diff options
| author | Kenyon Ralph <kenyon@kenyonralph.com> | 2023-11-29 12:04:06 -0800 |
|---|---|---|
| committer | Kenyon Ralph <kenyon@kenyonralph.com> | 2023-11-29 12:07:59 -0800 |
| commit | 18e4c6108e1957a886c1df5054cff73d35a62006 (patch) | |
| tree | 77fd76d03e386f74d65ca4d6160089a40ad11986 | |
| parent | 4e344a4c1d2862b7cdb900a20222bc22ac5edcf7 (diff) | |
apt-key: remove carriage returns from armored keyrings before dearmoring
Without this, the awk script returns nothing if the armored keyring
uses Windows/DOS-style CRLF line endings (since awk is designed for
processing Unix text files). This would result in a NO_PUBKEY error
during the signature verification part of an apt-get update.
| -rw-r--r-- | cmdline/apt-key.in | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/cmdline/apt-key.in b/cmdline/apt-key.in index 80b0c2ade..4f3e9c8e1 100644 --- a/cmdline/apt-key.in +++ b/cmdline/apt-key.in @@ -446,7 +446,8 @@ dearmor_keyring() { # The awk script is more complex through to skip surrounding garbage and # to support multiple keys in one file (old gpgs generate version headers # which get printed with the original and hence result in garbage input for base64 - awk '/^-----BEGIN/{ x = 1; } + awk '{ gsub(/\r/,"") } +/^-----BEGIN/{ x = 1; } /^$/{ if (x == 1) { x = 2; }; } /^[^=-]/{ if (x == 2) { print $0; }; } /^-----END/{ x = 0; }' | base64 -d |