1
0
mirror of https://github.com/moparisthebest/pacman synced 2024-11-12 04:15:06 -05:00

repo-add: Reject armored signatures

Pacman cannot handle armored signatures, so make repo-add error out if
one is detected.

Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
This commit is contained in:
Johannes Löthberg 2015-06-13 15:45:45 +02:00 committed by Allan McRae
parent aa9aa343cb
commit 4b0bc2cf97

View File

@ -364,6 +364,10 @@ db_write_entry() {
# compute base64'd PGP signature # compute base64'd PGP signature
if [[ -f "$pkgfile.sig" ]]; then if [[ -f "$pkgfile.sig" ]]; then
if grep -q 'BEGIN PGP SIGNATURE' "$pkgfile.sig"; then
error "$(gettext "Cannot use armored signatures for packages: %s")" "$pkgfile.sig"
return 1
fi
pgpsigsize=$(@SIZECMD@ -L "$pkgfile.sig") pgpsigsize=$(@SIZECMD@ -L "$pkgfile.sig")
if (( pgpsigsize > 16384 )); then if (( pgpsigsize > 16384 )); then
error "$(gettext "Invalid package signature file '%s'.")" "$pkgfile.sig" error "$(gettext "Invalid package signature file '%s'.")" "$pkgfile.sig"