diff options
author | Dave Reisner <dreisner@archlinux.org> | 2012-04-08 15:40:18 -0400 |
---|---|---|
committer | Dan McGee <dan@archlinux.org> | 2012-04-24 08:38:36 -0500 |
commit | 2d0a00b409cc76527d71d01acd1d517db11a0ff0 (patch) | |
tree | 0eeb320d85157125cc1c0212e4a805a175924983 | |
parent | 00ab01e6342b7183d5a16ae57497b19dc1c2c7dc (diff) | |
download | pacman-2d0a00b409cc76527d71d01acd1d517db11a0ff0.tar.xz |
pacman-key: allow verification of multiple sig files
Loop through arguments passed to verify_sig and treat each as a
signature to be verified against a source file. Output each file as its
checked to avoid ambiguity.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
-rw-r--r-- | doc/pacman-key.8.txt | 2 | ||||
-rw-r--r-- | scripts/pacman-key.sh.in | 15 |
2 files changed, 11 insertions, 6 deletions
diff --git a/doc/pacman-key.8.txt b/doc/pacman-key.8.txt index 96ac31c3..8126edb7 100644 --- a/doc/pacman-key.8.txt +++ b/doc/pacman-key.8.txt @@ -96,7 +96,7 @@ Operations Displays the program version. *-v, \--verify*:: - Verify the given signature file. + Verify the file(s) specified by the signature(s). Options ------- diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in index 75564930..bd2c7397 100644 --- a/scripts/pacman-key.sh.in +++ b/scripts/pacman-key.sh.in @@ -66,7 +66,7 @@ usage() { printf -- "$(gettext " -l, --list-keys List the specified or all keys")\n" printf -- "$(gettext " -r, --recv-keys Fetch the specified keyids")\n" printf -- "$(gettext " -u, --updatedb Update the trustdb of pacman")\n" - printf -- "$(gettext " -v, --verify Verify the file specified by the signature")\n" + printf -- "$(gettext " -v, --verify Verify the file(s) specified by the signature(s)")\n" printf -- "$(gettext " --edit-key Present a menu for key management task on keyids")\n" printf -- "$(gettext " --import Imports pubring.gpg from dir(s)")\n" printf -- "$(gettext " --import-trustdb Imports ownertrust values from trustdb.gpg in dir(s)")\n" @@ -439,10 +439,15 @@ refresh_keys() { } verify_sig() { - if ! "${GPG_PACMAN[@]}" --status-fd 1 --verify "$1" | grep -qE 'TRUST_(FULLY|ULTIMATE)'; then - error "$(gettext "The signature identified by %s could not be verified.")" "$1" - exit 1 - fi + local ret=0 + for sig; do + msg "Checking %s ..." "$sig" + if ! "${GPG_PACMAN[@]}" --status-fd 1 --verify "$sig" | grep -qE 'TRUST_(FULLY|ULTIMATE)'; then + error "$(gettext "The signature identified by %s could not be verified.")" "$sig" + ret=1 + fi + done + exit $ret } updatedb() { |