Package: debarchiver
Version: 0.3.2
Tags: patch
Followup-For: Bug #317472
Here is a patch implementing signed Release support. The Release files
are generated (with apt-ftparchive release) unconditionally, and are
signed if $gpgkey is set in the configuration.
This code can be considerably simplified if my patch to apt-ftparchive
to generate Release files at the same time as the indexes is ever
accepted (Bug #262204), but this should do for the time being.
-- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.4.30
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) (ignored: LC_ALL set to C)
Versions of packages debarchiver depends on:
ii adduser 3.66 Add and remove users and groups
ii apt-utils 0.5.28.6 APT utility programs
ii dpkg-dev 1.13.10 Package building tools for Debian
ii opalmod 0.1.13 A set of Perl modules for various
debarchiver recommends no packages.
-- no debconf information
diff -rupN debarchiver-0.3.2.save/debian/control
debarchiver-0.3.2/debian/control
--- debarchiver-0.3.2.save/debian/control 2005-02-27 06:53:10.000000000
-0800
+++ debarchiver-0.3.2/debian/control 2005-08-20 12:40:32.000000000 -0700
@@ -8,7 +8,7 @@ Standards-Version: 3.6.1
Package: debarchiver
Architecture: all
Depends: opalmod (>= 0.1.10), apt-utils | dpkg-dev, adduser
-Suggests: devscripts
+Suggests: devscripts, gnupg
Description: Tool to handle debian package archives
This tool can create a potato like file structure that dselect,
apt-get and similar tools can use for easier installation.
diff -rupN debarchiver-0.3.2.save/src/debarchiver.pl
debarchiver-0.3.2/src/debarchiver.pl
--- debarchiver-0.3.2.save/src/debarchiver.pl 2005-07-04 09:03:36.000000000
-0700
+++ debarchiver-0.3.2/src/debarchiver.pl 2005-08-20 12:41:53.000000000
-0700
@@ -271,6 +271,7 @@ will be parsed. Here you can change the
\%release Additional information to add to generated Release
files. Supported keys are origin, label, and
description.
+ \$gpgkey GnuPG key to use to sign the archive.
";
###############################################################################
@@ -895,6 +896,62 @@ sub generateIndexConfig() {
}
###############################################################################
+# Name: handleRelease
+# Description: Handles creation of Release files via apt-ftparchive.
+# Arguments: Path to the directory to generate Release for
+# Archive suite this Release file is for
+# Reference to array of sections
+# Reference to array of architectures
+# Uses: %distmapping, %release, $gpgkey
+# Changelog:
+# 2005-08-20 Russ Allbery <[EMAIL PROTECTED]>
+# Written.
+###############################################################################
+
+sub generateRelease([EMAIL PROTECTED]@) {
+ my ($path, $suite, $dsections, $darches) = @_;
+ my $codename = $distmapping{$suite} || $suite;
+
+ # Judging from the Release file in the Debian archive, "all" and "source"
+ # shouldn't be included.
+ my @arches = grep { $_ ne 'all' && $_ ne 'source' } @$darches;
+
+ # We can't use the same config as generate, since release wants the
+ # variables set in a different place.
+ my $configpath = "$path/.apt-ftparchive.conf";
+ action(! open(CONF, "> $configpath"),
+ "Create apt-ftparchive Release config for $path", 2);
+ my $prefix = 'APT::FTPArchive::Release';
+ print CONF "${prefix}::Origin \"$release{origin}\";\n"
+ if defined $release{origin};
+ print CONF "${prefix}::Label \"$release{label}\";\n"
+ if defined $release{label};
+ print CONF "${prefix}::Description \"$release{description}\";\n"
+ if defined $release{description};
+ print CONF "${prefix}::Suite \"$suite\";\n";
+ print CONF "${prefix}::Codename \"$codename\";\n";
+ print CONF "${prefix}::Architectures \"", join (' ', @arches), "\";\n";
+ print CONF "${prefix}::Components \"", join (' ', @$dsections), "\";\n";
+ close CONF;
+
+ # Do the generation and optional signing.
+ unlink("$path/Release");
+ cmdaction("apt-ftparchive -c $configpath release $path > Release",
+ "Generate Release file for $path",
+ 3);
+ cmdaction("mv Release $path/Release",
+ "Put Release for $path in the right location",
+ 3);
+ if ($gpgkey) {
+ cmdaction("gpg -a -b -s -u '$gpgkey' -o $path/Release.gpg"
+ . " $path/Release",
+ "Signing Release file for $path",
+ 3);
+ }
+ unlink("$configpath");
+}
+
+###############################################################################
# Name: handleIndex
# Description: Handles the indexing via apt-ftparchive.
# Uses: %dests, $destdir
@@ -908,6 +965,8 @@ sub generateIndexConfig() {
# Modified to add bzip2 support and handle contents-all in a proper way.
# 2005-05-02 Ola Lundqvist <[EMAIL PROTECTED]>
# Bugfix for bzip2 support.
+# 2005-08-20 Russ Allbery <[EMAIL PROTECTED]>
+# Call generateRelease for Release file support (optionally signed).
###############################################################################
sub handleIndex() {
@@ -981,6 +1040,9 @@ sub handleIndex() {
unlink("$d/$s/binary-all/Packages", "$d/$s/binary-all/Packages.gz",
"$d/$s/binary-all/Packages.bz2");
}
+
+ # This has to be done after we integrate the Packages files.
+ generateRelease($d, $d, @dsections, @darches);
}
&destinationRelease();
@@ -2089,6 +2151,12 @@ An array of strings that should be maile
Additional information to add to generated Release files. Supported keys are
origin, label, and description.
+=item B<$gpgkey>
+
+GnuPG key to use to sign the archive. If this variable is set, the Release
file for each changed section of the archive will be signed with GnuPG using
$gpgkey as the key ID. Unless you use a key that has no passphrase, you will
need to run B<debarchiver> interactively when using this option so that you can
supply the passphrase.
+
+=back
+
=head1 PACKAGE INDEXING
There are two ways to generate the indexes that B<apt-get> relies on.
