diff options
author | Johannes Löthberg <johannes@kyriasis.com> | 2015-06-13 15:45:45 +0200 |
---|---|---|
committer | Allan McRae <allan@archlinux.org> | 2015-06-20 17:32:57 +1000 |
commit | 4b0bc2cf9724e3c9592c045349a38b426148e3b2 (patch) | |
tree | b395ce8bdde38d83f923e9b255c00d0534338d0c | |
parent | aa9aa343cbb391ccc2c2c1a3917f37a98e47105e (diff) | |
download | pacman-4b0bc2cf9724e3c9592c045349a38b426148e3b2.tar.xz |
repo-add: Reject armored signatures
Pacman cannot handle armored signatures, so make repo-add error out if
one is detected.
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
-rw-r--r-- | scripts/repo-add.sh.in | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/scripts/repo-add.sh.in b/scripts/repo-add.sh.in index 7e242ce2..69993a90 100644 --- a/scripts/repo-add.sh.in +++ b/scripts/repo-add.sh.in @@ -364,6 +364,10 @@ db_write_entry() { # compute base64'd PGP signature if [[ -f "$pkgfile.sig" ]]; then + if grep -q 'BEGIN PGP SIGNATURE' "$pkgfile.sig"; then + error "$(gettext "Cannot use armored signatures for packages: %s")" "$pkgfile.sig" + return 1 + fi pgpsigsize=$(@SIZECMD@ -L "$pkgfile.sig") if (( pgpsigsize > 16384 )); then error "$(gettext "Invalid package signature file '%s'.")" "$pkgfile.sig" |