From b96798dc2a32f506bb4bb42ece5dc94f887fd08d Mon Sep 17 00:00:00 2001 From: unknown Date: Fri, 20 Apr 2012 12:42:28 -0500 Subject: [PATCH] Import version as of 2012-04-20 for build-keyring.pl --- build-keyring.pl | 47 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) create mode 100755 build-keyring.pl diff --git a/build-keyring.pl b/build-keyring.pl new file mode 100755 index 0000000..b192ce7 --- /dev/null +++ b/build-keyring.pl @@ -0,0 +1,47 @@ +#!/usr/bin/perl -w +# Version 2005-01-11 +# +# This file is free software; as a special exception the author gives +# unlimited permission to copy and/or distribute it, with or without +# modifications, as long as this notice is preserved. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY, to the extent permitted by law; without even the +# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +# +# This script will combine any pubring.gpg/oldring.gpg files found in the packages +# directories into a global public keyring, which can then be used to verify all +# packages on the ftp server. +# +# Written by Ward Vandewege (ward@gnu.org), 2005-01-11 + +use strict; + +my $PACKAGES = './packages'; +my $RING = './pub.ring'; +my $DEBUG = 0; +my $EXPIRED_KEYRING = "/home/gatekpr/expired-gnu-keys.gpg"; + +opendir(DIR, $PACKAGES) || die "can't opendir $PACKAGES: $!"; +my @subdirs = grep { !/^\./ && -d "$PACKAGES/$_" } readdir(DIR); +closedir DIR; + +foreach my $subdir (@subdirs) { + print "subdir : $subdir\n" if ($DEBUG); + opendir(DIR, "$PACKAGES/$subdir") || die "can't opendir $PACKAGES/$subdir: $!"; + my @keyrings = grep { /(oldring|pubring)\.gpg$/ && -f "$PACKAGES/$subdir/$_" } readdir(DIR); + closedir DIR; + foreach (@keyrings) { + print "keyring : $_\n" if ($DEBUG); + my $dummy = system("gpg --no-default-keyring --keyring $RING --import $PACKAGES/$subdir/$_ >> /dev/null 2>&1"); + } +} + +# baughj, 2006.04.05 +# RT #283343 - We want to keep old keys around in the big GNU keyring so that +# we don't have signatures on the FTP site that are unverifiable because a key +# was expired / changed. + +my $dummy2 = system("gpg --no-default-keyring --keyring $RING --import $EXPIRED_KEYRING >> /dev/null 2>&1"); + + -- 2.25.1