#!/usr/bin/perl

# Copyright (C) 2001,2002 Progeny Linux Systems, Inc.
# Authors: John Goerzen, Branden Robinson

# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA

use Getopt::Long;

Getopt::Long::Configure('no_ignore_case');

$| = 1;

# set up variables

my $verbose = '';

my $maint_keyid = $ENV{DEBSIGS_MAINT_ID} ? $ENV{DEBSIGS_MAINT_ID} : '';
my $archive_keyid = $ENV{DEBSIGS_ARCHIVE_ID} ? $ENV{DEBSIGS_ARCHIVE_ID} : '';
my $origin_keyid = $ENV{DEBSIGS_ORIGIN_ID} ? $ENV{DEBSIGS_ORIGIN_ID} : '';
my $secring = $ENV{DEBSIGS_SECRING} ? $ENV{DEBSIGS_SECRING} : "$ENV{HOME}/.gnupg/secring.pgp";

GetOptions ('verbose' => \$verbose,
            'maint=s' => \$maint_keyid,
            'archive=s' => \$arhive_keyid,
            'origin=s' => \$origin_keyid,
            'secring=s' => \$secring);

%ids = ('maint' => $maint_keyid,
        'archive' => $archive_keyid,
        'origin' => $origin_keyid);

@tosign = @ARGV;
unless (defined($tosign[0])) {
  die <<EOF;
Usage: debsigs-autosign [options] sigtype [ ... ]
  Reads package names from standard input, and signs each with debsigs.
Options:
  --archive=KEYID    use KEYID for archive signature
  --maint=KEYID      use KEYID for maintainer signature
  --origin=KEYID     use KEYID for origin signature
  --secring=FILE     use FILE as GPG secret keyring
  --verbose          report status messages
EOF
}

while (defined($line = <STDIN>)) {
  chomp $line;
  if ($verbose) {
    print "Signing $line:";
  }
  foreach $sig (@tosign) {
    if ($verbose) {
      print " $sig";
    }
    (system("debsigs", "-K", $secring, "--default-key=" .
            $ids{$sig}, "--sign=$sig", $line) == 0) or die
              "Error signing!";
  }
  if ($verbose) {
    print ".\n";
  }
}

__END__

=head1 NAME

debsigs-autosign - batch-sign Debian package files

=head1 SYNOPSIS

B<debsigs-autosign> [I<options>] I<sigtype> [ I<...> ]

=head1 DESCRIPTION

I<debsigs-autosign> reads a newline-delimited list of file names from
standard input and runs I<debsigs>(1) on each package, with arguments
determined by the options, operands, and environment of
I<debsigs-autosign>.

=head1 OPTIONS

=over 5

=item B<--archive=>I<keyid>

=item B<--maint=>I<keyid>

=item B<--origin=>I<keyid>

The above options specify cryptographic key identifiers for use with
I<gpg>(1).

=item B<--secring=>I<file>

This option identifies a secret keyring file for use with I<gpg>(1).

=item B<--verbose>

Displays verbose output.

=back

=head1 OPERANDS

Each operand is a signature type to apply to the Debian package(s) to be
processed.  Currently recongnized signature types are B<archive>,
B<maint>, and B<origin>.

=head1 ENVIRONMENT

The following environment variables are recognized by
I<debsigs-autosign>:

=over 5

=item I<DEBSIGS_ARCHIVE_ID>

=item I<DEBSIGS_MAINT_ID>

=item I<DEBSIGS_ORIGIN_ID>

The above variables specify cryptographic key identifiers for use with
I<gpg>(1).

=item I<DEBSIGS_SECRING>

This variable identifies a secret keyring file for use with I<gpg>(1).

=back

=head1 AUTHORS

=over 5

=item John Goerzen <jgoerzen@complete.org>

=item Branden Robinson <branden@debian.org>

=back

=head1 SEE ALSO

debsigs(1), debsig-verify(1), gpg(1)

=cut

# vim:set ai et sts=2 sw=2 tw=72:
