[Emacs-diffs] trunk r117413: package.el: Don't signal "no public key" er

emacs-diffs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Emacs-diffs] trunk r117413: package.el: Don't signal "no public key" er

From:	Daiki Ueno
Subject:	[Emacs-diffs] trunk r117413: package.el: Don't signal "no public key" error if allow-unsigned
Date:	Thu, 26 Jun 2014 07:11:39 +0000
User-agent:	Bazaar (2.6b2)

------------------------------------------------------------
revno: 117413
revision-id: address@hidden
parent: address@hidden
committer: Daiki Ueno <address@hidden>
branch nick: trunk
timestamp: Thu 2014-06-26 16:10:22 +0900
message:
  package.el: Don't signal "no public key" error if allow-unsigned
  
  * emacs-lisp/package.el (package--check-signature): If
  package-check-signature is allow-unsigned, don't signal error when
  we can't verify signature because of missing public key
  (bug#17625).
modified:
  lisp/ChangeLog                 changelog-20091113204419-o5vbwnq5f7feedwu-1432
  lisp/emacs-lisp/package.el     package.el-20100617020707-ybavz666awsxwin6-2

=== modified file 'lisp/ChangeLog'
--- a/lisp/ChangeLog    2014-06-26 06:55:15 +0000
+++ b/lisp/ChangeLog    2014-06-26 07:10:22 +0000
@@ -1,3 +1,10 @@
+2014-06-26  Daiki Ueno  <address@hidden>
+
+       * emacs-lisp/package.el (package--check-signature): If
+       package-check-signature is allow-unsigned, don't signal error when
+       we can't verify signature because of missing public key
+       (bug#17625).
+
 2014-06-26  Glenn Morris  <address@hidden>
 
        * emacs-lisp/cl-macs.el (help-add-fundoc-usage):

=== modified file 'lisp/emacs-lisp/package.el'
--- a/lisp/emacs-lisp/package.el        2014-06-26 06:55:15 +0000
+++ b/lisp/emacs-lisp/package.el        2014-06-26 07:10:22 +0000
@@ -828,16 +828,20 @@
                        (buffer-string))))
     (epg-context-set-home-directory context homedir)
     (epg-verify-string context sig-content (buffer-string))
-    ;; The .sig file may contain multiple signatures.  Success if one
-    ;; of the signatures is good.
-    (let ((good-signatures
-           (delq nil (mapcar (lambda (sig)
-                               (if (eq (epg-signature-status sig) 'good)
-                                   sig))
-                             (epg-context-result-for context 'verify)))))
-      (if (null good-signatures)
-          ;; FIXME: Only signal an error if the signature is invalid, not if we
-          ;; simply lack the key needed to check the sig!
+    (let (good-signatures had-fatal-error)
+      ;; The .sig file may contain multiple signatures.  Success if one
+      ;; of the signatures is good.
+      (dolist (sig (epg-context-result-for context 'verify))
+       (if (eq (epg-signature-status sig) 'good)
+           (push sig good-signatures)
+         ;; If package-check-signature is allow-unsigned, don't
+         ;; signal error when we can't verify signature because of
+         ;; missing public key.  Other errors are still treated as
+         ;; fatal (bug#17625).
+         (unless (and (eq package-check-signature 'allow-unsigned)
+                      (eq (epg-signature-status sig) 'no-pubkey))
+           (setq had-fatal-error t))))
+      (if (and (null good-signatures) had-fatal-error)
           (error "Failed to verify signature %s: %S"
                  sig-file
                  (mapcar #'epg-signature-to-string

[Prev in Thread]

Current Thread

[Next in Thread]

[Emacs-diffs] trunk r117413: package.el: Don't signal "no public key" error if allow-unsigned, Daiki Ueno <=

Prev by Date: [Emacs-diffs] trunk r117412: Merge from emacs-24; up to r117309
Next by Date: [Emacs-diffs] trunk r117414: * src/fns.c (Fcompare_strings): Use FETCH_STRING_CHAR_AS_MULTIBYTE_ADVANCE.
Previous by thread: [Emacs-diffs] trunk r117412: Merge from emacs-24; up to r117309
Next by thread: [Emacs-diffs] trunk r117414: * src/fns.c (Fcompare_strings): Use FETCH_STRING_CHAR_AS_MULTIBYTE_ADVANCE.
Index(es):
- Date
- Thread