This is an automated email from the ASF dual-hosted git repository.
sebb pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/whimsy.git
The following commit(s) were added to refs/heads/master by this push:
new 5b679a64 Always fetch current key
5b679a64 is described below
commit 5b679a64a3703fd09d59ab1b4e2b585484a26df0
Author: Sebb <[email protected]>
AuthorDate: Sun Aug 25 20:05:36 2024 +0100
Always fetch current key
---
.../workbench/views/actions/check-signature.json.rb | 12 ++++--------
1 file changed, 4 insertions(+), 8 deletions(-)
diff --git a/www/secretary/workbench/views/actions/check-signature.json.rb
b/www/secretary/workbench/views/actions/check-signature.json.rb
index 935b751b..a0c14bff 100644
--- a/www/secretary/workbench/views/actions/check-signature.json.rb
+++ b/www/secretary/workbench/views/actions/check-signature.json.rb
@@ -80,21 +80,17 @@ def validate_sig(attachment, signature, msgid)
gpg = `which gpg2`.chomp
gpg = `which gpg`.chomp if gpg.empty?
- # run gpg verify command
+ # run gpg verify command - this is needed to determine the key-id
# TODO: may need to drop the keyid-format parameter when gpg is updated as
it might
# reduce the keyid length from the full fingerprint
out, err, rc = Open3.capture3 gpg,
'--keyid-format', 'long', # Show a longer id
'--verify', signature.path, attachment.path
- # if key is not found, fetch and try again
- if
- err.include? "gpg: Can't check signature: No public key" or
- err.include? "gpg: Can't check signature: public key not found"
+ # Look for the keyid so we can fetch the current key
+ keyid = err[/[RD]SA key (ID )?(\w+)/,2]
+ if keyid
then
- # extract and fetch key
- keyid = err[/[RD]SA key (ID )?(\w+)/,2]
-
# Try to fetch the key
Dir.mktmpdir do |dir|
found = false
