This file is indexed.

/usr/share/perl5/CPANPLUS/Module/Signature.pm is in libcpanplus-perl 0.9152-2.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
package CPANPLUS::Module::Signature;

use strict;

use Cwd;
use CPANPLUS::Error;
use Params::Check               qw[check];
use Module::Load::Conditional   qw[can_load];
use vars qw[$VERSION];
$VERSION = "0.9152";

### detached sig, not actually used afaik --kane ###
#sub get_signature {
#    my $self = shift;
#
#    my $clone = $self->clone;
#    $clone->package( $self->package . '.sig' );
#
#    return $clone->fetch;
#}

sub check_signature {
    my $self = shift;
    my $cb = $self->parent;
    my $conf = $cb->configure_object;
    my %hash = @_;

    my $verbose;
    my $tmpl = {
        verbose => {default => $conf->get_conf('verbose'), store => \$verbose},
    };

    check( $tmpl, \%hash ) or return;

    my $dir = $self->status->extract or (
                error( loc( "Do not know what dir '%1' was extracted to; ".
                            "Cannot check signature", $self->module ) ),
                return );

    my $cwd = cwd();
    unless( $cb->_chdir( dir => $dir ) ) {
        error(loc(  "Could not chdir to '%1', cannot verify distribution '%2'",
                    $dir, $self->module ));
        return;
    }


    ### check prerequisites
    my $flag;
    my $use_list = { 'Module::Signature' => '0.06' };
    if( can_load( modules => $use_list, verbose => 1 ) ) {
        my $rv = Module::Signature::verify();

        unless ($rv eq Module::Signature::SIGNATURE_OK() or
            $rv eq Module::Signature::SIGNATURE_MISSING()
        ) {
            $flag++;    # whoops, bad sig
        }
    }

    $cb->_chdir( dir => $cwd );
    return $flag ? 0 : 1;
}

1;