diff options
author | Dave Reisner <dreisner@archlinux.org> | 2012-05-13 13:05:58 -0400 |
---|---|---|
committer | Dan McGee <dan@archlinux.org> | 2012-05-20 17:35:31 -0500 |
commit | 5de465d63efbb82da6127ac927ad29b9c8b1b542 (patch) | |
tree | f097a1dfda47accda896b2477c351ae2c27c4528 | |
parent | 233e5f610c409052d4f88382ce5fe97f54fd6e6c (diff) |
pacman-key: test for content in keyring files
Test for file content (-s) rather than just existance (-f). This fixes a
bug that manifests itself in the case of an empty -revoked file. A zero
element 'keys' array would be passed to gpg, forcing it to list and,
subsequently, revoke all known keys.
Bug introduced in d1240f67eab6.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
-rw-r--r-- | scripts/pacman-key.sh.in | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in index 7d6f3875..948c8d52 100644 --- a/scripts/pacman-key.sh.in +++ b/scripts/pacman-key.sh.in @@ -261,7 +261,7 @@ populate_keyring() { # 40CHARFINGERPRINTXXXXXXXXXXXXXXXXXXXXXXX:5: local -A trusted_ids for keyring in "${KEYRINGIDS[@]}"; do - if [[ -f "${KEYRING_IMPORT_DIR}/${keyring}-trusted" ]]; then + if [[ -s "${KEYRING_IMPORT_DIR}/${keyring}-trusted" ]]; then while read key; do # skip comments; these are valid in this file [[ $key = \#* ]] && continue @@ -282,7 +282,7 @@ populate_keyring() { done msg "$(gettext "Importing owner trust values...")" for keyring in "${KEYRINGIDS[@]}"; do - if [[ -f "${KEYRING_IMPORT_DIR}/${keyring}-trusted" ]]; then + if [[ -s "${KEYRING_IMPORT_DIR}/${keyring}-trusted" ]]; then "${GPG_PACMAN[@]}" --import-ownertrust "${KEYRING_IMPORT_DIR}/${keyring}-trusted" fi done @@ -293,7 +293,7 @@ populate_keyring() { # guarantee of identification for the keys. local -A revoked_ids for keyring in "${KEYRINGIDS[@]}"; do - if [[ -f "${KEYRING_IMPORT_DIR}/${keyring}-revoked" ]]; then + if [[ -s "${KEYRING_IMPORT_DIR}/${keyring}-revoked" ]]; then while read key; do key_id="$("${GPG_PACMAN[@]}" --quiet --with-colons --list-key "${key}" 2>/dev/null | grep ^pub | cut -d: -f5)" if [[ -n ${key_id} ]]; then |