bryson/pacman
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

makepkg/repo-add: do not accept public-only keys for signing

Browse source 
If it's not listed by --list-secret-key we don't care if it has been
imported into your keyring, it's unusable. And you might not have a
private key at all in the no-keyid-specified case.

Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
This commit is contained in:
Eli Schwartz 2020-06-08 22:03:18 -04:00 committed by Allan McRae
parent 899d39b635
commit 02ae97b0da
2 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
scripts/makepkg.sh.in
View file

@ -1286,7 +1286,7 @@ fi
# check if gpg signature is to be created and if signing key is valid # check if gpg signature is to be created and if signing key is valid
if { [[ -z $SIGNPKG ]] && check_buildenv "sign" "y"; } || [[ $SIGNPKG == 'y' ]]; then if { [[ -z $SIGNPKG ]] && check_buildenv "sign" "y"; } || [[ $SIGNPKG == 'y' ]]; then
SIGNPKG='y' SIGNPKG='y'
if ! gpg --list-key ${GPGKEY:+"$GPGKEY"} &>/dev/null; then if ! gpg --list-secret-key ${GPGKEY:+"$GPGKEY"} &>/dev/null; then
if [[ ! -z $GPGKEY ]]; then if [[ ! -z $GPGKEY ]]; then
error "$(gettext "The key %s does not exist in your keyring.")" "${GPGKEY}" error "$(gettext "The key %s does not exist in your keyring.")" "${GPGKEY}"
else else

2
scripts/repo-add.sh.in
View file

@ -137,7 +137,7 @@ check_gpg() {
fi fi
if (( ! VERIFY )); then if (( ! VERIFY )); then
if ! gpg --list-key ${GPGKEY:+"$GPGKEY"} &>/dev/null; then if ! gpg --list-secret-key ${GPGKEY:+"$GPGKEY"} &>/dev/null; then
if [[ ! -z $GPGKEY ]]; then if [[ ! -z $GPGKEY ]]; then
error "$(gettext "The key ${GPGKEY} does not exist in your keyring.")" error "$(gettext "The key ${GPGKEY} does not exist in your keyring.")"
elif (( ! KEY )); then elif (( ! KEY )); then