From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 0A3BD158451 for ; Mon, 8 Jan 2024 14:48:35 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 2FDE42BC02B; Mon, 8 Jan 2024 14:48:33 +0000 (UTC) Received: from smtp.gentoo.org (woodpecker.gentoo.org [140.211.166.183]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id C523C2BC014 for ; Mon, 8 Jan 2024 14:48:32 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id C12623432BB for ; Mon, 8 Jan 2024 14:48:31 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 2CC73137A for ; Mon, 8 Jan 2024 14:48:30 +0000 (UTC) From: "Michał Górny" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Michał Górny" Message-ID: <1704725295.0611129171a7f43be5e554c3ace3880c981aea92.mgorny@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: eclass/ X-VCS-Repository: repo/gentoo X-VCS-Files: eclass/verify-sig.eclass X-VCS-Directories: eclass/ X-VCS-Committer: mgorny X-VCS-Committer-Name: Michał Górny X-VCS-Revision: 0611129171a7f43be5e554c3ace3880c981aea92 X-VCS-Branch: master Date: Mon, 8 Jan 2024 14:48:30 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: 899efc08-b93c-41d6-8a58-7cea4bcb1075 X-Archives-Hash: f0de0de26bc0b4b934f3ba245c17070d commit: 0611129171a7f43be5e554c3ace3880c981aea92 Author: Michał Górny gentoo org> AuthorDate: Mon Jan 23 08:23:18 2023 +0000 Commit: Michał Górny gentoo org> CommitDate: Mon Jan 8 14:48:15 2024 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=06111291 verify-sig.eclass: Accept 1-out-of-n sigs on multisig files If a distfile has multiple detached signatures, pass verification if at least one of them can be verified rather than requiring all of them. This is particularly helpful for upstreams where the whole set of release keys is hard to come by. Closes: https://bugs.gentoo.org/873211 Closes: https://github.com/gentoo/gentoo/pull/29224 Signed-off-by: Michał Górny gentoo.org> Closes: https://github.com/gentoo/gentoo/pull/29592 Signed-off-by: Michał Górny gentoo.org> eclass/verify-sig.eclass | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/eclass/verify-sig.eclass b/eclass/verify-sig.eclass index 88fb17c31652..b74ed78290aa 100644 --- a/eclass/verify-sig.eclass +++ b/eclass/verify-sig.eclass @@ -160,7 +160,7 @@ verify-sig_verify_detached() { # https://bugs.gentoo.org/854492 local -x TMPDIR=/tmp gemato openpgp-verify-detached -K "${key}" \ - "${extra_args[@]}" \ + "${extra_args[@]}" --no-require-all-good \ "${sig}" "${file}" || die "PGP signature verification failed" ;;