diff options
Diffstat (limited to 'SBO-Lib/lib/SBO/Lib/Repo.pm')
| -rw-r--r-- | SBO-Lib/lib/SBO/Lib/Repo.pm | 30 |
1 files changed, 22 insertions, 8 deletions
diff --git a/SBO-Lib/lib/SBO/Lib/Repo.pm b/SBO-Lib/lib/SBO/Lib/Repo.pm index 5337ea8..eaf1f2f 100644 --- a/SBO-Lib/lib/SBO/Lib/Repo.pm +++ b/SBO-Lib/lib/SBO/Lib/Repo.pm @@ -7,7 +7,7 @@ use warnings; our $VERSION = '2.7.2'; use SBO::Lib::Util qw/ %config prompt usage_error get_slack_version get_slack_version_key get_slack_version_url script_error open_fh open_read in _ERR_DOWNLOAD /; -use SBO::Lib::Cryptography qw/ has_valid_gpg_signature verify_gpg_signed_file VALID_SIGNATURE /; +use SBO::Lib::Cryptography qw/ GOODSIG NO_PUBKEY parse_gpg_output verify_gpg_signed_file /; use Cwd; use File::Copy; @@ -280,15 +280,22 @@ sub git_sbo_tree { if ($key_id) { my @output; - print("Verifying $git_ref...\n"); + print("Verifying $git_ref..."); open3(undef, undef, my $std_err = gensym, "git", $verify_cmd, "--raw", "$git_ref"); while (my $line = <$std_err>) { push(@output, $line); } close($std_err); - if (! has_valid_gpg_signature(\@output, $key_id)) { - print(STDERR "Repository GPG verification failed.\n"); + my $res = parse_gpg_output(\@output, $key_id); + if ($res eq GOODSIG) { + print("OK\n"); + } else { + print(STDERR "Repository GPG verification failed: $res."); + if ($res == NO_PUBKEY) { + print(STDERR " Did you import the GPG key?"); + } + print(STDERR "\n"); chdir $cwd; return 0; @@ -407,10 +414,16 @@ sub rsync_sbo_tree { print("GPG verification is not present for 14.0 and earlier. You should consider disabling GPG verification.") } - print("Verifying CHECKSUMS.md5...\n"); + print("Verifying CHECKSUMS.md5..."); my $res = verify_gpg_signed_file('CHECKSUMS.md5.asc', $key_id); - if ($res ne VALID_SIGNATURE) { - print(STDERR "Respository CHECKSUMS.md5 GPG verification failed.\n"); + if ($res eq GOODSIG) { + print("OK\n"); + } else { + print(STDERR "Respository CHECKSUMS.md5 GPG verification failed: $res."); + if ($res eq NO_PUBKEY) { + print(STDERR " Did you import the GPG key?"); + } + print(STDERR "\n"); chdir($cwd); return 0; @@ -418,11 +431,12 @@ sub rsync_sbo_tree { } if ( -e "CHECKSUMS.md5" ) { - print("Verifying file integrity using CHECKSUMS.md5...\n"); + print("Verifying file integrity using CHECKSUMS.md5..."); if (system('tail +13 CHECKSUMS.md5 | md5sum -c --quiet -')) { chdir($cwd); return 0; } + print("OK\n"); } return chdir($cwd); |