On Mon, Nov 03, 2014 at 01:30:10PM +0000, Dimitri John Ledkov wrote: > Package: apt > Version: 1.0.9.3 Check out 1.1~exp4 (and above) which should support gnupg2 already. The problem with supporting gnupg2 is mainly that upstream is suggesting some very disruptive future changes and even with oldschool gnupg we hit some roadblocks. While we can "survive" the later, the earlier is a big threat if a future upgrade of gnupg2 makes apt unusable… As an example: gnupg accepts at most 40 keyrings at the moment and upstream is discussing to drop support for multiple --keyring entirely. (It is mentioned briefly e.g. here: http://lists.gnupg.org/pipermail/gnupg-users/2013-August/047180.html ) We decided (or well, I did and nobody disagreed so far) that we can't continue with our gnupg-elimination and instead have to bite the bullet and make it our dear friend to solve all those problems. > diff --git a/apt-pkg/contrib/gpgv.cc b/apt-pkg/contrib/gpgv.cc > index f24dd96..ea8f03a 100644 > --- a/apt-pkg/contrib/gpgv.cc > +++ b/apt-pkg/contrib/gpgv.cc > @@ -43,7 +43,11 @@ void ExecGPGV(std::string const &File, std::string const &FileGPG, > int const &statusfd, int fd[2]) > { > #define EINTERNAL 111 > - std::string const gpgvpath = _config->Find("Dir::Bin::gpg", "/usr/bin/gpgv"); > + std::string gpgv_bin = "/usr/bin/gpgv2"; > + if (FileExists(gpgv_bin) == false) { > + gpgv_bin = "/usr/bin/gpgv"; > + } > + std::string const gpgvpath = _config->Find("Dir::Bin::gpg", gpgv_bin); > // FIXME: remove support for deprecated APT::GPGV setting > std::string const trustedFile = _config->Find("APT::GPGV::TrustedKeyring", _config->FindFile("Dir::Etc::Trusted")); > std::string const trustedPath = _config->FindDir("Dir::Etc::TrustedParts"); Huh, I didn't realize there is a gpgv2. Could you implement support for it in apt-key? We default to gnupg{,2} if we have no gpgv available for the moment, but this has a slightly different output (which is visible in apt-cdrom add operations) [I doubt there is anyone really caring about it, but it can't hurt, so why not…]. Best regards David Kalnischkies
Attachment:
signature.asc
Description: Digital signature