repo-add: Reject armored signatures

Pacman cannot handle armored signatures, so make repo-add error out if one is detected. Signed-off-by: Johannes Löthberg <johannes@kyriasis.com> Signed-off-by: Allan McRae <allan@archlinux.org>
author: Johannes Löthberg <johannes@kyriasis.com> 2015-06-13 15:45:45 +0200
committer: Allan McRae <allan@archlinux.org> 2015-06-20 17:32:57 +1000
commit: 4b0bc2cf9724e3c9592c045349a38b426148e3b2 (patch)
tree: b395ce8bdde38d83f923e9b255c00d0534338d0c /scripts/repo-add.sh.in
parent: aa9aa343cbb391ccc2c2c1a3917f37a98e47105e (diff)
download: pacman-4b0bc2cf9724e3c9592c045349a38b426148e3b2.tar.xz
1 files changed, 4 insertions, 0 deletions
diff --git a/scripts/repo-add.sh.in b/scripts/repo-add.sh.in
index 7e242ce2..69993a90 100644
--- a/scripts/repo-add.sh.in
+++ b/scripts/repo-add.sh.in
@@ -364,6 +364,10 @@ db_write_entry() {
 
 	# compute base64'd PGP signature
 	if [[ -f "$pkgfile.sig" ]]; then
+		if grep -q 'BEGIN PGP SIGNATURE' "$pkgfile.sig"; then
+			error "$(gettext "Cannot use armored signatures for packages: %s")" "$pkgfile.sig"
+			return 1
+		fi
 		pgpsigsize=$(@SIZECMD@ -L "$pkgfile.sig")
 		if (( pgpsigsize > 16384 )); then
 			error "$(gettext "Invalid package signature file '%s'.")" "$pkgfile.sig"
author	Johannes Löthberg <johannes@kyriasis.com>	2015-06-13 15:45:45 +0200
committer	Allan McRae <allan@archlinux.org>	2015-06-20 17:32:57 +1000
commit	4b0bc2cf9724e3c9592c045349a38b426148e3b2 (patch)
tree	b395ce8bdde38d83f923e9b255c00d0534338d0c /scripts/repo-add.sh.in
parent	aa9aa343cbb391ccc2c2c1a3917f37a98e47105e (diff)
download	pacman-4b0bc2cf9724e3c9592c045349a38b426148e3b2.tar.xz