From 5de465d63efbb82da6127ac927ad29b9c8b1b542 Mon Sep 17 00:00:00 2001 From: Dave Reisner Date: Sun, 13 May 2012 13:05:58 -0400 Subject: pacman-key: test for content in keyring files Test for file content (-s) rather than just existance (-f). This fixes a bug that manifests itself in the case of an empty -revoked file. A zero element 'keys' array would be passed to gpg, forcing it to list and, subsequently, revoke all known keys. Bug introduced in d1240f67eab6. Signed-off-by: Dave Reisner Signed-off-by: Dan McGee --- scripts/pacman-key.sh.in | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'scripts') diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in index 7d6f3875..948c8d52 100644 --- a/scripts/pacman-key.sh.in +++ b/scripts/pacman-key.sh.in @@ -261,7 +261,7 @@ populate_keyring() { # 40CHARFINGERPRINTXXXXXXXXXXXXXXXXXXXXXXX:5: local -A trusted_ids for keyring in "${KEYRINGIDS[@]}"; do - if [[ -f "${KEYRING_IMPORT_DIR}/${keyring}-trusted" ]]; then + if [[ -s "${KEYRING_IMPORT_DIR}/${keyring}-trusted" ]]; then while read key; do # skip comments; these are valid in this file [[ $key = \#* ]] && continue @@ -282,7 +282,7 @@ populate_keyring() { done msg "$(gettext "Importing owner trust values...")" for keyring in "${KEYRINGIDS[@]}"; do - if [[ -f "${KEYRING_IMPORT_DIR}/${keyring}-trusted" ]]; then + if [[ -s "${KEYRING_IMPORT_DIR}/${keyring}-trusted" ]]; then "${GPG_PACMAN[@]}" --import-ownertrust "${KEYRING_IMPORT_DIR}/${keyring}-trusted" fi done @@ -293,7 +293,7 @@ populate_keyring() { # guarantee of identification for the keys. local -A revoked_ids for keyring in "${KEYRINGIDS[@]}"; do - if [[ -f "${KEYRING_IMPORT_DIR}/${keyring}-revoked" ]]; then + if [[ -s "${KEYRING_IMPORT_DIR}/${keyring}-revoked" ]]; then while read key; do key_id="$("${GPG_PACMAN[@]}" --quiet --with-colons --list-key "${key}" 2>/dev/null | grep ^pub | cut -d: -f5)" if [[ -n ${key_id} ]]; then -- cgit v1.2.3