Make verify-commits POSIX-compliant

Author: TheBlueMatt

contrib/verify-commits/gpg.sh

@@ -1,8 +1,9 @@
 #!/bin/sh
-INPUT=$(</dev/stdin)
+INPUT=$(cat /dev/stdin)
 VALID=false
 REVSIG=false
-IFS=$'\n'
+IFS='
+'
 for LINE in $(echo "$INPUT" | gpg --trust-model always "$@" 2>/dev/null); do
 	case "$LINE" in
 	"[GNUPG:] VALIDSIG "*)
@@ -13,10 +14,9 @@ for LINE in $(echo "$INPUT" | gpg --trust-model always "$@" 2>/dev/null); do
 	"[GNUPG:] REVKEYSIG "*)
 		[ "$BITCOIN_VERIFY_COMMITS_ALLOW_REVSIG" != 1 ] && exit 1
 		while read KEY; do
-			case "$LINE" in "[GNUPG:] REVKEYSIG ${KEY:24:40} "*)
+			case "$LINE" in "[GNUPG:] REVKEYSIG ${KEY#????????????????????????} "*)
 				REVSIG=true
-				GOODREVSIG="[GNUPG:] GOODSIG ${KEY:24:40} "
-				;;
+				GOODREVSIG="[GNUPG:] GOODSIG ${KEY#????????????????????????} "
 			esac
 		done < ./contrib/verify-commits/trusted-keys
 		;;

contrib/verify-commits/verify-commits.sh

@@ -1,33 +1,30 @@
 #!/bin/sh
+# Not technically POSIX-compliant due to use of "local", but almost every
+# shell anyone uses today supports it, so its probably fine
 
 DIR=$(dirname "$0")
 
 echo "Please verify all commits in the following list are not evil:"
 git log "$DIR"
 
 VERIFIED_ROOT=$(cat "${DIR}/trusted-git-root")
-
-IS_REVSIG_ALLOWED () {
-	while read LINE; do
-		[ "$LINE" = "$1" ] && return 0
-	done < "${DIR}/allow-revsig-commits"
-	return 1
-}
+REVSIG_ALLOWED=$(cat "${DIR}/allow-revsig-commits")
 
 HAVE_FAILED=false
 IS_SIGNED () {
 	if [ $1 = $VERIFIED_ROOT ]; then
 		return 0;
 	fi
-	if IS_REVSIG_ALLOWED "$1"; then
+	if [ "${REVSIG_ALLOWED#*$1}" != "$REVSIG_ALLOWED" ]; then
 		export BITCOIN_VERIFY_COMMITS_ALLOW_REVSIG=1
 	else
 		export BITCOIN_VERIFY_COMMITS_ALLOW_REVSIG=0
 	fi
 	if ! git -c "gpg.program=${DIR}/gpg.sh" verify-commit $1 > /dev/null 2>&1; then
 		return 1;
 	fi
-	local PARENTS=$(git show -s --format=format:%P $1)
+	local PARENTS
+	PARENTS=$(git show -s --format=format:%P $1)
 	for PARENT in $PARENTS; do
 		if IS_SIGNED $PARENT > /dev/null; then
 			return 0;