From c13a823eb5e8b0e7212b880adc8d20bf0c839055 Mon Sep 17 00:00:00 2001 From: canyonknight Date: Tue, 3 Jan 2012 15:33:27 -0500 Subject: [PATCH 2/3] Turn gpg commands into conditional functions in pacman-key Adds conditional operators to arithmetic expansions. If a variable is set to zero and tested in an arithmetic expansion it will have a non-zero return code. Since there are multiple arithmetic expansions, the return codes from gpg are often lost. Conditional operators will not run into this problem. Adds functions for every gpg command. By pulling out the gpg commands from the "program start" section, additional commands can be run before or after a specific gpg command without adding additional clutter to the function call section. This change creates the framework for additional error messages, proper return codes, and exit codes being added to every pacman-key gpg call. Signed-off-by: canyonknight --- scripts/pacman-key.sh.in | 88 +++++++++++++++++++++++++++++++++------------ 1 files changed, 64 insertions(+), 24 deletions(-) diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in index 3e1fc68..52ecc42 100644 --- a/scripts/pacman-key.sh.in +++ b/scripts/pacman-key.sh.in @@ -206,6 +206,14 @@ check_keyring() { fi } +add_keys() { + "${GPG_PACMAN[@]}" --quiet --batch --import "${KEYFILES[@]}" +} + +delete_keys() { + "${GPG_PACMAN[@]}" --quiet --batch --delete-key --yes "${KEYIDS[@]}" +} + edit_keys() { local errors=0; for key in "${KEYIDS[@]}"; do @@ -222,6 +230,14 @@ edit_keys() { done } +export_keys() { + "${GPG_PACMAN[@]}" --armor --export "${KEYIDS[@]}" +} + +finger_keys() { + "${GPG_PACMAN[@]}" --batch --fingerprint "${KEYIDS[@]}" +} + import() { local importdir @@ -274,6 +290,18 @@ initialize() { fi } +list_keys() { + "${GPG_PACMAN[@]}" --batch --list-keys "${KEYIDS[@]}" +} + +list_sigs() { + "${GPG_PACMAN[@]}" --batch --list-sigs "${KEYIDS[@]}" +} + +sign_keys() { + printf 'y\ny\n' | LANG=C "${GPG_PACMAN[@]}" --command-fd 0 --quiet --batch --lsign-key "${KEYIDS[@]}" 2>/dev/null +} + populate_keyring() { local KEYRING_IMPORT_DIR='@pkgdatadir@/keyrings' @@ -375,6 +403,23 @@ populate_keyring() { fi } +receive_keys() { + "${GPG_PACMAN[@]}" --recv-keys "${KEYIDS[@]}" +} + +refresh_keys() { + "${GPG_PACMAN[@]}" --refresh-keys "${KEYIDS[@]}" +} + +verify_sig() { + "${GPG_PACMAN[@]}" --verify $SIGNATURE +} + +updatedb() { + msg "$(gettext "Updating trust database...")" + "${GPG_PACMAN[@]}" --batch --check-trustdb +} + # PROGRAM START if ! type gettext &>/dev/null; then gettext() { @@ -474,29 +519,24 @@ case $numopt in ;; esac -(( ! INIT )) && check_keyring - -(( ADD )) && "${GPG_PACMAN[@]}" --quiet --batch --import "${KEYFILES[@]}" -(( DELETE )) && "${GPG_PACMAN[@]}" --quiet --batch --delete-key --yes "${KEYIDS[@]}" -(( EDITKEY )) && edit_keys -(( EXPORT )) && "${GPG_PACMAN[@]}" --armor --export "${KEYIDS[@]}" -(( FINGER )) && "${GPG_PACMAN[@]}" --batch --fingerprint "${KEYIDS[@]}" -(( IMPORT )) && import -(( IMPORT_TRUSTDB)) && import_trustdb -(( INIT )) && initialize -(( LISTKEYS )) && "${GPG_PACMAN[@]}" --batch --list-keys "${KEYIDS[@]}" -(( LISTSIGS )) && "${GPG_PACMAN[@]}" --batch --list-sigs "${KEYIDS[@]}" -if (( LSIGNKEY )); then - printf 'y\ny\n' | LANG=C "${GPG_PACMAN[@]}" --command-fd 0 --quiet --batch --lsign-key "${KEYIDS[@]}" 2>/dev/null -fi -(( POPULATE )) && populate_keyring -(( RECEIVE )) && "${GPG_PACMAN[@]}" --recv-keys "${KEYIDS[@]}" -(( REFRESH )) && "${GPG_PACMAN[@]}" --refresh-keys "${KEYIDS[@]}" -(( VERIFY )) && "${GPG_PACMAN[@]}" --verify "$SIGNATURE" - -if (( UPDATEDB )); then - msg "$(gettext "Updating trust database...")" - "${GPG_PACMAN[@]}" --batch --check-trustdb -fi +if (( ! INIT )); then check_keyring; fi; + +if (( ADD )); then add_keys; fi; +if (( DELETE )); then delete_keys; fi; +if (( EDITKEY )); then edit_keys; fi; +if (( EXPORT )); then export_keys; fi; +if (( FINGER )); then finger_keys; fi; +if (( IMPORT )); then import; fi; +if (( IMPORT_TRUSTDB)); then import_trustdb; fi; +if (( INIT )); then initialize; fi; +if (( LISTKEYS )); then list_keys; fi; +if (( LISTSIGS )); then list_sigs; fi; +if (( LSIGNKEY )); then sign_keys; fi; +if (( POPULATE )); then populate_keyring; fi; +if (( RECEIVE )); then receive_keys; fi; +if (( REFRESH )); then refresh_keys; fi; +if (( VERIFY )); then verify_sig; fi; + +if (( UPDATEDB )); then updatedb; fi; # vim: set ts=2 sw=2 noet: -- 1.7.8.1