commit: 1a62482d3f17bd4411b6d53f7446719a73db6449
Author: Kerin Millar <kfm <AT> plushkava <DOT> net>
AuthorDate: Sun Jun 22 03:56:23 2025 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Sun Jun 22 10:57:00 2025 +0000
URL: https://gitweb.gentoo.org/proj/portage.git/commit/?id=1a62482d
emerge-webrsync: reduce the number of arguments required by several functions
Reduce the number of arguments required to just one for all of the
following functions.
- check_file_digest()
- check_file_signature_gemato()
- check_file_signature_gpg
- gpg_verify()
This is achieved by refraining from conveying strings that are easily
composed at the point that they are required. For example, the
check_file_digest() function can compose the name of the digest file by
appending ".md5sum" to the value of the 'file' variable.
Signed-off-by: Kerin Millar <kfm <AT> plushkava.net>
Signed-off-by: Sam James <sam <AT> gentoo.org>
bin/emerge-webrsync | 29 +++++++++++++++--------------
1 file changed, 15 insertions(+), 14 deletions(-)
diff --git a/bin/emerge-webrsync b/bin/emerge-webrsync
index 5dbef3c398..2717bf8e39 100755
--- a/bin/emerge-webrsync
+++ b/bin/emerge-webrsync
@@ -230,9 +230,10 @@ fetch_file() {
}
check_file_digest() {
- local digest=$1 file=$2
- local expected_md5 md5
+ local file=$1
+ local expected_md5 digest md5
+ digest="${file}.md5sum"
einfo "Checking digest ..."
if ! read -r expected_md5 _ < "${digest}"; then
@@ -259,7 +260,7 @@ md5sum_hex() {
}
check_file_signature_gemato() {
- local signature=$1 file=$2
+ local file=$1
local -a gemato_args
local key
@@ -283,11 +284,11 @@ check_file_signature_gemato() {
(( opt[quiet] )) && gemato_args+=( --quiet )
(( opt[debug] )) && gemato_args+=( --debug )
- gemato "${gemato_args[@]}" -- "${signature}" "${file}"
+ gemato "${gemato_args[@]}" -- "${file}"{".gpgsig",}
}
check_file_signature_gpg() {
- local signature=$1 file=$2
+ local file=$1
local fingerprint key
assign_key
@@ -311,7 +312,7 @@ check_file_signature_gpg() {
die "gpgdir is not writable: ${GNUPGHOME}"
fi
- gpg_verify "${signature}" "${file}"
+ gpg_verify "${file}"
}
assign_key() {
@@ -344,22 +345,22 @@ gpg_fingerprint() {
}
gpg_verify() {
- local signature=$1 file=$2
+ local file=$1
local output token
#
https://www.gnupg.org/documentation/manuals/gnupg/Automated-signature-checking.html
- output=$(gpg --batch --status-fd 1 --verify -- "${signature}"
"${file}") || return
+ output=$(gpg --batch --status-fd 1 --verify -- "${file}"{".gpgsig",})
|| return
for token in GOODSIG VALIDSIG TRUST_ULTIMATE; do
[[ $'\n'${output} == *$'\n[GNUPG:] '"${token} "* ]] || return
done
}
check_file_signature() {
- local signature=$1 file=$2
+ local file=$1
if [[ ${verification_method} ]]; then
einfo "Checking signature with ${verification_method} ..."
- "check_file_signature_${verification_method}" "${signature}"
"${file}"
+ "check_file_signature_${verification_method}" "${file}"
fi || {
# Exit early since it's typically inappropriate to try other
# mirrors in this case (it may indicate a keyring problem).
@@ -475,8 +476,8 @@ do_snapshot() {
signature="${file}.gpgsig"
if [[ -s "${DISTDIR}/${file}" && -s
"${DISTDIR}/${digest}" && -s "${DISTDIR}/${signature}" ]] ; then
- check_file_digest "${DISTDIR}/${digest}"
"${DISTDIR}/${file}" \
- && check_file_signature
"${DISTDIR}/${signature}" "${DISTDIR}/${file}" \
+ check_file_digest "${DISTDIR}/${file}" \
+ && check_file_signature "${DISTDIR}/${file}" \
&& have_files=1
fi
@@ -484,8 +485,8 @@ do_snapshot() {
fetch_file "${mirror}/snapshots/${digest}"
"${digest}" \
&& fetch_file
"${mirror}/snapshots/${signature}" "${signature}" \
&& fetch_file "${mirror}/snapshots/${file}"
"${file}" \
- && check_file_digest "${DISTDIR}/${digest}"
"${DISTDIR}/${file}" \
- && check_file_signature
"${DISTDIR}/${signature}" "${DISTDIR}/${file}" \
+ && check_file_digest "${DISTDIR}/${file}" \
+ && check_file_signature "${DISTDIR}/${file}" \
&& have_files=1
fi
