[dak/master] buildd-add-keys: new keys must expire in the future

To: debian-dak@lists.debian.org,dak@commit.ganneff.de
Subject: [dak/master] buildd-add-keys: new keys must expire in the future
From: Ansgar Burchardt <ansgar@debian.org>
Date: Sun, 01 Oct 2017 11:06:52 +0000
Message-id: <[🔎] E1dyc5F-00058y-PF@fasolo.debian.org>

---
 scripts/debian/buildd-add-keys | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/scripts/debian/buildd-add-keys b/scripts/debian/buildd-add-keys
index 8df0a9d1..9c501101 100755
--- a/scripts/debian/buildd-add-keys
+++ b/scripts/debian/buildd-add-keys
@@ -257,8 +257,9 @@ for file in ${KEYS}; do
     # Easiest to compare in epoch, so lets see, 365 days midnight from now,
     # compared with their set expiration date at midnight
     # maxdate should turn out higher. just in case we make it 366 for this check
+    mindate=$(date +%s)
     maxdate=$(date -d '366 day 00:00:00' +%s)
-    if [ ${KEYEXPIRE} -gt ${maxdate} ]; then
+    if [ ${KEYEXPIRE} -gt ${maxdate} -o ${KEYEXPIRE} -le ${mindate} ]; then
         log "Key expiry ${KEYEXPIRE} wrong"
         DATE=$(date -Is)
         mv "${INCOMING}/${file}" "${ERRORS}/keyexpire.${file}.${DATE}"
-- 
2.11.0

Reply to:

Prev by Date: [dak/master] config/debian/daily.tasks: add whitespace to format table nicely again
Next by Date: [dak/master] config/debian: update buildd admin keys from Debian keyring
Previous by thread: [dak/master] config/debian/daily.tasks: add whitespace to format table nicely again
Next by thread: [dak/master] config/debian: update buildd admin keys from Debian keyring
Index(es):
- Date
- Thread