mirror of
https://github.com/saltstack/salt.git
synced 2025-04-16 17:50:20 +00:00
4d617dd44a
* Add test for issue 63145
* Make gpg.verify respect gnupghome
* Add `signed_by_any`/`signed_by_all` params to gpg.verify
* Reconsider status check
* Fix tests
* Plug verification issue after status check reconsideration
Since missing pubkeys also cause the previous signature's
fingerprint to be overwritten, this would have led to
situations where the check could have passed when it
should not have.
* Cleanup logic
* Workaround python-gnupg issue
https://github.com/vsajip/python-gnupg/issues/214
* Adapt offical fix for workaround
ee94a7ecc1
That was very fast.
* Backport more meaningful test
* Update versionadded
* Avoid exception on import w/ missing gnupg lib
* Do not apply workaround on fixed versions
* Correct bool comparison
* Account for subkeys
sig_info["fingerprint"] contains the actual signing key's fingerprint,
which might be a subkey. The primary key's fingerprint is always found in
sig_info["pubkey_fingerprint"]. In cases where a signing subkey was
used, the intended behavior is still comparison with the primary key.
* Bump versionadded
* Rename changelog files to .md
59 B
59 B
Added signed_by_any/signed_by_all parameters to gpg.verify