On Dec 29, 2007, at 4:45 PM, Jeff Johnson wrote:

>
> (aside) Hmmm, perhaps enough time before rpm-5.0 to collect some  
> additional
> keyring sources in rpmtsFindPubkey():
>     1) drill a FTS file walk through /etc/pki/rpm-gpg
>     2) slurp up ~/.gnupg/pubring.gpg
> as I suggested privately a couple months back.
>


The fts(3) implementation is a file tree walk lazily initialized on
first call to rpmtsFindPubkey() using a path specified by a macro
(with usual undef/%{nil} disabling) that does a per-file callback that
attempts rpmReadPkts() which (if a pubkey is successfully read)
loads the pubkey(s) into the keyutils cache. Reading a pubkey from
a file is already commented out in rpmdb/pkgio.c.

Ditto slurping pubring.gpg specified by macro path (with usual  
disablers),
the only complexity is loop over the possibly multiple pubkey packets
returned from pgpReadPkts() in the pgpDig structure before loading into
keyutils cache.

For extra credit I'm likely to loop over multiple fts(3) roots and  
pubring.gpg
files.

Hmm, actually the above implementations are actually identical, just  
loops within
loops, not really different. One can walk a single file using fts(3)  
too.

What say ye? Shall I chase these two issues for rpm-5.0 (or leave for  
rpm-5.1)?

73 de Jeff