Package: devscripts
Version: 2.20.5
Severity: normal
Control: block 977674 by -1
Hi,
if an unsigned changes file contains references to a signed buildinfo
file and an unsigned dsc file, then running "debsign --no-re-sign" will
sign the changes file but leave the dsc unsigned. As a result, running
dscverify on the signed changes file will produce an error.
I suspect the culprit is the following function from debsign:
maybesign_buildinfo() {
[...]
if check_already_signed "$buildinfo" "buildinfo"; then
echo "Leaving current signature unchanged." >&2
return
fi
if [ -n "$dsc" ]; then
maybesign_dsc "$signas" "$remotehost" "$dsc"
withtempfile buildinfo "$buildinfo" fixup_buildinfo "$dsc"
fi
[...]
The function maybesign_buildinfo() is responsible for handling both
buildinfo and dsc files but it immediately returns if the buildinfo was
already signed and thus the dsc never gets signed.
This is currently blocking bug #977674 in sbuild.
Thanks!
cheers, josch
