From eaa82b4d0775252856a4e54a6f2a9ea191cf0b8f Mon Sep 17 00:00:00 2001 From: Eli Schwartz Date: Tue, 3 Jan 2017 15:10:18 -0500 Subject: makepkg: Verify git signatures A git repository is marked as signed if it contains the query "signed" as defined by https://tools.ietf.org/html/rfc3986 Adds two utility functions in util/source.sh.in to extract fragments and queries, and modifies source/git.sh.in to use them. Signed-off-by: Eli Schwartz Signed-off-by: Allan McRae --- scripts/libmakepkg/util/source.sh.in | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) (limited to 'scripts/libmakepkg/util') diff --git a/scripts/libmakepkg/util/source.sh.in b/scripts/libmakepkg/util/source.sh.in index 1e781118..238d1f58 100644 --- a/scripts/libmakepkg/util/source.sh.in +++ b/scripts/libmakepkg/util/source.sh.in @@ -65,6 +65,7 @@ get_filename() { case $proto in bzr*|git*|hg*|svn*) filename=${netfile%%#*} + filename=${filename%%\?*} filename=${filename%/} filename=${filename##*/} if [[ $proto = bzr* ]]; then @@ -111,6 +112,32 @@ get_filepath() { printf "%s\n" "$file" } +# extract the VCS revision/branch specifier from a source entry +get_uri_fragment() { + local netfile=$1 + + local fragment=${netfile#*#} + if [[ $fragment = "$netfile" ]]; then + unset fragment + fi + fragment=${fragment%\?*} + + printf "%s\n" "$fragment" +} + +# extract the VCS "signed" status from a source entry +get_uri_query() { + local netfile=$1 + + local query=${netfile#*\?} + if [[ $query = "$netfile" ]]; then + unset query + fi + query=${query%#*} + + printf "%s\n" "$query" +} + get_downloadclient() { local proto=$1 -- cgit v1.2.3-70-g09d2