Pacman cannot handle armored signatures, so use gpg's --no-armor flag to force an unarmored signature. --- scripts/repo-add.sh.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/scripts/repo-add.sh.in b/scripts/repo-add.sh.in index 3ece8d5..7e242ce 100644 --- a/scripts/repo-add.sh.in +++ b/scripts/repo-add.sh.in @@ -264,7 +264,7 @@ create_signature() { if [[ -n $GPGKEY ]]; then SIGNWITHKEY="-u ${GPGKEY}" fi - gpg --detach-sign --use-agent ${SIGNWITHKEY} "$dbfile" &>/dev/null || ret=$? + gpg --detach-sign --use-agent --no-armor ${SIGNWITHKEY} "$dbfile" &>/dev/null || ret=$?
if (( ! ret )); then msg2 "$(gettext "Created signature file '%s'")" "${dbfile##*/.tmp.}.sig"
Pacman cannot handle armored signatures, so make repo-add error out if one is detected. --- scripts/repo-add.sh.in | 5 +++++ 1 file changed, 5 insertions(+)
diff --git a/scripts/repo-add.sh.in b/scripts/repo-add.sh.in index 7e242ce..4f9f7c3 100644 --- a/scripts/repo-add.sh.in +++ b/scripts/repo-add.sh.in @@ -364,6 +364,11 @@ db_write_entry() {
# compute base64'd PGP signature if [[ -f "$pkgfile.sig" ]]; then + if head -1 "$pkgfile.sig" | grep -q 'BEGIN PGP SIGNATURE'; then + error "$(gettext "Armored package signature '%s' found, \ +unarmored signatures required.")" "$pkgfile.sig" + return 1 + fi pgpsigsize=$(@SIZECMD@ -L "$pkgfile.sig") if (( pgpsigsize > 16384 )); then error "$(gettext "Invalid package signature file '%s'.")" "$pkgfile.sig"
On 26/05/15 19:46, Johannes Löthberg wrote:
Pacman cannot handle armored signatures, so make repo-add error out if one is detected.
scripts/repo-add.sh.in | 5 +++++ 1 file changed, 5 insertions(+)
diff --git a/scripts/repo-add.sh.in b/scripts/repo-add.sh.in index 7e242ce..4f9f7c3 100644 --- a/scripts/repo-add.sh.in +++ b/scripts/repo-add.sh.in @@ -364,6 +364,11 @@ db_write_entry() {
# compute base64'd PGP signature if [[ -f "$pkgfile.sig" ]]; then
if head -1 "$pkgfile.sig" | grep -q 'BEGIN PGP SIGNATURE'; then
Why is head being used here?
error "$(gettext "Armored package signature '%s' found, \+unarmored signatures required.")" "$pkgfile.sig"
return 1fi
On 26/05, Allan McRae wrote:
On 26/05/15 19:46, Johannes Löthberg wrote:
Pacman cannot handle armored signatures, so make repo-add error out if one is detected.
scripts/repo-add.sh.in | 5 +++++ 1 file changed, 5 insertions(+)
diff --git a/scripts/repo-add.sh.in b/scripts/repo-add.sh.in index 7e242ce..4f9f7c3 100644 --- a/scripts/repo-add.sh.in +++ b/scripts/repo-add.sh.in @@ -364,6 +364,11 @@ db_write_entry() {
# compute base64'd PGP signature if [[ -f "$pkgfile.sig" ]]; then
if head -1 "$pkgfile.sig" | grep -q 'BEGIN PGP SIGNATURE'; thenWhy is head being used here?
I think I originally used it in case the file had some other content, but there's really no need for it. Will remove it.
error "$(gettext "Armored package signature '%s' found, \+unarmored signatures required.")" "$pkgfile.sig"
return 1fi
Pacman cannot handle armored signatures, so make repo-add error out if one is detected.
Signed-off-by: Johannes Löthberg johannes@kyriasis.com --- Now beheaded.
scripts/repo-add.sh.in | 5 +++++ 1 file changed, 5 insertions(+)
diff --git a/scripts/repo-add.sh.in b/scripts/repo-add.sh.in index 7e242ce..076e987 100644 --- a/scripts/repo-add.sh.in +++ b/scripts/repo-add.sh.in @@ -364,6 +364,11 @@ db_write_entry() {
# compute base64'd PGP signature if [[ -f "$pkgfile.sig" ]]; then + if grep -q 'BEGIN PGP SIGNATURE' "$pkgfile.sig"; then + error "$(gettext "Armored package signature '%s' found, \ +unarmored signatures required.")" "$pkgfile.sig" + return 1 + fi pgpsigsize=$(@SIZECMD@ -L "$pkgfile.sig") if (( pgpsigsize > 16384 )); then error "$(gettext "Invalid package signature file '%s'.")" "$pkgfile.sig"
Pacman cannot handle armored signatures, so use gpg's --no-armor flag to force an unarmored signature. --- scripts/repo-add.sh.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/scripts/repo-add.sh.in b/scripts/repo-add.sh.in index 3ece8d5..7e242ce 100644 --- a/scripts/repo-add.sh.in +++ b/scripts/repo-add.sh.in @@ -264,7 +264,7 @@ create_signature() { if [[ -n $GPGKEY ]]; then SIGNWITHKEY="-u ${GPGKEY}" fi - gpg --detach-sign --use-agent ${SIGNWITHKEY} "$dbfile" &>/dev/null || ret=$? + gpg --detach-sign --use-agent --no-armor ${SIGNWITHKEY} "$dbfile" &>/dev/null || ret=$?
if (( ! ret )); then msg2 "$(gettext "Created signature file '%s'")" "${dbfile##*/.tmp.}.sig"
Pacman cannot handle armored signatures, so make repo-add error out if one is detected.
Signed-off-by: Johannes Löthberg johannes@kyriasis.com --- Error message changed as per IRC discussion with Allan
scripts/repo-add.sh.in | 4 ++++ 1 file changed, 4 insertions(+)
diff --git a/scripts/repo-add.sh.in b/scripts/repo-add.sh.in index 7e242ce..69993a9 100644 --- a/scripts/repo-add.sh.in +++ b/scripts/repo-add.sh.in @@ -364,6 +364,10 @@ db_write_entry() {
# compute base64'd PGP signature if [[ -f "$pkgfile.sig" ]]; then + if grep -q 'BEGIN PGP SIGNATURE' "$pkgfile.sig"; then + error "$(gettext "Cannot use armored signatures for packages: %s")" "$pkgfile.sig" + return 1 + fi pgpsigsize=$(@SIZECMD@ -L "$pkgfile.sig") if (( pgpsigsize > 16384 )); then error "$(gettext "Invalid package signature file '%s'.")" "$pkgfile.sig"
pacman-dev@lists.archlinux.org