repo-add: implicitly sign when verifying
Currently it is possible to verify a database signature, without signing the database. This causes the database to be altered, but the (then invalid) signature to be preserved. Fix this by implicitly signing when verifying. Signed-off-by: Christian Hesse <mail@eworm.de>
This commit is contained in:
Christian Hesse
parent
8e30cd4e38
commit
7c3f4949ca
2 changed files with 2 additions and 1 deletions
|
|
@ -54,7 +54,7 @@ Common Options
|
|||
*-v, \--verify*::
|
||||
Verify the PGP signature of the database before updating the database.
|
||||
If the signature is invalid, an error is produced and the update does not
|
||||
proceed.
|
||||
proceed. This implicitly enabled signing.
|
||||
|
||||
*\--nocolor*::
|
||||
Remove color from 'repo-add' and 'repo-remove' output.
|
||||
|
|
|
|||
|
|
@ -631,6 +631,7 @@ while true; do
|
|||
GPGKEY=$1
|
||||
;;
|
||||
-v|--verify)
|
||||
SIGN=1
|
||||
VERIFY=1
|
||||
;;
|
||||
-p|--prevent-downgrade)
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue