[Nm-templates-discuss] templates keycheck.sh,1.13,1.14

joerg at haydn.debian.org joerg at haydn.debian.org
Sun Jul 31 16:36:14 UTC 2005


Update of /cvsroot/nm-templates/templates
In directory haydn:/tmp/cvs-serv17287

Modified Files:
	keycheck.sh 
Log Message:
Fixed the Check for version 4 keys, now going via fingerprints length
(32 for v3 and older, 40 for v4).


Index: keycheck.sh
===================================================================
RCS file: /cvsroot/nm-templates/templates/keycheck.sh,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -d -r1.13 -r1.14
--- keycheck.sh	1 Apr 2005 21:16:29 -0000	1.13
+++ keycheck.sh	31 Jul 2005 16:36:08 -0000	1.14
@@ -27,7 +27,7 @@
 DELETE=no
 # The options for the gpg call in this script.
 # Contains only options used in ALL gpg calls.
-GPGOPTS=" -q --no-options --no-default-keyring --no-auto-check-trustdb --keyring $DESTDIR/nm.gpg "
+GPGOPTS=" -q --no-options --no-default-keyring --no-auto-check-trustdb --keyring $DESTDIR/nm.gpg --trust-model always"
 # For the following calls use LANG=C - some output is used for
 # reports to a list / for an english report.
 LANG=C
@@ -40,9 +40,9 @@
 gpg $2 ${GPGOPTS} -v --with-fingerprint --keyring $DESTDIR/debian-keyring.gpg --keyring $DESTDIR/debian-keyring.pgp --check-sigs $1
 
 echo "Let's test if its a version 4 or greater key"
-VERSION=$(gpg ${GPGOPTS} --export $1 | gpg -qvv 2>/dev/null | head -n 4 | grep version |awk '/version/ {print $2}'| sed "s/\([0-9]\)\,/\1/")
+VERSION=$(gpg ${GPGOPTS} --with-colons --with-fingerprint --list-keys 0x$1 | awk -F : '$1 == "fpr" {print length($10)}')
 
-if [ $VERSION -lt 4 ]; then
+if [ $VERSION -eq 32 ]; then
 	echo "Warning: It looks like this key is an Version 3 GPG key. This is bad."
 	echo "This is not accepted for the NM ID Step. Please doublecheck and then"
 	echo "get your applicant to send you a correct key if this is script isnt wrong."




More information about the Nm-templates-discuss mailing list