From a56c591f9063d895544d681e25bda2ffb22f7ca0 Mon Sep 17 00:00:00 2001
From: Andre Heinecke <aheinecke@gnupg.org>
Date: Thu, 19 Dec 2019 13:14:19 +0100
Subject: [PATCH] speedo: Make signing optional for w32-release

* build-aux/speedo.mk (AUTHENTICODE_sign): Check if
certificates are available.
---
 build-aux/speedo.mk | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/build-aux/speedo.mk b/build-aux/speedo.mk
index 332cd02ff..875e5e154 100644
--- a/build-aux/speedo.mk
+++ b/build-aux/speedo.mk
@@ -1391,13 +1391,15 @@ define AUTHENTICODE_sign
         /fd sha256 /du https://gnupg.org a.exe ;\
      scp "$(AUTHENTICODE_SIGNHOST):a.exe" $(2);\
      echo "speedo: signed file is '$(2)'" ;\
-   else \
+   elif [ -e "$(AUTHENTICODE_KEY)" ]; then \
      echo "speedo: Signing using key $(AUTHENTICODE_KEY)";\
      osslsigncode sign -certs $(AUTHENTICODE_CERTS) \
        -pkcs12 $(AUTHENTICODE_KEY) -askpass \
        -ts "http://timestamp.globalsign.com/scripts/timstamp.dll" \
        -h sha256 -n GnuPG -i https://gnupg.org \
        -in $(1) -out $(2) ;\
+   else \
+     echo "speedo: WARNING: Binaries are not signed"; \
    fi
 endef