moparisthebest/pacman
1
0
Fork 0
mirror of https://github.com/moparisthebest/pacman synced 2024-08-13 17:03:46 -04:00
Code Issues Releases Wiki Activity

pacman-key: adopt parseopts for option parsing

Browse Source 
This requires an ugly amount of reworking of how pacman-key handles
options. The change simply to avoid passing keys, files, and directories
as arguments to options, but to leave them as arguments to the overall
program. This is reasonable since pacman-key limits the user to
essentially one operation per invocation (like pacman).

Since we now pass around the positional parameters to the various
operations, we can add some better sanity checking. Each operation is
responsible for testing input and making sure it can operate properly,
otherwise it throws an error and exits.

The doc is updated to reflect this, and uses similar verbiage as pacman,
describing the non-option arguments now passed to pacman-key as targets.

Similar to the doc, --help is reorganized to separate operations and
options and remove argument tokens from operations.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
This commit is contained in:
Dave Reisner 2012-04-08 14:51:28 -04:00 committed by Dan McGee
parent 3f9cf8471f
commit f61f075b1c
3 changed files with 135 additions and 120 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

74
doc/pacman-key.8.txt
View File

@ -12,7 +12,7 @@ pacman-key - manage pacman's list of trusted keys
Synopsis Synopsis
-------- --------
'pacman-key' [options] 'pacman-key' [options] operation [targets]
Description Description
@ -26,45 +26,40 @@ More complex keyring management can be achieved using GnuPG directly combined wi
the '\--homedir' option pointing at the pacman keyring (located in the '\--homedir' option pointing at the pacman keyring (located in
+{sysconfdir}/pacman.d/gnupg+ by default). +{sysconfdir}/pacman.d/gnupg+ by default).
Invoking pacman-key consists of supplying an operation with any potential
options and targets to operate on. Depending on the operation, a 'target' may
be a valid key identifier, filename, or directory.
Options Operations
------- ----------
*-a, \--add* [file(s)]:: *-a, \--add*::
Add the key(s) contained in the specified file or files to pacman's Add the key(s) contained in the specified file or files to pacman's
keyring. If a key already exists, update it. keyring. If a key already exists, update it.
*\--config* <file>:: *-d, \--delete*::
Use an alternate config file instead of the +{sysconfdir}/pacman.conf+
default.
*-d, \--delete* <keyid(s)>::
Remove the key(s) identified by the specified keyid(s) from pacman's Remove the key(s) identified by the specified keyid(s) from pacman's
keyring. keyring.
*-e, \--export* [keyid(s)]:: *-e, \--export*::
Export key(s) identified by the specified keyid(s) to 'stdout'. If no keyid Export key(s) identified by the specified keyid(s) to 'stdout'. If no keyid
is specified, all keys will be exported. is specified, all keys will be exported.
*\--edit-key* <keyid(s)>:: *\--edit-key*::
Present a menu for key management task on the specified keyid(s). Useful Present a menu for key management task on the specified keyid(s). Useful
for adjusting a keys trust level. for adjusting a keys trust level.
*-f, \--finger* [keyid(s)]:: *-f, \--finger*::
List a fingerprint for each specified keyid, or for all known keys if no List a fingerprint for each specified keyid, or for all known keys if no
keyids are specified. keyids are specified.
*\--gpgdir* <dir>::
Set an alternate home directory for GnuPG. If unspecified, the value is
read from +{sysconfdir}/pacman.conf+.
*-h, \--help*:: *-h, \--help*::
Output syntax and command line options. Output syntax and command line options.
*\--import* <dir(s)>:: *\--import*::
Imports keys from `pubring.gpg` into the public keyring from the specified Imports keys from `pubring.gpg` into the public keyring from the specified
directories. directories.
*\--import-trustdb* <dir(s)> :: *\--import-trustdb*::
Imports ownertrust values from `trustdb.gpg` into the shared trust database Imports ownertrust values from `trustdb.gpg` into the shared trust database
from the specified directories. from the specified directories.
@ -72,42 +67,53 @@ Options
Ensure the keyring is properly initialized and has the required access Ensure the keyring is properly initialized and has the required access
permissions. permissions.
*\--keyserver* <keyserver>:: *-l, \--list-keys*::
Use the specified keyserver if the operation requires one. This will take
precedence over any keyserver option specified in a `gpg.conf`
configuration file. Running '\--init' with this option will set the default
keyserver if one was not already configured.
*-l, \--list-keys* [keyid(s)]::
Lists all or specified keys from the public keyring. Lists all or specified keys from the public keyring.
*\--list-sigs* [keyid(s)]:: *\--list-sigs*::
Same as '\--list-keys', but the signatures are listed too. Same as '\--list-keys', but the signatures are listed too.
*\--lsign-key* <keyid>:: *\--lsign-key*::
Locally sign the given key. This is primarily used to root the web of trust Locally sign the given key. This is primarily used to root the web of trust
in the local private key generated by '\--init'. in the local private key generated by '\--init'.
*-r, \--recv-keys* <keyid(s)>:: *-r, \--recv-keys*::
Equivalent to '\--recv-keys' in GnuPG. Equivalent to '\--recv-keys' in GnuPG.
*\--refresh-keys* [keyid(s)]:: *\--refresh-keys*::
Equivalent to '\--refresh-keys' in GnuPG. Equivalent to '\--refresh-keys' in GnuPG.
*\--populate* [keyring(s)]:: *\--populate*::
Reload the default keys from the (optionally provided) keyrings in Reload the default keys from the (optionally provided) keyrings in
+{pkgdatadir}/keyrings+. For more information, see +{pkgdatadir}/keyrings+. For more information, see
<<SC,Providing a Keyring for Import>> below. <<SC,Providing a Keyring for Import>> below.
*-u, \--updatedb*:: *-u, \--updatedb*::
Equivalent to '\--check-trustdb' in GnuPG. Equivalent to '\--check-trustdb' in GnuPG. This operation can be specified with
other operations.
*-v, \--verify* <signature>::
Verify the given signature file.
*-V, \--version*:: *-V, \--version*::
Displays the program version. Displays the program version.
*-v, \--verify*::
Verify the given signature file.
Options
-------
*\--config* <file>::
Use an alternate config file instead of the +{sysconfdir}/pacman.conf+
default.
*\--gpgdir* <dir>::
Set an alternate home directory for GnuPG. If unspecified, the value is
read from +{sysconfdir}/pacman.conf+.
*\--keyserver* <keyserver>::
Use the specified keyserver if the operation requires one. This will take
precedence over any keyserver option specified in a `gpg.conf`
configuration file. Running '\--init' with this option will set the default
keyserver if one was not already configured.
Providing a Keyring for Import Providing a Keyring for Import
------------------------------ ------------------------------

2
scripts/Makefile.am
View File

@ -77,7 +77,7 @@ pacman-db-upgrade: \
pacman-key: \ pacman-key: \
$(srcdir)/pacman-key.sh.in \ $(srcdir)/pacman-key.sh.in \
$(srcdir)/library/output_format.sh \ $(srcdir)/library/output_format.sh \
$(srcdir)/library/parse_options.sh $(srcdir)/library/parseopts.sh
pacman-optimize: \ pacman-optimize: \
$(srcdir)/pacman-optimize.sh.in \ $(srcdir)/pacman-optimize.sh.in \

179
scripts/pacman-key.sh.in
View File

@ -49,40 +49,43 @@ DEFAULT_KEYSERVER='hkp://pool.sks-keyservers.net'
m4_include(library/output_format.sh) m4_include(library/output_format.sh)
m4_include(library/parse_options.sh) m4_include(library/parseopts.sh)
usage() { usage() {
printf "pacman-key (pacman) %s\n" ${myver} printf "pacman-key (pacman) %s\n" ${myver}
echo echo
printf -- "$(gettext "Usage: %s [options]")\n" $(basename $0) printf -- "$(gettext "Usage: %s [options] operation [targets]")\n" $(basename $0)
echo echo
printf -- "$(gettext "Manage pacman's list of trusted keys")\n" printf -- "$(gettext "Manage pacman's list of trusted keys")\n"
echo echo
printf -- "$(gettext "Options:")\n" printf -- "$(gettext "Operations:")\n"
printf -- "$(gettext " -a, --add [file(s)] Add the specified keys (empty for stdin)")\n" printf -- "$(gettext " -a, --add Add the specified keys (empty for stdin)")\n"
printf -- "$(gettext " -d, --delete <keyid(s)> Remove the specified keyids")\n" printf -- "$(gettext " -d, --delete Remove the specified keyids")\n"
printf -- "$(gettext " -e, --export [keyid(s)] Export the specified or all keyids")\n" printf -- "$(gettext " -e, --export Export the specified or all keyids")\n"
printf -- "$(gettext " -f, --finger [keyid(s)] List fingerprint for specified or all keyids")\n" printf -- "$(gettext " -f, --finger List fingerprint for specified or all keyids")\n"
printf -- "$(gettext " -h, --help Show this help message and exit")\n" printf -- "$(gettext " -l, --list-keys List the specified or all keys")\n"
printf -- "$(gettext " -l, --list-keys [keyid(s)] List the specified or all keys")\n" printf -- "$(gettext " -r, --recv-keys Fetch the specified keyids")\n"
printf -- "$(gettext " -r, --recv-keys <keyid(s)> Fetch the specified keyids")\n"
printf -- "$(gettext " -u, --updatedb Update the trustdb of pacman")\n" printf -- "$(gettext " -u, --updatedb Update the trustdb of pacman")\n"
printf -- "$(gettext " -v, --verify <signature> Verify the file specified by the signature")\n" printf -- "$(gettext " -v, --verify Verify the file specified by the signature")\n"
printf -- "$(gettext " -V, --version Show program version")\n" printf -- "$(gettext " --edit-key Present a menu for key management task on keyids")\n"
printf -- "$(gettext " --import Imports pubring.gpg from dir(s)")\n"
printf -- "$(gettext " --import-trustdb Imports ownertrust values from trustdb.gpg in dir(s)")\n"
printf -- "$(gettext " --init Ensure the keyring is properly initialized")\n"
printf -- "$(gettext " --list-sigs List keys and their signatures")\n"
printf -- "$(gettext " --lsign-key Locally sign the specified keyid")\n"
printf -- "$(gettext " --populate Reload the default keys from the (given) keyrings\n\
in '%s'")\n" "@pkgdatadir@/keyrings"
printf -- "$(gettext " --refresh-keys Update specified or all keys from a keyserver")\n"
echo
printf -- "$(gettext "Options:")\n"
printf -- "$(gettext " --config <file> Use an alternate config file (instead of\n\ printf -- "$(gettext " --config <file> Use an alternate config file (instead of\n\
'%s')")\n" "@sysconfdir@/pacman.conf" '%s')")\n" "@sysconfdir@/pacman.conf"
printf -- "$(gettext " --edit-key <keyid(s)> Present a menu for key management task on keyids")\n"
printf -- "$(gettext " --gpgdir <dir> Set an alternate directory for GnuPG (instead\n\ printf -- "$(gettext " --gpgdir <dir> Set an alternate directory for GnuPG (instead\n\
of '%s')")\n" "@sysconfdir@/pacman.d/gnupg" of '%s')")\n" "@sysconfdir@/pacman.d/gnupg"
printf -- "$(gettext " --import <dir(s)> Imports pubring.gpg from dir(s)")\n" printf -- "$(gettext " --keyserver <server-url> Specify a keyserver to use if necessary")\n"
printf -- "$(gettext " --import-trustdb <dir(s)> Imports ownertrust values from trustdb.gpg in dir(s)")\n" echo
printf -- "$(gettext " --init Ensure the keyring is properly initialized")\n" printf -- "$(gettext " -h, --help Show this help message and exit")\n"
printf -- "$(gettext " --keyserver Specify a keyserver to use if necessary")\n" printf -- "$(gettext " -V, --version Show program version")\n"
printf -- "$(gettext " --list-sigs [keyid(s)] List keys and their signatures")\n"
printf -- "$(gettext " --lsign-key <keyid> Locally sign the specified keyid")\n"
printf -- "$(gettext " --populate [keyring(s)] Reload the default keys from the (given) keyrings\n\
in '%s'")\n" "@pkgdatadir@/keyrings"
printf -- "$(gettext " --refresh-keys [keyid(s)] Update specified or all keys from a keyserver")\n"
} }
version() { version() {
@ -146,7 +149,7 @@ add_gpg_conf_option() {
check_keyids_exist() { check_keyids_exist() {
local ret=0 local ret=0
for key in "${KEYIDS[@]}"; do for key in "$@"; do
# Verify if the key exists in pacman's keyring # Verify if the key exists in pacman's keyring
if ! "${GPG_PACMAN[@]}" --list-keys "$key" &>/dev/null ; then if ! "${GPG_PACMAN[@]}" --list-keys "$key" &>/dev/null ; then
error "$(gettext "The key identified by %s could not be found locally.")" "$key" error "$(gettext "The key identified by %s could not be found locally.")" "$key"
@ -217,16 +220,16 @@ check_keyring() {
populate_keyring() { populate_keyring() {
local KEYRING_IMPORT_DIR='@pkgdatadir@/keyrings' local KEYRING_IMPORT_DIR='@pkgdatadir@/keyrings'
local keyring local keyring KEYRINGIDS=("$@")
local ret=0 local ret=0
if [[ -z ${KEYRINGIDS[@]} ]]; then if (( ${#KEYRINGIDS[*]} == 0 )); then
# get list of all available keyrings # get list of all available keyrings
shopt -s nullglob shopt -s nullglob
KEYRINGIDS=("$KEYRING_IMPORT_DIR"/*.gpg) KEYRINGIDS=("$KEYRING_IMPORT_DIR"/*.gpg)
shopt -u nullglob shopt -u nullglob
KEYRINGIDS=("${KEYRINGIDS[@]##*/}") KEYRINGIDS=("${KEYRINGIDS[@]##*/}")
KEYRINGIDS=("${KEYRINGIDS[@]%.gpg}") KEYRINGIDS=("${KEYRINGIDS[@]%.gpg}")
if [[ -z ${KEYRINGIDS[@]} ]]; then if (( ${#KEYRINGIDS[*]} == 0 )); then
error "$(gettext "No keyring files exist in %s.")" "$KEYRING_IMPORT_DIR" error "$(gettext "No keyring files exist in %s.")" "$KEYRING_IMPORT_DIR"
ret=1 ret=1
fi fi
@ -311,24 +314,24 @@ populate_keyring() {
} }
add_keys() { add_keys() {
if ! "${GPG_PACMAN[@]}" --quiet --batch --import "${KEYFILES[@]}" ; then if ! "${GPG_PACMAN[@]}" --quiet --batch --import "$@" ; then
error "$(gettext "A specified keyfile could not be added to the gpg keychain.")" error "$(gettext "A specified keyfile could not be added to the gpg keychain.")"
exit 1 exit 1
fi fi
} }
delete_keys() { delete_keys() {
check_keyids_exist check_keyids_exist "$@"
if ! "${GPG_PACMAN[@]}" --quiet --batch --delete-key --yes "${KEYIDS[@]}" ; then if ! "${GPG_PACMAN[@]}" --quiet --batch --delete-key --yes "$@" ; then
error "$(gettext "A specified key could not be removed from the gpg keychain.")" error "$(gettext "A specified key could not be removed from the gpg keychain.")"
exit 1 exit 1
fi fi
} }
edit_keys() { edit_keys() {
check_keyids_exist check_keyids_exist "$@"
local ret=0 local ret=0
for key in "${KEYIDS[@]}"; do for key in "$@"; do
if ! "${GPG_PACMAN[@]}" --edit-key "$key" ; then if ! "${GPG_PACMAN[@]}" --edit-key "$key" ; then
error "$(gettext "The key identified by %s could not be edited.")" "$key" error "$(gettext "The key identified by %s could not be edited.")" "$key"
ret=1 ret=1
@ -340,8 +343,8 @@ edit_keys() {
} }
export_keys() { export_keys() {
check_keyids_exist check_keyids_exist "$@"
if ! "${GPG_PACMAN[@]}" --armor --export "${KEYIDS[@]}" ; then if ! "${GPG_PACMAN[@]}" --armor --export "$@" ; then
error "$(gettext "A specified key could not be exported from the gpg keychain.")" error "$(gettext "A specified key could not be exported from the gpg keychain.")"
exit 1 exit 1
fi fi
@ -349,7 +352,7 @@ export_keys() {
finger_keys() { finger_keys() {
check_keyids_exist check_keyids_exist
if ! "${GPG_PACMAN[@]}" --batch --fingerprint "${KEYIDS[@]}" ; then if ! "${GPG_PACMAN[@]}" --batch --fingerprint "$@" ; then
error "$(gettext "The fingerprint of a specified key could not be determined.")" error "$(gettext "The fingerprint of a specified key could not be determined.")"
exit 1 exit 1
fi fi
@ -358,7 +361,7 @@ finger_keys() {
import_trustdb() { import_trustdb() {
local importdir local importdir
local ret=0 local ret=0
for importdir in "${IMPORT_DIRS[@]}"; do for importdir in "$@"; do
if [[ -f "${importdir}/trustdb.gpg" ]]; then if [[ -f "${importdir}/trustdb.gpg" ]]; then
gpg --homedir "${importdir}" --export-ownertrust | \ gpg --homedir "${importdir}" --export-ownertrust | \
"${GPG_PACMAN[@]}" --import-ownertrust - "${GPG_PACMAN[@]}" --import-ownertrust -
@ -379,7 +382,7 @@ import_trustdb() {
import() { import() {
local importdir local importdir
local ret=0 local ret=0
for importdir in "${IMPORT_DIRS[@]}"; do for importdir in "$@"; do
if [[ -f "${importdir}/pubring.gpg" ]]; then if [[ -f "${importdir}/pubring.gpg" ]]; then
if ! "${GPG_PACMAN[@]}" --quiet --batch --import "${importdir}/pubring.gpg" ; then if ! "${GPG_PACMAN[@]}" --quiet --batch --import "${importdir}/pubring.gpg" ; then
error "$(gettext "%s could not be imported.")" "${importdir}/pubring.gpg" error "$(gettext "%s could not be imported.")" "${importdir}/pubring.gpg"
@ -397,7 +400,7 @@ import() {
list_keys() { list_keys() {
check_keyids_exist check_keyids_exist
if ! "${GPG_PACMAN[@]}" --batch --list-keys "${KEYIDS[@]}" ; then if ! "${GPG_PACMAN[@]}" --batch --list-keys "$@" ; then
error "$(gettext "A specified key could not be listed.")" error "$(gettext "A specified key could not be listed.")"
exit 1 exit 1
fi fi
@ -405,7 +408,7 @@ list_keys() {
list_sigs() { list_sigs() {
check_keyids_exist check_keyids_exist
if ! "${GPG_PACMAN[@]}" --batch --list-sigs "${KEYIDS[@]}" ; then if ! "${GPG_PACMAN[@]}" --batch --list-sigs "$@" ; then
error "$(gettext "A specified signature could not be listed.")" error "$(gettext "A specified signature could not be listed.")"
exit 1 exit 1
fi fi
@ -413,7 +416,7 @@ list_sigs() {
lsign_keys() { lsign_keys() {
check_keyids_exist check_keyids_exist
printf 'y\ny\n' | LANG=C "${GPG_PACMAN[@]}" --command-fd 0 --quiet --batch --lsign-key "${KEYIDS[@]}" 2>/dev/null printf 'y\ny\n' | LANG=C "${GPG_PACMAN[@]}" --command-fd 0 --quiet --batch --lsign-key "$@" 2>/dev/null
if (( PIPESTATUS[1] )); then if (( PIPESTATUS[1] )); then
error "$(gettext "A specified key could not be locally signed.")" error "$(gettext "A specified key could not be locally signed.")"
exit 1 exit 1
@ -421,23 +424,23 @@ lsign_keys() {
} }
receive_keys() { receive_keys() {
if ! "${GPG_PACMAN[@]}" --recv-keys "${KEYIDS[@]}" ; then if ! "${GPG_PACMAN[@]}" --recv-keys "$@" ; then
error "$(gettext "Remote key not fetched correctly from keyserver.")" error "$(gettext "Remote key not fetched correctly from keyserver.")"
exit 1 exit 1
fi fi
} }
refresh_keys() { refresh_keys() {
check_keyids_exist check_keyids_exist "$@"
if ! "${GPG_PACMAN[@]}" --refresh-keys "${KEYIDS[@]}" ; then if ! "${GPG_PACMAN[@]}" --refresh-keys "$@" ; then
error "$(gettext "A specified local key could not be updated from a keyserver.")" error "$(gettext "A specified local key could not be updated from a keyserver.")"
exit 1 exit 1
fi fi
} }
verify_sig() { verify_sig() {
if ! "${GPG_PACMAN[@]}" --status-fd 1 --verify $SIGNATURE | grep -qE 'TRUST_(FULLY|ULTIMATE)'; then if ! "${GPG_PACMAN[@]}" --status-fd 1 --verify "$1" | grep -qE 'TRUST_(FULLY|ULTIMATE)'; then
error "$(gettext "The signature identified by %s could not be verified.")" "$SIGNATURE" error "$(gettext "The signature identified by %s could not be verified.")" "$1"
exit 1 exit 1
fi fi
} }
@ -457,56 +460,55 @@ if ! type gettext &>/dev/null; then
} }
fi fi
OPT_SHORT="a::d:e::f::hl::r:uv:V" OPT_SHORT="adefhlruvV"
OPT_LONG="add::,config:,delete:,edit-key:,export::,finger::,gpgdir:" OPT_LONG=('add' 'config:' 'delete' 'edit-key' 'export' 'finger' 'gpgdir:'
OPT_LONG+=",help,import:,import-trustdb:,init,keyserver:,list-keys::,list-sigs::" 'help' 'import' 'import-trustdb' 'init' 'keyserver:' 'list-keys' 'list-sigs'
OPT_LONG+=",lsign-key:,populate::,recv-keys:,refresh-keys::,updatedb" 'lsign-key' 'populate' 'recv-keys' 'refresh-keys' 'updatedb'
OPT_LONG+=",verify:,version" 'verify' 'version')
if ! OPT_TEMP="$(parse_options $OPT_SHORT $OPT_LONG "$@")"; then if ! parseopts "$OPT_SHORT" "${OPT_LONG[@]}" -- "$@"; then
echo; usage; exit 1 # E_INVALID_OPTION; echo; usage; exit 1 # E_INVALID_OPTION;
fi fi
eval set -- "$OPT_TEMP" set -- "${OPTRET[@]}"
unset OPT_SHORT OPT_LONG OPT_TEMP unset OPT_SHORT OPT_LONG OPTRET
if [[ $1 == "--" ]]; then if [[ $1 == "--" ]]; then
usage; usage;
exit 0; exit 0;
fi fi
while true; do while (( $# )); do
case "$1" in case $1 in
-a|--add) ADD=1; [[ -n $2 && ${2:0:1} != "-" ]] && shift && KEYFILES=($1); UPDATEDB=1 ;; -a|--add) ADD=1 UPDATEDB=1 ;;
--config) shift; CONFIG=$1 ;; --config) shift; CONFIG=$1 ;;
-d|--delete) DELETE=1; shift; KEYIDS=($1); UPDATEDB=1 ;; -d|--delete) DELETE=1 UPDATEDB=1 ;;
--edit-key) EDITKEY=1; shift; KEYIDS=($1); UPDATEDB=1 ;; --edit-key) EDITKEY=1 UPDATEDB=1 ;;
-e|--export) EXPORT=1; [[ -n $2 && ${2:0:1} != "-" ]] && shift && KEYIDS=($1) ;; -e|--export) EXPORT=1 ;;
-f|--finger) FINGER=1; [[ -n $2 && ${2:0:1} != "-" ]] && shift && KEYIDS=($1) ;; -f|--finger) FINGER=1 ;;
--gpgdir) shift; PACMAN_KEYRING_DIR=$1 ;; --gpgdir) shift; PACMAN_KEYRING_DIR=$1 ;;
--import) IMPORT=1; shift; IMPORT_DIRS=($1); UPDATEDB=1 ;; --import) IMPORT=1 UPDATEDB=1 ;;
--import-trustdb) IMPORT_TRUSTDB=1; shift; IMPORT_DIRS=($1); UPDATEDB=1 ;; --import-trustdb) IMPORT_TRUSTDB=1 UPDATEDB=1 ;;
--init) INIT=1 ;; --init) INIT=1 ;;
--keyserver) shift; KEYSERVER=$1 ;; --keyserver) shift; KEYSERVER=$1 ;;
-l|--list-keys) LISTKEYS=1; [[ -n $2 && ${2:0:1} != "-" ]] && shift && KEYIDS=($1) ;; -l|--list-keys) LISTKEYS=1 ;;
--list-sigs) LISTSIGS=1; [[ -n $2 && ${2:0:1} != "-" ]] && shift && KEYIDS=($1) ;; --list-sigs) LISTSIGS=1 ;;
--lsign-key) LSIGNKEY=1; shift; KEYIDS=($1); UPDATEDB=1 ;; --lsign-key) LSIGNKEY=1 UPDATEDB=1 ;;
--populate) POPULATE=1; [[ -n $2 && ${2:0:1} != "-" ]] && shift && KEYRINGIDS=($1); UPDATEDB=1 ;; --populate) POPULATE=1 UPDATEDB=1 ;;
-r|--recv-keys) RECEIVE=1; shift; KEYIDS=($1); UPDATEDB=1 ;; -r|--recv-keys) RECEIVE=1 UPDATEDB=1 ;;
--refresh-keys) REFRESH=1; [[ -n $2 && ${2:0:1} != "-" ]] && shift && KEYIDS=($1) ;; --refresh-keys) REFRESH=1 ;;
-u|--updatedb) UPDATEDB=1 ;; -u|--updatedb) UPDATEDB=1 ;;
-v|--verify) VERIFY=1; shift; SIGNATURE=$1 ;; -v|--verify) VERIFY=1 ;;
-h|--help) usage; exit 0 ;; -h|--help) usage; exit 0 ;;
-V|--version) version; exit 0 ;; -V|--version) version; exit 0 ;;
--) OPT_IND=0; shift; break;; --) shift; break 2 ;;
*) usage; exit 1 ;;
esac esac
shift shift
done done
if ! type -p gpg >/dev/null; then if ! type -p gpg >/dev/null; then
error "$(gettext "Cannot find the %s binary required for all %s operations.")" "gpg" "pacman-key" error "$(gettext "Cannot find the %s binary required for all %s operations.")" "gpg" "pacman-key"
exit 1 exit 1
fi fi
@ -549,23 +551,30 @@ case $numopt in
;; ;;
esac esac
# check for targets where needed
if (( (ADD || DELETE || EDIT || IMPORT || IMPORT_TRUSTDB ||
LSIGNKEY || RECEIVE || VERIFY) && $# == 0 )); then
error "$(gettext "No targets specified")"
exit 1
fi
(( ! INIT )) && check_keyring (( ! INIT )) && check_keyring
(( ADD )) && add_keys (( ADD )) && add_keys "$@"
(( DELETE )) && delete_keys (( DELETE )) && delete_keys "$@"
(( EDITKEY )) && edit_keys (( EDITKEY )) && edit_keys "$@"
(( EXPORT )) && export_keys (( EXPORT )) && export_keys "$@"
(( FINGER )) && finger_keys (( FINGER )) && finger_keys "$@"
(( IMPORT )) && import (( IMPORT )) && import "$@"
(( IMPORT_TRUSTDB)) && import_trustdb (( IMPORT_TRUSTDB)) && import_trustdb "$@"
(( INIT )) && initialize (( INIT )) && initialize
(( LISTKEYS )) && list_keys (( LISTKEYS )) && list_keys "$@"
(( LISTSIGS )) && list_sigs (( LISTSIGS )) && list_sigs "$@"
(( LSIGNKEY )) && lsign_keys (( LSIGNKEY )) && lsign_keys "$@"
(( POPULATE )) && populate_keyring (( POPULATE )) && populate_keyring "$@"
(( RECEIVE )) && receive_keys (( RECEIVE )) && receive_keys "$@"
(( REFRESH )) && refresh_keys (( REFRESH )) && refresh_keys "$@"
(( VERIFY )) && verify_sig (( VERIFY )) && verify_sig "$@"
(( UPDATEDB )) && updatedb (( UPDATEDB )) && updatedb