CPAN Signature checking problems

Front page | perl.perl5.porters | Postings from January 2006

CPAN Signature checking problems

Thread Next

From:

Linda W

Date:

January 24, 2006 23:41

Subject:

CPAN Signature checking problems

Message ID:

43D72B88.9060605@tlinx.org

CPAN just began encouraging Signatures on downloaded source
packages which is great, but trying to build "File::BOM", it
runs into some prereq's:
---- Unsatisfied dependencies detected during 
[M/MA/MATTLAW/File-BOM-0.11.tar.gz
] -----
    Test::Exception
    Readonly
Shall I follow them and prepend them to the queue
of modules we are processing right now? [yes]
so it starts to fetch the first one: Test::Exception and something dies
with a traceback:
Running install for module Test::Exception
Running make for A/AD/ADIE/Test-Exception-0.21.tar.gz
CPAN: LWP::UserAgent loaded ok
Fetching with LWP:
  http://www.perl.com/CPAN/authors/id/A/AD/ADIE/CHECKSUMS
Executing 
gpg/--verify/--batch/--no-tty/--keyserver=hkp://pgp.mit.edu:11371/--ke
yserver=hkp://pgp.mit.edu:11371//var/cache/CPAN/sources/authors/id/A/AD/ADIE/CHE
CKSUMS
gpg: no valid OpenPGP data found.
gpg: the signature could not be verified.
Please remember that the signature file (.sig or .asc)
should be the first file given on the command line.
Signature for /var/cache/CPAN/sources/authors/id/A/AD/ADIE/CHECKSUMS ok
syntax error at (eval 61) line 1, at EOF
 at /usr/lib/perl5/5.8/CPAN.pm line 4432
        
CPAN::Distribution::CHECKSUM_check_file('CPAN::Distribution=HASH(0x2815f
30)', '/var/cache/CPAN/sources/authors/id/A/AD/ADIE/CHECKSUMS') called 
at /usr/l
ib/perl5/5.8/CPAN.pm line 4379
        
CPAN::Distribution::verifyCHECKSUM('CPAN::Distribution=HASH(0x2815f30)')
 called at /usr/lib/perl5/5.8/CPAN.pm line 3966
        CPAN::Distribution::get('CPAN::Distribution=HASH(0x2815f30)') 
called at
/usr/lib/perl5/5.8/CPAN.pm line 4623
        CPAN::Distribution::make('CPAN::Distribution=HASH(0x2815f30)') 
called at
 /usr/lib/perl5/5.8/CPAN.pm line 4951
        CPAN::Distribution::test('CPAN::Distribution=HASH(0x2815f30)') 
called at
 /usr/lib/perl5/5.8/CPAN.pm line 5084
        
CPAN::Distribution::install('CPAN::Distribution=HASH(0x2815f30)') called
 at /usr/lib/perl5/5.8/CPAN.pm line 6001
        eval {...} called at /usr/lib/perl5/5.8/CPAN.pm line 6000
        CPAN::Module::rematein('CPAN::Module=HASH(0x18dc8170)', 
'install') calle
d at /usr/lib/perl5/5.8/CPAN.pm line 6075
        CPAN::Module::install('CPAN::Module=HASH(0x18dc8170)') called at 
/usr/li
b/perl5/5.8/CPAN.pm line 2065
        CPAN::Shell::rematein('CPAN::Shell', 'install', 'File::BOM') 
called at /
usr/lib/perl5/5.8/CPAN.pm line 2106
        CPAN::Shell::__ANON__('CPAN::Shell', 'File::BOM') called at 
/usr/lib/per
l5/5.8/CPAN.pm line 191
        eval {...} called at /usr/lib/perl5/5.8/CPAN.pm line 191
        CPAN::shell() called at /usr/bin/cpan line 176

-------
    Is this expected behavior? 

    Does this mean signatures in the CPAN source tree were not verified to
be present and valid before they turned on Signature checking?  The error
message isn't real clear.

Thanks,
Linda

Thread Next

CPAN Signature checking problems by Linda W

Re: CPAN Signature checking problems by Tels

Re: CPAN Signature checking problems by andreas.koenig.gmwojprw

Re: CPAN Signature checking problems by andreas.koenig.gmwojprw

Re: CPAN Signature checking problems by Linda W

nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About