[pacman-dev] [PATCH 1/2] pacman-key: split keyserver to a separate option

Dan McGee dpmcgee at gmail.com
Thu Sep 1 19:20:01 EDT 2011


On Thu, Sep 1, 2011 at 6:04 PM, Allan McRae <allan at archlinux.org> wrote:
> On 02/09/11 08:55, Allan McRae wrote:
>>
>> On 02/09/11 06:36, Dan McGee wrote:
>>>
>>> This also renames '--receive' to '-recv-keys' to match the wrapped gpg
>>> option name, rather than invent a new one, now that the calling
>>> convention is the same.
>>>
>>> Signed-off-by: Dan McGee<dan at archlinux.org>
>>> ---
>>> doc/pacman-key.8.txt | 10 ++++++++--
>>> scripts/pacman-key.sh.in | 29 +++++++++++++++--------------
>>> 2 files changed, 23 insertions(+), 16 deletions(-)
>>>
>>> diff --git a/doc/pacman-key.8.txt b/doc/pacman-key.8.txt
>>> index 7481ce5..824f0b3 100644
>>> --- a/doc/pacman-key.8.txt
>>> +++ b/doc/pacman-key.8.txt
>>> @@ -71,6 +71,12 @@ Options
>>> Ensure the keyring is properly initialized and has the required access
>>> permissions.
>>>
>>> +*\--keyserver*<keyserver>::
>>> + Use the specified keyserver if the operation requires one. This will
>>> take
>>> + precedence over any keyserver option specified in a `gpg.conf`
>>> + configuration file. Running '\--init' with this option will set the
>>> default
>>> + keyserver if one was not already configured.
>>> +
>>> *-l, \--list-keys* [keyid(s)]::
>>> Lists all or specified keys from the public keyring.
>>>
>>> @@ -81,8 +87,8 @@ Options
>>> Locally sign the given key. This is primarily used to root the web of
>>> trust
>>> in the local private key generated by '\--init'.
>>>
>>> -*-r, \--receive*<keyserver> <keyid(s)>::
>>> - Fetch the specified keyid(s) from the specified key server URL.
>>> +*-r, \--recv-keys*<keyid(s)>::
>>> + Equivalent to '\--recv-keys' in GnuPG.
>>>
>>> *\--populate* [keyring(s)]::
>>> Reload the default keys from the (optionally provided) keyrings in
>>> diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in
>>> index 9bb8182..ce95f5d 100644
>>> --- a/scripts/pacman-key.sh.in
>>> +++ b/scripts/pacman-key.sh.in
>>> @@ -35,6 +35,7 @@ FINGER=0
>>> IMPORT=0
>>> IMPORT_TRUSTDB=0
>>> INIT=0
>>> +KEYSERVER=''
>>> LISTKEYS=0
>>> LISTSIGS=0
>>> LSIGNKEY=0
>>> @@ -43,6 +44,8 @@ RECEIVE=0
>>> UPDATEDB=0
>>> VERIFY=0
>>>
>>> +DEFAULT_KEYSERVER='hkp://keys.gnupg.net'
>>> +
>>
>> So the keyserver we have in our gpg.conf file has no effect... Either we
>> should just not pass the --keyserver flag to gpg if none has been
>> specified on the command line, or we should check no keyserver has been
>> defined in gpg.conf before using the default.
>>
>
> Argh... my bad...   I read the patch too fast.  It does exactly as I
> suggested!
>
> But I did find something:
>
>> @@ -366,7 +363,7 @@ fi
>>   OPT_SHORT="a::d:e:f::hl::r:uv:V"
>>   OPT_LONG="add::,config:,delete:,edit-key:,export::,finger::,gpgdir:"
>>   OPT_LONG+=",help,import:,import-trustdb:,init,list-keys::,list-sigs::"
>> -OPT_LONG+=",lsign-key:,populate::,receive:,updatedb,verify:,version"
>> +OPT_LONG+=",lsign-key:,populate::,recv-keys:,updatedb,verify:,version"
>>   if ! OPT_TEMP="$(parse_options $OPT_SHORT $OPT_LONG "$@")"; then
>>       echo; usage; exit 1 # E_INVALID_OPTION;
>>   fi
>
> Need to add "keyserver:" there.

Yeah that might help. Good to test these things, right? :)

-Dan


More information about the pacman-dev mailing list