From 88db331d6bd340c6603c3a76f8e79f6e9e674d61 Mon Sep 17 00:00:00 2001
From: Joanna Rutkowska <joanna@invisiblethingslab.com>
Date: Thu, 10 Nov 2011 18:33:04 +0100
Subject: [PATCH] rpm_verify: do not panic when the file doesn't exist

It turns out revisor attempts to verify some non-existent files, and this should
not cause an abort.
---
 rpm_verify | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/rpm_verify b/rpm_verify
index e4d7a1f..51a35b9 100755
--- a/rpm_verify
+++ b/rpm_verify
@@ -3,7 +3,12 @@
 verify_rpm() {
 RPM=$1
 
-if ! rpm --checksig $1 > /dev/null; then
+if ! [ -f $RPM ]; then
+    echo -n "No such file... "
+    return
+fi
+
+if ! rpm --checksig $RPM > /dev/null; then
     echo "Wrong PGP signature!"
     exit 1
 fi
@@ -12,7 +17,7 @@ fi
 # mean that the rpm has been signed! It might simply
 # have no PGP signature at all. Yes, stupidity...
 
-if ! rpm --checksig $1 | grep pgp > /dev/null ; then
+if ! rpm --checksig $RPM | grep pgp > /dev/null ; then
     echo "No PGP signature found!"
 
     if [ "$NO_SIGN" == "1" ] ; then
@@ -27,7 +32,6 @@ fi
 }
 
 
-echo "NO_SIGN = $NO_SIGN"
 if [ $# -lt 1 ]; then
     echo "Usage: $0 <rpm file>"
     exit 1