]> err.no Git - dak/commitdiff
And also catch double-sign-edit-failure-sign-whatever files
authorJoerg Jaspert <joerg@debian.org>
Sat, 3 Mar 2012 17:34:18 +0000 (18:34 +0100)
committerJoerg Jaspert <joerg@debian.org>
Sat, 3 Mar 2012 17:34:18 +0000 (18:34 +0100)
Signed-off-by: Joerg Jaspert <joerg@debian.org>
scripts/debian/buildd-add-keys

index 61cd154c27127fea3a9b3869f8693bb7528ff5a6..619a514f07458d432b418700574784f4774bdf8e 100755 (executable)
@@ -176,7 +176,17 @@ for file in ${KEYS}; do
 
     TEMPKEYDATA=$(mktemp -p "${TMPDIR}" BDKEYS.XXXXXX)
 
-    gpg ${DEFGPGOPT} --with-colons "${GPGOUTF}" > "${TEMPKEYDATA}"
+    # We also need to ensure this works, otherwise manually mangled files can break us here
+    if ! gpg ${DEFGPGOPT} --with-colons "${GPGOUTF}" > "${TEMPKEYDATA}"; then
+        log "For some reason we could validate the sig but failed on getting key details"
+        DATE=$(date -Is)
+        mv "${INCOMING}/${file}" "${ERRORS}/badsig.${file}.${DATE}"
+        mv "${GPGSTATUS}" "${ERRORS}/badsig.${file}.gpgstatus.${DATE}"
+        mv "${GPGLOGS}" "${ERRORS}/badsig.${file}.gpglogs.${DATE}"
+        rm -f "${GPGOUTF}"
+        rm -f "${TMPKEYDATA}"
+        continue
+    fi
 
     # Read in the TEMPKEYDATAFILE, but avoid using a subshell like a
     # while read line otherwise would do