diff options
Diffstat (limited to 'abuild-sign.in')
| -rw-r--r-- | abuild-sign.in | 88 |
1 files changed, 0 insertions, 88 deletions
diff --git a/abuild-sign.in b/abuild-sign.in deleted file mode 100644 index aea651f..0000000 --- a/abuild-sign.in +++ /dev/null @@ -1,88 +0,0 @@ -#!/bin/sh - -# sign indexes -# Copyright (c) 2009 Natanael Copa <ncopa@alpinelinux.org> -# -# Distributed under GPL-2 -# -# Depends on: busybox utilities, fakeroot, -# - -abuild_ver=@VERSION@ -sysconfdir=@sysconfdir@ - -abuild_conf=${ABUILD_CONF:-"$sysconfdir/abuild.conf"} -abuild_home=${ABUILD_USERDIR:-"$HOME/.abuild"} -abuild_userconf=${ABUILD_USERCONF:-"$abuild_home/abuild.conf"} - -die() { - echo "$@" >&2 - exit 1 -} - -usage() { - echo "abuild-sign $abuild_ver" - echo "usage: abuild-sign [-hq] [-k PRIVKEY] [-p PUBKEY] INDEXFILE..." - echo "options:" - echo " -h Show this help" - echo " -k The private key to use for signing" - echo " -p The name of public key. apk add will look for /etc/apk/keys/PUBKEY" - exit 1 -} - -# read config -[ -f "$abuild_conf" ] && . "$abuild_conf" - -# read user config if exists -[ -f "$abuild_userconf" ] && . "$abuild_userconf" - -privkey="$PACKAGER_PRIVKEY" - -while getopts "hk:p:q" opt; do - case $opt in - h) usage;; - k) privkey=$OPTARG;; - p) pubkey=$OPTARG;; - q) quiet=yes;; - esac -done -shift $(( $OPTIND - 1)) - -if [ -z "$privkey" ]; then - echo "No private key found. Use 'abuild-keygen' to generate the keys" - echo "Then you can either:" - echo " 1. set the PACKAGER_PRIVKEY in $abuild_userconf" - echo " (Note that 'abuild-keygen -a' does this for you)" - echo " 2. set the PACKAGER_PRIVKEY in $abuild_conf" - echo " 3. specify the key with the -k option" - echo "" - exit 1 -fi - -if [ -z "$pubkey" ]; then - pubkey=${PACKAGER_PUBKEY:-"${privkey}.pub"} -fi - -# we are actually only interested in the name, not the file itself -keyname=${pubkey##*/} - -for f in "$@"; do - i=$(readlink -f $f) - [ -d "$i" ] && i="$i/APKINDEX.tar.gz" - repo="${i%/*}" - cd "$repo" || die "Failed to sign $i" - sig=".SIGN.RSA.$keyname" - openssl dgst -sha1 -sign "$privkey" -out "$sig" "$i" || die "Failed to sign $i" - tmptargz=$(mktemp) - tar -c "$sig" | abuild-tar --cut | gzip -9 > "$tmptargz" - tmpsigned=$(mktemp) - cat "$tmptargz" "$i" > "$tmpsigned" - rm -f "$tmptargz" "$sig" - mv "$tmpsigned" "$i" - chmod 644 "$i" - if [ -z "$quiet" ]; then - echo "Signed $i" - fi -done - -exit 0 |