diff options
| author | Daiki Ueno <ueno@gnu.org> | 2014-06-26 16:10:22 +0900 |
|---|---|---|
| committer | Daiki Ueno <ueno@gnu.org> | 2014-06-26 16:10:22 +0900 |
| commit | 51a3c85711017b70579c08a3342effca9fd7a77b (patch) | |
| tree | 9d425c3a13adc6e2ba60383c22c3c3799f027bc3 /lisp/emacs-lisp | |
| parent | 9ac6d28ab8c29547d9f9365dc8f7cea13c32ef7a (diff) | |
| download | emacs-51a3c85711017b70579c08a3342effca9fd7a77b.tar.gz emacs-51a3c85711017b70579c08a3342effca9fd7a77b.tar.bz2 emacs-51a3c85711017b70579c08a3342effca9fd7a77b.zip | |
package.el: Don't signal "no public key" error if allow-unsigned
* emacs-lisp/package.el (package--check-signature): If
package-check-signature is allow-unsigned, don't signal error when
we can't verify signature because of missing public key
(bug#17625).
Diffstat (limited to 'lisp/emacs-lisp')
| -rw-r--r-- | lisp/emacs-lisp/package.el | 24 |
1 files changed, 14 insertions, 10 deletions
diff --git a/lisp/emacs-lisp/package.el b/lisp/emacs-lisp/package.el index c2aaabdd6a6..4d7ed8f121c 100644 --- a/lisp/emacs-lisp/package.el +++ b/lisp/emacs-lisp/package.el @@ -828,16 +828,20 @@ GnuPG keyring is located under \"gnupg\" in `package-user-dir'." (buffer-string)))) (epg-context-set-home-directory context homedir) (epg-verify-string context sig-content (buffer-string)) - ;; The .sig file may contain multiple signatures. Success if one - ;; of the signatures is good. - (let ((good-signatures - (delq nil (mapcar (lambda (sig) - (if (eq (epg-signature-status sig) 'good) - sig)) - (epg-context-result-for context 'verify))))) - (if (null good-signatures) - ;; FIXME: Only signal an error if the signature is invalid, not if we - ;; simply lack the key needed to check the sig! + (let (good-signatures had-fatal-error) + ;; The .sig file may contain multiple signatures. Success if one + ;; of the signatures is good. + (dolist (sig (epg-context-result-for context 'verify)) + (if (eq (epg-signature-status sig) 'good) + (push sig good-signatures) + ;; If package-check-signature is allow-unsigned, don't + ;; signal error when we can't verify signature because of + ;; missing public key. Other errors are still treated as + ;; fatal (bug#17625). + (unless (and (eq package-check-signature 'allow-unsigned) + (eq (epg-signature-status sig) 'no-pubkey)) + (setq had-fatal-error t)))) + (if (and (null good-signatures) had-fatal-error) (error "Failed to verify signature %s: %S" sig-file (mapcar #'epg-signature-to-string |