Split the logic for verifying checksums into a dedicated functions
that can also be used directly when dealing with a checksum file
that uses a detached signature.
Signed-off-by: Michał Górny <
[email protected]>
---
eclass/verify-sig.eclass | 45 +++++++++++++++++++++++++++++++++-------
1 file changed, 38 insertions(+), 7 deletions(-)
diff --git a/eclass/verify-sig.eclass b/eclass/verify-sig.eclass
index 3693eb16ff41..9121d85bbeaf 100644
--- a/eclass/verify-sig.eclass
+++ b/eclass/verify-sig.eclass
@@ -197,17 +197,27 @@ verify-sig_verify_message() {
esac
}
-# @FUNCTION: _gpg_verify_signed_checksums
-# @INTERNAL
-# @USAGE: <checksum-file> <algo> <files> [<key-file>]
+# @FUNCTION: verify-sig_verify_unsigned_checksums
+# @USAGE: <checksum-file> <algo> <files>
# @DESCRIPTION:
-# GnuPG-specific function to verify a signed checksums list. -_gpg_verify_signed_checksums() {
+# Verify the checksums for all files listed in the space-separated list
+# <files> (akin to ${A}) using a <checksum-file>. <algo> specifies
+# the checksum algorithm (e.g. sha256). <checksum-file> can be "-"
+# for stdin.
+#
+# The function dies if one of the files does not match checksums or
+# is missing from the chec