Fabre

#981021 devscripts: debsign fails to sign dsc if buildinfo was already signed #981021

Package:: devscripts

Source:: devscripts

Description:: scripts to make the life of a Debian Package maintainer easier

Submitter:: Johannes 'josch' Schauer

Date:: 2021-01-25 16:42:04 UTC

Severity:: normal

#981021#5

Date:: 2021-01-25 16:39:47 UTC

From:

To:

Hi,

if an unsigned changes file contains references to a signed buildinfo
file and an unsigned dsc file, then running "debsign --no-re-sign" will
sign the changes file but leave the dsc unsigned. As a result, running
dscverify on the signed changes file will produce an error.

I suspect the culprit is the following function from debsign:

maybesign_buildinfo() {
[...]
    if check_already_signed "$buildinfo" "buildinfo"; then
       echo "Leaving current signature unchanged." >&2
       return
    fi

    if [ -n "$dsc" ]; then
	maybesign_dsc "$signas" "$remotehost" "$dsc"
	withtempfile buildinfo "$buildinfo" fixup_buildinfo "$dsc"
    fi
[...]

The function maybesign_buildinfo() is responsible for handling both
buildinfo and dsc files but it immediately returns if the buildinfo was
already signed and thus the dsc never gets signed.

This is currently blocking bug #977674 in sbuild.

Thanks!

cheers, josch

#981021 devscripts: debsign fails to sign dsc if buildinfo was already signed #981021

Just Reply to ...

Reply to submitter ...

Send control command (Silently)

Set Architecture Tags (Silently)