pacman-key: allow verification of multiple sig files
Loop through arguments passed to verify_sig and treat each as a signature to be verified against a source file. Output each file as its checked to avoid ambiguity. Signed-off-by: Dave Reisner <dreisner@archlinux.org>
This commit is contained in:
parent
00ab01e634
commit
2d0a00b409
|
@ -96,7 +96,7 @@ Operations
|
||||||
Displays the program version.
|
Displays the program version.
|
||||||
|
|
||||||
*-v, \--verify*::
|
*-v, \--verify*::
|
||||||
Verify the given signature file.
|
Verify the file(s) specified by the signature(s).
|
||||||
|
|
||||||
Options
|
Options
|
||||||
-------
|
-------
|
||||||
|
|
|
@ -66,7 +66,7 @@ usage() {
|
||||||
printf -- "$(gettext " -l, --list-keys List the specified or all keys")\n"
|
printf -- "$(gettext " -l, --list-keys List the specified or all keys")\n"
|
||||||
printf -- "$(gettext " -r, --recv-keys Fetch the specified keyids")\n"
|
printf -- "$(gettext " -r, --recv-keys Fetch the specified keyids")\n"
|
||||||
printf -- "$(gettext " -u, --updatedb Update the trustdb of pacman")\n"
|
printf -- "$(gettext " -u, --updatedb Update the trustdb of pacman")\n"
|
||||||
printf -- "$(gettext " -v, --verify Verify the file specified by the signature")\n"
|
printf -- "$(gettext " -v, --verify Verify the file(s) specified by the signature(s)")\n"
|
||||||
printf -- "$(gettext " --edit-key Present a menu for key management task on keyids")\n"
|
printf -- "$(gettext " --edit-key Present a menu for key management task on keyids")\n"
|
||||||
printf -- "$(gettext " --import Imports pubring.gpg from dir(s)")\n"
|
printf -- "$(gettext " --import Imports pubring.gpg from dir(s)")\n"
|
||||||
printf -- "$(gettext " --import-trustdb Imports ownertrust values from trustdb.gpg in dir(s)")\n"
|
printf -- "$(gettext " --import-trustdb Imports ownertrust values from trustdb.gpg in dir(s)")\n"
|
||||||
|
@ -439,10 +439,15 @@ refresh_keys() {
|
||||||
}
|
}
|
||||||
|
|
||||||
verify_sig() {
|
verify_sig() {
|
||||||
if ! "${GPG_PACMAN[@]}" --status-fd 1 --verify "$1" | grep -qE 'TRUST_(FULLY|ULTIMATE)'; then
|
local ret=0
|
||||||
error "$(gettext "The signature identified by %s could not be verified.")" "$1"
|
for sig; do
|
||||||
exit 1
|
msg "Checking %s ..." "$sig"
|
||||||
fi
|
if ! "${GPG_PACMAN[@]}" --status-fd 1 --verify "$sig" | grep -qE 'TRUST_(FULLY|ULTIMATE)'; then
|
||||||
|
error "$(gettext "The signature identified by %s could not be verified.")" "$sig"
|
||||||
|
ret=1
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
exit $ret
|
||||||
}
|
}
|
||||||
|
|
||||||
updatedb() {
|
updatedb() {
|
||||||
|
|
Loading…
Reference in New Issue