[pacman-dev] [PATCH 2/2] repo-add: Reject armored signatures
Johannes Löthberg
johannes at kyriasis.com
Tue May 26 09:46:09 UTC 2015
Pacman cannot handle armored signatures, so make repo-add error out if
one is detected.
---
scripts/repo-add.sh.in | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/scripts/repo-add.sh.in b/scripts/repo-add.sh.in
index 7e242ce..4f9f7c3 100644
--- a/scripts/repo-add.sh.in
+++ b/scripts/repo-add.sh.in
@@ -364,6 +364,11 @@ db_write_entry() {
# compute base64'd PGP signature
if [[ -f "$pkgfile.sig" ]]; then
+ if head -1 "$pkgfile.sig" | grep -q 'BEGIN PGP SIGNATURE'; then
+ error "$(gettext "Armored package signature '%s' found, \
+unarmored signatures required.")" "$pkgfile.sig"
+ return 1
+ fi
pgpsigsize=$(@SIZECMD@ -L "$pkgfile.sig")
if (( pgpsigsize > 16384 )); then
error "$(gettext "Invalid package signature file '%s'.")" "$pkgfile.sig"
--
2.4.1
More information about the pacman-dev
mailing list