X-Git-Url: https://git.saurik.com/apt.git/blobdiff_plain/08fcf9628806af202e555bd02b3611e4e9a3d757..2ed62ba6abcad809d1898a40950f86217af73812:/cmdline/apt-key.in

diff --git a/cmdline/apt-key.in b/cmdline/apt-key.in
index 49056f2a6..21df37ffd 100644
--- a/cmdline/apt-key.in
+++ b/cmdline/apt-key.in
@@ -156,6 +156,13 @@ net_update() {
 }
 
 update() {
+    if [ -z "$APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE" ]; then
+	echo >&2 "Warning: 'apt-key update' is deprecated and should not be used anymore!"
+	if [ -z "$ARCHIVE_KEYRING" ]; then
+	    echo >&2 "Note: In your distribution this command is a no-op and can therefore be removed safely."
+	    exit 0
+	fi
+    fi
     if [ ! -f "$ARCHIVE_KEYRING" ]; then
 	echo >&2 "ERROR: Can't find the archive-keyring"
 	echo >&2 "Is the &keyring-package; package installed?"
@@ -193,8 +200,8 @@ remove_key_from_keyring() {
 	local FINGERPRINTS="${GPGHOMEDIR}/keyringfile.keylst"
 	get_fingerprints_of_keyring "$KEYRINGFILE" > "$FINGERPRINTS"
 
-        # strip leading 0x, if present:
-        KEY="${KEY#0x}"
+	# strip leading 0x, if present:
+	KEY="$(echo "${KEY#0x}" | tr -d ' ')"
 
 	# check if the key is in this keyring
 	if ! grep -iq "^[0-9A-F]*${KEY}$" "$FINGERPRINTS"; then
@@ -299,7 +306,7 @@ merge_all_trusted_keyrings_into_pubring() {
     # does the same as:
     # foreach_keyring_do 'import_keys_from_keyring' "${GPGHOMEDIR}/pubring.gpg"
     # but without using gpg, just cat and find
-    local PUBRING="$(readlink -f "${GPGHOMEDIR}/pubring.gpg")"
+    local PUBRING="$(readlink -f "${GPGHOMEDIR}")/pubring.gpg"
     # if a --keyring was given, just use this one
     if [ -n "$FORCED_KEYRING" ]; then
 	if [ -s "$FORCED_KEYRING" ]; then
@@ -473,6 +480,14 @@ if [ -z "$command" ]; then
 fi
 shift
 
+cleanup_gpg_home() {
+    if [ -z "$GPGHOMEDIR" ]; then return; fi
+    if command_available 'gpgconf'; then
+	GNUPGHOME="${GPGHOMEDIR}" gpgconf --kill gpg-agent >/dev/null 2>&1 || true
+    fi
+    rm -rf "$GPGHOMEDIR"
+}
+
 create_gpg_home() {
     # gpg needs (in different versions more or less) files to function correctly,
     # so we give it its own homedir and generate some valid content for it later on
@@ -484,8 +499,12 @@ create_gpg_home() {
 	fi
     fi
     GPGHOMEDIR="$(mktemp -d)"
-    CURRENTTRAP="${CURRENTTRAP} rm -rf '$(escape_shell "${GPGHOMEDIR}")';"
+    CURRENTTRAP="${CURRENTTRAP} cleanup_gpg_home;"
     trap "${CURRENTTRAP}" 0 HUP INT QUIT ILL ABRT FPE SEGV PIPE TERM
+    if [ -z "$GPGHOMEDIR" ]; then
+	echo "ERROR: Could not create temporary gpg home directory in apt-key ($TMPDIR)"
+	exit 28
+    fi
     chmod 700 "$GPGHOMEDIR"
 }
 
@@ -511,9 +530,11 @@ EOF
 	GPG_EXE="gpg"
     elif command_available 'gpg2'; then
 	GPG_EXE="gpg2"
+    elif command_available 'gpg1'; then
+	GPG_EXE="gpg1"
     else
-	echo >&2 "Error: gnupg or gnupg2 do not seem to be installed,"
-	echo >&2 "Error: but apt-key requires gnupg or gnupg2 for this operation."
+	echo >&2 "Error: gnupg, gnupg2 and gnupg1 do not seem to be installed,"
+	echo >&2 "Error: but apt-key requires gnupg, gnupg2 or gnupg1 for this operation."
 	echo >&2
 	exit 255
     fi
@@ -620,8 +641,9 @@ case "$command" in
 	if [ -n "$GPGV" ] && command_available "$GPGV"; then true;
 	elif command_available 'gpgv'; then GPGV='gpgv';
 	elif command_available 'gpgv2'; then GPGV='gpgv2';
+	elif command_available 'gpgv1'; then GPGV='gpgv1';
 	else
-	   echo >&2 'ERROR: gpgv or gpgv2 required for verification'
+	   echo >&2 'ERROR: gpgv, gpgv2 or gpgv1 required for verification'
 	   exit 29
 	fi
 	# for a forced keyid we need gpg --export, so full wrapping required