/pidgin/main: c259c9a6d184: Fix a couple things about validating...

[Daniel Atallah]

Changeset: c259c9a6d184d515db472dd5a0a1aa12d723ddb0
Author:	 Daniel Atallah <datallah at pidgin.im>
Date:	 2012-10-02 00:15 -0400
Branch:	 release-2.x.y
URL: http://hg.pidgin.im/pidgin/main/rev/c259c9a6d184

Description:

Fix a couple things about validating the gpg key of downloaded GTK+ bundle components

 * Don't import the key into the global public key chain
 * Use a temporary keyring in the staging directory (needs to be an absolute path)
 * Fix an issue creating the temporary keyring (needs to be `touch`ed)

diffstat:

 pidgin/win32/nsis/generate_gtk_zip.sh |  9 +++++----
 1 files changed, 5 insertions(+), 4 deletions(-)

diffs (19 lines):

diff --git a/pidgin/win32/nsis/generate_gtk_zip.sh b/pidgin/win32/nsis/generate_gtk_zip.sh
--- a/pidgin/win32/nsis/generate_gtk_zip.sh
+++ b/pidgin/win32/nsis/generate_gtk_zip.sh
@@ -89,10 +89,11 @@ function download_and_extract {
 			wget "$URL.asc" || exit 1
 		fi
 		#Use our own keyring to avoid adding stuff to the main keyring
-		GPG="gpg -q --keyring $VALIDATION_VALUE-keyring.gpg"
-		$GPG --list-keys "$VALIDATION_VALUE" > /dev/null
-		if [ $? -ne 0 ]; then
-		       	$GPG --keyserver pgp.mit.edu --recv-key "$VALIDATION_VALUE" || exit 1
+		GPG="gpg -q --keyring $STAGE_DIR/$VALIDATION_VALUE-keyring.gpg" 
+		if [[ ! -e $STAGE_DIR/$VALIDATION_VALUE-keyring.gpg \
+				|| `$GPG --list-keys "$VALIDATION_VALUE" > /dev/null && echo -n "0"` -ne 0 ]]; then
+			touch $STAGE_DIR/$VALIDATION_VALUE-keyring.gpg
+		       	$GPG --no-default-keyring --keyserver pgp.mit.edu --recv-key "$VALIDATION_VALUE" || exit 1
 		fi
 		$GPG --verify "$FILE.asc" || (echo "$FILE failed signature verification"; exit 1) || exit 1
 	else