From: markus schnalke <meillo@marmaro.de>
Date: Tue, 13 Jan 2015 22:13:59 +0000 (+0100)
Subject: mhsign: use the strongest, newest not-expired secret key
X-Git-Tag: mmh-0.2-RC1~80
X-Git-Url: http://git.marmaro.de/?p=mmh;a=commitdiff_plain;h=1ec0f1695f9f129210f7c3cdc0c85d329cc055df

mhsign: use the strongest, newest not-expired secret key

Is there no GnuPG option to exclude expired keys from the listing?
---

diff --git a/uip/mhsign.sh b/uip/mhsign.sh
index 66ab142..038052b 100755
--- a/uip/mhsign.sh
+++ b/uip/mhsign.sh
@@ -23,7 +23,12 @@ if [ -z "$userid" ] ; then
 fi
 if [ -z "$userid" ] ; then
 	userid="`gpg --list-secret-keys --with-colons 2>/dev/null |
-			sed -n '/^sec/{p;q;}' | cut -d: -f5`"
+			grep '^sec' | sort -t: -k3,3nr -k 6,6nr |
+			awk -F: '
+				$7=="" || $7 > "'"\`date +%Y-%m-%d\`"'" {
+					print $5; exit;
+				}
+			'`"
 fi
 if [ -z "$userid" ] ; then
 	echo "No secret key found" >&2