summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDave Reisner <dreisner@archlinux.org>2012-04-08 15:40:18 -0400
committerDan McGee <dan@archlinux.org>2012-04-24 08:38:36 -0500
commit2d0a00b409cc76527d71d01acd1d517db11a0ff0 (patch)
tree0eeb320d85157125cc1c0212e4a805a175924983
parent00ab01e6342b7183d5a16ae57497b19dc1c2c7dc (diff)
pacman-key: allow verification of multiple sig files
Loop through arguments passed to verify_sig and treat each as a signature to be verified against a source file. Output each file as its checked to avoid ambiguity. Signed-off-by: Dave Reisner <dreisner@archlinux.org>
-rw-r--r--doc/pacman-key.8.txt2
-rw-r--r--scripts/pacman-key.sh.in15
2 files changed, 11 insertions, 6 deletions
diff --git a/doc/pacman-key.8.txt b/doc/pacman-key.8.txt
index 96ac31c3..8126edb7 100644
--- a/doc/pacman-key.8.txt
+++ b/doc/pacman-key.8.txt
@@ -96,7 +96,7 @@ Operations
Displays the program version.
*-v, \--verify*::
- Verify the given signature file.
+ Verify the file(s) specified by the signature(s).
Options
-------
diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in
index 75564930..bd2c7397 100644
--- a/scripts/pacman-key.sh.in
+++ b/scripts/pacman-key.sh.in
@@ -66,7 +66,7 @@ usage() {
printf -- "$(gettext " -l, --list-keys List the specified or all keys")\n"
printf -- "$(gettext " -r, --recv-keys Fetch the specified keyids")\n"
printf -- "$(gettext " -u, --updatedb Update the trustdb of pacman")\n"
- printf -- "$(gettext " -v, --verify Verify the file specified by the signature")\n"
+ printf -- "$(gettext " -v, --verify Verify the file(s) specified by the signature(s)")\n"
printf -- "$(gettext " --edit-key Present a menu for key management task on keyids")\n"
printf -- "$(gettext " --import Imports pubring.gpg from dir(s)")\n"
printf -- "$(gettext " --import-trustdb Imports ownertrust values from trustdb.gpg in dir(s)")\n"
@@ -439,10 +439,15 @@ refresh_keys() {
}
verify_sig() {
- if ! "${GPG_PACMAN[@]}" --status-fd 1 --verify "$1" | grep -qE 'TRUST_(FULLY|ULTIMATE)'; then
- error "$(gettext "The signature identified by %s could not be verified.")" "$1"
- exit 1
- fi
+ local ret=0
+ for sig; do
+ msg "Checking %s ..." "$sig"
+ if ! "${GPG_PACMAN[@]}" --status-fd 1 --verify "$sig" | grep -qE 'TRUST_(FULLY|ULTIMATE)'; then
+ error "$(gettext "The signature identified by %s could not be verified.")" "$sig"
+ ret=1
+ fi
+ done
+ exit $ret
}
updatedb() {