#!/usr/bin/perl -w

# $Id: check-sigs-and-sign,v 1.5 2002/08/09 02:01:55 jason Exp $

require "flush.pl";

$passphrase = "";
$have_passphrase = 0;
@signed_files = ();

if ($#ARGV < 0) {
    print "$0:  nothing to do.\n";
    exit;
}

foreach $file (@ARGV) {

    next if $file =~ /\.asc$/; # skip signature files (excluding softlinks)
    next if $file =~ /\.sig$/;
    next if $file =~ /,v$/;    # skip RCS ,v files
    next if (! -f $file);      # skip non-regular files


    # prefer ASCII .asc files, but use binary .sig files if available
    $sig = $file . ".asc";
    if (! -e $sig) {
        $sig = $file . ".sig";
    }

    if (! -e $sig) {
	print "$0:  no signature for $file, signing...\n";
	sign ($file);
    } else {
	print "signature file:  $sig\n";
	open (GPG, "gpg --verify $sig|") || die;
	while (<GPG>) { # GPG uses stderr, but anyway...
	    print;
	}
	close (GPG);
	print "$0:  gpg returned $?\n";
	if ($? != 0) {
	    print "$0:  bad sig for $file, signing...\n";
	    sign ($file);
	}
    }
}

print "\n$0:  signed ", $#signed_files+1, " file(s):  ",
    join (", ", @signed_files), "\n" if ($#signed_files >= 0);

###############################################################################

sub get_passphrase {

    return if ($have_passphrase);

    open (TTY, "+< /dev/tty") || die;

    system "stty -f /dev/tty -echo" || die;
    print "$0:  please enter your GPG passphrase:  ";
    flush (TTY);
    chomp ($passphrase = <TTY>);
    system "stty -f /dev/tty echo";
    $have_passphrase = 1;

} # get_passphrase()

###############################################################################

sub sign {

    local ($file) = @_;

    push @signed_files, $file;
    get_passphrase();
    open (GPG, "|gpg -b -a --passphrase-fd 0 $file") || die;
    print GPG "$passphrase\n";
    close (GPG);
    print "$0:  done.\n";

} # sign()

###############################################################################