3 files changed, 8 insertions, 1 deletions

diff --git a/lib/libalpm/alpm.h b/lib/libalpm/alpm.h
index 2277a69c..806cd959 100644
--- a/lib/libalpm/alpm.h
+++ b/lib/libalpm/alpm.h
@@ -1267,6 +1267,7 @@ typedef enum _alpm_errno_t {
 	ALPM_ERR_PKG_INVALID,
 	ALPM_ERR_PKG_INVALID_CHECKSUM,
 	ALPM_ERR_PKG_INVALID_SIG,
+	ALPM_ERR_PKG_MISSING_SIG,
 	ALPM_ERR_PKG_OPEN,
 	ALPM_ERR_PKG_CANT_REMOVE,
 	ALPM_ERR_PKG_INVALID_NAME,
diff --git a/lib/libalpm/be_package.c b/lib/libalpm/be_package.c
index cfe5fb36..5a709680 100644
--- a/lib/libalpm/be_package.c
+++ b/lib/libalpm/be_package.c
@@ -323,9 +323,13 @@ int _alpm_pkg_validate_internal(alpm_handle_t *handle,
 	}
 
 	/* even if we don't have a sig, run the check code if level tells us to */
-	if(has_sig || level & ALPM_SIG_PACKAGE) {
+	if(level & ALPM_SIG_PACKAGE) {
 		const char *sig = syncpkg ? syncpkg->base64_sig : NULL;
 		_alpm_log(handle, ALPM_LOG_DEBUG, "sig data: %s\n", sig ? sig : "<from .sig>");
+		if(!has_sig && !(level & ALPM_SIG_PACKAGE_OPTIONAL)) {
+			handle->pm_errno = ALPM_ERR_PKG_MISSING_SIG;
+			return -1;
+		}
 		if(_alpm_check_pgp_helper(handle, pkgfile, sig,
 					level & ALPM_SIG_PACKAGE_OPTIONAL, level & ALPM_SIG_PACKAGE_MARGINAL_OK,
 					level & ALPM_SIG_PACKAGE_UNKNOWN_OK, sigdata)) {
diff --git a/lib/libalpm/error.c b/lib/libalpm/error.c
index a59f4fe1..86221807 100644
--- a/lib/libalpm/error.c
+++ b/lib/libalpm/error.c
@@ -111,6 +111,8 @@ const char SYMEXPORT *alpm_strerror(alpm_errno_t err)
 			return _("invalid or corrupted package (checksum)");
 		case ALPM_ERR_PKG_INVALID_SIG:
 			return _("invalid or corrupted package (PGP signature)");
+		case ALPM_ERR_PKG_MISSING_SIG:
+			return _("package missing required signature");
 		case ALPM_ERR_PKG_OPEN:
 			return _("cannot open package file");
 		case ALPM_ERR_PKG_CANT_REMOVE: