[Pgp-tools-commit] r474 - in trunk: caff debian

Peter Palfrader weasel at alioth.debian.org
Sat Jul 31 11:35:39 UTC 2010 

Author: weasel
Date: 2010-07-31 11:35:35 +0000 (Sat, 31 Jul 2010)
New Revision: 474

Modified:
   trunk/caff/caff
   trunk/debian/changelog
Log:
caff: do not stop after importing all keys from the user's gpg dir

Even if all keys to sign were found in the user's normal gpg keyrings we still
need to import them (again) from any keyrings passed with --key-files - the
keys there might be newer, containing new subkeys (for encryption), uids (for
signing) or revocations.

Modified: trunk/caff/caff
===================================================================
--- trunk/caff/caff	2010-07-31 11:35:28 UTC (rev 473)
+++ trunk/caff/caff	2010-07-31 11:35:35 UTC (rev 474)
@@ -1039,18 +1039,12 @@
 sub import_keys_to_sign() {
     # Check if we can find the gpg key from our normal gnupghome, and then
     # try to import it into our working gnupghome directory
-    my $imported_keys = 0;
     foreach my $keyid (@KEYIDS) {
         if (!import_key_from_user_gnupghome($keyid, $GNUPGHOME)) {
             info("Key $keyid imported from your normal GnuPGHOME.");
-            $imported_keys++;
         }
     }
 
-    # If all of the keys have been successfully imported, there is no need to
-    # go further
-    return 1 if ($imported_keys == scalar (@KEYIDS));
-
     # Import user specified key files
     foreach my $keyfile (@{$CONFIG{'key-files'}}) {
         import_key_files($keyfile, $GNUPGHOME);

Modified: trunk/debian/changelog
===================================================================
--- trunk/debian/changelog	2010-07-31 11:35:28 UTC (rev 473)
+++ trunk/debian/changelog	2010-07-31 11:35:35 UTC (rev 474)
@@ -28,8 +28,12 @@
       just to /usr/share/doc/signing-party/caff/caffrc.sample
       (closes: #568052).
     + Fix horrible &function calls used because of broken prototypes.
+    + Even if all keys to sign were found in the user's normal gpg
+      keyrings we still need to import them (again) from any keyrings
+      passed with --key-files - the keys there might be newer, containing
+      new subkeys (for encryption), uids (for signing) or revocations.
 
- -- Peter Palfrader <weasel at debian.org>  Sat, 31 Jul 2010 13:12:41 +0200
+ -- Peter Palfrader <weasel at debian.org>  Sat, 31 Jul 2010 13:18:38 +0200
 
 signing-party (1.1.3-1) unstable; urgency=low

More information about the Pgp-tools-commit mailing list