This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2go-keyring. commit 2fd1c6c6c7a08f64ced00527c32b26d78b3bb344 Author: Mihai Moldovan <ionic@ionic.de> Date: Sun Aug 18 14:16:58 2019 +0200 Makefile: fallback to old-style keyring signature checks if the default new-style ones failed validation. --- Makefile | 24 ++++++++++++++++++++---- debian/changelog | 2 ++ 2 files changed, 22 insertions(+), 4 deletions(-) diff --git a/Makefile b/Makefile index 9707436..eb72fcf 100644 --- a/Makefile +++ b/Makefile @@ -26,19 +26,35 @@ verify-results: keyrings/x2go-maintainers-keyring.gpg keyrings/x2go-maintainers- ${GPG} ${GPG_OPTIONS} \ --keyring keyrings/x2go-maintainers-keyring.gpg --verify \ keyrings/x2go-archive-keyring.gpg.asc \ - keyrings/x2go-archive-keyring.gpg + keyrings/x2go-archive-keyring.gpg || \ + ${GPG} ${GPG_OPTIONS} \ + --keyring keyrings/x2go-maintainers-keyring.gpg --verify \ + keyrings/x2go-archive-keyring.gpg1.asc \ + keyrings/x2go-archive-keyring.gpg ${GPG} ${GPG_OPTIONS} \ --keyring keyrings/x2go-maintainers-keyring.gpg --verify \ keyrings/x2go-archive-removed-keys.gpg.asc \ - keyrings/x2go-archive-removed-keys.gpg + keyrings/x2go-archive-removed-keys.gpg || \ + ${GPG} ${GPG_OPTIONS} \ + --keyring keyrings/x2go-maintainers-keyring.gpg --verify \ + keyrings/x2go-archive-removed-keys.gpg1.asc \ + keyrings/x2go-archive-removed-keys.gpg ${GPG} ${GPG_OPTIONS} \ --keyring keyrings/x2go-maintainers-keyring.gpg --verify \ keyrings/x2go-maintainers-keyring.gpg.asc \ - keyrings/x2go-maintainers-keyring.gpg + keyrings/x2go-maintainers-keyring.gpg || \ + ${GPG} ${GPG_OPTIONS} \ + --keyring keyrings/x2go-maintainers-keyring.gpg --verify \ + keyrings/x2go-maintainers-keyring.gpg1.asc \ + keyrings/x2go-maintainers-keyring.gpg ${GPG} ${GPG_OPTIONS} \ --keyring keyrings/x2go-maintainers-keyring.gpg --verify \ keyrings/x2go-maintainers-removed-keys.gpg.asc \ - keyrings/x2go-maintainers-removed-keys.gpg + keyrings/x2go-maintainers-removed-keys.gpg || \ + ${GPG} ${GPG_OPTIONS} \ + --keyring keyrings/x2go-maintainers-keyring.gpg --verify \ + keyrings/x2go-maintainers-removed-keys.gpg1.asc \ + keyrings/x2go-maintainers-removed-keys.gpg #FIXME: Do we need to verify the created keyrings in trusted.gpg.d, too? # Maybe "just" checking that no key is added if we merge, but how… diff --git a/debian/changelog b/debian/changelog index ce27da4..ca6a51c 100644 --- a/debian/changelog +++ b/debian/changelog @@ -88,6 +88,8 @@ x2go-keyring (2019.08.04) UNRELEASED; urgency=medium difference for the x2go-maintainers keyring, but why not. * Makefile: add maintonly target for generating gpg-1.4/2.0-style keyrings. + * Makefile: fallback to old-style keyring signature checks if the default + new-style ones failed validation. * debian/control: - Change maintainer to the mailing list. - Add the old package maintainer to the Uploaders field and myself. -- Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/x2go-keyring.git