diff options
author | Michael Vogt <michael.vogt@ubuntu.com> | 2011-10-05 21:42:34 +0200 |
---|---|---|
committer | Michael Vogt <michael.vogt@ubuntu.com> | 2011-10-05 21:42:34 +0200 |
commit | f180f39e94c189799b0a0668de801519a5a6108d (patch) | |
tree | 019af2ded959cb21b78cea4566433f8340eb8bf9 | |
parent | 5f8f6b4eccf04b8f66274297b125a5e4cba6e228 (diff) |
cmdline/apt-key: fix --check-sigs to ensure that the signature can verify and also add master keyring to ensure that we can actually verify the signature
-rwxr-xr-x | cmdline/apt-key | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/cmdline/apt-key b/cmdline/apt-key index c522d54fe..9c7804d5b 100755 --- a/cmdline/apt-key +++ b/cmdline/apt-key @@ -63,12 +63,11 @@ add_keys_with_verify_against_master_keyring() { # export the add keyring one-by-one rm -f $TMP_KEYRING - $GPG_CMD --keyring $ADD_KEYRING --export $add_key --output $TMP_KEYRING - + $GPG_CMD --keyring $ADD_KEYRING --output $TMP_KEYRING --export $add_key # check if signed with the master key and only add in this case ADDED=0 for master_key in $master_keys; do - if $GPG_CMD --keyring $TMP_KEYRING --check-sigs --with-colons $add_key | grep ^sig | cut -d: -f5 | grep -q $master_key; then + if $GPG_CMD --keyring $MASTER_KEYRING --keyring $TMP_KEYRING --check-sigs --with-colons $add_key | grep '^sig:!:' | cut -d: -f5 | grep -q $master_key; then $GPG --import $TMP_KEYRING ADDED=1 fi |