Hi!
On Thu, 2024-03-14 at 14:55:36 -0400, Daniel Kahn Gillmor wrote:
> Package: devscripts
> Version: 2.23.7
> Tags: patch
> debsign currently tries to determine the version of gpg by parsing the
> human-readable output of `gpg --version`.
[…]
> The attached patch converts debsign to use the machine-parseable format,
> rather than the human-readable format.
I was just modifying this code for another report I'm about to file,
and instead wondered why have it at all! I'm proposing simply removing
the backwards compat code given that even in oldstable gnugp1 is
already at verison 1.4.23. See attached patch.
Thanks,
Guillem
From a9601103ca8deb4aeaaca04b8f42272ced6fde27 Mon Sep 17 00:00:00 2001
From: Guillem Jover <guil...@debian.org>
Date: Sat, 27 Apr 2024 23:06:39 +0200
Subject: [PATCH] debsign: Remove compatibility code for ancient GnuPG
The code is trying to handle GnuPG versions older than 1.4, where
the oldest GnuPG version available in Debian via the gnupg1 package
is 1.4.23 since oldstable. So there is no much point in trying to
support even older versions.
Remove the code to simplify things.
---
scripts/debsign.sh | 37 ++++++++++---------------------------
1 file changed, 10 insertions(+), 27 deletions(-)
diff --git a/scripts/debsign.sh b/scripts/debsign.sh
index 15b0dfc2..2ddb8b11 100755
--- a/scripts/debsign.sh
+++ b/scripts/debsign.sh
@@ -170,33 +170,16 @@ signfile() {
ASCII_SIGNED_FILE="${UNSIGNED_FILE}.asc"
(cat "$file" ; echo "") > "$UNSIGNED_FILE"
- gpgversion=$($signcommand --version | head -n 1 | cut -d' ' -f3)
- gpgmajorversion=$(echo $gpgversion | cut -d. -f1)
- gpgminorversion=$(echo $gpgversion | cut -d. -f2)
-
- if [ $gpgmajorversion -gt 1 -o $gpgminorversion -ge 4 ]
- then
- $signcommand --no-auto-check-trustdb \
- --local-user "$signas" --clearsign \
- --list-options no-show-policy-urls \
- --armor --textmode --output "$ASCII_SIGNED_FILE"\
- "$UNSIGNED_FILE" || \
- { SAVESTAT=$?
- echo "$PROGNAME: $signcommand error occurred! Aborting...." >&2
- stty $savestty 2>/dev/null || true
- exit $SAVESTAT
- }
- else
- $signcommand --local-user "$signas" --clearsign \
- --no-show-policy-url \
- --armor --textmode --output "$ASCII_SIGNED_FILE" \
- "$UNSIGNED_FILE" || \
- { SAVESTAT=$?
- echo "$PROGNAME: $signcommand error occurred! Aborting...." >&2
- stty $savestty 2>/dev/null || true
- exit $SAVESTAT
- }
- fi
+ $signcommand --no-auto-check-trustdb \
+ --local-user "$signas" --clearsign \
+ --list-options no-show-policy-urls \
+ --armor --textmode --output "$ASCII_SIGNED_FILE"\
+ "$UNSIGNED_FILE" || \
+ { SAVESTAT=$?
+ echo "$PROGNAME: $signcommand error occurred! Aborting...." >&2
+ stty $savestty 2>/dev/null || true
+ exit $SAVESTAT
+ }
stty $savestty 2>/dev/null || true
echo
PRECIOUS_FILES=$(($PRECIOUS_FILES + 1))
--
2.43.0
