On 18/7/19 6:06 am, Jonas Witschel wrote:
> If an email address is specified, we use --locate-key to look up the key
> using WKD and keyserver as a fallback. If the key is specified as a key
> ID, this doesn't work, so we use the normal keyserver-based --recv-keys.
>
> Note that --refresh-keys still uses the keyservers exclusively for
> refreshing, though the situation might potentially be improved in a new
> version of GnuPG:
> https://lists.gnupg.org/pipermail/gnupg-users/2019-July/062169.html
>
> Signed-off-by: Jonas Witschel <diabo...@gmx.de>
> ---
> scripts/pacman-key.sh.in | 19 ++++++++++++-------
> 1 file changed, 12 insertions(+), 7 deletions(-)
>
> diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in
> index b05754e5..cd214a2e 100644
> --- a/scripts/pacman-key.sh.in
> +++ b/scripts/pacman-key.sh.in
> @@ -455,25 +455,30 @@ lsign_keys() {
> }
>
> receive_keys() {
> - local name id keyids
> + local name id keyids emails
>
> # if the key is not a hex ID, do a lookup
> for name; do
> if [[ $name = ?(0x)+([0-9a-fA-F]) ]]; then
> keyids+=("$name")
> - else
> - if id=$(key_lookup_from_name "$name"); then
> - keyids+=("$id")
> - fi
> + elif [[ $name = *@*.* ]]; then
> + emails+=("$name")
> + elif id=$(key_lookup_from_name "$name"); then
> + keyids+=("$id")
> fi
> done
>
> - (( ${#keyids[*]} > 0 )) || exit 1
> + (( ${#keyids[*]}+${#emails[*]} > 0 )) || exit 1
>
> - if ! "${GPG_PACMAN[@]}" --recv-keys "${keyids[@]}" ; then
> + if (( ${#keyids[*]} > 0 )) && ! "${GPG_PACMAN[@]}" --recv-keys
> "${keyids[@]}" ; then
> error "$(gettext "Remote key not fetched correctly from
> keyserver.")"
> exit 1
> fi
> +
> + if (( ${#emails[*]} > 0 )) && ! "${GPG_PACMAN[@]}" --auto-key-locate
> nodefault,clear,wkd,keyserver --locate-key "${emails[@]}" ; then
Super long line. Please split across two or more lines.
I would also like to see this block placed above the --recv-keys one.
> + error "$(gettext "Remote key not fetched correctly from WKD or
> keyserver.")"
> + exit 1
> + fi
> }
>
> refresh_keys() {
> --
> 2.22.0
> .
>
