git.saurik.com Git - apt.git/commit

author	David Kalnischkies <david@kalnischkies.de>
	Tue, 7 Jul 2015 09:46:39 +0000 (11:46 +0200)
committer	David Kalnischkies <david@kalnischkies.de>
	Mon, 10 Aug 2015 15:25:26 +0000 (17:25 +0200)
commit	25f2731928f0b571f7521d7d7a7e301499d0f6ee
tree	62be13a7e3b3835dc76479438825a4b84e4729b8	tree \| snapshot
parent	f14cde2ca702f72415486bf5c310208a7c500e9c	commit \| diff

merge keyrings with cat instead of gpg in apt-key

If all keyrings are simple keyrings we can merge the keyrings with cat
rather than doing a detour over gpg --export | --import (see #790665),
which means 'apt-key verify' can do without gpg and just use gpgv as
before the merging change.

We declare this gpgv usage explicit now in the dependencies. This isn't
a new dependency as gnupg as well as debian-archive-keyring depend on
and we used it before unconditionally, just that we didn't declare it.

The handling of the merged keyring needs to be slightly different as our
merged keyring can end up containing the same key multiple times, but at
least currently gpg does remove only the first occurrence with
--delete-keys, so we move the handling to a if one is gone, all are gone
rather than an (implicit) quid pro quo or even no effect.

Thanks: Daniel Kahn Gillmor for the suggestion

cmdline/apt-key.in		diff \| blob \| blame \| history
debian/control		diff \| blob \| blame \| history
test/integration/test-apt-key		diff \| blob \| blame \| history