]> git.decadent.org.uk Git - dak.git/commitdiff
projects / dak.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 42ec114)
Use SHA256 for signatures.
authorAnsgar Burchardt <ansgar@debian.org>
Sat, 12 Oct 2013 12:00:32 +0000 (14:00 +0200)
committerAnsgar Burchardt <ansgar@debian.org>
Sat, 12 Oct 2013 12:01:23 +0000 (14:01 +0200)
As dak passes --no-options to gpg, setting preferences in gpg.conf does
not help.

Bug: http://bugs.debian.org/612657

dak/generate_releases.py patch | blob | history

diff --git a/dak/generate_releases.py b/dak/generate_releases.py
index a86c33ce33090def79074f93bbd80135030f0f43..e483e6c22bba3f977e96d3491bffa302fce10dbc 100755 (executable)
--- a/dak/generate_releases.py
+++ b/dak/generate_releases.py
@@ -83,7 +83,7 @@ def sign_release_dir(suite, dirname):
         if cnf.has_key("Dinstall::SigningPubKeyring"):
             keyring += " --keyring \"%s\"" % cnf["Dinstall::SigningPubKeyring"]
 
-        arguments = "--no-options --batch --no-tty --armour"
+        arguments = "--no-options --batch --no-tty --armour --personal-digest-preferences=SHA256"
 
         relname = os.path.join(dirname, 'Release')
 
dak changes to support and test code signing