pacman - Main repository is at http://projects.archlinux.org/pacman.git/

diff options

author	Anatol Pomozov <anatol.pomozov@gmail.com>	2020-05-27 04:12:08 +0200
committer	Allan McRae <allan@archlinux.org>	2020-07-07 13:38:13 +0200
commit	b01bcc7d3d680856bd60c4ae03e4ba3f6d889cb2 (patch)
tree	847eebcbde07999814ee3137f6d2f4ec11a0a11c /TRANSLATORS
parent	f3dfba73d22b7eca3810a8114f2aab63da488b4c (diff)
download	pacman-b01bcc7d3d680856bd60c4ae03e4ba3f6d889cb2.tar.gz pacman-b01bcc7d3d680856bd60c4ae03e4ba3f6d889cb2.tar.xz

Fallback to detached signatures during keyring check

Pacman has a 'key in keyring' verification step that makes sure the signatures have a valid keyid. Currently pacman parses embedded package signatures only. Add a fallback to detached signatures. If embedded signature is missing then it tries to read corresponding *.sig file and get keyid from there. Verification: debug: found cached pkg: /var/cache/pacman/pkg/glib-networking-2.64.3-1-x86_64.pkg.tar.zst debug: found detached signature /var/cache/pacman/pkg/glib-networking-2.64.3-1-x86_64.pkg.tar.zst.sig with size 310 debug: found signature key: A5E9288C4FA415FA debug: looking up key A5E9288C4FA415FA locally debug: key lookup success, key exists Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>

Diffstat (limited to 'TRANSLATORS')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: