From f053141c8744b3f15ffdf488705fb7606cf1ab35 Mon Sep 17 00:00:00 2001
From: Dave Reisner <dreisner@archlinux.org>
Date: Sun, 8 Apr 2012 14:02:39 -0400
Subject: pacman-key: verify TRUST_ULTIMATE keys as good

Extend our grep pattern to match TRUST_ULTIMATE, not just TRUST_FULLY,
as these keys are to be trusted as well.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
---
 scripts/pacman-key.sh.in | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'scripts/pacman-key.sh.in')

diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in
index 9a77a19f..1a2bac34 100644
--- a/scripts/pacman-key.sh.in
+++ b/scripts/pacman-key.sh.in
@@ -441,7 +441,7 @@ refresh_keys() {
 verify_sig() {
 	local fd="$(mktemp)"
 	"${GPG_PACMAN[@]}" --status-file "${fd}" --verify $SIGNATURE
-	if ! grep -q TRUST_FULLY "${fd}"; then
+	if ! grep -qE 'TRUST_(FULLY|ULTIMATE)' "${fd}"; then
 		rm -f "${fd}"
 		error "$(gettext "The signature identified by %s could not be verified.")" "$SIGNATURE"
 		exit 1
-- 
cgit v1.2.3-24-g4f1b