summaryrefslogtreecommitdiffstats
path: root/scripts/Dpkg/OpenPGP/Backend/GnuPG.pm
diff options
context:
space:
mode:
Diffstat (limited to 'scripts/Dpkg/OpenPGP/Backend/GnuPG.pm')
-rw-r--r--scripts/Dpkg/OpenPGP/Backend/GnuPG.pm14
1 files changed, 14 insertions, 0 deletions
diff --git a/scripts/Dpkg/OpenPGP/Backend/GnuPG.pm b/scripts/Dpkg/OpenPGP/Backend/GnuPG.pm
index 6c834be..43ac1e2 100644
--- a/scripts/Dpkg/OpenPGP/Backend/GnuPG.pm
+++ b/scripts/Dpkg/OpenPGP/Backend/GnuPG.pm
@@ -34,7 +34,9 @@ use strict;
use warnings;
use POSIX qw(:sys_wait_h);
+use File::Basename;
use File::Temp;
+use File::Copy;
use MIME::Base64;
use Dpkg::ErrorHandling;
@@ -296,6 +298,18 @@ sub inline_sign {
return OPENPGP_MISSING_CMD if ! $self->has_backend_cmd();
+ my $file = basename($data);
+ my $signdir = File::Temp->newdir('dpkg-sign.XXXXXXXX', TMPDIR => 1);
+ my $signfile = "$signdir/$file";
+
+ # Make sure the file to sign ends with a newline, as GnuPG does not adhere
+ # to the OpenPGP specification (see <https://dev.gnupg.org/T7106>).
+ copy($data, $signfile);
+ open my $signfh, '>>', $signfile
+ or syserr(g_('cannot open %s'), $signfile);
+ print { $signfh } "\n";
+ close $signfh or syserr(g_('cannot close %s'), $signfile);
+
my @exec = ($self->{cmd});
push @exec, _gpg_options_weak_digests();
push @exec, qw(--utf8-strings --textmode --armor);
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-07 14:47:18 +0000