between m-h and m-a (closes MS #2288)
* do not bail or fail on m-h publish-key if the admin interactively
declines to publish one of the keys key (closes MS #1945)
+ * report updated expiration date upon successful conclusion of m-h
+ set-expire (closes MS #2291)
-- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 06 May 2010 11:23:38 -0400
# function to interact with the gpg keyring
gpg_host() {
- GNUPGHOME="$GNUPGHOME_HOST" gpg --no-auto-check-trustdb --no-greeting --quiet --no-tty "$@"
+ GNUPGHOME="$GNUPGHOME_HOST" gpg --no-auto-check-trustdb --trust-model=always --no-greeting --quiet --no-tty "$@"
}
# list the info about the a key, in colon format, to stdout
local extendBy
local keyID
-if [ -z "$1" ] ; then
- cat <<EOF >&2
-Must specify expiration. The possibilities are:
+local formatMsg='
+The possibilities are:
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
- <n>y = key expires in n years
-EOF
- failure
+ <n>y = key expires in n years'
+
+
+if [ -z "$1" ] ; then
+ failure "Must specify expiration.$formatMsg"
fi
extendBy="$1"
shift
+if ! <<<"$extendBy" egrep -q '^[[:digit:]]+[wmy]?$' ; then
+ failure "'$extendBy' is not a valid expiration date.$formatMsg"
+fi
+
keyID=$(check_key_input "$@")
if [ "$PROMPT" != "false" ] ; then
update_pgp_pub_file
+if [ 0 == "$extendBy" ] ; then
+ log info "Key ${keyID} no longer expires."
+else
+ if expiry=$(gpg_host_list_keys "${keyID}" | grep ^pub: | head -n1 | cut -f7 -d: ) ; then
+ log info "Key ${keyID} now expires at $(date '+%F %T' --date "1970-01-01 0:00 UTC + ${expiry} seconds")"
+ else
+ log error "Failed to retrieve new expiration date for key ${keyID}"
+ fi
+fi
+
log info <<EOF
NOTE: Key expiration date adjusted, but not yet published.
Run '$PGRM publish-key' to publish the new expiration date.