[Pkg-gnupg-maint] Bug#497825: gpgv should return non-zero exitcode on expired keys (was: Re: gnupg: ignores expiry of archive keys)
Thijs Kinkhorst
thijs at debian.org
Wed Aug 18 18:04:46 UTC 2010
retitle 497825 gpgv should return non-zero exitcode on expired keys
tags 497825 upstream
thanks
Hi Peter,
On woansdei 18 Augustus 2010, Peter Palfrader wrote:
> > Thanks for clarifying again what exactly you're observing. I can indeed
> > reproduce that situation. However, aren't you comparing apples with
> > oranges?
>
> No, I don't think I am. That's their interfaces. With gnupg you check its
> status-fd output and the exit code hardly ever means anything. On the
> other hand gpgv is supposed to be a simple to use too, and its exit code
> is the thing you rely on.
>
> > In your example both gpg and gpgv report exit code 0. Also 'gpg
> > --status-fd=2' and 'gpgv --status-fd=2' both do not output GOODSIG in
> > case of an expired key.
>
> That gpg also exits with code 0 might be a bug, it might even be the
> same bug in the code but as far as the interface goes it doesn't really
> matter with gpg but does with gpgv.
Thanks for the explanation, I'm glad it's now clear that this request is
specifically about the exit code of gpgv and not about signature verification
in general. That wasn't all that clear to me before.
I can see your argument on the exit code, but if that is changed, it should be
done upstream. Werner, what do you think of this request?
Cheers,
Thijs
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnupg-maint/attachments/20100818/3440692d/attachment.pgp>
More information about the Pkg-gnupg-maint
mailing list