commit: 0611129171a7f43be5e554c3ace3880c981aea92 Author: Michał Górny <mgorny <AT> gentoo <DOT> org> AuthorDate: Mon Jan 23 08:23:18 2023 +0000 Commit: Michał Górny <mgorny <AT> gentoo <DOT> org> CommitDate: Mon Jan 8 14:48:15 2024 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=06111291
verify-sig.eclass: Accept 1-out-of-n sigs on multisig files If a distfile has multiple detached signatures, pass verification if at least one of them can be verified rather than requiring all of them. This is particularly helpful for upstreams where the whole set of release keys is hard to come by. Closes: https://bugs.gentoo.org/873211 Closes: https://github.com/gentoo/gentoo/pull/29224 Signed-off-by: Michał Górny <mgorny <AT> gentoo.org> Closes: https://github.com/gentoo/gentoo/pull/29592 Signed-off-by: Michał Górny <mgorny <AT> gentoo.org> eclass/verify-sig.eclass | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/eclass/verify-sig.eclass b/eclass/verify-sig.eclass index 88fb17c31652..b74ed78290aa 100644 --- a/eclass/verify-sig.eclass +++ b/eclass/verify-sig.eclass @@ -160,7 +160,7 @@ verify-sig_verify_detached() { # https://bugs.gentoo.org/854492 local -x TMPDIR=/tmp gemato openpgp-verify-detached -K "${key}" \ - "${extra_args[@]}" \ + "${extra_args[@]}" --no-require-all-good \ "${sig}" "${file}" || die "PGP signature verification failed" ;;
