apt-key: Only use readlink -f for existing components

[apt.git] / cmdline / apt-key.in

diff --git a/cmdline/apt-key.in b/cmdline/apt-key.in
index 511c91c167a1e352bbc711e14bb78d11718f61fa..21df37ffdf4aa0f01ca3dc9424a4c4e5569bb17a 100644 (file)
--- a/cmdline/apt-key.in
+++ b/cmdline/apt-key.in
@@ -200,8 +200,8 @@ remove_key_from_keyring() {
        local FINGERPRINTS="${GPGHOMEDIR}/keyringfile.keylst"
        get_fingerprints_of_keyring "$KEYRINGFILE" > "$FINGERPRINTS"
 
-        # strip leading 0x, if present:
-        KEY="${KEY#0x}"
+       # strip leading 0x, if present:
+       KEY="$(echo "${KEY#0x}" | tr -d ' ')"
 
        # check if the key is in this keyring
        if ! grep -iq "^[0-9A-F]*${KEY}$" "$FINGERPRINTS"; then
@@ -306,7 +306,7 @@ merge_all_trusted_keyrings_into_pubring() {
     # does the same as:
     # foreach_keyring_do 'import_keys_from_keyring' "${GPGHOMEDIR}/pubring.gpg"
     # but without using gpg, just cat and find
-    local PUBRING="$(readlink -f "${GPGHOMEDIR}/pubring.gpg")"
+    local PUBRING="$(readlink -f "${GPGHOMEDIR}")/pubring.gpg"
     # if a --keyring was given, just use this one
     if [ -n "$FORCED_KEYRING" ]; then
        if [ -s "$FORCED_KEYRING" ]; then
@@ -480,6 +480,14 @@ if [ -z "$command" ]; then
 fi
 shift
 
+cleanup_gpg_home() {
+    if [ -z "$GPGHOMEDIR" ]; then return; fi
+    if command_available 'gpgconf'; then
+       GNUPGHOME="${GPGHOMEDIR}" gpgconf --kill gpg-agent >/dev/null 2>&1 || true
+    fi
+    rm -rf "$GPGHOMEDIR"
+}
+
 create_gpg_home() {
     # gpg needs (in different versions more or less) files to function correctly,
     # so we give it its own homedir and generate some valid content for it later on
@@ -491,8 +499,12 @@ create_gpg_home() {
        fi
     fi
     GPGHOMEDIR="$(mktemp -d)"
-    CURRENTTRAP="${CURRENTTRAP} rm -rf '$(escape_shell "${GPGHOMEDIR}")';"
+    CURRENTTRAP="${CURRENTTRAP} cleanup_gpg_home;"
     trap "${CURRENTTRAP}" 0 HUP INT QUIT ILL ABRT FPE SEGV PIPE TERM
+    if [ -z "$GPGHOMEDIR" ]; then
+       echo "ERROR: Could not create temporary gpg home directory in apt-key ($TMPDIR)"
+       exit 28
+    fi
     chmod 700 "$GPGHOMEDIR"
 }
 
@@ -518,9 +530,11 @@ EOF
        GPG_EXE="gpg"
     elif command_available 'gpg2'; then
        GPG_EXE="gpg2"
+    elif command_available 'gpg1'; then
+       GPG_EXE="gpg1"
     else
-       echo >&2 "Error: gnupg or gnupg2 do not seem to be installed,"
-       echo >&2 "Error: but apt-key requires gnupg or gnupg2 for this operation."
+       echo >&2 "Error: gnupg, gnupg2 and gnupg1 do not seem to be installed,"
+       echo >&2 "Error: but apt-key requires gnupg, gnupg2 or gnupg1 for this operation."
        echo >&2
        exit 255
     fi
@@ -627,8 +641,9 @@ case "$command" in
        if [ -n "$GPGV" ] && command_available "$GPGV"; then true;
        elif command_available 'gpgv'; then GPGV='gpgv';
        elif command_available 'gpgv2'; then GPGV='gpgv2';
+       elif command_available 'gpgv1'; then GPGV='gpgv1';
        else
-          echo >&2 'ERROR: gpgv or gpgv2 required for verification'
+          echo >&2 'ERROR: gpgv, gpgv2 or gpgv1 required for verification'
           exit 29
        fi
        # for a forced keyid we need gpg --export, so full wrapping required