From 2b7bb0c6b7aa4f7a43c82db1cf9a18d27600c62e Mon Sep 17 00:00:00 2001 From: Pierre Schmitz Date: Sun, 18 Dec 2011 14:16:30 +0100 Subject: Validate package signatures on db-update --- db-update | 3 +++ 1 file changed, 3 insertions(+) (limited to 'db-update') diff --git a/db-update b/db-update index 4b9c78f..60af79f 100755 --- a/db-update +++ b/db-update @@ -35,6 +35,9 @@ for repo in ${repos[@]}; do if ! check_pkgfile "${pkg}"; then die "Package ${repo}/$(basename ${pkg}) is not consistent with its meta data" fi + if ${REQUIRE_SIGNATURE} && ! check_pkgsig "${pkg}.sig"; then + die "Package ${repo}/$(basename ${pkg}) does not have a valid signature" + fi if ! check_pkgsvn "${pkg}" "${repo}"; then die "Package ${repo}/$(basename ${pkg}) is not consistent with svn repository" fi -- cgit v1.2.3-24-g4f1b