blob: 9c33ff96e16b9d78422fe740ea9d234af1e73c65 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
|
#!/bin/sh
# shellcheck source=conf/default.conf
. "${0%/*}/../conf/default.conf"
tmp_dir=$(mktemp -d)
trap 'rm -rf --one-file-system "${tmp_dir}"' EXIT
cat > \
"${tmp_dir}/mail"
if ! hashcash -qXc -b 20 \
-d -f "${tmp_dir}/hashcash.db" \
-r 'archlinux32-buildmaster@eckner.net' \
-r 'buildmaster@archlinux32.org' < \
"${tmp_dir}/mail"; then
>&2 echo 'Invalid stamp - ignoring this message.'
exit
fi
if ! sed -n '
/^-----BEGIN PGP MESSAGE-----$/{
:a
/\n-----END PGP MESSAGE-----$/!{
N
ba
}
p
}
' "${tmp_dir}/mail" | \
chronic gpg --batch --status-file "${tmp_dir}/gpg-status" -q -d -o "${tmp_dir}/plain-content"; then
exit
fi
if [ -z "$(
(
grep '^\[GNUPG:] VALIDSIG ' "${tmp_dir}/gpg-status" | \
cut -d' ' -f3 | \
sort -u
printf '%s\n' "${admin_gpg_keys}" | \
sort -u
) | \
sort | \
uniq -d
)" ]; then
>&2 echo 'No valid signature found.'
grep '^\[GNUPG:] VALIDSIG ' "${tmp_dir}/gpg-status" | \
cut -d' ' -f3 | \
sort -u >&2
exit
fi
if grep -q '^From:\s' "${tmp_dir}/plain-content" &&
grep -q '^To:\s' "${tmp_dir}/plain-content" &&
grep -q '^Subject:\s' "${tmp_dir}/plain-content"; then
# the content is / might be "multipart"
sed -n '
/^$/!b
N
s/^\n//
/^--/b
:a
N
/\n$/!ba
s/\n$//
p
' "${tmp_dir}/plain-content" > \
"${tmp_dir}/raw-content"
else
mv "${tmp_dir}/plain-content" "${tmp_dir}/raw-content"
fi
sed -n '
/^stabilize:/{
s/^stabilize:\s*//
/\.pkg\.tar\.xz$/!s/$/.pkg.tar.xz/
w '"${tmp_dir}/stabilize"'
}
' "${tmp_dir}/raw-content"
if [ -s "${tmp_dir}/stabilize" ]; then
chronic "${base_dir}/bin/db-update" -b -f "${tmp_dir}/stabilize"
fi
|