summaryrefslogtreecommitdiff
path: root/scripts/libmakepkg/integrity
diff options
context:
space:
mode:
authorEli Schwartz <eschwartz@archlinux.org>2018-05-09 00:17:10 -0400
committerAllan McRae <allan@archlinux.org>2018-05-12 21:30:51 +1000
commit1741bdaf81cc7c0881ee7a26861b3d94c384f13f (patch)
tree6abda2b5f45223182e41785a0566e7cc97a6fd6c /scripts/libmakepkg/integrity
parent828f305023604474ea078a90bcf9752efdbc8aa9 (diff)
downloadpacman-1741bdaf81cc7c0881ee7a26861b3d94c384f13f.tar.xz
libmakepkg/integrity: determine what is a signature preferring local filename
Checking the file extension to determine if something is a signature is currently done in three places: - verify_file_signature: uses $file to print status, reuses it for comparison - source_has_signatures: uses $netfile, but removes url component if filename component exists - generate_one_checksum: uses $netfile and fails to detect renamed files This leads to inconsistent behavior when trying to use a signature of the form "foo-1.0.tar.gz.asc::https://example.com/foo-1.0.tar.gz.pgp" Fix this by treating the third case like the second case. Reported-by: Giancarlo Razzolini <grazzolini@archlinux.org> Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
Diffstat (limited to 'scripts/libmakepkg/integrity')
-rw-r--r--scripts/libmakepkg/integrity/generate_checksum.sh.in2
1 files changed, 1 insertions, 1 deletions
diff --git a/scripts/libmakepkg/integrity/generate_checksum.sh.in b/scripts/libmakepkg/integrity/generate_checksum.sh.in
index fdee0d72..eb9b74fc 100644
--- a/scripts/libmakepkg/integrity/generate_checksum.sh.in
+++ b/scripts/libmakepkg/integrity/generate_checksum.sh.in
@@ -56,7 +56,7 @@ generate_one_checksum() {
sum="SKIP"
;;
*)
- if [[ $netfile != *.@(sig?(n)|asc) ]]; then
+ if [[ ${netfile%%::*} != *.@(sig?(n)|asc) ]]; then
local file
file="$(get_filepath "$netfile")" || missing_source_file "$netfile"
sum="$("${integ}sum" "$file")"