[elbe-devel] [PATCH] elbepack: pkgutils: handle clearsigned dscs

[Thomas Weißschuh]

.dsc files can be clearsigned which means they have the PGP signature in
the file itself. apt_pkg.TagFile() is unaware of this.
The previous elbepak.pkgutils.get_dsc_size() worked by chance as
normally the PGP header and trailer are separated by an empty line from
the actual tag contents and get_dsc_size() always skipped past the
trailer. There are however .dsc files which do not have a separating
newline in front of the trailer, making TagFile() think that the trailer
belongs to the tag section, breaking the parsing.
One of those is dsc files is now in debian-security:
ghostscript_10.0.0~dfsg-11+deb12u5.dsc

Switch over to apt.debfile.DscSrcPackage() which correctly strips the
PGP signature before parsing the file.

Signed-off-by: Thomas Weißschuh <thomas.weissschuh at linutronix.de>
---
 elbepack/pkgutils.py | 15 +++++----------
 1 file changed, 5 insertions(+), 10 deletions(-)

diff --git a/elbepack/pkgutils.py b/elbepack/pkgutils.py
index b46a719462f3..eb721044e75f 100644
--- a/elbepack/pkgutils.py
+++ b/elbepack/pkgutils.py
@@ -6,7 +6,7 @@ import os
 import re
 import subprocess
 
-from apt_pkg import TagFile
+import apt.debfile
 
 from elbepack.filesystem import TmpdirFilesystem
 
@@ -52,16 +52,11 @@ def get_key_list(prj):
 
 
 def get_dsc_size(fname):
-    tf = TagFile(fname)
-
     sz = os.path.getsize(fname)
-    for sect in tf:
-        if 'Files' in sect:
-            files = sect['Files'].split('\n')
-            files = [f.strip().split(' ') for f in files]
-            for f in files:
-                sz += int(f[1])
-            break
+
+    dsc = apt.debfile.DscSrcPackage(fname)
+    filesizes = map(int, dsc._sections['Files'].split()[1::3])
+    sz += sum(filesizes)
 
     return sz
 

---
base-commit: 53a860fd35f97b7223902a3b06a8e969a57e829e
change-id: 20240916-dsc-size-5a88872bfed0

Best regards,
-- 
Thomas Weißschuh <thomas.weissschuh at linutronix.de>