From 1291c04961e6c27e93ef376583d46ec2aa3036a1 Mon Sep 17 00:00:00 2001
From: Allan McRae <allan@archlinux.org>
Date: Sun, 12 Jun 2016 14:18:24 +1000
Subject: pacman-key: reject armored signatures

pacman expects an unarmored signature.  makepkg forces the generation of
unarmored signatures, and repo-add will reject any armored signature.
For consistency pacman-key should also reject armored signatures.

Signed-off-by: Allan McRae <allan@archlinux.org>
---
 scripts/pacman-key.sh.in | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in
index 0db09522..ffefc68c 100644
--- a/scripts/pacman-key.sh.in
+++ b/scripts/pacman-key.sh.in
@@ -483,6 +483,10 @@ verify_sig() {
 	local ret=0
 	for sig; do
 		msg "Checking %s..." "$sig"
+		if grep -q 'BEGIN PGP SIGNATURE' "$sig"; then
+			error "$(gettext "Cannot use armored signatures for packages: %s")" "$sig"
+			return 1
+		fi
 		if ! "${GPG_PACMAN[@]}" --status-fd 1 --verify "$sig" | grep -qE '^\[GNUPG:\] TRUST_(FULLY|ULTIMATE).*$'; then
 			error "$(gettext "The signature identified by %s could not be verified.")" "$sig"
 			ret=1
-- 
cgit v1.2.3-24-g4f1b