mirror of
https://github.com/moparisthebest/pacman
synced 2024-12-21 23:38:49 -05:00
pacman-key: reject armored signatures
pacman expects an unarmored signature. makepkg forces the generation of unarmored signatures, and repo-add will reject any armored signature. For consistency pacman-key should also reject armored signatures. Signed-off-by: Allan McRae <allan@archlinux.org>
This commit is contained in:
parent
80d97fcf75
commit
1291c04961
@ -483,6 +483,10 @@ verify_sig() {
|
|||||||
local ret=0
|
local ret=0
|
||||||
for sig; do
|
for sig; do
|
||||||
msg "Checking %s..." "$sig"
|
msg "Checking %s..." "$sig"
|
||||||
|
if grep -q 'BEGIN PGP SIGNATURE' "$sig"; then
|
||||||
|
error "$(gettext "Cannot use armored signatures for packages: %s")" "$sig"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
if ! "${GPG_PACMAN[@]}" --status-fd 1 --verify "$sig" | grep -qE '^\[GNUPG:\] TRUST_(FULLY|ULTIMATE).*$'; then
|
if ! "${GPG_PACMAN[@]}" --status-fd 1 --verify "$sig" | grep -qE '^\[GNUPG:\] TRUST_(FULLY|ULTIMATE).*$'; then
|
||||||
error "$(gettext "The signature identified by %s could not be verified.")" "$sig"
|
error "$(gettext "The signature identified by %s could not be verified.")" "$sig"
|
||||||
ret=1
|
ret=1
|
||||||
|
Loading…
Reference in New Issue
Block a user