diff options
| author | Julien Cristau <jcristau@debian.org> | 2013-03-25 14:31:44 +0100 |
|---|---|---|
| committer | Julien Cristau <jcristau@debian.org> | 2013-03-25 14:31:44 +0100 |
| commit | 56cd612223507d9744224ec4d7c0aa9c06cc9985 (patch) | |
| tree | 86d817d3a388867603093612877dafb4cdf53a5c | |
| parent | 896e9210fee36312e3e8ab1c6d42ae07d0bbd223 (diff) | |
| download | debootstrap-56cd612223507d9744224ec4d7c0aa9c06cc9985.tar.gz | |
Disable InRelease support.
gpgv won't give us back the signed data, and full gpg is not available
inside d-i (closes: #703889).
| -rw-r--r-- | debian/changelog | 7 | ||||
| -rw-r--r-- | debian/control | 4 | ||||
| -rw-r--r-- | functions | 47 |
3 files changed, 22 insertions, 36 deletions
diff --git a/debian/changelog b/debian/changelog index 97d9789..8dc903e 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +debootstrap (1.0.48) UNRELEASED; urgency=low + + * Disable InRelease support. gpgv won't give us back the signed data, and + full gpg is not available inside d-i (closes: #703889). + + -- Julien Cristau <jcristau@debian.org> Mon, 25 Mar 2013 14:16:19 +0100 + debootstrap (1.0.47) unstable; urgency=low * Team upload diff --git a/debian/control b/debian/control index 41af2df..0894e08 100644 --- a/debian/control +++ b/debian/control @@ -10,8 +10,8 @@ Vcs-Git: git://git.debian.org/d-i/debootstrap.git Package: debootstrap Architecture: all -Depends: ${misc:Depends}, wget, gnupg -Recommends: ${keyring} +Depends: ${misc:Depends}, wget +Recommends: gnupg, ${keyring} Description: Bootstrap a basic Debian system debootstrap is used to create a Debian base system from scratch, without requiring the availability of dpkg or apt. It does this by @@ -503,60 +503,39 @@ download_release_sig () { local m1="$1" local reldest="$2" local relsigdest="$3" - local release_file_variant="$4" if [ -n "$KEYRING" ] && [ -z "$DISABLE_KEYRING" ]; then - if [ "$release_file_variant" != "IN" ]; then - progress 0 100 DOWNRELSIG "Downloading Release file signature" - progress_next 50 - get "$m1/dists/$SUITE/Release.gpg" "$relsigdest" nocache || - error 1 NOGETRELSIG "Failed getting release signature file %s" \ - "$m1/dists/$SUITE/Release.gpg" - progress 50 100 DOWNRELSIG "Downloading Release file signature" - fi + progress 0 100 DOWNRELSIG "Downloading Release file signature" + progress_next 50 + get "$m1/dists/$SUITE/Release.gpg" "$relsigdest" nocache || + error 1 NOGETRELSIG "Failed getting release signature file %s" \ + "$m1/dists/$SUITE/Release.gpg" + progress 50 100 DOWNRELSIG "Downloading Release file signature" info RELEASESIG "Checking Release signature" # Don't worry about the exit status from gpgv; parsing the output will # take care of that. - if [ "$release_file_variant" = "IN" ]; then - (gpgv --status-fd 1 --keyring "$KEYRING" --ignore-time-conflict \ - "$relsigdest" || true) | read_gpg_status - else - (gpgv --status-fd 1 --keyring "$KEYRING" --ignore-time-conflict \ - "$relsigdest" "$reldest" || true) | read_gpg_status - fi + (gpgv --status-fd 1 --keyring "$KEYRING" --ignore-time-conflict \ + "$relsigdest" "$reldest" || true) | read_gpg_status progress 100 100 DOWNRELSIG "Downloading Release file signature" elif [ -z "$DISABLE_KEYRING" ] && [ -n "$KEYRING_WANTED" ]; then warning KEYRING "Cannot check Release signature; keyring file not available %s" "$KEYRING_WANTED" fi - if [ "$release_file_variant" = "IN" ]; then - rm -f $reldest - gpg --output "$reldest" --decrypt --keyring "$KEYRING" --ignore-time-conflict "$relsigdest" - fi } download_release_indices () { local m1="${MIRRORS%% *}" local reldest="$TARGET/$($DLDEST rel "$SUITE" "$m1" "dists/$SUITE/Release")" - local inreldest="$TARGET/$($DLDEST rel "$SUITE" "$m1" "dists/$SUITE/InRelease")" local relsigdest - local release_file_variant="IN" progress 0 100 DOWNREL "Downloading Release file" progress_next 100 - if get "$m1/dists/$SUITE/InRelease" "$inreldest" nocache; then - extract_release_components $inreldest - relsigdest="$inreldest" - else - info RETRIEVING "Failed to retrieve InRelease" - get "$m1/dists/$SUITE/Release" "$reldest" nocache || - error 1 NOGETREL "Failed getting release file %s" "$m1/dists/$SUITE/Release" - release_file_variant="GPG" - relsigdest="$TARGET/$($DLDEST rel "$SUITE" "$m1" "dists/$SUITE/Release.gpg")" - extract_release_components $reldest - fi + get "$m1/dists/$SUITE/Release" "$reldest" nocache || + error 1 NOGETREL "Failed getting release file %s" "$m1/dists/$SUITE/Release" + relsigdest="$TARGET/$($DLDEST rel "$SUITE" "$m1" "dists/$SUITE/Release.gpg")" + extract_release_components $reldest progress 100 100 DOWNREL "Downloading Release file" - download_release_sig "$m1" "$reldest" "$relsigdest" "$release_file_variant" + download_release_sig "$m1" "$reldest" "$relsigdest" local totalpkgs=0 for c in $COMPONENTS; do |