index : pacman | |
Archlinux32 fork of pacman | gitolite user |
summaryrefslogtreecommitdiff |
author | Dan McGee <dan@archlinux.org> | 2011-12-07 10:00:20 -0600 |
---|---|---|
committer | Dan McGee <dan@archlinux.org> | 2011-12-07 10:00:20 -0600 |
commit | a3a75e0a41680283572895165da3fe2505314dec (patch) | |
tree | 2ac99252adb34215ef7401acf517c45e3bcea2c1 /scripts | |
parent | 1038e669649dae98c1cf9c354e680c62cf25638c (diff) | |
parent | 6a1d3948a670184f01a697efe55b91b4ccdcb51d (diff) |
-rw-r--r-- | scripts/repo-add.sh.in | 19 |
diff --git a/scripts/repo-add.sh.in b/scripts/repo-add.sh.in index 8fa3b723..914675fd 100644 --- a/scripts/repo-add.sh.in +++ b/scripts/repo-add.sh.in @@ -245,7 +245,7 @@ db_write_entry() { local pkgfile="$1" local -a _groups _licenses _replaces _depends _conflicts _provides _optdepends local pkgname pkgver pkgdesc csize size url arch builddate packager \ - md5sum sha256sum pgpsig + md5sum sha256sum pgpsig pgpsigsize # read info from the zipped package local line var val @@ -284,6 +284,17 @@ db_write_entry() { fi fi + # compute base64'd PGP signature + if [[ -f "$pkgfile.sig" ]]; then + pgpsigsize=$(@SIZECMD@ "$pkgfile.sig") + if (( pgpsigsize > 16384 )); then + error "$(gettext "Invalid package signature file '%s'.")" "$pkgfile.sig" + return 1 + fi + msg2 "$(gettext "Adding package signature...")" + pgpsig=$(openssl base64 -in "$pkgfile.sig" | tr -d '\n') + fi + csize=$(@SIZECMD@ "$pkgfile") # compute checksums @@ -293,12 +304,6 @@ db_write_entry() { sha256sum="$(openssl dgst -sha256 "$pkgfile")" sha256sum="${sha256sum##* }" - # compute base64'd PGP signature - if [[ -f "$pkgfile.sig" ]]; then - msg2 "$(gettext "Adding package signature...")" - pgpsig=$(openssl base64 -in "$pkgfile.sig" | tr -d '\n') - fi - # remove an existing entry if it exists, ignore failures db_remove_entry "$pkgname" |