refactor key removal code to reuse it in next step

Git-Dch: Ignore

diff --git a/cmdline/apt-key.in b/cmdline/apt-key.in
index 9da5fceb81ab510eec6d6b12ff1552333e1fd2b2..9adbd6443eea08667619ce9df57348619130cfa1 100644 (file)
--- a/cmdline/apt-key.in
+++ b/cmdline/apt-key.in
@@ -170,62 +170,69 @@ update() {
 }
 
 remove_key_from_keyring() {
 }
 
 remove_key_from_keyring() {

-    local GPG="$GPG_CMD --keyring $1"
-    # check if the key is in this keyring: the key id is in the 5 column at the end
-    if ! $GPG --with-colons --list-keys 2>&1 | grep -q "^pub:[^:]*:[^:]*:[^:]*:[0-9A-F]\+$2:"; then
-       return
-    fi
-    if [ ! -w "$1" ]; then
-       echo >&2 "Key ${2} is in keyring ${1}, but can't be removed as it is read only."
-       return
-    fi
-    # check if it is the only key in the keyring and if so remove the keyring altogether
-    if [ '1' = "$($GPG --with-colons --list-keys | grep "^pub:[^:]*:[^:]*:[^:]*:[0-9A-F]\+:" | wc -l)" ]; then
-       mv -f "$1" "${1}~" # behave like gpg
-       return
-    fi
-    # we can't just modify pointed to files as these might be in /usr or something
-    local REALTARGET
-    if [ -L "$1" ]; then
-       REALTARGET="$(readlink -f "$1")"
-       mv -f "$1" "${1}.dpkg-tmp"
-       cp -a "$REALTARGET" "$1"
-    fi
-    # delete the key from the keyring
-    $GPG --batch --delete-key --yes "$2"
-    if [ -n "$REALTARGET" ]; then
-       # the real backup is the old link, not the copy we made
-       mv -f "${1}.dpkg-tmp" "${1}~"
-    fi
+    local KEYRINGFILE="$1"
+    shift
+    local GPG="$GPG_CMD --keyring $KEYRINGFILE"
+    while [ -n "$1" ]; do
+       local KEY="$1"
+       shift
+       # check if the key is in this keyring: the key id is in the 5 column at the end
+       if ! $GPG --with-colons --list-keys 2>&1 | grep -q "^pub:[^:]*:[^:]*:[^:]*:[0-9A-F]\+${KEY}:"; then
+           continue
+       fi
+       if [ ! -w "$KEYRINGFILE" ]; then
+           echo >&2 "Key ${KEY} is in keyring ${KEYRINGFILE}, but can't be removed as it is read only."
+           continue
+       fi
+       # check if it is the only key in the keyring and if so remove the keyring altogether
+       if [ '1' = "$($GPG --with-colons --list-keys | grep "^pub:[^:]*:[^:]*:[^:]*:[0-9A-F]\+:" | wc -l)" ]; then
+           mv -f "$KEYRINGFILE" "${KEYRINGFILE}~" # behave like gpg
+           return
+       fi
+       # we can't just modify pointed to files as these might be in /usr or something
+       local REALTARGET
+       if [ -L "$KEYRINGFILE" ]; then
+           REALTARGET="$(readlink -f "$KEYRINGFILE")"
+           mv -f "$KEYRINGFILE" "${KEYRINGFILE}.dpkg-tmp"
+           cp -a "$REALTARGET" "$KEYRINGFILE"
+       fi
+       # delete the key from the keyring
+       $GPG --batch --delete-key --yes "$KEY"
+       if [ -n "$REALTARGET" ]; then
+           # the real backup is the old link, not the copy we made
+           mv -f "${KEYRINGFILE}.dpkg-tmp" "${KEYRINGFILE}~"
+       fi
+    done

 }
 
 remove_key() {
     requires_root
 }
 
 remove_key() {
     requires_root

+    foreach_keyring_do 'remove_key_from_keyring' "$@"
+    aptkey_echo "OK"
+ }

 
 

-    while [ -n "$1" ]; do
-       # if a --keyring was given, just remove from there
-       if [ -n "$FORCED_KEYRING" ]; then
-           remove_key_from_keyring "$FORCED_KEYRING" "$1"
-       else
-           # otherwise all known keyrings are up for inspection
-           local TRUSTEDFILE="/etc/apt/trusted.gpg"
-           eval $(apt-config shell TRUSTEDFILE Apt::GPGV::TrustedKeyring)
-           eval $(apt-config shell TRUSTEDFILE Dir::Etc::Trusted/f)
-           remove_key_from_keyring "$TRUSTEDFILE" "$1"
-           TRUSTEDPARTS="/etc/apt/trusted.gpg.d"
-           eval $(apt-config shell TRUSTEDPARTS Dir::Etc::TrustedParts/d)
-           if [ -d "$TRUSTEDPARTS" ]; then
-               for trusted in $(run-parts --list "$TRUSTEDPARTS" --regex '^.*\.gpg$'); do
-                   remove_key_from_keyring "$trusted" "$1"
-               done
-           fi
+foreach_keyring_do() {
+   local ACTION="$1"
+   shift
+   # if a --keyring was given, just remove from there
+   if [ -n "$FORCED_KEYRING" ]; then
+       $ACTION "$FORCED_KEYRING" "$@"
+   else
+       # otherwise all known keyrings are up for inspection
+       local TRUSTEDFILE="/etc/apt/trusted.gpg"
+       eval $(apt-config shell TRUSTEDFILE Apt::GPGV::TrustedKeyring)
+       eval $(apt-config shell TRUSTEDFILE Dir::Etc::Trusted/f)
+       $ACTION "$TRUSTEDFILE" "$@"
+       local TRUSTEDPARTS="/etc/apt/trusted.gpg.d"
+       eval $(apt-config shell TRUSTEDPARTS Dir::Etc::TrustedParts/d)
+       if [ -d "$TRUSTEDPARTS" ]; then
+           for trusted in $(run-parts --list "$TRUSTEDPARTS" --regex '^.*\.gpg$'); do
+               $ACTION "$trusted" "$@"
+           done

        fi
        fi

-       aptkey_echo "OK"
-       shift
-    done
+   fi

 }
 
 }
 

-

 usage() {
     echo "Usage: apt-key [--keyring file] [command] [arguments]"
     echo
 usage() {
     echo "Usage: apt-key [--keyring file] [command] [arguments]"
     echo