From 1d916231a42703efba9a9906b3e02bf4aacccd1c Mon Sep 17 00:00:00 2001
From: Simon McVittie <smcv@debian.org>
Date: Thu, 31 Oct 2024 10:54:13 +0000
Subject: [PATCH] tests: Work around GPG 2.2.45 error behaviour when revoking
 an expired key

In GPG 2.2.45, a diagnostic message about the only trusted key having
already expired causes this import to produce exit status 2, but the
import still succeeds (the key is still revoked).

Bug: https://dev.gnupg.org/T7351
Bug-Debian: https://bugs.debian.org/1086140
---
 tests/test-remote-gpg-list-keys.sh | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/tests/test-remote-gpg-list-keys.sh b/tests/test-remote-gpg-list-keys.sh
index 1c1697d1a6..de24bf4da2 100755
--- a/tests/test-remote-gpg-list-keys.sh
+++ b/tests/test-remote-gpg-list-keys.sh
@@ -137,8 +137,23 @@ else
 
     echo "ok remote expired key"
 
+    # GPG 2.2.45 fails with exit status 2 when importing a revocation cert
+    # for a key that already expired. https://dev.gnupg.org/T7351
+    may_exit_2 () {
+        local e=0
+        "$@" || e="$?"
+        case "$e" in
+            (0|2)
+                return 0
+                ;;
+            (*)
+                fatal "should have exited with status 0 or 2, not $e: $*"
+                ;;
+        esac
+    }
+
     # Revoke key1 and re-import it.
-    ${GPG} --homedir=${TEST_GPG_KEYHOME} --import ${TEST_GPG_KEYHOME}/revocations/key1.rev
+    may_exit_2 ${GPG} --homedir=${TEST_GPG_KEYHOME} --import ${TEST_GPG_KEYHOME}/revocations/key1.rev
     ${GPG} --homedir=${test_tmpdir}/gpghome --armor --export ${TEST_GPG_KEYID_1} > ${test_tmpdir}/key1revoked.asc
     ${OSTREE} remote gpg-import --keyring ${test_tmpdir}/key1revoked.asc R1
     ${OSTREE} remote gpg-list-keys R1 > result