summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDavid Kalnischkies <david@kalnischkies.de>2014-04-14 18:24:17 +0200
committerDavid Kalnischkies <david@kalnischkies.de>2014-09-27 00:12:14 +0200
commitc46a36adaf51fc28464ea1a0e826c754ee60672b (patch)
treebfe38bcb00f7d39febd1e3427b4b75d58f1727e3
parent0b94a7bc2ebb42453d9e22dc58dde76b9261de50 (diff)
downloadapt-c46a36adaf51fc28464ea1a0e826c754ee60672b.tar.gz
add and use 'apt-key verify' which prefers gpgv over gpg
gnupg/gnupg2 can do verify just fine of course, so we don't need to use gpgv here, but it is what we always used in the past, so there might be scripts expecting a certain output and more importantly the output of apt-cdrom contains messages from gpg and even with all the settings we activate to prevent it, it still shows (in some versions) a quiet scary: "gpg: WARNING: Using untrusted key!" message. Keeping the use of gpgv is the simplest way to prevent it. We are increasing also the "Breaks: apt" version from libapt as it requires a newer apt-key than might be installed in partial upgrades.
-rw-r--r--apt-pkg/contrib/gpgv.cc3
-rw-r--r--cmdline/apt-key.in8
-rw-r--r--debian/control2
3 files changed, 10 insertions, 3 deletions
diff --git a/apt-pkg/contrib/gpgv.cc b/apt-pkg/contrib/gpgv.cc
index cd17cd536..9d798cca9 100644
--- a/apt-pkg/contrib/gpgv.cc
+++ b/apt-pkg/contrib/gpgv.cc
@@ -55,7 +55,7 @@ void ExecGPGV(std::string const &File, std::string const &FileGPG,
Args.push_back(aptkey.c_str());
Args.push_back("--quiet");
Args.push_back("--readonly");
- Args.push_back("adv");
+ Args.push_back("verify");
char statusfdstr[10];
if (statusfd != -1)
@@ -77,7 +77,6 @@ void ExecGPGV(std::string const &File, std::string const &FileGPG,
Args.push_back(Opts->Value.c_str());
}
}
- Args.push_back("--verify");
enum { DETACHED, CLEARSIGNED } releaseSignature = (FileGPG != File) ? DETACHED : CLEARSIGNED;
std::vector<std::string> dataHeader;
diff --git a/cmdline/apt-key.in b/cmdline/apt-key.in
index a9a729cce..83a7a31b9 100644
--- a/cmdline/apt-key.in
+++ b/cmdline/apt-key.in
@@ -450,6 +450,14 @@ case "$command" in
$GPG "$@"
merge_back_changes
;;
+ verify)
+ setup_merged_keyring
+ if which gpgv >/dev/null 2>&1; then
+ gpgv --homedir "${GPGHOMEDIR}" --keyring "${GPGHOMEDIR}/pubring.gpg" --ignore-time-conflict "$@"
+ else
+ $GPG --verify "$@"
+ fi
+ ;;
help)
usage
;;
diff --git a/debian/control b/debian/control
index b86e828c5..6d29b0250 100644
--- a/debian/control
+++ b/debian/control
@@ -43,7 +43,7 @@ Architecture: any
Multi-Arch: same
Pre-Depends: ${misc:Pre-Depends}
Depends: ${shlibs:Depends}, ${misc:Depends}
-Breaks: apt (<< 0.9.4~), libapt-inst1.5 (<< 0.9.9~)
+Breaks: apt (<< 1.0.2~), libapt-inst1.5 (<< 0.9.9~)
Section: libs
Description: package management runtime library
This library provides the common functionality for searching and