On 9/6/20 11:59 am, Eli Schwartz wrote:
We pass this to gpg -u and this gpg option can accept a number of different formats, not just the historical hexadecimal fingerprint we assumed. We should not barf hard if a format is used which happens to contain spaces.
This also fixes a validation bug. When we initially check if the desired key is available, we don't quote spaces, so gpg goes ahead and treats each space-separated string as a *different key* to search for, returning partial matches, and returning success if at least one key is found. But gpg --detach-sign -u will certainly not accept multiple keys!
Fixes FS#66949
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> ---
v2: fix case of GPGKEY="" with signing enabled reporting that no keys exist in the keyring. Only expand the quoted GPGKEY if it is non-empty.
Ack.