(1);
my ($tarfile, $debianfile, %addonfile, %seen);
+ my ($tarsign, %addonsign);
my $re_ext = compression_get_file_extension_regex();
foreach my $file ($self->get_files()) {
- (my $uncompressed = $file) =~ s/\.$re_ext$//;
- error(_g('duplicate files in %s source package: %s.*'), 'v2.0',
+ my $uncompressed = $file;
+ $uncompressed =~ s/\.$re_ext$/.*/;
+ $uncompressed =~ s/\.$re_ext\.asc$/.*.asc/;
+ error(_g('duplicate files in %s source package: %s'), 'v2.0',
$uncompressed) if $seen{$uncompressed};
$seen{$uncompressed} = 1;
if ($file =~ /^\Q$basename\E\.orig\.tar\.$re_ext$/) {
$tarfile = $file;
+ } elsif ($file =~ /^\Q$basename\E\.orig\.tar\.$re_ext\.asc$/) {
+ $tarsign = $file;
} elsif ($file =~ /^\Q$basename\E\.orig-([[:alnum:]-]+)\.tar\.$re_ext$/) {
$addonfile{$1} = $file;
+ } elsif ($file =~ /^\Q$basename\E\.orig-([[:alnum:]-]+)\.tar\.$re_ext\.asc$/) {
+ $addonsign{$1} = $file;
} elsif ($file =~ /^\Q$basenamerev\E\.debian\.tar\.$re_ext$/) {
$debianfile = $file;
} else {
@@ -134,6 +141,15 @@ sub do_extract {
}
}
+ if ($tarsign and $tarfile ne substr $tarsign, 0, -4) {
+ error(_g('upstream orig.tar signature for another orig.tar'));
+ }
+ foreach my $name (keys %addonsign) {
+ error(_g('upstream addon orig.tar signature for inexistent orig.tar'))
+ if not exists $addonfile{$name} or
+ $addonfile{$name} ne substr $addonsign{$name}, 0, -4;
+ }
+
unless ($tarfile and $debianfile) {
error(_g('missing orig.tar or debian.tar file in v2.0 source package'));
}
