Larry Jones wrote: > Sort of -- now I get a failure farther on: Okay, I've installed my original fix.
> ** expected: > .* Good signature from "CVS Test Script .* > .* Good signature from "CVS Test Script .* > ** got: > gpg: Signature made 04/27/06 16:29:32 GMT using DSA key ID F133BDE9 > gpg: Good signature from "CVS Test Script (This secret key is public and used > for testing signed commits with CVS.) <[email protected]>" > gpg: NOTE: secret key F133BDE9 is NOT protected. > FAIL: openpgp-5 Since CVS isn't complaining about the key format, I think it is a good guess that your older version of GPG (1.4.3 is the current stable release) was only parsing the first signature CVS passes it and ignoring the second. Could you please verify? `gpg --detach-sign' some file twice and concatenate the signatures into SIGFILE, then see if your `gpg --verify SIGFILE SIGNEDFILE' reports both signatures in the file or only the first. If it only sees the first, then I will add some code to sanity.sh to detect this case and avoid testing GPG. Thanks, Derek -- Derek R. Price CVS Solutions Architect Ximbiot <http://ximbiot.com> v: +1 248.835.1260 f: +1 248.835.1263 <[EMAIL PROTECTED]> _______________________________________________ Bug-cvs mailing list [email protected] http://lists.nongnu.org/mailman/listinfo/bug-cvs
