[Pkg-privacy-commits] [torbrowser-launcher] 38/476: got verification to work when sig is valid

[Ximin Luo]

This is an automated email from the git hooks/post-receive script.

infinity0 pushed a commit to branch debian
in repository torbrowser-launcher.

commit 80e1dd5af7e2e0ced1026ffac74ffd807e006068
Author: Micah Lee <micahflee at riseup.net>
Date:   Sun Feb 17 15:52:42 2013 -0800

    got verification to work when sig is valid
---
 torbrowser-launcher | 8 ++++++--
 verify.sh           | 2 +-
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/torbrowser-launcher b/torbrowser-launcher
index 32a05ed..0709405 100755
--- a/torbrowser-launcher
+++ b/torbrowser-launcher
@@ -266,11 +266,15 @@ class TorBrowserLauncher:
     return True
 
   def verify(self):
-    verify_output = subprocess.check_output([self.paths['file']['verify']])
+    error = False
+
+    verify_output = subprocess.check_output([self.paths['file']['verify'], self.paths['dir']['gpg'], self.paths['file']['tarball_sig']], stderr=subprocess.STDOUT)
     if 'Good signature' in verify_output:
       self.run_task();
-
     else:
+      error = True
+
+    if error:
       self.label = "Signature verification failed!"
 
   def extract(self):
diff --git a/verify.sh b/verify.sh
index fb444d1..dde70d0 100755
--- a/verify.sh
+++ b/verify.sh
@@ -12,5 +12,5 @@ chmod 700 $GPG_TMP_DIR
 # import erinn's public key
 gpg --homedir $GPG_TMP_DIR --import /usr/share/torbrowser-launcher/erinn.asc
 
-#verify the signature
+# verify the signature
 gpg --homedir $GPG_TMP_DIR --verify $TBB_SIG

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/torbrowser-launcher.git