#!/bin/bash
. /usr/lib/news/innshellvars

cd $PATHTMP

KEYSURL=ftp://ftp.isc.org/pub/pgpcontrol/PGPKEYS
KEYSFILE=PGPKEYS

KEYRING=${NEWSETC}/pgp/pubring.gpg

trap "rm -f $KEYSFILE" 0 1 2 15

rm -f ${KEYSFILE}
${GETFTP} ${KEYSURL}

test -f ${KEYSFILE} || exit 1

gpg --batch --no-permission-warning \
	--no-default-keyring --keyring=${KEYRING} --no-options \
	--allow-non-selfsigned-uid --fast-import ${KEYSFILE}

exit $$
# this does not work because gpg refuses to use RSA-style fingerprints

KEYSERVER=pool.sks-keyservers.net

SERVERKEYS=$(grep fingerprint ${CTLFILE} \
	| sed -e 's/ //g' -e 's/.*[:=]/0x/' \
	| grep -v '^#')

for key in $SERVERKEYS; do
    gpg --batch --no-permission-warning --verbose \
	--no-default-keyring --keyring=${KEYRING} --no-options \
	--keyserver=${KEYSERVER} --recv-keys ${key}
done

