[Rpm-maint] [rpm-software-management/rpm] keyring only allows unique key IDs (Issue #3334)

Florian Festi notifications at github.com
Tue Oct 22 09:08:18 UTC 2024


Yes, the code loops over all they and stops if one verifies the signature. If none does we just use the last one (random key) to produce the error messages. This is less than ideal as the messages for the other key(s) could be more meaningful. But the return codes of pgpVerifySignature() don't seem very helpful in making a better decision.

Also having a failure of a signature with multiple candidates that all fail seems like a very rare occasion and I might be fine with the error message being correct enough. 

-- 
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/3334#issuecomment-2428713450
You are receiving this because you are subscribed to this thread.

Message ID: <rpm-software-management/rpm/issues/3334/2428713450 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20241022/e91b079e/attachment.html>


More information about the Rpm-maint mailing list