moparisthebest/pacman
1
0
Fork 0
mirror of https://github.com/moparisthebest/pacman synced 2024-11-12 04:15:06 -05:00
Code Issues Releases Wiki Activity

repo-add: Reject armored signatures

Browse Source 
Pacman cannot handle armored signatures, so make repo-add error out if
one is detected.

Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
This commit is contained in:
Johannes Löthberg 2015-06-13 15:45:45 +02:00 committed by Allan McRae
parent aa9aa343cb
commit 4b0bc2cf97
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
scripts/repo-add.sh.in
View File

@ -364,6 +364,10 @@ db_write_entry() {
# compute base64'd PGP signature # compute base64'd PGP signature
if [[ -f "$pkgfile.sig" ]]; then if [[ -f "$pkgfile.sig" ]]; then
if grep -q 'BEGIN PGP SIGNATURE' "$pkgfile.sig"; then
error "$(gettext "Cannot use armored signatures for packages: %s")" "$pkgfile.sig"
return 1
fi
pgpsigsize=$(@SIZECMD@ -L "$pkgfile.sig") pgpsigsize=$(@SIZECMD@ -L "$pkgfile.sig")
if (( pgpsigsize > 16384 )); then if (( pgpsigsize > 16384 )); then
error "$(gettext "Invalid package signature file '%s'.")" "$pkgfile.sig" error "$(gettext "Invalid package signature file '%s'.")" "$pkgfile.sig"