summaryrefslogtreecommitdiffstats
path: root/scripts/libmakepkg/integrity/verify_signature.sh.in
AgeCommit message (Collapse)AuthorFilesLines
2018-03-14Update coyrights for 2018Allan McRae1-1/+1
make update-copyright OLD=2017 NEW=201 Signed-off-by: Allan McRae <allan@archlinux.org>
2018-01-06libmakepkg/integrity: fix git signatures not seen with multiple filesEli Schwartz1-4/+4
In eaa82b4d0775252856a4e54a6f2a9ea191cf0b8f source_has_signature() was modified to check if git repositories are marked as signed. However, due to a typo the unused variable $netfile was checked. This worked as long as the last source element was marked as signed, due to $netfile being mistakenly set as a global in check_vcs_software(), but usually failed with multiple sources. Break this more consistently by properly declaring $netfile as a local variable in check_vcs_software() which it should be regardless. Fix it again by completely moving over to $netfile in source_has_signature() as netfile is more descriptive of the current state. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-01-06libmakepkg/integrity: fix regression that broke invalid file sigsEli Schwartz1-0/+2
In 42e7020281d3ae260e1e9693495f527b7f476625 creating the gpg statusfile for a source file was split into a separate function, which used the return code to indicate unsigned files and proto-specific errors. However, the fallback return code was set by the final gpg invocation, which would be 1 if the signature was somehow broken (for example, the key was not available in the gpg keyring). As a result makepkg thought that file did not have a signature and skipped over it rather than erroring out. Fix this by explicitly setting the return code for all verify_*_signature() functions. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2017-07-06libmakepkg: Fix improperly spelled local variable declarationEli Schwartz1-1/+1
Signed-off-by: Eli Schwartz <eschwartz93@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2017-07-06libmakepkg/integrity: Fix error message not sent to stderrEli Schwartz1-1/+1
Signed-off-by: Eli Schwartz <eschwartz93@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2017-01-04makepkg: Verify git signaturesEli Schwartz1-4/+49
A git repository is marked as signed if it contains the query "signed" as defined by https://tools.ietf.org/html/rfc3986 Adds two utility functions in util/source.sh.in to extract fragments and queries, and modifies source/git.sh.in to use them. Signed-off-by: Eli Schwartz <eschwartz93@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2017-01-04libmakepkg/integrity: Verify file signatures in a separate functionEli Schwartz1-38/+46
This makes it easier to add signature verification for new protos. Signed-off-by: Eli Schwartz <eschwartz93@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2017-01-04Update copyright yearsAllan McRae1-1/+1
Signed-off-by: Allan McRae <allan@archlinux.org>
2016-05-18libmakepkg: extract functions for integrity checkingAshley Whetter1-0/+216
Signed-off-by: Ashley Whetter <ashley@awhetter.co.uk> Signed-off-by: Allan McRae <allan@archlinux.org>
generated by cgit v1.2.3-24-g4f1b (git 2.32.0) at 2024-11-16 02:33:43 +0100