From 21199ee1c25538ee24cdacc0a133ac6ff3502821 Mon Sep 17 00:00:00 2001
From: Guillem Jover <guillem@debian.org>
Date: Tue, 26 Nov 2019 13:17:45 +0100
Subject: Dpkg::Source::Package: Honor require_valid_signature option

We need to pass this option forward to the verify_signature() calls,
otherwise we use the default.

Fixes: commit 139dfc4c78593d995610c0aa180300a9a7dd94ac
Fixes: commit 3821f024d92aabf24a333025c1c1956d8a45e718
---
 scripts/Dpkg/Source/Package.pm | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

(limited to 'scripts/Dpkg/Source')

diff --git a/scripts/Dpkg/Source/Package.pm b/scripts/Dpkg/Source/Package.pm
index 337000cb8..3e7f40ebb 100644
--- a/scripts/Dpkg/Source/Package.pm
+++ b/scripts/Dpkg/Source/Package.pm
@@ -417,10 +417,14 @@ sub check_original_tarball_signature {
 
     my $keyring = File::Temp->new(UNLINK => 1, SUFFIX => '.gpg');
     Dpkg::OpenPGP::import_key($upstream_key, keyring => $keyring);
+
+    my %opts = (
+        keyrings => [ $keyring ],
+        require_valid_signature => $self->{options}{require_valid_signature},
+    );
     foreach my $asc (@asc) {
-        Dpkg::OpenPGP::verify_signature($asc,
-                                        datafile => $asc =~ s/\.asc$//r,
-                                        keyrings => [ $keyring ]);
+        $opts{datafile} = $asc =~ s/\.asc$//r;
+        Dpkg::OpenPGP::verify_signature($asc, %opts);
     }
 }
 
@@ -460,7 +464,11 @@ sub check_signature {
         }
     }
 
-    Dpkg::OpenPGP::verify_signature($dsc, keyrings => \@keyrings);
+    my %opts = (
+        keyrings => \@keyrings,
+        require_valid_signature => $self->{options}{require_valid_signature},
+    );
+    Dpkg::OpenPGP::verify_signature($dsc, %opts);
 }
 
 sub describe_cmdline_options {
-- 
cgit v1.2.3