changelog: Respect Dir setting for local changelog getting

[apt.git] / cmdline / apt-key.in

diff --git a/cmdline/apt-key.in b/cmdline/apt-key.in
index 49056f2a6e813d07bd2caa54a8b6c694aca5b4c1..21df37ffdf4aa0f01ca3dc9424a4c4e5569bb17a 100644 (file)
--- a/cmdline/apt-key.in
+++ b/cmdline/apt-key.in
@@ -156,6 +156,13 @@ net_update() {
 }
 
 update() {
+    if [ -z "$APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE" ]; then
+       echo >&2 "Warning: 'apt-key update' is deprecated and should not be used anymore!"
+       if [ -z "$ARCHIVE_KEYRING" ]; then
+           echo >&2 "Note: In your distribution this command is a no-op and can therefore be removed safely."
+           exit 0
+       fi
+    fi
     if [ ! -f "$ARCHIVE_KEYRING" ]; then
        echo >&2 "ERROR: Can't find the archive-keyring"
        echo >&2 "Is the &keyring-package; package installed?"
@@ -193,8 +200,8 @@ remove_key_from_keyring() {
        local FINGERPRINTS="${GPGHOMEDIR}/keyringfile.keylst"
        get_fingerprints_of_keyring "$KEYRINGFILE" > "$FINGERPRINTS"
 
-        # strip leading 0x, if present:
-        KEY="${KEY#0x}"
+       # strip leading 0x, if present:
+       KEY="$(echo "${KEY#0x}" | tr -d ' ')"
 
        # check if the key is in this keyring
        if ! grep -iq "^[0-9A-F]*${KEY}$" "$FINGERPRINTS"; then
@@ -299,7 +306,7 @@ merge_all_trusted_keyrings_into_pubring() {
     # does the same as:
     # foreach_keyring_do 'import_keys_from_keyring' "${GPGHOMEDIR}/pubring.gpg"
     # but without using gpg, just cat and find
-    local PUBRING="$(readlink -f "${GPGHOMEDIR}/pubring.gpg")"
+    local PUBRING="$(readlink -f "${GPGHOMEDIR}")/pubring.gpg"
     # if a --keyring was given, just use this one
     if [ -n "$FORCED_KEYRING" ]; then
        if [ -s "$FORCED_KEYRING" ]; then
@@ -473,6 +480,14 @@ if [ -z "$command" ]; then
 fi
 shift
 
+cleanup_gpg_home() {
+    if [ -z "$GPGHOMEDIR" ]; then return; fi
+    if command_available 'gpgconf'; then
+       GNUPGHOME="${GPGHOMEDIR}" gpgconf --kill gpg-agent >/dev/null 2>&1 || true
+    fi
+    rm -rf "$GPGHOMEDIR"
+}
+
 create_gpg_home() {
     # gpg needs (in different versions more or less) files to function correctly,
     # so we give it its own homedir and generate some valid content for it later on
@@ -484,8 +499,12 @@ create_gpg_home() {
        fi
     fi
     GPGHOMEDIR="$(mktemp -d)"
-    CURRENTTRAP="${CURRENTTRAP} rm -rf '$(escape_shell "${GPGHOMEDIR}")';"
+    CURRENTTRAP="${CURRENTTRAP} cleanup_gpg_home;"
     trap "${CURRENTTRAP}" 0 HUP INT QUIT ILL ABRT FPE SEGV PIPE TERM
+    if [ -z "$GPGHOMEDIR" ]; then
+       echo "ERROR: Could not create temporary gpg home directory in apt-key ($TMPDIR)"
+       exit 28
+    fi
     chmod 700 "$GPGHOMEDIR"
 }
 
@@ -511,9 +530,11 @@ EOF
        GPG_EXE="gpg"
     elif command_available 'gpg2'; then
        GPG_EXE="gpg2"
+    elif command_available 'gpg1'; then
+       GPG_EXE="gpg1"
     else
-       echo >&2 "Error: gnupg or gnupg2 do not seem to be installed,"
-       echo >&2 "Error: but apt-key requires gnupg or gnupg2 for this operation."
+       echo >&2 "Error: gnupg, gnupg2 and gnupg1 do not seem to be installed,"
+       echo >&2 "Error: but apt-key requires gnupg, gnupg2 or gnupg1 for this operation."
        echo >&2
        exit 255
     fi
@@ -620,8 +641,9 @@ case "$command" in
        if [ -n "$GPGV" ] && command_available "$GPGV"; then true;
        elif command_available 'gpgv'; then GPGV='gpgv';
        elif command_available 'gpgv2'; then GPGV='gpgv2';
+       elif command_available 'gpgv1'; then GPGV='gpgv1';
        else
-          echo >&2 'ERROR: gpgv or gpgv2 required for verification'
+          echo >&2 'ERROR: gpgv, gpgv2 or gpgv1 required for verification'
           exit 29
        fi
        # for a forced keyid we need gpg --export, so full wrapping required