summaryrefslogtreecommitdiff
path: root/scripts/Dpkg/Source
diff options
context:
space:
mode:
authorRaphael Hertzog <hertzog@debian.org>2009-06-21 00:16:54 +0200
committerRaphael Hertzog <hertzog@debian.org>2009-06-21 00:16:54 +0200
commit0a3d3fe21b629b55005c14889faaf8f84c4967c7 (patch)
treef4e3884d82cfed0d1c8df063dd23e3bcdd0001c7 /scripts/Dpkg/Source
parentffc5049d6a0faa7b63c423bbb256e7d70662bc7c (diff)
downloaddpkg-0a3d3fe21b629b55005c14889faaf8f84c4967c7.tar.gz
dpkg-source: ensure trustedkeys.gpg is used to check signatures
Diffstat (limited to 'scripts/Dpkg/Source')
-rw-r--r--scripts/Dpkg/Source/Package.pm3
1 files changed, 3 insertions, 0 deletions
diff --git a/scripts/Dpkg/Source/Package.pm b/scripts/Dpkg/Source/Package.pm
index 4f5469d57..ee346f957 100644
--- a/scripts/Dpkg/Source/Package.pm
+++ b/scripts/Dpkg/Source/Package.pm
@@ -283,6 +283,9 @@ sub check_signature {
push @exec, "gpg", "--no-default-keyring", "-q", "--verify";
}
if (scalar(@exec)) {
+ if (-r "$ENV{'HOME'}/.gnupg/trustedkeys.gpg") {
+ push @exec, "--keyring", "$ENV{'HOME'}/.gnupg/trustedkeys.gpg";
+ }
foreach my $vendor_keyring (run_vendor_hook('keyrings')) {
if (-r $vendor_keyring) {
push @exec, "--keyring", $vendor_keyring;