bryson/pacman
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
pacman/scripts/libmakepkg/integrity
History
Eli Schwartz 1741bdaf81 libmakepkg/integrity: determine what is a signature preferring local filename 
Checking the file extension to determine if something is a signature is
currently done in three places:
- verify_file_signature: uses $file to print status, reuses it for
  comparison
- source_has_signatures: uses $netfile, but removes url component if
  filename component exists
- generate_one_checksum: uses $netfile and fails to detect renamed files

This leads to inconsistent behavior when trying to use a signature of
the form "foo-1.0.tar.gz.asc::https://example.com/foo-1.0.tar.gz.pgp"

Fix this by treating the third case like the second case.

Reported-by: Giancarlo Razzolini <grazzolini@archlinux.org>
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
2018-05-12 21:30:51 +10:00
..
generate_checksum.sh.in libmakepkg/integrity: determine what is a signature preferring local filename 2018-05-12 21:30:51 +10:00
generate_signature.sh.in libmakepkg/integrity: fix regression that broke --install 2018-03-15 11:30:20 +10:00
verify_checksum.sh.in Update coyrights for 2018 2018-03-14 13:31:31 +10:00
verify_signature.sh.in Update coyrights for 2018 2018-03-14 13:31:31 +10:00