diff options
| -rw-r--r-- | lib/libalpm/signing.c | 26 | 
1 files changed, 21 insertions, 5 deletions
| diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c index 92f34b56..1a53deaa 100644 --- a/lib/libalpm/signing.c +++ b/lib/libalpm/signing.c @@ -251,10 +251,24 @@ static int key_search(alpm_handle_t *handle, const char *fpr,  	err = gpgme_get_key(ctx, fpr, &key, 0);  	if(gpg_err_code(err) == GPG_ERR_EOF) {  		_alpm_log(handle, ALPM_LOG_DEBUG, "key lookup failed, unknown key\n"); -		ret = 0; -		goto error; -	} else if(gpg_err_code(err) != GPG_ERR_NO_ERROR) { -		_alpm_log(handle, ALPM_LOG_DEBUG, "gpg error: %s\n", gpgme_strerror(err)); +		/* Try an alternate lookup using the 8 character fingerprint value, since +		 * busted-ass keyservers can't support lookups using subkeys with the full +		 * value as of now. This is why 2012 is not the year of PGP encryption. */ +		if(strlen(fpr) > 8) { +			const char *short_fpr = fpr + strlen(fpr) - 8; +			_alpm_log(handle, ALPM_LOG_DEBUG, +					"looking up key %s remotely\n", short_fpr); +			err = gpgme_get_key(ctx, short_fpr, &key, 0); +			if(gpg_err_code(err) == GPG_ERR_EOF) { +				_alpm_log(handle, ALPM_LOG_DEBUG, "key lookup failed, unknown key\n"); +				ret = 0; +			} +		} else { +			ret = 0; +		} +	} + +	if(gpg_err_code(err) != GPG_ERR_NO_ERROR) {  		goto error;  	} @@ -270,9 +284,11 @@ static int key_search(alpm_handle_t *handle, const char *fpr,  	pgpkey->email = key->uids->email;  	pgpkey->created = key->subkeys->timestamp;  	pgpkey->expires = key->subkeys->expires; -	ret = 1; +	gpgme_release(ctx); +	return 1;  error: +	_alpm_log(handle, ALPM_LOG_DEBUG, "gpg error: %s\n", gpgme_strerror(err));  	gpgme_release(ctx);  	return ret;  } | 
