Commit 3c1967db authored by Stefan Monnier's avatar Stefan Monnier

* lisp/emacs-lisp/packages.el: Add `all` to package-check-signature

(package-check-signature): Add `all` option.
(package--check-signature-content): Adjust accordingly.
parent 29531785
Pipeline #1637 passed with stage
in 51 minutes and 1 second
......@@ -718,6 +718,12 @@ it can't find the config file.
** Package
*** Change of 'package-check-signature' for packages with multiple sigs
In previous Emacsen, 't' checked that all signatures are valid.
Now 't' only checks that at least one signature is valid and the new 'all'
value needs to be used if you want to enforce that all signatures
are valid. This only affects packages with multiple signatures.
*** New function 'package-get-version' lets packages query their own version.
Example use in auctex.el: '(defconst auctex-version (package-get-version))'
......@@ -334,16 +334,22 @@ default directory."
(epg-find-configuration 'OpenPGP))
"Non-nil means to check package signatures when installing.
The value `allow-unsigned' means to still install a package even if
it is unsigned.
More specifically the value can be:
- nil: package signatures are ignored.
- `allow-unsigned': install a package even if it is unsigned,
but if it is signed and we have the key for it, verify the signature.
- t: accept a package only if it comes with at least one verified signature.
- `all': same as t, except when the package has several signatures,
in which case we verify all the signatures.
This also applies to the \"archive-contents\" file that lists the
contents of the archive."
:type '(choice (const nil :tag "Never")
(const allow-unsigned :tag "Allow unsigned")
(const t :tag "Check always"))
(const t :tag "Check always")
(const all :tag "Check all signatures"))
:risky t
:version "24.4")
:version "27.1")
(defcustom package-unsigned-archives nil
"List of archives where we do not check for package signatures."
......@@ -1257,7 +1263,9 @@ errors."
(unless (and (eq package-check-signature 'allow-unsigned)
(eq (epg-signature-status sig) 'no-pubkey))
(setq had-fatal-error t))))
(when (or (null good-signatures) had-fatal-error)
(when (or (null good-signatures)
(and (eq package-check-signature 'all)
(package--display-verify-error context sig-file)
(signal 'bad-signature (list sig-file)))
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment