From 2b7bb0c6b7aa4f7a43c82db1cf9a18d27600c62e Mon Sep 17 00:00:00 2001
From: Pierre Schmitz <pierre@archlinux.de>
Date: Sun, 18 Dec 2011 14:16:30 +0100
Subject: Validate package signatures on db-update

---
 db-functions | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

(limited to 'db-functions')

diff --git a/db-functions b/db-functions
index a3e2168..7c4a7fe 100644
--- a/db-functions
+++ b/db-functions
@@ -466,6 +466,21 @@ check_repo_permission() {
 	return 0
 }
 
+check_pkgsig() {
+	local signature=$1
+	local ret=1
+	local fd="$(mktemp --tmpdir="${WORKDIR}")"
+
+	exec 4>"${fd}"
+	gpg --homedir /etc/pacman.d/gnupg/ --status-fd 4 --verify "${signature}" >/dev/null 2>&1
+	exec 4>&-
+	if grep -q TRUST_FULLY "${fd}"; then
+		ret=0
+	fi
+
+	return $ret
+}
+
 set_repo_permission() {
 	local repo=$1
 	local arch=$2
-- 
cgit v1.2.3