diff options
author | Eli Schwartz <eschwartz@archlinux.org> | 2017-11-22 05:34:47 +0100 |
---|---|---|
committer | Allan McRae <allan@archlinux.org> | 2018-01-06 03:40:07 +0100 |
commit | 3d4e95e5262a8886a5e775c999fa48ed6a78e179 (patch) | |
tree | 74a0fd20238e7990bd4423e096cb6c7e6095565e /scripts | |
parent | 135f4397c2473844bc060e967dbe1b248b444301 (diff) | |
download | pacman-3d4e95e5262a8886a5e775c999fa48ed6a78e179.tar.gz pacman-3d4e95e5262a8886a5e775c999fa48ed6a78e179.tar.xz |
libmakepkg/integrity: fix git signatures not seen with multiple files
In eaa82b4d0775252856a4e54a6f2a9ea191cf0b8f source_has_signature() was
modified to check if git repositories are marked as signed. However, due
to a typo the unused variable $netfile was checked. This worked as long
as the last source element was marked as signed, due to $netfile being
mistakenly set as a global in check_vcs_software(), but usually failed
with multiple sources.
Break this more consistently by properly declaring $netfile as a local
variable in check_vcs_software() which it should be regardless. Fix it
again by completely moving over to $netfile in source_has_signature()
as netfile is more descriptive of the current state.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Diffstat (limited to 'scripts')
-rw-r--r-- | scripts/libmakepkg/integrity/verify_signature.sh.in | 8 | ||||
-rw-r--r-- | scripts/makepkg.sh.in | 2 |
2 files changed, 5 insertions, 5 deletions
diff --git a/scripts/libmakepkg/integrity/verify_signature.sh.in b/scripts/libmakepkg/integrity/verify_signature.sh.in index add7f75d..640b27f6 100644 --- a/scripts/libmakepkg/integrity/verify_signature.sh.in +++ b/scripts/libmakepkg/integrity/verify_signature.sh.in @@ -256,14 +256,14 @@ parse_gpg_statusfile() { } source_has_signatures() { - local file all_sources proto + local netfile all_sources proto get_all_sources_for_arch 'all_sources' - for file in "${all_sources[@]}"; do - proto="$(get_protocol "$file")" + for netfile in "${all_sources[@]}"; do + proto="$(get_protocol "$netfile")" query=$(get_uri_query "$netfile") - if [[ ${file%%::*} = *.@(sig?(n)|asc) || ( $proto = git* && $query = signed ) ]]; then + if [[ ${netfile%%::*} = *.@(sig?(n)|asc) || ( $proto = git* && $query = signed ) ]]; then return 0 fi done diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index e5ebfee4..8251e71b 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -914,7 +914,7 @@ get_vcsclient() { } check_vcs_software() { - local all_sources all_deps deps ret=0 + local netfile all_sources all_deps deps ret=0 if (( SOURCEONLY == 1 )); then # we will not download VCS sources |