diff options
author | Eli Schwartz <eschwartz@archlinux.org> | 2018-05-09 06:17:10 +0200 |
---|---|---|
committer | Allan McRae <allan@archlinux.org> | 2018-05-12 13:30:51 +0200 |
commit | 1741bdaf81cc7c0881ee7a26861b3d94c384f13f (patch) | |
tree | 6abda2b5f45223182e41785a0566e7cc97a6fd6c /README | |
parent | 828f305023604474ea078a90bcf9752efdbc8aa9 (diff) | |
download | pacman-1741bdaf81cc7c0881ee7a26861b3d94c384f13f.tar.gz pacman-1741bdaf81cc7c0881ee7a26861b3d94c384f13f.tar.xz |
libmakepkg/integrity: determine what is a signature preferring local filename
Checking the file extension to determine if something is a signature is
currently done in three places:
- verify_file_signature: uses $file to print status, reuses it for
comparison
- source_has_signatures: uses $netfile, but removes url component if
filename component exists
- generate_one_checksum: uses $netfile and fails to detect renamed files
This leads to inconsistent behavior when trying to use a signature of
the form "foo-1.0.tar.gz.asc::https://example.com/foo-1.0.tar.gz.pgp"
Fix this by treating the third case like the second case.
Reported-by: Giancarlo Razzolini <grazzolini@archlinux.org>
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Diffstat (limited to 'README')
0 files changed, 0 insertions, 0 deletions