Send patches - preferably formatted by git format-patch - to patches at archlinux32 dot org.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorEli Schwartz <eschwartz@archlinux.org>2018-05-29 00:24:35 -0400
committerAllan McRae <allan@archlinux.org>2019-01-22 09:42:38 +1000
commit1e040153bcace3f67a2db1b17195f0225fbd2f5e (patch)
tree1954d1606456b57006675dcf752a264f6d997612
parent9c817b654996249b8022e189ee7e2692f4668431 (diff)
libmakepkg: Implement extendable signature verification
Lookup the existence of matching functions for each protocol, and fallback on the generic file handler. New verification protocols can then be added via thirdparty libmakepkg drop-ins without requiring modifications to verify_signature.sh Signed-off-by: Allan McRae <allan@archlinux.org>
-rw-r--r--scripts/libmakepkg/integrity/verify_signature.sh.in7
1 files changed, 4 insertions, 3 deletions
diff --git a/scripts/libmakepkg/integrity/verify_signature.sh.in b/scripts/libmakepkg/integrity/verify_signature.sh.in
index 9742bdf2..4037f562 100644
--- a/scripts/libmakepkg/integrity/verify_signature.sh.in
+++ b/scripts/libmakepkg/integrity/verify_signature.sh.in
@@ -49,8 +49,8 @@ check_pgpsigs() {
for netfile in "${all_sources[@]}"; do
proto="$(get_protocol "$netfile")"
- if [[ $proto = git ]]; then
- verify_git_signature "$netfile" "$statusfile" || continue
+ if declare -f verify_${proto}_signature > /dev/null; then
+ verify_${proto}_signature "$netfile" "$statusfile" || continue
else
verify_file_signature "$netfile" "$statusfile" || continue
fi
@@ -263,7 +263,8 @@ source_has_signatures() {
proto="$(get_protocol "$netfile")"
query=$(get_uri_query "$netfile")
- if [[ ${netfile%%::*} = *.@(sig?(n)|asc) || ( $proto = git && $query = signed ) ]]; then
+ if [[ ${netfile%%::*} = *.@(sig?(n)|asc) ]] || \
+ ( declare -f verify_${proto}_signature > /dev/null && [[ $query = signed ]] ); then
return 0
fi
done