Am 08.03.2014 18:20, schrieb Dave Reisner:
+ pubkey=$(grep VALIDSIG "$statusfile" | sed -nr 's/.* VALIDSIG ([A-Z0-9]*) .*/\1/p;')
I think you just want:
pubkey=$(sed -n '/VALIDSIG/ s/.* VALIDSIG \([[:alnum:]]*\) .*/\1/p' "$statusfile")
sed's -r flag isn't portable.
I took that from another place in makepkg: scripts/makepkg.sh.in:1740: for sofile in $(LC_ALL=C readelf -d "$filename" 2>/dev/null | sed -nr 's/.*Shared library: \[(.*)\].*/\1/p') If it's not portable, it should be fixed there, too.
+ echo "$pubkey"
Don't you only want to echo this if the check that follows succeeds?
Actually, I only need it in the failure case.
+ in_array "$pubkey" ${validpgpkeys[@]}
The array needs quoting.
Not according to the documentation, but sure, I'll add it.
+ return $?
Wholly redundant for this function in its current form.
You are right, although I hate that implicit return value stuff in bash.
+} + check_pgpsigs() { (( SKIPPGPCHECK )) && return 0 ! source_has_signatures && return 0 @@ -1303,9 +1312,12 @@ check_pgpsigs() { if grep -q "REVKEYSIG" "$statusfile"; then printf '%s (%s)' "$(gettext "FAILED")" "$(gettext "the key has been revoked.")" >&2 errors=1 - elif grep -q -e "TRUST_UNDEFINED" -e "TRUST_NEVER" "$statusfile"; then + elif (( ${#validpgpkeys[@]} == 0 )) && grep -q -e "TRUST_UNDEFINED" -e "TRUST_NEVER" "$statusfile"; then printf '%s (%s)' "$(gettext "FAILED")" "$(gettext "the key is not trusted")" >&2 errors=1 + elif (( ${#validpgpkeys[@]} > 0 )) && ! pubkey=$(is_valid_pgpkey "$statusfile"); then + printf "%s (%s $pubkey)" "$(gettext "FAILED")" "$(gettext "invalid key")" + errors=1
Is there a decent way to extract the real status from the file once and then do string comparisons in bash, rather than forking to grep all the time?
You just used the word 'decent' in a sentence that talks about gnupg. We could use read to parse the file, set some variables and test those. Is that desirable?