From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id CAEF6158046 for ; Sat, 12 Oct 2024 18:57:47 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 8EA552BC033; Sat, 12 Oct 2024 18:57:11 +0000 (UTC) Received: from smtp.gentoo.org (woodpecker.gentoo.org [140.211.166.183]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id D69B72BC030 for ; Sat, 12 Oct 2024 18:57:10 +0000 (UTC) From: =?UTF-8?q?Micha=C5=82=20G=C3=B3rny?= To: gentoo-dev@lists.gentoo.org Cc: =?UTF-8?q?Micha=C5=82=20G=C3=B3rny?= Subject: [gentoo-dev] [PATCH 2/5] verify-sig.eclass: Refactor code to use extra_args for all types Date: Sat, 12 Oct 2024 20:52:03 +0200 Message-ID: <20241012185704.771370-3-mgorny@gentoo.org> X-Mailer: git-send-email 2.47.0 In-Reply-To: <20241012185704.771370-1-mgorny@gentoo.org> References: <20241012185704.771370-1-mgorny@gentoo.org> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Archives-Salt: 4003c3ff-5ac4-4a64-862c-69367b2b23a2 X-Archives-Hash: 2b743be2e32950d8b20b9b066301d093 Signed-off-by: Michał Górny --- eclass/verify-sig.eclass | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/eclass/verify-sig.eclass b/eclass/verify-sig.eclass index b74ed78290aa..d601c7838a00 100644 --- a/eclass/verify-sig.eclass +++ b/eclass/verify-sig.eclass @@ -132,7 +132,6 @@ verify-sig_verify_detached() { fi local extra_args=() - [[ ${VERIFY_SIG_OPENPGP_KEY_REFRESH} == yes ]] || extra_args+=( -R ) if [[ -n ${VERIFY_SIG_OPENPGP_KEYSERVER+1} ]]; then [[ ${VERIFY_SIG_METHOD} == openpgp ]] || die "${FUNCNAME}: VERIFY_SIG_OPENPGP_KEYSERVER is not supported" @@ -152,10 +151,15 @@ verify-sig_verify_detached() { einfo "Verifying ${filename} ..." case ${VERIFY_SIG_METHOD} in minisig) - minisign -V -P "$(<"${key}")" -x "${sig}" -m "${file}" || + minisign "${extra_args[@]}" \ + -V -P "$(<"${key}")" -x "${sig}" -m "${file}" || die "minisig signature verification failed" ;; openpgp) + if [[ ${VERIFY_SIG_OPENPGP_KEY_REFRESH} != yes ]]; then + extra_args+=( -R ) + fi + # gpg can't handle very long TMPDIR # https://bugs.gentoo.org/854492 local -x TMPDIR=/tmp @@ -165,7 +169,8 @@ verify-sig_verify_detached() { die "PGP signature verification failed" ;; signify) - signify -V -p "${key}" -m "${file}" -x "${sig}" || + signify "${extra_args[@]}" \ + -V -p "${key}" -m "${file}" -x "${sig}" || die "Signify signature verification failed" ;; esac -- 2.47.0