Mirrors/home-manager
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

gpg: fix handling of multiple public keys

Browse source 
When processing `publicKeys` entries, handle entries that contain
multiple public keys (i.e. gpg --show-key returns multiple `pub`
lines) properly, setting the trust level for each key.

PR #2897
This commit is contained in:
Sam Willcocks 2022-04-16 17:45:41 +01:00 committed by Robert Helgesson
parent 8ab155c61f
commit 620ed197f3
No known key found for this signature in database
GPG key ID: 36BDAA14C2797E89
1 changed files with 6 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
modules/programs/gpg.nix
View file

@ -109,14 +109,15 @@ let
} }
function importTrust() { function importTrust() {
local keyId trust local keyIds trust
keyId="$(gpgKeyId "$1")" IFS='\n' read -ra keyIds <<< "$(gpgKeyId "$1")"
trust="$2" trust="$2"
if [[ -n $keyId ]] ; then for id in "''${keyIds[@]}" ; do
{ echo trust; echo "$trust"; (( trust == 5 )) && echo y; echo quit; } \ { echo trust; echo "$trust"; (( trust == 5 )) && echo y; echo quit; } \
| ${gpg} --no-tty --command-fd 0 --edit-key "$keyId" | ${gpg} --no-tty --command-fd 0 --edit-key "$id"
fi done
} }
''; '';
keyringFiles = let keyringFiles = let