Bug#703146: Better debootstrap InRelease handling fix
* Benjamin Cama <benjamin.cama@telecom-bretagne.eu> [130326 18:33]:
> index 1dc0f87..3333f44 100644
> --- a/functions
> +++ b/functions
> @@ -530,8 +530,13 @@ download_release_sig () {
> warning KEYRING "Cannot check Release signature; keyring file not available %s" "$KEYRING_WANTED"
> fi
> if [ "$release_file_variant" = "IN" ]; then
> - rm -f $reldest
> - gpg --output "$reldest" --decrypt --keyring "$KEYRING" --ignore-time-conflict "$relsigdest"
> + sed -n '/^-----BEGIN PGP SIGNED MESSAGE-----$/ { \
> + n \
> + : check_hash /^Hash:/ { n b check_hash } \
> + n # blank line \
> + } \
> + /^-----BEGIN PGP SIGNATURE-----$/ q \
> + p' < "$relsigdest" > "$reldest"
> fi
> }
Sorry, but this is not enough to properly extract the contents of a
inline signed message. You still need to do possible unescaping between
those lines.
Bernhard R. Link
Reply to: