From e4f9fc7a5040f0eeef330e82bdeda6483bbd8a50 Mon Sep 17 00:00:00 2001 From: Guillem Jover Date: Sat, 31 Aug 2019 03:55:10 +0200 Subject: Dpkg::OpenPGP: Make it possible to verify detached signatures This is required to be able to verify original upstream tarball signatures, as they are expected to be ASCII armored detached signatures for the upstream tarballs. --- scripts/Dpkg/OpenPGP.pm | 1 + 1 file changed, 1 insertion(+) (limited to 'scripts') diff --git a/scripts/Dpkg/OpenPGP.pm b/scripts/Dpkg/OpenPGP.pm index 234c90a4d..f207af228 100644 --- a/scripts/Dpkg/OpenPGP.pm +++ b/scripts/Dpkg/OpenPGP.pm @@ -103,6 +103,7 @@ sub verify_signature { push @exec, '--keyring', $keyring; } push @exec, $sig; + push @exec, $opts{datafile} if exists $opts{datafile}; my ($stdout, $stderr); spawn(exec => \@exec, wait_child => 1, nocheck => 1, timeout => 10, -- cgit v1.2.3