From fea38ed46825dd1aecfd613074789c75deafb6b7 Mon Sep 17 00:00:00 2001
From: tiger-jmw <jmw@tiger-computing.co.uk>
Date: Wed, 5 Apr 2017 13:04:54 +0100
Subject: [PATCH] Ignore subkeys in apt-key's output

The output of `apt-key adv --list-keys --with-colons --fingerprint --fixed-list-mode` is always a `pub` line followed by one of more `fpr` lines (for subkeys, if any). This can cause the wrong pairs of `pub` and `fpr` lines to be hashed, resulting in nonsense.

The ordering `pub`, `fpr`, `pub`, `fpr` is guaranteed by `apt-key`.

Therefore, this commit clears `fpr_line` when a `pub` line is encountered, to reset the grouping. The current code ignores subkeys anyway, so this is no more bad.
---
 lib/puppet/provider/apt_key/apt_key.rb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/lib/puppet/provider/apt_key/apt_key.rb b/lib/puppet/provider/apt_key/apt_key.rb
index d7e85da..5895b31 100644
--- a/lib/puppet/provider/apt_key/apt_key.rb
+++ b/lib/puppet/provider/apt_key/apt_key.rb
@@ -31,6 +31,8 @@ Puppet::Type.type(:apt_key).provide(:apt_key) do
     key_array = key_output.split("\n").collect do |line|
       if line.start_with?('pub')
           pub_line = line
+          # reset fpr_line, to skip any previous subkeys which were collected
+          fpr_line = nil
       elsif line.start_with?('fpr')
           fpr_line = line
       end
-- 
2.32.3