[pacman-dev] [PATCH 2/2] repo-add: Reject armored signatures
Allan McRae
allan at archlinux.org
Tue May 26 09:58:52 UTC 2015
On 26/05/15 19:46, Johannes Löthberg wrote:
> Pacman cannot handle armored signatures, so make repo-add error out if
> one is detected.
> ---
> scripts/repo-add.sh.in | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/scripts/repo-add.sh.in b/scripts/repo-add.sh.in
> index 7e242ce..4f9f7c3 100644
> --- a/scripts/repo-add.sh.in
> +++ b/scripts/repo-add.sh.in
> @@ -364,6 +364,11 @@ db_write_entry() {
>
> # compute base64'd PGP signature
> if [[ -f "$pkgfile.sig" ]]; then
> + if head -1 "$pkgfile.sig" | grep -q 'BEGIN PGP SIGNATURE'; then
Why is head being used here?
> + error "$(gettext "Armored package signature '%s' found, \
> +unarmored signatures required.")" "$pkgfile.sig"
> + return 1
> + fi
> pgpsigsize=$(@SIZECMD@ -L "$pkgfile.sig")
> if (( pgpsigsize > 16384 )); then
> error "$(gettext "Invalid package signature file '%s'.")" "$pkgfile.sig"
>
More information about the pacman-dev
mailing list