#!/usr/bin/perl -w

# Copyright (C) 2001,2002 Progeny Linux Systems, Inc.
# Authors: John Goerzen, Branden Robinson

# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA

use File::Basename;

unless (@ARGV && $ARGV[0] =~ /\.changes$/) {
  die "Usage: debsigs-signchanges filename.changes";
}

my $changesfile = $ARGV[0];
my $changespath = (fileparse($changesfile))[1];
my $newchangesfile = "$changesfile.debsigs-signchanges.$$";
my $ADDSIG = $ENV{DEBSIGSSIG} ? $ENV{DEBSIGSSIG} : 'maint';
my $DEBSIGSOPTIONS = $ENV{DEBSIGSOPTIONS} ? $ENV{DEBSIGSOPTIONS} : '';
open(CHANGES, "<$changesfile") or die "Couldn't open $changesfile: $!";
open(NEWCHANGES, ">$newchangesfile") or
  die "Couldn't open $newchangesfile: $!";

# Look for the Files section.

my $line;
while (defined($line = <CHANGES>) && !($line =~ /^Files:/)) {
  print NEWCHANGES $line;
}

# Print out the Files: line.

print NEWCHANGES $line;

# Now process each.

while (defined($line = <CHANGES>)) {
  my $cline = $line;            # Make a backup.
  chomp $cline;                 # Chomp trailing NL.
  $cline =~ s/^ //;             # Chomp leading space.
  my ($md5sum, $size, $section, $priority, $file) = split(' ', $cline);
  unless ($file) {              # Bail if it's not a File.
    print NEWCHANGES $line;
    last;
  }
  unless ($file =~ /\.deb$/) {  # Pass through if it's not a .deb.
    print NEWCHANGES $line;
    next;
  }

  # OK, so it's a .deb.... process.

  print "Changespath is '$changespath'\n";

  print "Signing $file...\n";
  system("debsigs $DEBSIGSOPTIONS --sign=$ADDSIG $changespath/$file") &&
    die "Couldn't sign $changespath/$file";

  # Now generate the .changes line.
  $md5sum = `md5sum $changespath/$file`;
  # Strip off the trailing stuff.
  $md5sum =~ s/\s.*$//s;
  $size = (stat("$changespath/$file"))[7];
  print NEWCHANGES " $md5sum $size $section $priority $file\n";
}

# The rest of the file.

while (defined($line = <CHANGES>)) {
  print NEWCHANGES $line;
}

close CHANGES;
close NEWCHANGES;

rename($newchangesfile, $changesfile) or
  die "Couldn't rename $newchangesfile to $changesfile: $!";

__END__

=head1 NAME

debsigs-signchanges - cryptographically sign Debian packages based on
package changes file

=head1 SYNOPSIS

B<debsigs-signchanges> I<file>

=head1 DESCRIPTION

I<debsigs-signchanges> reads the Debian package changes file specified
as an operand and runs I<debsigs>(1) on each package listed within.  It
then updates the changes file to reflect the new cryptographic hash and
size of the signed Debian packages.

=head1 OPERANDS

I<debsigs-signchanges> takes one operand: the name of a Debian package
changes file to scan and update.

=head1 AUTHORS

=over 5

=item John Goerzen <jgoerzen@complete.org>

=item Branden Robinson <branden@debian.org>

=back

=head1 SEE ALSO

debsigs(1), debsig-verify(1), gpg(1)

=cut

# vim:set et ai sts=2 sw=2 tw=72:
