chiark / gitweb /
import: make the user verficiation keyring override the vendor keyring, instead of...
authorLennart Poettering <lennart@poettering.net>
Thu, 22 Jan 2015 16:07:27 +0000 (17:07 +0100)
committerLennart Poettering <lennart@poettering.net>
Thu, 22 Jan 2015 16:50:50 +0000 (17:50 +0100)
This way the user has the ability to remove keys from the
vendor-supplied keyring if he intends so.

src/import/import-common.c

index 395f998..561c77a 100644 (file)
@@ -358,8 +358,7 @@ int import_verify(
                         "--no-auto-check-trustdb",
                         "--batch",
                         "--trust-model=always",
-                        "--keyring=" VENDOR_KEYRING_PATH,
-                        NULL, /* maybe user keyring */
+                        NULL, /* keyring to use */
                         NULL, /* --verify */
                         NULL, /* signature file */
                         NULL, /* dash */
@@ -403,6 +402,8 @@ int import_verify(
                  * otherwise. */
                 if (access(USER_KEYRING_PATH, F_OK) >= 0)
                         cmd[k++] = "--keyring=" USER_KEYRING_PATH;
+                else
+                        cmd[k++] = "--keyring=" VENDOR_KEYRING_PATH;
 
                 cmd[k++] = "--verify";
                 cmd[k++] = sig_file_path;