texlive[67098] Master/tlpkg/bin: tlgpg: for gnupg 2.2.x (Alma Linux

commits+karl at tug.org commits+karl at tug.org
Sun May 14 00:06:15 CEST 2023 

Revision: 67098
          http://tug.org/svn/texlive?view=revision&revision=67098
Author:   karl
Date:     2023-05-14 00:06:14 +0200 (Sun, 14 May 2023)
Log Message:
-----------
tlgpg: for gnupg 2.2.x (Alma Linux 8, new server), apparently
more options (--no-tty --yes --pinentry-mode loopback)
are needed for unattended signing.
tlgpg-verify: for gnupg 2.2.x, apparently both the .asc and data file
must be given.

Modified Paths:
--------------
    trunk/Master/tlpkg/bin/tlgpg
    trunk/Master/tlpkg/bin/tlgpg-verify

Modified: trunk/Master/tlpkg/bin/tlgpg
===================================================================
--- trunk/Master/tlpkg/bin/tlgpg	2023-05-13 20:29:43 UTC (rev 67097)
+++ trunk/Master/tlpkg/bin/tlgpg	2023-05-13 22:06:14 UTC (rev 67098)
@@ -9,8 +9,10 @@
   exit 1
 fi
 
+# --no-tty --yes --pinentry... needed for gpg 2.2.20 (Alma Linux 8).
 gpg_prog=gpg
-gpg_opts="--batch --homedir /home/texlive/.gnupg  \
+gpg_opts="--batch --no-tty --yes --pinentry-mode loopback \
+  --homedir /home/texlive/.gnupg  \
   --passphrase-file /home/texlive/.gnupg/passphrase \
   --local-user 0x06BAB6BC "
 

Modified: trunk/Master/tlpkg/bin/tlgpg-verify
===================================================================
--- trunk/Master/tlpkg/bin/tlgpg-verify	2023-05-13 20:29:43 UTC (rev 67097)
+++ trunk/Master/tlpkg/bin/tlgpg-verify	2023-05-13 22:06:14 UTC (rev 67098)
@@ -11,8 +11,10 @@
 fi
 
 if echo "$1" | grep '\.asc$' >/dev/null; then
+  data_file=`echo "$1" | sed 's/\.asc$//'`
   asc_file=$1
 else
+  data_file=$1
   asc_file=$1.asc
 fi
 
@@ -30,7 +32,8 @@
 
 # gpg exit status is zero with expired keys,
 # but we want to fail in that case.
-if $verify_cmd "$asc_file" >$verify_out 2>&1; then
+# As of gpg 2.2, apparently both asc and data files must be given.
+if $verify_cmd "$asc_file" "$data_file" >$verify_out 2>&1; then
   if grep EXPKEYSIG $status_out >/dev/null; then
     err="expired key"
   elif grep REVKEYSIG $status_out >/dev/null; then
@@ -47,7 +50,7 @@
   echo "$0: moving $asc_file to $asc_file.badv." >&2
   mv "$asc_file" "$asc_file".badv || exit 1
   echo "$0: gpg verify command was:" >&2
-  echo "$0:   $verify_cmd" "$1" >&2
+  echo "$0:   $verify_cmd" "$asc_file" "$data_file" >&2
   echo "$0: GPG STATUS FILE OUTPUT:" >&2
   cat $status_out >&2
   echo "$0: GPG STDOUT/STDERR:" >&2

More information about the tex-live-commits mailing list.