of keyids on the command line, fetches them from a keyserver and calls GnuPG so
that you can sign it. It then mails each key to all its email addresses - only
including the one UID that we send to in each mail, pruned from all but self
-sigs and sigs done by you.
+sigs and sigs done by you. The mailed key is encrypted with itself as a means
+to verify that key belongs to the recipient.
=head1 OPTIONS
EOT
};
+sub check_executable($$) {
+ # (GnuPG::Interface gives lousy errors when the gpg binary isn't found,
+ # so we want to check manually.)
+ my ($purpose, $fn) = @_;
+ # Only check provided fnames with a slash in them.
+ return unless defined $fn;
+ if ($fn =~ m!/!) {
+ die ("$PROGRAM_NAME: $purpose executable '$fn' not found.\n") unless -x $fn;
+ } else {
+ for my $p (split(':', $ENV{PATH})) {
+ return if -x "$p/$fn";
+ };
+ die ("$PROGRAM_NAME: $purpose executable '$fn' not found on path.\n") unless -x $fn;
+ };
+};
+
sub load_config() {
my $config = $ENV{'HOME'} . '/.caffrc';
unless (-f $config) {
$CONFIG{'gpg'} = 'gpg' unless defined $CONFIG{'gpg'};
$CONFIG{'gpg-sign'} = $CONFIG{'gpg'} unless defined $CONFIG{'gpg-sign'};
$CONFIG{'gpg-delsig'} = $CONFIG{'gpg'} unless defined $CONFIG{'gpg-delsig'};
+ check_executable("gpg", $CONFIG{'gpg'});
+ check_executable("gpg-sign", $CONFIG{'gpg-sign'});
+ check_executable("gpg-delsig", $CONFIG{'gpg-delsig'});
$CONFIG{'secret-keyring'} = $ENV{'HOME'}.'/.gnupg/secring.gpg' unless defined $CONFIG{'secret-keyring'};
$CONFIG{'no-download'} = 0 unless defined $CONFIG{'no-download'};
$CONFIG{'no-sign'} = 0 unless defined $CONFIG{'no-sign'};
$message = $stdout;
$message_entity = MIME::Entity->build(
- Type => 'multipart/encrypted; protocol="application/pgp-encrypted"');
+ Type => 'multipart/encrypted; protocol="application/pgp-encrypted"',
+ Encoding => '7bit');
$message_entity->attach(
Type => "application/pgp-encrypted",