FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > ArchLinux > ArchLinux Pacman Development

 
 
LinkBack Thread Tools
 
Old 04-23-2012, 02:23 PM
Dave Reisner
 
Default pacman-key: lookup keys before receiving

Perform a search for keys that clearly aren't key IDs. This allows
receiving keys by name or email address, but only if the key resolves
unambiguously.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
---
scripts/pacman-key.sh.in | 41 ++++++++++++++++++++++++++++++++++++++++-
1 file changed, 40 insertions(+), 1 deletion(-)

diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in
index bd2c739..e2e8980 100644
--- a/scripts/pacman-key.sh.in
+++ b/scripts/pacman-key.sh.in
@@ -116,6 +116,30 @@ get_from() {
return 1
}

+key_lookup_from_name() {
+ local ids
+
+ mapfile -t ids <
+ <("${GPG_PACMAN[@]}" --search-keys --batch --with-colons "$1" 2>/dev/null |
+ awk -F: '$1 == "pub" { print $2 }')
+
+ # only return success on non-ambiguous lookup
+ case ${#ids[*]} in
+ 0)
+ error "$(gettext "Failed to lookup key by name:") %s" "$name"
+ return 1
+ ;;
+ 1)
+ printf '%s' "${ids[0]}"
+ return 0
+ ;;
+ *)
+ error "$(gettext "Key name is ambiguous:") %s" "$name"
+ return 1
+ ;;
+ esac
+}
+
generate_master_key() {
# Generate the master key, which will be in both pubring and secring
"${GPG_PACMAN[@]}" --gen-key --batch <<EOF
@@ -424,7 +448,22 @@ lsign_keys() {
}

receive_keys() {
- if ! "${GPG_PACMAN[@]}" --recv-keys "$@" ; then
+ local name id keyids
+
+ # if the key is not a hex ID, do a lookup
+ for name; do
+ if [[ $name = ?(0x)+([0-9a-fA-F]) ]]; then
+ keyids+=("$name")
+ else
+ if id=$(key_lookup_from_name "$name"); then
+ keyids+=("$id")
+ fi
+ fi
+ done
+
+ (( ${#keyids[*]} > 0 )) || exit 1
+
+ if ! "${GPG_PACMAN[@]}" --recv-keys "${keyids[@]}" ; then
error "$(gettext "Remote key not fetched correctly from keyserver.")"
exit 1
fi
--
1.7.10
 

Thread Tools




All times are GMT. The time now is 06:11 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org