X-Git-Url: https://git.decadent.org.uk/gitweb/?a=blobdiff_plain;f=scripts%2Fdebian%2Fbuildd-add-keys;h=b141cc86058cb5952139cee748d6415d9a3dc6f7;hb=e3072cd35534e3807eb6e884b06e7fdea8a81b44;hp=61cd154c27127fea3a9b3869f8693bb7528ff5a6;hpb=3a929d70fd9efac4e07dbdd7c35252a340f5b35f;p=dak.git diff --git a/scripts/debian/buildd-add-keys b/scripts/debian/buildd-add-keys index 61cd154c..b141cc86 100755 --- a/scripts/debian/buildd-add-keys +++ b/scripts/debian/buildd-add-keys @@ -176,7 +176,17 @@ for file in ${KEYS}; do TEMPKEYDATA=$(mktemp -p "${TMPDIR}" BDKEYS.XXXXXX) - gpg ${DEFGPGOPT} --with-colons "${GPGOUTF}" > "${TEMPKEYDATA}" + # We also need to ensure this works, otherwise manually mangled files can break us here + if ! gpg ${DEFGPGOPT} --with-colons "${GPGOUTF}" > "${TEMPKEYDATA}"; then + log "For some reason we could validate the sig but failed on getting key details" + DATE=$(date -Is) + mv "${INCOMING}/${file}" "${ERRORS}/badsig.${file}.${DATE}" + mv "${GPGSTATUS}" "${ERRORS}/badsig.${file}.gpgstatus.${DATE}" + mv "${GPGLOGS}" "${ERRORS}/badsig.${file}.gpglogs.${DATE}" + rm -f "${GPGOUTF}" + rm -f "${TMPKEYDATA}" + continue + fi # Read in the TEMPKEYDATAFILE, but avoid using a subshell like a # while read line otherwise would do @@ -264,8 +274,9 @@ for file in ${KEYS}; do # We need to check for the amount of keys ARCHKEYRING="${base}/${ARCH}/keyring.gpg" - KEYNO=$(gpg ${DEFGPGOPT} --keyring "${ARCHKEYRING}" --with-colons --list-keys "buildd_${ARCH}-${BUILDD}@buildd.debian.org" | grep -c '^pub:' || /bin/true ) + KEYNO=$(gpg ${DEFGPGOPT} --keyring "${ARCHKEYRING}" --with-colons --list-keys "buildd_${ARCH}-${BUILDD}@buildd.debian.org" 2>/dev/null | grep -c '^pub:' || /bin/true ) if [ ${KEYNO} -gt 2 ]; then + log "Too many keys for ${ARCH} buildd ${BUILDD}" DATE=$(date -Is) mv "${INCOMING}/${file}" "${ERRORS}/toomany.${file}.${DATE}" mv "${GPGSTATUS}" "${ERRORS}/toomany.${file}.gpgstatus.${DATE}"