From: Leonid Isaev <leonid.isaev@jila.colorado.edu>
Date: Sat May 7 17:24:17 2016 -0600
Subject: [PATCH] Use a more generic regexp when parsing output of gpg(1) in signature verification.

The current way of extracting key trust from output of gpg --verify is not very
robust against changes in the format of said output. As a result, pacman-key
can return an error even if the signature is actuall good.

This change relaxes the regexp when parsing output of gpg.

Signed-off-by: Leonid Isaev <leonid.isaev@jila.colorado.edu>
---
 scripts/pacman-key.sh.in | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in
index 30d2704..0db0952 100644
--- a/scripts/pacman-key.sh.in
+++ b/scripts/pacman-key.sh.in
@@ -483,7 +483,7 @@ verify_sig() {
 	local ret=0
 	for sig; do
 		msg "Checking %s..." "$sig"
-		if ! "${GPG_PACMAN[@]}" --status-fd 1 --verify "$sig" | grep -qE '^\[GNUPG:\] TRUST_(FULLY|ULTIMATE)$'; then
+		if ! "${GPG_PACMAN[@]}" --status-fd 1 --verify "$sig" | grep -qE '^\[GNUPG:\] TRUST_(FULLY|ULTIMATE).*$'; then
 			error "$(gettext "The signature identified by %s could not be verified.")" "$sig"
 			ret=1
 		fi
-- 
2.8.2