[Nm-templates-discuss] templates keycheck.sh,1.13,1.14
joerg at haydn.debian.org
joerg at haydn.debian.org
Sun Jul 31 16:36:14 UTC 2005
Update of /cvsroot/nm-templates/templates
In directory haydn:/tmp/cvs-serv17287
Modified Files:
keycheck.sh
Log Message:
Fixed the Check for version 4 keys, now going via fingerprints length
(32 for v3 and older, 40 for v4).
Index: keycheck.sh
===================================================================
RCS file: /cvsroot/nm-templates/templates/keycheck.sh,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -d -r1.13 -r1.14
--- keycheck.sh 1 Apr 2005 21:16:29 -0000 1.13
+++ keycheck.sh 31 Jul 2005 16:36:08 -0000 1.14
@@ -27,7 +27,7 @@
DELETE=no
# The options for the gpg call in this script.
# Contains only options used in ALL gpg calls.
-GPGOPTS=" -q --no-options --no-default-keyring --no-auto-check-trustdb --keyring $DESTDIR/nm.gpg "
+GPGOPTS=" -q --no-options --no-default-keyring --no-auto-check-trustdb --keyring $DESTDIR/nm.gpg --trust-model always"
# For the following calls use LANG=C - some output is used for
# reports to a list / for an english report.
LANG=C
@@ -40,9 +40,9 @@
gpg $2 ${GPGOPTS} -v --with-fingerprint --keyring $DESTDIR/debian-keyring.gpg --keyring $DESTDIR/debian-keyring.pgp --check-sigs $1
echo "Let's test if its a version 4 or greater key"
-VERSION=$(gpg ${GPGOPTS} --export $1 | gpg -qvv 2>/dev/null | head -n 4 | grep version |awk '/version/ {print $2}'| sed "s/\([0-9]\)\,/\1/")
+VERSION=$(gpg ${GPGOPTS} --with-colons --with-fingerprint --list-keys 0x$1 | awk -F : '$1 == "fpr" {print length($10)}')
-if [ $VERSION -lt 4 ]; then
+if [ $VERSION -eq 32 ]; then
echo "Warning: It looks like this key is an Version 3 GPG key. This is bad."
echo "This is not accepted for the NM ID Step. Please doublecheck and then"
echo "get your applicant to send you a correct key if this is script isnt wrong."
More information about the Nm-templates-discuss
mailing list