From a8b22e16efbffee84ff8647846196958d871c64b Mon Sep 17 00:00:00 2001
From: Allan McRae <allan@archlinux.org>
Date: Wed, 24 Nov 2010 17:22:32 +1000
Subject: Do not reuse old signature

After updating a database, remove the old signature to prevent it
being used in validation if the new signature fails to download.

Signed-off-by: Allan McRae <allan@archlinux.org>
---
 lib/libalpm/signing.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'lib/libalpm/signing.c')

diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c
index 0434d996..c30650b1 100644
--- a/lib/libalpm/signing.c
+++ b/lib/libalpm/signing.c
@@ -147,7 +147,7 @@ int _alpm_gpgme_checksig(const char *path, const pmpgpsig_t *sig)
 	err = gpgme_op_verify(ctx, sigdata, filedata, NULL);
 	CHECK_ERR();
 	result = gpgme_op_verify_result(ctx);
-		gpgsig = result->signatures;
+	gpgsig = result->signatures;
 	if (!gpgsig || gpgsig->next) {
 		_alpm_log(PM_LOG_ERROR, _("Unexpected number of signatures\n"));
 		ret = -1;
-- 
cgit v1.2.3-24-g4f1b