This removes the dependency on «gpg» when we can use just «gpgv».

This removes the dependency on «gpg» when we can use just «gpgv».

These functions prepare us to remove reliance on «gpg», which was only
used for armoring and dearmoring while using «gpgv».

[guillem@debian.org:
 - Coding style and formatting fixes.
 - Remove C code in comments.
 - Split base64 lines at 64 characters.
 - Match on same whitespace as Dpkg::Control::HashCore parsing.
 - Rename _pgp_unarmor_data() to _pgp_dearmor_data().
 - Remove spurious EOLs. ]

Ref: https://salsa.debian.org/debian/devscripts/-/merge_requests/286


Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Signed-off-by: Guillem Jover <guillem@debian.org>

Handle ASCII armored "keyrings" semi-transparently, by accepting them in
the verification function.

Move the Dpkg::OpenPGP::openpgp_sig_to_asc() function into a
Dpkg::Source::Package member function as that has policy logic that
does not really belong in the more generic Dpkg::OpenPGP module.

We need to armor some files, and this will make it possible to move out
the openpgp_sig_to_asc() function from this module, where it does not
really fit as it encodes policy that is not generally useful.

These functions are really GnuPG specific, so give them matching names.

These are signer certificates, it does not necessarily contain
(private) keys.

This maps more closely to the SOP API.

Using gpgv exclusively for signature verification is better, it removes a
fat dependency where gpgv tends to be present when gpg is present, has a
better stateless interface, and reduces code complexity.

This unifies the current interface, and takes it closer to the Stateless
OpenPGP CLI draft.

This is not currently used, if there's ever a need for something like
this we can always add it back.

Changelog: internal

Changelog: internal

Changelog: internal

This makes sure each test group starts with a clean temporary directory,
with no side effects from any previous run.

The Net::FTP object is instantiated from the Dselect::Ftp::do_connect()
function, so it does not need to be imported from the scripts.

Changelog: internal

While strictly speaking we do not currently need it, it will make it
possible to remove code that can use functionality from the Dpkg perl
modules. We replace the warning recommending to install perl, by a
message stating that the Dpkg modules are missing, as if the user
installs libdpkg-perl (or equivalent) then the perl package will also
be pulled in.

In Debian and derivatives where the perl distribution is split into
a perl-base package which is always guaranteed to be installed, and a
perl-modules and perl packages, which are not, we do not need to
conditionally load these modules, as they will always be installed.

On other systems, when perl is installed these modules will always be
present so this change should not make any difference.

Changelog: internal

In Debian and derivatives where the perl distribution is split into
a perl-base package which is always guaranteed to be installed, and a
perl-modules and perl packages, which are not, we need to conditionally
load these modules, as we do not have strict dependencies on the perl
package.

On other systems, when perl is installed these modules will always be
present so this change should not make any difference.

Move this check into its own boolean, so that in the future we can
extend it to be based on some other criteria, such as a new changelog
keyword.

Changelog: internal

Changelog: internal

This makes this target available on any directory that contains TAP
tests, and not just the source-tree root.

Fixes: commit 6cad120a
Changelog: silent

This makes comparing the pathname more cumbersome, and diverges from all
other directory name macros. If we need to concatenate it we can append
an explicit «/» between components.

Use designated initializers to make the assignments obvious.

This uses the common varbuf snapshot and rollback pattern which
handles automatic memory reallocation if needed, and is less prone to
buffer handling mistakes.

This make using the rollback points easier.

This requires one varbuf_state per varbuf, instead of being able to
share them among related variable, but makes sure these will be coherent
and will allow adding new functionality based on the state and the base
varbuf.