[yum-commits] Branch 'yum-3_2_X' - yum/yumRepo.py
James Antill
james at osuosl.org
Fri Nov 14 15:52:59 UTC 2008
yum/yumRepo.py | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
New commits:
commit d3f7acae8d202b3fd3d094161297f5a2a54f50c7
Author: James Antill <james at and.org>
Date: Fri Nov 14 10:47:25 2008 -0500
Only try importing the repo key, if the sig verify failed (like pkgs).
diff --git a/yum/yumRepo.py b/yum/yumRepo.py
index 01ff5ea..6046beb 100644
--- a/yum/yumRepo.py
+++ b/yum/yumRepo.py
@@ -1319,20 +1319,22 @@ class YumRepository(Repository, config.RepoConf):
result = self._getFile(relative='repodata/repomd.xml.asc',
copy_local=1,
local = sigfile,
- text='%s repo signature' % self.id,
+ text='%s/signature' % self.id,
reget=None,
checkfunc=None,
cache=self.http_caching == 'all')
except URLGrabError, e:
raise URLGrabError(-1, 'Error finding signature for repomd.xml for %s: %s' % (self, e))
- if self.gpg_import_func:
+ valid = misc.valid_detached_sig(result, filepath, self.gpgdir)
+ if not valid and self.gpg_import_func:
try:
self.gpg_import_func(self, self.confirm_func)
except Errors.YumBaseError, e:
raise URLGrabError(-1, 'Gpg Keys not imported, cannot verify repomd.xml for repo %s' % (self))
+ valid = misc.valid_detached_sig(result, filepath, self.gpgdir)
- if not misc.valid_detached_sig(result, filepath, self.gpgdir):
+ if not valid:
raise URLGrabError(-1, 'repomd.xml signature could not be verified for %s' % (self))
try:
More information about the Yum-commits
mailing list