From: Paul Spooren Date: Thu, 14 Nov 2019 07:55:30 +0000 (-1000) Subject: scripts: signall.sh store usign.key as usign.sec X-Git-Tag: v1~66 X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=e3c7a98974fe3c29091061acad5758918e832928;p=buildbot.git scripts: signall.sh store usign.key as usign.sec The signall.sh script signs all files inside a tar via GPG and signify-openbsd (similar to usign)e and attaches the signatures to the same archive. Using more recent versions of signify-openbsd requires a specific naming schema for keys, private ending with .sec and public with .pub. This was introduced at 763e1148f68f03cb2fa85d022500acf8c66af222[0]. This patch renames the stored key as usign.sec instead of usign.key. As of the temporary nature of the key storing, this very unlikely breaks any existing setups. [0]: https://github.com/openbsd/src/commit/763e1148f68f03cb2fa85d022500acf8c66af222 Signed-off-by: Paul Spooren [adjusted commit subject] Signed-off-by: Jo-Philipp Wich --- diff --git a/scripts/signall.sh b/scripts/signall.sh index 269375f..8f39500 100755 --- a/scripts/signall.sh +++ b/scripts/signall.sh @@ -84,11 +84,11 @@ if [ -n "$USIGNKEY" ]; then fi umask 077 - printf "untrusted comment: %s\n%s\n" "${USIGNCOMMENT:-key ID $USIGNID}" "$USIGNKEY" > "$tmpdir/usign.key" + printf "untrusted comment: %s\n%s\n" "${USIGNCOMMENT:-key ID $USIGNID}" "$USIGNKEY" > "$tmpdir/usign.sec" umask 022 find "$tmpdir/tar/" -type f -not -name "*.asc" -and -not -name "*.sig" -exec \ - signify-openbsd -S -s "$(readlink -f "$tmpdir/usign.key")" -m "{}" \; || finish 5 + signify-openbsd -S -s "$(readlink -f "$tmpdir/usign.sec")" -m "{}" \; || finish 5 fi tar -C "$tmpdir/tar/" -czf "$tarball" . || finish 6