Bug#411372: signing-party: $CONFIG{'gpg-sign-args'} not taken into account by caff

[Eric Deplagne]

Hi,

  I did a modification that suits my needs, see the attached patch.

  I'm ready to discuss it here, or anywhere more suitable.

  The idea is that I want to sign different sign-level to different uids
  on the same key (one uid can, say, be the real name, while another one
  is a nickname).

  Of interest in the .caffrc to achieve my goal is
        $CONFIG{'gpg-sign-args'} = '--ask-cert-level';
        $CONFIG{'gpg-post-sign'} = 'save';

  I in fact renamed gpg-sign-args to gpg-post-sign and gave it another name.

  That loop over uids should probably be controlled by an option,
  and my implementation is probably a bit quick, but I think the overall
  idea might be usefull not only to myself.

  I'm looking forward to discussing that.

Regards,

-- 
  Eric Deplagne

--- caff.orig	2007-02-18 15:24:43.000000000 +0100
+++ caff	2007-02-18 19:43:22.000000000 +0100
@@ -173,6 +173,10 @@
 
 Additional arguments to pass to gpg.  Default: none.
 
+=item B<gpg-post-sign> [string]
+
+Commands to run after sign. Example: save. Default: none.
+
 =head2 Keyserver settings
 
 =item B<keyserver> [string]
@@ -1070,19 +1074,24 @@
 
 	info("Sign the following keys according to your policy, then exit gpg with 'save' after signing each key");
 	for my $keyid (@keyids_ok) {
+		my $uid_count=`gpg --list-keys $keyid | wc -l` - 3;
 		foreach my $local_user (@local_user) {
-			my @command;
-			push @command, $CONFIG{'gpg-sign'};
-			push @command, '--local-user', $local_user if (defined $local_user);
-			push @command, "--homedir=$GNUPGHOME";
-			push @command, '--secret-keyring', $CONFIG{'secret-keyring'};
-			push @command, '--no-auto-check-trustdb';
-			push @command, '--trust-model=always';
-			push @command, '--edit', $keyid;
-			push @command, 'sign';
-			push @command, split ' ', $CONFIG{'gpg-sign-args'} || "";
-			print join(' ', @command),"\n";
-			system (@command);
+			for(my $uid=1;$uid<=$uid_count;$uid++) {
+				my @command;
+				push @command, $CONFIG{'gpg-sign'};
+				push @command, '--local-user', $local_user if (defined $local_user);
+				push @command, "--homedir=$GNUPGHOME";
+				push @command, '--secret-keyring', $CONFIG{'secret-keyring'};
+				push @command, '--no-auto-check-trustdb';
+				push @command, '--trust-model=always';
+				push @command, split ' ', $CONFIG{'gpg-sign-args'} || "";
+				push @command, '--edit-key', $keyid;
+				push @command, 'uid', $uid;
+				push @command, 'sign';
+				push @command, split ' ', $CONFIG{'gpg-post-sign'} || "";
+				print join(' ', @command),"\n";
+				system (@command);
+			}
 		};
 	};
 };

signature.asc
Description: Digital signature