- add secret --signdummy option

diff --git a/build b/build
index f003255..ed1978f 100755 (executable)
--- a/build
+++ b/build
@@ -82,6 +82,7 @@ OVERLAY=
 RSYNCSRC=
 RSYNCDEST=
 RSYNCDONE=
+SIGNDUMMY=
 
 # list of archs which need emulator initialization
 : ${EMULATOR_ARCHS:="armv4l armv5el armv6el armv7el armv8el mips mipsel mips64 mips64el ppc ppc64 sh4"}
@@ -959,6 +960,9 @@ while test -n "$1"; do
          shell=1
          shift
       ;;
+      --signdummy)
+       SIGNDUMMY=1
+      ;;
       -*)
        echo Unknown Option "$PARAM". Exit.
        cleanup_and_exit 1
@@ -1359,6 +1363,7 @@ for SPECFILE in "${SPECFILES[@]}" ; do
        echo "BUILD_DIST='${BUILD_DIST//"'"/$Q}'" >> $BUILD_ROOT/.build/build.data
        echo "RELEASE='${RELEASE//"'"/$Q}'" >> $BUILD_ROOT/.build/build.data
        echo "BUILD_DEBUG='${BUILD_DEBUG//"'"/$Q}'" >> $BUILD_ROOT/.build/build.data
+       echo "SIGNDUMMY='${SIGNDUMMY//"'"/$Q}'" >> $BUILD_ROOT/.build/build.data
        echo "DO_LINT='${DO_LINT//"'"/$Q}'" >> $BUILD_ROOT/.build/build.data
        echo "DO_CHECKS='${DO_CHECKS//"'"/$Q}'" >> $BUILD_ROOT/.build/build.data
        echo "NOROOTFORBUILD='${NOROOTFORBUILD//"'"/$Q}'" >> $BUILD_ROOT/.build/build.data
@@ -1566,6 +1571,16 @@ for SPECFILE in "${SPECFILES[@]}" ; do
     fi
 
     #
+    # install dummy sign program if needed
+    #
+    test -f $BUILD_ROOT/usr/bin/sign_installed && mv $BUILD_ROOT/usr/bin/sign_installed $BUILD_ROOT/usr/bin/sign
+    if test -n "$SIGNDUMMY" ; then
+       test -f $BUILD_ROOT/usr/bin/sign && mv $BUILD_ROOT/usr/bin/sign $BUILD_ROOT/usr/bin/sign_installed
+       cp $BUILD_DIR/signdummy $BUILD_ROOT/usr/bin/sign
+       chmod 755 $BUILD_ROOT/usr/bin/sign
+    fi
+
+    #
     # check if we want to build with the abuild user
     #
     BUILD_USER=abuild

diff --git a/signdummy b/signdummy
new file mode 100755 (executable)
index 0000000..4951454
--- /dev/null
+++ b/signdummy
@@ -0,0 +1,39 @@
+#!/usr/bin/perl
+
+# simple "sign" replacement that does nothing but
+# write a 2048 byte file with a fixed signature.
+# sign is used in kiwi builds to sign repositories
+
+my $mode;
+
+while (@ARGV) {
+  if ($ARGV[0] =~ /^-([cdr])$/) {
+    $mode = $1;
+    shift @ARGV;
+    next;
+  }
+  if ($ARGV[0] eq '--') {
+    shift @ARGV;
+    last;
+  }
+  if ($ARGV[0] =~ /^-/) {
+    die("unsupported option $ARGV[0]\n");
+  }
+  last;
+}
+die("only detached mode possible\n") if !$mode || $mode ne 'd';
+die("filter mode not supported\n") unless @ARGV;
+
+for my $file (@ARGV) {
+  local *F;
+  open(F, '<', $file) || die("$file: $!\n");
+  my $buf = '';
+  1 while sysread(F, $buf, 16384, length($buf));
+  close(F) || die("$file: $!\n");
+  my $block = "sIGnMe!\n";
+  $block .= sprintf("%08x%08x\n", length($buf), unpack("%32C*", $buf));
+  $block .= "\0" x (2048 - length($block));
+  open(F, '>', "$file.asc") || die("$file.asc: $!\n");
+  (syswrite(F, $block) || 0) == 2048 || die("$file.asc: $!\n");
+  close(F) || die("$file.asc: $!\n");
+}