[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#703146: Better debootstrap InRelease handling fix

* Benjamin Cama <benjamin.cama@telecom-bretagne.eu> [130326 18:33]:
> index 1dc0f87..3333f44 100644
> --- a/functions
> +++ b/functions
> @@ -530,8 +530,13 @@ download_release_sig () {
>  		warning KEYRING "Cannot check Release signature; keyring file not available %s" "$KEYRING_WANTED"
>  	fi
>  	if [ "$release_file_variant" = "IN" ]; then
> -		rm -f $reldest
> -                gpg --output "$reldest" --decrypt --keyring "$KEYRING" --ignore-time-conflict "$relsigdest"
> +		sed -n '/^-----BEGIN PGP SIGNED MESSAGE-----$/ { \
> +				n \
> +				: check_hash /^Hash:/ { n b check_hash } \
> +				n # blank line \
> +			} \
> +			/^-----BEGIN PGP SIGNATURE-----$/ q \
> +			p' < "$relsigdest" > "$reldest"
>  	fi
>  }

Sorry, but this is not enough to properly extract the contents of a
inline signed message. You still need to do possible unescaping between
those lines.

        Bernhard R. Link
Reply to: