50 lines
1.7 KiB
Diff
50 lines
1.7 KiB
Diff
From f8c2e59ec57c86827b1f1b1c2f6760dc3e59fe40 Mon Sep 17 00:00:00 2001
|
|
From: David Runge <dvzrv@archlinux.org>
|
|
Date: Mon, 22 Jan 2024 14:35:28 +0100
|
|
Subject: [PATCH] pacman-key: Make signature verification more robust by
|
|
checking pipes
|
|
|
|
To ensure we are not dropping the return code of the `gpg` call due to
|
|
piping into `grep`, we make use of `PIPESTATUS` to check the return code
|
|
of each command separately.
|
|
|
|
Additionally, we can now distinguish between two states: The signature
|
|
does not verify (e.g. due to technical reasons) and the signature is
|
|
not trusted.
|
|
|
|
Signed-off-by: David Runge <dvzrv@archlinux.org>
|
|
---
|
|
scripts/pacman-key.sh.in | 15 +++++++++++++--
|
|
1 file changed, 13 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in
|
|
index 8abd824ec..1c9e06478 100644
|
|
--- a/scripts/pacman-key.sh.in
|
|
+++ b/scripts/pacman-key.sh.in
|
|
@@ -591,10 +591,21 @@ verify_sig() {
|
|
error "$(gettext "Cannot use armored signatures for packages: %s")" "$sig"
|
|
exit 1
|
|
fi
|
|
- if ! "${GPG_PACMAN[@]}" --status-fd 1 --verify "${files[@]}" | grep -qE '^\[GNUPG:\] TRUST_(FULLY|ULTIMATE).*$'; then
|
|
- error "$(gettext "The signature identified by %s could not be verified.")" "$sig"
|
|
+
|
|
+ "${GPG_PACMAN[@]}" --status-fd 1 --verify "${files[@]}" | grep -qE '^\[GNUPG:\] TRUST_(FULLY|ULTIMATE).*$'
|
|
+
|
|
+ # return error if GnuPG fails to verify the signature
|
|
+ if [[ "${PIPESTATUS[0]}" -ne 0 ]]; then
|
|
+ error "$(gettext "The signature verification for %s failed.")" "$sig"
|
|
+ ret=1
|
|
+ fi
|
|
+
|
|
+ # return error if the signature is not trusted fully or ultimately
|
|
+ if [[ "${PIPESTATUS[1]}" -ne 0 ]]; then
|
|
+ error "$(gettext "The signature %s is not trusted.")" "$sig"
|
|
ret=1
|
|
fi
|
|
+
|
|
exit $ret
|
|
}
|
|
|
|
--
|
|
GitLab
|
|
|