summaryrefslogtreecommitdiffstats
path: root/scripts
diff options
context:
space:
mode:
authorEli Schwartz <eschwartz@archlinux.org>2017-11-22 05:34:47 +0100
committerAllan McRae <allan@archlinux.org>2018-01-06 03:40:07 +0100
commit3d4e95e5262a8886a5e775c999fa48ed6a78e179 (patch)
tree74a0fd20238e7990bd4423e096cb6c7e6095565e /scripts
parent135f4397c2473844bc060e967dbe1b248b444301 (diff)
downloadpacman-3d4e95e5262a8886a5e775c999fa48ed6a78e179.tar.gz
pacman-3d4e95e5262a8886a5e775c999fa48ed6a78e179.tar.xz
libmakepkg/integrity: fix git signatures not seen with multiple files
In eaa82b4d0775252856a4e54a6f2a9ea191cf0b8f source_has_signature() was modified to check if git repositories are marked as signed. However, due to a typo the unused variable $netfile was checked. This worked as long as the last source element was marked as signed, due to $netfile being mistakenly set as a global in check_vcs_software(), but usually failed with multiple sources. Break this more consistently by properly declaring $netfile as a local variable in check_vcs_software() which it should be regardless. Fix it again by completely moving over to $netfile in source_has_signature() as netfile is more descriptive of the current state. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
Diffstat (limited to 'scripts')
-rw-r--r--scripts/libmakepkg/integrity/verify_signature.sh.in8
-rw-r--r--scripts/makepkg.sh.in2
2 files changed, 5 insertions, 5 deletions
diff --git a/scripts/libmakepkg/integrity/verify_signature.sh.in b/scripts/libmakepkg/integrity/verify_signature.sh.in
index add7f75d..640b27f6 100644
--- a/scripts/libmakepkg/integrity/verify_signature.sh.in
+++ b/scripts/libmakepkg/integrity/verify_signature.sh.in
@@ -256,14 +256,14 @@ parse_gpg_statusfile() {
}
source_has_signatures() {
- local file all_sources proto
+ local netfile all_sources proto
get_all_sources_for_arch 'all_sources'
- for file in "${all_sources[@]}"; do
- proto="$(get_protocol "$file")"
+ for netfile in "${all_sources[@]}"; do
+ proto="$(get_protocol "$netfile")"
query=$(get_uri_query "$netfile")
- if [[ ${file%%::*} = *.@(sig?(n)|asc) || ( $proto = git* && $query = signed ) ]]; then
+ if [[ ${netfile%%::*} = *.@(sig?(n)|asc) || ( $proto = git* && $query = signed ) ]]; then
return 0
fi
done
diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in
index e5ebfee4..8251e71b 100644
--- a/scripts/makepkg.sh.in
+++ b/scripts/makepkg.sh.in
@@ -914,7 +914,7 @@ get_vcsclient() {
}
check_vcs_software() {
- local all_sources all_deps deps ret=0
+ local netfile all_sources all_deps deps ret=0
if (( SOURCEONLY == 1 )); then
# we will not download VCS sources