From b859aef11d27e9a2f496436449013b252aee098a Mon Sep 17 00:00:00 2001 From: Thierry Vignaud Date: Fri, 31 Aug 2012 16:44:28 +0000 Subject: (_check) honor per medium "verify-rpm" option for missing signature check aka do not check too early about unsigned packages (missing signatures) (fix testsuite, regression introduced in commit r5393) rationale: we wanted to warn about missing signatures on packages from media without signatures, but in doing so we did it too early before the 'verify-rpm' option check since we already have a check after (when we have a medium key), we can just check here for packages that do not came from any mirror (which we would have skiped just after) --- urpm/signature.pm | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) (limited to 'urpm/signature.pm') diff --git a/urpm/signature.pm b/urpm/signature.pm index f75b9bd6..5d723c6b 100644 --- a/urpm/signature.pm +++ b/urpm/signature.pm @@ -31,9 +31,6 @@ sub _check { if ($verif =~ /NOT OK/) { $verif =~ s/\n//g; $invalid_sources{$filepath} = N("Invalid signature (%s)", $verif); - } elsif ($verif =~ /OK \(\(none\)\)/) { - $verif =~ s/\n//g; - $invalid_sources{$filepath} = N("Missing signature (%s)", $verif); } else { unless ($medium && urpm::media::is_valid_medium($medium) && $medium->{start} <= $id && $id <= $medium->{end}) @@ -45,7 +42,13 @@ sub _check { } } #- no medium found for this rpm ? - next if !$medium; + if (!$medium) { + if ($verif =~ /OK \(\(none\)\)/) { + $verif =~ s/\n//g; + $invalid_sources{$filepath} = N("Missing signature (%s)", $verif); + } + next; + } #- check whether verify-rpm is specifically disabled for this medium if (defined $medium->{'verify-rpm'} && !$medium->{'verify-rpm'}) { $urpm->{log}(N("NOT checking %s\n", $filepath)); -- cgit v1.2.1