From f661e4c31995829a0b2e17912d6a23f99a3251bc Mon Sep 17 00:00:00 2001
From: Nedko Arnaudov <nedko@nedk.org>
Date: Thu, 18 Apr 2024 18:00:55 +0300
Subject: [PATCH] add verify-sig_waf waf verification script from waf-2.0.27

---
 verify-sig_waf.sh | 56 +++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 56 insertions(+)
 create mode 100755 verify-sig_waf.sh

diff --git a/verify-sig_waf.sh b/verify-sig_waf.sh
new file mode 100755
index 00000000..b555add2
--- /dev/null
+++ b/verify-sig_waf.sh
@@ -0,0 +1,56 @@
+#! /usr/bin/env python
+# encoding: utf-8
+# Thomas Nagy, 2014-2015
+
+"""
+A simple file for verifying signatures in signed waf files
+This script is meant for Python >= 2.6 and the encoding is bytes - latin-1
+
+Distributing detached signatures is boring
+"""
+
+import sys, os, re, subprocess
+
+if __name__ == '__main__':
+	try:
+		infile = sys.argv[1]
+	except IndexError:
+		infile = 'waf'
+
+	try:
+		outfile1 = sys.argv[2]
+	except IndexError:
+		outfile1 = infile + '-sig'
+
+	try:
+		outfile2 = sys.argv[3]
+	except IndexError:
+		outfile2 = outfile1 + '.asc'
+
+	f1 = open(outfile1, 'wb')
+	f2 = open(outfile2, 'wb')
+	f = open(infile, 'rb')
+	try:
+		txt = f.read()
+
+		lastline = txt.decode('latin-1').splitlines()[-1] # just the last line
+		if not lastline.startswith('#-----BEGIN PGP SIGNATURE-----'):
+			print("ERROR: there is no signature to verify in %r :-/" % infile)
+			sys.exit(1)
+
+		sigtext = lastline.replace('\\n', '\n') # convert newlines
+		sigtext = sigtext[1:] # omit the '# character'
+		sigtext = sigtext.encode('latin-1') # python3
+
+		f2.write(sigtext)
+		f1.write(txt[:-len(lastline) - 1]) # one newline character was eaten from splitlines()
+	finally:
+		f.close()
+		f1.close()
+		f2.close()
+
+	cmd = 'gpg --verify %s' % outfile2
+	print("-> %r" % cmd)
+	ret = subprocess.Popen(cmd, shell=True).wait()
+	sys.exit(ret)
+