In 42e7020281 creating the gpg statusfile
for a source file was split into a separate function, which used the
return code to indicate unsigned files and proto-specific errors.
However, the fallback return code was set by the final gpg invocation,
which would be 1 if the signature was somehow broken (for example, the
key was not available in the gpg keyring). As a result makepkg thought
that file did not have a signature and skipped over it rather than
erroring out.
Fix this by explicitly setting the return code for all
verify_*_signature() functions.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
A git repository is marked as signed if it contains the query "signed"
as defined by https://tools.ietf.org/html/rfc3986
Adds two utility functions in util/source.sh.in to extract fragments and
queries, and modifies source/git.sh.in to use them.
Signed-off-by: Eli Schwartz <eschwartz93@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
This makes it easier to add signature verification for new protos.
Signed-off-by: Eli Schwartz <eschwartz93@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
