diff options
author | David Kalnischkies <david@kalnischkies.de> | 2015-07-07 11:46:39 +0200 |
---|---|---|
committer | David Kalnischkies <david@kalnischkies.de> | 2015-08-10 17:25:26 +0200 |
commit | 25f2731928f0b571f7521d7d7a7e301499d0f6ee (patch) | |
tree | 62be13a7e3b3835dc76479438825a4b84e4729b8 /test | |
parent | f14cde2ca702f72415486bf5c310208a7c500e9c (diff) |
merge keyrings with cat instead of gpg in apt-key
If all keyrings are simple keyrings we can merge the keyrings with cat
rather than doing a detour over gpg --export | --import (see #790665),
which means 'apt-key verify' can do without gpg and just use gpgv as
before the merging change.
We declare this gpgv usage explicit now in the dependencies. This isn't
a new dependency as gnupg as well as debian-archive-keyring depend on
and we used it before unconditionally, just that we didn't declare it.
The handling of the merged keyring needs to be slightly different as our
merged keyring can end up containing the same key multiple times, but at
least currently gpg does remove only the first occurrence with
--delete-keys, so we move the handling to a if one is gone, all are gone
rather than an (implicit) quid pro quo or even no effect.
Thanks: Daniel Kahn Gillmor for the suggestion
Diffstat (limited to 'test')
-rwxr-xr-x | test/integration/test-apt-key | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/test/integration/test-apt-key b/test/integration/test-apt-key index 4dbf3d66d..1226e7dc4 100755 --- a/test/integration/test-apt-key +++ b/test/integration/test-apt-key @@ -188,7 +188,7 @@ gpg: unchanged: 1' aptkey --fakeroot update adv --batch --yes --default-key 'Marvin' --armor --detach-sign --sign --output signature.gpg signature - for GPGV in 'gpgv' 'gpgv2' '/does/not/exist'; do + for GPGV in '' 'gpgv' 'gpgv2'; do echo "APT::Key::GPGVCommand \"$GPGV\";" > rootdir/etc/apt/apt.conf.d/00gpgvcmd msgtest 'Test verify a file' 'with all keys' |