summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJohannes Löthberg <johannes@kyriasis.com>2015-06-13 15:45:45 +0200
committerAllan McRae <allan@archlinux.org>2015-06-20 09:32:57 +0200
commit4b0bc2cf9724e3c9592c045349a38b426148e3b2 (patch)
treeb395ce8bdde38d83f923e9b255c00d0534338d0c
parentaa9aa343cbb391ccc2c2c1a3917f37a98e47105e (diff)
downloadpacman-4b0bc2cf9724e3c9592c045349a38b426148e3b2.tar.gz
pacman-4b0bc2cf9724e3c9592c045349a38b426148e3b2.tar.xz
repo-add: Reject armored signatures
Pacman cannot handle armored signatures, so make repo-add error out if one is detected. Signed-off-by: Johannes Löthberg <johannes@kyriasis.com> Signed-off-by: Allan McRae <allan@archlinux.org>
-rw-r--r--scripts/repo-add.sh.in4
1 files changed, 4 insertions, 0 deletions
diff --git a/scripts/repo-add.sh.in b/scripts/repo-add.sh.in
index 7e242ce2..69993a90 100644
--- a/scripts/repo-add.sh.in
+++ b/scripts/repo-add.sh.in
@@ -364,6 +364,10 @@ db_write_entry() {
# compute base64'd PGP signature
if [[ -f "$pkgfile.sig" ]]; then
+ if grep -q 'BEGIN PGP SIGNATURE' "$pkgfile.sig"; then
+ error "$(gettext "Cannot use armored signatures for packages: %s")" "$pkgfile.sig"
+ return 1
+ fi
pgpsigsize=$(@SIZECMD@ -L "$pkgfile.sig")
if (( pgpsigsize > 16384 )); then
error "$(gettext "Invalid package signature file '%s'.")" "$pkgfile.sig"