pacman-key: call gpg fewer times for revocation keys

Instead of iterating over the revocation keyfile and calling gpg once for each key, map the file into an array and call gpg once, iterating over this output to mark each key as revoked. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2024-12-22 07:48:50 -05:00 · 2011-11-25 15:16:46 -05:00 · 2011-11-25 15:16:46 -05:00 · 9aa4d9a7b9
commit 9aa4d9a7b9
parent 2a73f4e994
1 changed files with 5 additions and 6 deletions
--- a/scripts/pacman-key.sh.in
+++ b/scripts/pacman-key.sh.in
@ -284,8 +284,7 @@ populate_keyring() {
 	verify_keyring_input || exit 1

 	# Variable used for iterating on keyrings
-	local key
-	local key_id
+	local keys key_id

 	# Add keys from requested keyrings
 	for keyring in "${KEYRINGIDS[@]}"; do
@ -331,13 +330,13 @@ populate_keyring() {
 	local -A revoked_ids
 	for keyring in "${KEYRINGIDS[@]}"; do
 		if [[ -f "${KEYRING_IMPORT_DIR}/${keyring}-revoked" ]]; then
-			while read key; do
-				key_id="$("${GPG_PACMAN[@]}" --quiet --with-colons --list-key "${key}" 2>/dev/null | grep ^pub | cut -d: -f5)"
-				if [[ -n ${key_id} ]]; then
+			IFS=$'\n' read -r -d '' -a keys < "${KEYRING_IMPORT_DIR}/${keyring}-revoked"
+			while IFS=: read _ _ _ _ key_id _; do
+				if [[ -n $key_id ]]; then
 					# Mark this key to be disabled
 					revoked_ids[$key_id]="${keyring}"
 				fi
-			done < "${KEYRING_IMPORT_DIR}/${keyring}-revoked"
+			done < <("${GPG_PACMAN[@]}" --quiet --with-colons --list-keys "${keys[@]}" 2>/dev/null)
 		fi
 	done