[pacman-dev] [PATCH 5/9] Do database signature checking at load time

Dan McGee dan at archlinux.org
Wed Jun 8 03:55:11 EDT 2011


On Wed, Jun 8, 2011 at 2:51 AM, Dan McGee <dan at archlinux.org> wrote:
> This is the ideal place to do it as all clients should be checking the
> return value and ensuring there are no errors. This is similar to
> pkg_load().
>
> We also add an additional step of validation after we download a new
> database; a subsequent '-y' operation can potentially invalidate the
> original check at registration time.

This patch does break the current implementation of sign001.py; we
will need to beef up the test system a bit more to support DB sigs in
addition to package ones.

-Dan


More information about the pacman-dev mailing list