Mirrors/home-manager
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

gpg: fix handling of multiple public keys

Browse source 
When processing `publicKeys` entries, handle entries that contain
multiple public keys (i.e. gpg --show-key returns multiple `pub`
lines) properly, setting the trust level for each key.

PR #2897

(cherry picked from commit 620ed197f3)
This commit is contained in:
Sam Willcocks 2022-04-16 17:45:41 +01:00 committed by Robert Helgesson
parent e997bf4c98
commit 236c6ec214
No known key found for this signature in database
GPG key ID: 36BDAA14C2797E89
1 changed files with 6 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
modules/programs/gpg.nix
View file

@ -109,14 +109,15 @@ let
}
function importTrust() {
local keyId trust
keyId="$(gpgKeyId "$1")"
local keyIds trust
IFS='\n' read -ra keyIds <<< "$(gpgKeyId "$1")"
trust="$2"
if [[ -n $keyId ]] ; then
for id in "''${keyIds[@]}" ; do
{ echo trust; echo "$trust"; (( trust == 5 )) && echo y; echo quit; } \
| ${gpg} --no-tty --command-fd 0 --edit-key "$keyId"
fi
| ${gpg} --no-tty --command-fd 0 --edit-key "$id"
done
}
'';
keyringFiles = let