summaryrefslogtreecommitdiffstats
path: root/scripts
diff options
context:
space:
mode:
authorDan McGee <dan@archlinux.org>2011-12-07 17:00:20 +0100
committerDan McGee <dan@archlinux.org>2011-12-07 17:00:20 +0100
commita3a75e0a41680283572895165da3fe2505314dec (patch)
tree2ac99252adb34215ef7401acf517c45e3bcea2c1 /scripts
parent1038e669649dae98c1cf9c354e680c62cf25638c (diff)
parent6a1d3948a670184f01a697efe55b91b4ccdcb51d (diff)
downloadpacman-a3a75e0a41680283572895165da3fe2505314dec.tar.gz
pacman-a3a75e0a41680283572895165da3fe2505314dec.tar.xz
Merge branch 'maint'
Diffstat (limited to 'scripts')
-rw-r--r--scripts/repo-add.sh.in19
1 files changed, 12 insertions, 7 deletions
diff --git a/scripts/repo-add.sh.in b/scripts/repo-add.sh.in
index 8fa3b723..914675fd 100644
--- a/scripts/repo-add.sh.in
+++ b/scripts/repo-add.sh.in
@@ -245,7 +245,7 @@ db_write_entry() {
local pkgfile="$1"
local -a _groups _licenses _replaces _depends _conflicts _provides _optdepends
local pkgname pkgver pkgdesc csize size url arch builddate packager \
- md5sum sha256sum pgpsig
+ md5sum sha256sum pgpsig pgpsigsize
# read info from the zipped package
local line var val
@@ -284,6 +284,17 @@ db_write_entry() {
fi
fi
+ # compute base64'd PGP signature
+ if [[ -f "$pkgfile.sig" ]]; then
+ pgpsigsize=$(@SIZECMD@ "$pkgfile.sig")
+ if (( pgpsigsize > 16384 )); then
+ error "$(gettext "Invalid package signature file '%s'.")" "$pkgfile.sig"
+ return 1
+ fi
+ msg2 "$(gettext "Adding package signature...")"
+ pgpsig=$(openssl base64 -in "$pkgfile.sig" | tr -d '\n')
+ fi
+
csize=$(@SIZECMD@ "$pkgfile")
# compute checksums
@@ -293,12 +304,6 @@ db_write_entry() {
sha256sum="$(openssl dgst -sha256 "$pkgfile")"
sha256sum="${sha256sum##* }"
- # compute base64'd PGP signature
- if [[ -f "$pkgfile.sig" ]]; then
- msg2 "$(gettext "Adding package signature...")"
- pgpsig=$(openssl base64 -in "$pkgfile.sig" | tr -d '\n')
- fi
-
# remove an existing entry if it exists, ignore failures
db_remove_entry "$pkgname"