Dpkg::Source::Package: Honor require_valid_signature option

We need to pass this option forward to the verify_signature() calls,
otherwise we use the default.

Fixes: commit 139dfc4c78593d995610c0aa180300a9a7dd94ac
Fixes: commit 3821f024d92aabf24a333025c1c1956d8a45e718

1 files changed, 12 insertions, 4 deletions

diff --git a/scripts/Dpkg/Source/Package.pm b/scripts/Dpkg/Source/Package.pm
index 337000cb8..3e7f40ebb 100644
--- a/scripts/Dpkg/Source/Package.pm
+++ b/scripts/Dpkg/Source/Package.pm
@@ -417,10 +417,14 @@ sub check_original_tarball_signature {
 
     my $keyring = File::Temp->new(UNLINK => 1, SUFFIX => '.gpg');
     Dpkg::OpenPGP::import_key($upstream_key, keyring => $keyring);
+
+    my %opts = (
+        keyrings => [ $keyring ],
+        require_valid_signature => $self->{options}{require_valid_signature},
+    );
     foreach my $asc (@asc) {
-        Dpkg::OpenPGP::verify_signature($asc,
-                                        datafile => $asc =~ s/\.asc$//r,
-                                        keyrings => [ $keyring ]);
+        $opts{datafile} = $asc =~ s/\.asc$//r;
+        Dpkg::OpenPGP::verify_signature($asc, %opts);
     }
 }
 
@@ -460,7 +464,11 @@ sub check_signature {
         }
     }
 
-    Dpkg::OpenPGP::verify_signature($dsc, keyrings => \@keyrings);
+    my %opts = (
+        keyrings => \@keyrings,
+        require_valid_signature => $self->{options}{require_valid_signature},
+    );
+    Dpkg::OpenPGP::verify_signature($dsc, %opts);
 }
 
 sub describe_cmdline_options {