makepkg: show full fingerprint on pgp failure

Rather than implementing suffix matching, which might clash, let's just print the full fingerprint of the err'ing key so that the user can copy/paste it into validpgpkeys. Also, make it clear in the manpage that validpgpkeys needs full fingerprints, and nothing else. Signed-off-by: Allan McRae <allan@archlinux.org>
2014-10-03 08:39:13 -04:00 · 2014-10-03 08:39:13 -04:00 · 3f0303dc92
parent 926d998a75
commit 3f0303dc92
2 changed files with 4 additions and 3 deletions
--- a/doc/PKGBUILD.5.txt
+++ b/doc/PKGBUILD.5.txt
@ -138,7 +138,8 @@ the integrity of the corresponding source file.
 	trust values from the keyring. If the source file was signed with a
 	subkey, makepkg will still use the primary key for comparison.
 +
-Fingerprints must be uppercase and must not contain whitespace characters.
+Only full fingerprints are accepted. They must be uppercase and must not
+contain whitespace characters.

 *noextract (array)*::
 	An array of file names corresponding to those from the source array. Files
--- a/scripts/makepkg.sh.in
+++ b/scripts/makepkg.sh.in
@ -1494,10 +1494,10 @@ check_pgpsigs() {
 			errors=1
 		else
 			if (( ${#validpgpkeys[@]} == 0 && ! $trusted )); then
-				printf "%s ($(gettext "the public key %s is not trusted"))" $(gettext "FAILED") "$pubkey" >&2
+				printf "%s ($(gettext "the public key %s is not trusted"))" $(gettext "FAILED") "$fingerprint" >&2
 				errors=1
 			elif (( ${#validpgpkeys[@]} > 0 )) && ! in_array "$fingerprint" "${validpgpkeys[@]}"; then
-				printf "%s (%s $pubkey)" "$(gettext "FAILED")" "$(gettext "invalid public key")"
+				printf "%s (%s %s)" "$(gettext "FAILED")" "$(gettext "invalid public key")" "$fingerprint"
 				errors=1
 			else
 				printf '%s' "$(gettext "Passed")" >&2