@@ -27,11 +27,10 @@ source "$LIBRARY/util/message.sh"
create_signature() {
if [[ $SIGNPKG != 'y' ]]; then
- return
+ return 0
fi
local ret=0
local filename="$1"
- msg "$(gettext "Signing package...")"
local SIGNWITHKEY=""
if [[ -n $GPGKEY ]]; then
@@ -42,8 +41,37 @@ create_signature() {
if (( ! ret )); then
- msg2 "$(gettext "Created signature file %s.")" "$filename.sig"
+ msg2 "$(gettext "Created signature file %s.")" "${filename##*/}.sig"
else
warning "$(gettext "Failed to sign package file.")"
fi
+
+ return $ret
+}
+
+create_package_signatures() {
+ local pkgarch pkg_file
+ local pkgname_backup=("${pkgname[@]}")
+ local fullver=$(get_full_version)
+
+ msg "$(gettext "Signing package(s)...")"
+
+ for pkgname in ${pkgname_backup[@]}; do
+ pkgarch=$(get_pkg_arch $pkgname)
+ pkg_file="$PKGDEST/${pkgname}-${fullver}-${pkgarch}${PKGEXT}"
+
+ create_signature "$pkg_file"
+ done
+
+ # check if debug package needs a signature
+ if ! check_option "debug" "y" || ! check_option "strip" "y"; then
+ return
+ fi
+
+ pkgname=$pkgbase-@DEBUGSUFFIX@
+ pkgarch=$(get_pkg_arch)
+ pkg_file="$PKGDEST/${pkgname}-${fullver}-${pkgarch}${PKGEXT}"
+ create_signature "$pkg_file"
+
+ pkgname=("${pkgname_backup[@]}")
}
@@ -769,8 +769,6 @@ create_package() {
error "$(gettext "Failed to create package file.")"
exit 1 # TODO: error code
fi
-
- create_signature "$pkg_file"
}
create_debug_package() {
@@ -868,8 +866,6 @@ create_srcpackage() {
exit 1 # TODO: error code
fi
- create_signature "$pkg_file"
-
cd_safe "${startdir}"
rm -rf "${srclinks}"
}
@@ -1625,6 +1621,9 @@ if (( SOURCEONLY )); then
enter_fakeroot
+ msg "$(gettext "Signing package...")"
+ create_signature "$SRCPKGDEST/${pkgbase}-${fullver}${SRCEXT}"
+
msg "$(gettext "Source package created: %s")" "$pkgbase ($(date))"
exit 0
fi
@@ -1716,6 +1715,8 @@ else
fi
enter_fakeroot
+
+ create_package_signatures
fi
# if inhibiting archive creation, go no further
With recent version of gpg, signing within fakeroot works on the first invocation, but fails on later runs. Sign all packages outside of fakeroot to avoid this issue. Fixes FS#49946. Signed-off-by: Allan McRae <allan@archlinux.org> --- .../libmakepkg/integrity/generate_signature.sh.in | 34 ++++++++++++++++++++-- scripts/makepkg.sh.in | 9 +++--- 2 files changed, 36 insertions(+), 7 deletions(-)