Let gpa detect detached *.asc signatures
Closed, ResolvedPublic


The attached patch lets gpa detect and verify detached *.asc signatures.

Currently it only looks for *.sig and *.sign and from the error message
(if no detached signature is found) it isn't clear that verifying detached
signatures is supported at all, especially given that gpg --verify does
look for *.asc signatures automatically.


fk set Version to 0.9.4.
fk added a comment.May 5 2014, 7:06 PM

As it turns out the patch also prevents false negatives when
using the "verify" button on the signature file instead of
the signed file.

A couple of screenshots:

fk removed a project: Feature Request.
werner added a comment.May 9 2014, 5:13 PM

I have a somewhat different patch in mind. It cleans up the code and adds an
additional test for the signed_file in addition to ".asc".

fk added a comment.May 12 2014, 4:16 PM

Due to the "in mind" part it took me a while to realize
that your patch is already available ...

Looks good to me and seems to work as expected (on FreeBSD with
gpa 0.9.4, I didn't try with git master). Thanks a lot.

I suspect that (outside the GNU project) ".asc" is more common than
".sig" and would thus sort and check the extensions in alphabetical
order, but obviously it doesn't really matter and I have no data to
support my theory anyway.

werner closed this task as Resolved.May 15 2014, 5:51 PM
werner claimed this task.

Meanwhile there are a couple of other fixes in GPA.
It might be useful to do a release soon.