diff options
| author | David Kalnischkies <david@kalnischkies.de> | 2018-08-17 16:33:41 +0200 |
|---|---|---|
| committer | David Kalnischkies <david@kalnischkies.de> | 2018-09-11 13:16:11 +0200 |
| commit | 8375d5b58038fc026098dcccc3de87cd9d740334 (patch) | |
| tree | a7a746154a32e6370293c4bc693692dcdc796dc7 /apt-pkg | |
| parent | ff8fa4ab4b80384a9240f0df63181f71077a8d83 (diff) | |
Support multiple keyrings in sources.list Signed-By
A user can specify multiple fingerprints for a while now, so its seems
counter-intuitive to support only one keyring, especially if this isn't
really checked or enforced and while unlikely mixtures of both should
work properly, too, instead of a kinda random behaviour.
Diffstat (limited to 'apt-pkg')
| -rw-r--r-- | apt-pkg/contrib/gpgv.cc | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/apt-pkg/contrib/gpgv.cc b/apt-pkg/contrib/gpgv.cc index cc1fbc5aa..f8ab8d715 100644 --- a/apt-pkg/contrib/gpgv.cc +++ b/apt-pkg/contrib/gpgv.cc @@ -108,17 +108,20 @@ void ExecGPGV(std::string const &File, std::string const &FileGPG, Args.push_back(aptkey.c_str()); Args.push_back("--quiet"); Args.push_back("--readonly"); - if (key.empty() == false) + auto const keysFileFpr = VectorizeString(key, ','); + for (auto const &k: keysFileFpr) { - if (key[0] == '/') + if (unlikely(k.empty())) + continue; + if (k[0] == '/') { Args.push_back("--keyring"); - Args.push_back(key.c_str()); + Args.push_back(k.c_str()); } else { Args.push_back("--keyid"); - Args.push_back(key.c_str()); + Args.push_back(k.c_str()); } } Args.push_back("verify"); |