summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorThierry Vignaud <tv@mageia.org>2012-08-24 11:17:00 +0000
committerThierry Vignaud <tv@mageia.org>2012-08-24 11:17:00 +0000
commit93e333ecde929c31f9e5c85b94b31886194b51c1 (patch)
treec4c6ff1c50f388b6c10a6226ad665bd714348fb2
parent24cac3777cc6d90dc68c890e86fb9303707ad470 (diff)
downloadurpmi-93e333ecde929c31f9e5c85b94b31886194b51c1.tar
urpmi-93e333ecde929c31f9e5c85b94b31886194b51c1.tar.gz
urpmi-93e333ecde929c31f9e5c85b94b31886194b51c1.tar.bz2
urpmi-93e333ecde929c31f9e5c85b94b31886194b51c1.tar.xz
urpmi-93e333ecde929c31f9e5c85b94b31886194b51c1.zip
(_check) warn about missing signatures and ask whether to install or not
(in the case where a package is unsigned and came from media without signatures)
-rw-r--r--NEWS2
-rw-r--r--urpm/signature.pm3
2 files changed, 5 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index e257f927..a5083434 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,8 @@
- decrease total package count when some files are missing
- fix installing a package if user acks bogus signature
(regression introduced in 7.0)
+- security:
+ o warn about missing signatures on packages from media without signatures
Version 7.3 - 24 August 2012
diff --git a/urpm/signature.pm b/urpm/signature.pm
index 235867bf..7852e0f0 100644
--- a/urpm/signature.pm
+++ b/urpm/signature.pm
@@ -31,6 +31,9 @@ sub _check {
if ($verif =~ /NOT OK/) {
$verif =~ s/\n//g;
$invalid_sources{$filepath} = N("Invalid signature (%s)", $verif);
+ } elsif ($verif =~ /OK \(\(none\)\)/ ) {
+ $verif =~ s/\n//g;
+ $invalid_sources{$filepath} = N("Missing signature (%s)", $verif);
} else {
unless ($medium && urpm::media::is_valid_medium($medium) &&
$medium->{start} <= $id && $id <= $medium->{end})