summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDave Reisner <dreisner@archlinux.org>2012-05-13 13:05:58 -0400
committerDan McGee <dan@archlinux.org>2012-05-20 17:35:31 -0500
commit5de465d63efbb82da6127ac927ad29b9c8b1b542 (patch)
treef097a1dfda47accda896b2477c351ae2c27c4528
parent233e5f610c409052d4f88382ce5fe97f54fd6e6c (diff)
pacman-key: test for content in keyring files
Test for file content (-s) rather than just existance (-f). This fixes a bug that manifests itself in the case of an empty -revoked file. A zero element 'keys' array would be passed to gpg, forcing it to list and, subsequently, revoke all known keys. Bug introduced in d1240f67eab6. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
-rw-r--r--scripts/pacman-key.sh.in6
1 files changed, 3 insertions, 3 deletions
diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in
index 7d6f3875..948c8d52 100644
--- a/scripts/pacman-key.sh.in
+++ b/scripts/pacman-key.sh.in
@@ -261,7 +261,7 @@ populate_keyring() {
# 40CHARFINGERPRINTXXXXXXXXXXXXXXXXXXXXXXX:5:
local -A trusted_ids
for keyring in "${KEYRINGIDS[@]}"; do
- if [[ -f "${KEYRING_IMPORT_DIR}/${keyring}-trusted" ]]; then
+ if [[ -s "${KEYRING_IMPORT_DIR}/${keyring}-trusted" ]]; then
while read key; do
# skip comments; these are valid in this file
[[ $key = \#* ]] && continue
@@ -282,7 +282,7 @@ populate_keyring() {
done
msg "$(gettext "Importing owner trust values...")"
for keyring in "${KEYRINGIDS[@]}"; do
- if [[ -f "${KEYRING_IMPORT_DIR}/${keyring}-trusted" ]]; then
+ if [[ -s "${KEYRING_IMPORT_DIR}/${keyring}-trusted" ]]; then
"${GPG_PACMAN[@]}" --import-ownertrust "${KEYRING_IMPORT_DIR}/${keyring}-trusted"
fi
done
@@ -293,7 +293,7 @@ populate_keyring() {
# guarantee of identification for the keys.
local -A revoked_ids
for keyring in "${KEYRINGIDS[@]}"; do
- if [[ -f "${KEYRING_IMPORT_DIR}/${keyring}-revoked" ]]; then
+ if [[ -s "${KEYRING_IMPORT_DIR}/${keyring}-revoked" ]]; then
while read key; do
key_id="$("${GPG_PACMAN[@]}" --quiet --with-colons --list-key "${key}" 2>/dev/null | grep ^pub | cut -d: -f5)"
if [[ -n ${key_id} ]]; then