[pacman-dev] [PATCH v2] makepkg/repo-add: handle GPGKEY with spaces

Tue Jun 9 01:59:18 UTC 2020

We pass this to gpg -u and this gpg option can accept a number of
different formats, not just the historical hexadecimal fingerprint we
assumed. We should not barf hard if a format is used which happens to
contain spaces.

This also fixes a validation bug. When we initially check if the desired
key is available, we don't quote spaces, so gpg goes ahead and treats
each space-separated string as a *different key* to search for,
returning partial matches, and returning success if at least one key is
found. But gpg --detach-sign -u will certainly not accept multiple keys!

Fixes FS#66949

Signed-off-by: Eli Schwartz <eschwartz at archlinux.org>
---

v2: fix case of GPGKEY="" with signing enabled reporting that no keys
exist in the keyring. Only expand the quoted GPGKEY if it is non-empty.

 scripts/libmakepkg/integrity/generate_signature.sh.in | 6 +++---
 scripts/makepkg.sh.in                                 | 2 +-
 scripts/repo-add.sh.in                                | 8 ++++----
 3 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/scripts/libmakepkg/integrity/generate_signature.sh.in b/scripts/libmakepkg/integrity/generate_signature.sh.in
index aec96c03..748087c2 100644
--- a/scripts/libmakepkg/integrity/generate_signature.sh.in
+++ b/scripts/libmakepkg/integrity/generate_signature.sh.in
@@ -29,12 +29,12 @@ create_signature() {
 	local ret=0
 	local filename="$1"
 
-	local SIGNWITHKEY=""
+	local SIGNWITHKEY=()
 	if [[ -n $GPGKEY ]]; then
-		SIGNWITHKEY="-u ${GPGKEY}"
+		SIGNWITHKEY=(-u "${GPGKEY}")
 	fi
 
-	gpg --detach-sign --use-agent ${SIGNWITHKEY} --no-armor "$filename" &>/dev/null || ret=$?
+	gpg --detach-sign --use-agent "${SIGNWITHKEY[@]}" --no-armor "$filename" &>/dev/null || ret=$?
 
 
 	if (( ! ret )); then
diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in
index 7261fb2c..cc8de5aa 100644
--- a/scripts/makepkg.sh.in
+++ b/scripts/makepkg.sh.in
@@ -1293,7 +1293,7 @@ fi
 # check if gpg signature is to be created and if signing key is valid
 if { [[ -z $SIGNPKG ]] && check_buildenv "sign" "y"; } || [[ $SIGNPKG == 'y' ]]; then
 	SIGNPKG='y'
-	if ! gpg --list-key ${GPGKEY} &>/dev/null; then
+	if ! gpg --list-key ${GPGKEY:+"$GPGKEY"} &>/dev/null; then
 		if [[ ! -z $GPGKEY ]]; then
 			error "$(gettext "The key %s does not exist in your keyring.")" "${GPGKEY}"
 		else
diff --git a/scripts/repo-add.sh.in b/scripts/repo-add.sh.in
index 545c2929..272d8d22 100644
--- a/scripts/repo-add.sh.in
+++ b/scripts/repo-add.sh.in
@@ -137,7 +137,7 @@ check_gpg() {
 	fi
 
 	if (( ! VERIFY )); then
-		if ! gpg --list-key ${GPGKEY} &>/dev/null; then
+		if ! gpg --list-key ${GPGKEY:+"$GPGKEY"} &>/dev/null; then
 			if [[ ! -z $GPGKEY ]]; then
 				error "$(gettext "The key ${GPGKEY} does not exist in your keyring.")"
 			elif (( ! KEY )); then
@@ -155,11 +155,11 @@ create_signature() {
 	local ret=0
 	msg "$(gettext "Signing database '%s'...")" "${dbfile##*/.tmp.}"
 
-	local SIGNWITHKEY=""
+	local SIGNWITHKEY=()
 	if [[ -n $GPGKEY ]]; then
-		SIGNWITHKEY="-u ${GPGKEY}"
+		SIGNWITHKEY=(-u "${GPGKEY}")
 	fi
-	gpg --detach-sign --use-agent --no-armor ${SIGNWITHKEY} "$dbfile" &>/dev/null || ret=$?
+	gpg --detach-sign --use-agent --no-armor "${SIGNWITHKEY[@]}" "$dbfile" &>/dev/null || ret=$?
 
 	if (( ! ret )); then
 		msg2 "$(gettext "Created signature file '%s'")" "${dbfile##*/.tmp.}.sig"
-- 
2.27.0
