cmdline/apt-key: fix --check-sigs to ensure that the signature can verify and also...

author Michael Vogt <michael.vogt@ubuntu.com>

Wed, 5 Oct 2011 19:42:34 +0000 (21:42 +0200)

committer Michael Vogt <michael.vogt@ubuntu.com>

Wed, 5 Oct 2011 19:42:34 +0000 (21:42 +0200)
author Michael Vogt <michael.vogt@ubuntu.com>
Wed, 5 Oct 2011 19:42:34 +0000 (21:42 +0200)
committer Michael Vogt <michael.vogt@ubuntu.com>
Wed, 5 Oct 2011 19:42:34 +0000 (21:42 +0200)
diff --git a/cmdline/apt-key b/cmdline/apt-key

index c522d54feb484a0236953cf8cb699b1166d9db9f..9c7804d5b47961af0ad7edb390fda3f1677a577d 100755 (executable)
--- a/cmdline/apt-key
+++ b/cmdline/apt-key
@@ -63,12 +63,11 @@ add_keys_with_verify_against_master_keyring() {
  
          # export the add keyring one-by-one
          rm -f $TMP_KEYRING
  
          # export the add keyring one-by-one
          rm -f $TMP_KEYRING
-        $GPG_CMD --keyring $ADD_KEYRING --export $add_key --output $TMP_KEYRING
-
+        $GPG_CMD --keyring $ADD_KEYRING --output $TMP_KEYRING --export $add_key 
          # check if signed with the master key and only add in this case
          ADDED=0
         for master_key in $master_keys; do
          # check if signed with the master key and only add in this case
          ADDED=0
         for master_key in $master_keys; do
-           if $GPG_CMD --keyring $TMP_KEYRING --check-sigs --with-colons $add_key | grep ^sig | cut -d: -f5 | grep -q $master_key; then
+           if $GPG_CMD --keyring $MASTER_KEYRING --keyring $TMP_KEYRING --check-sigs --with-colons $add_key | grep '^sig:!:' | cut -d: -f5 | grep -q $master_key; then
                 $GPG --import $TMP_KEYRING
                 ADDED=1
             fi
                 $GPG --import $TMP_KEYRING
                 ADDED=1
             fi
author	Michael Vogt <michael.vogt@ubuntu.com>
	Wed, 5 Oct 2011 19:42:34 +0000 (21:42 +0200)
committer	Michael Vogt <michael.vogt@ubuntu.com>
	Wed, 5 Oct 2011 19:42:34 +0000 (21:42 +0200)