X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=src%2Fshare%2Fmh%2Frevoke_hostname;h=6b80802408ef0b2eb0a55f9cb422667d1bab813e;hb=1e207b9914d4b19450c94a3de4dbf41305638035;hp=b139cee0cdb4f6488a77797366ee5625fd16469c;hpb=82d758a25428509963ddb2a8f7db05c74348c628;p=monkeysphere.git

diff --git a/src/share/mh/revoke_hostname b/src/share/mh/revoke_hostname
index b139cee..6b80802 100644
--- a/src/share/mh/revoke_hostname
+++ b/src/share/mh/revoke_hostname
@@ -19,7 +19,6 @@ local userID
 local fingerprint
 local tmpuidMatch
 local line
-local uidIndex
 local message
 local revuidCommand
 
@@ -30,7 +29,7 @@ fi
 userID="ssh://${1}"
 
 # make sure the user ID to revoke
-uidIndex=$(find_host_userid "$userID") || \
+find_host_userid "$userID" || \
     failure "No non-revoked user ID found matching '$userID'."
 
 if [ "$PROMPT" = "true" ] ; then
@@ -44,7 +43,14 @@ else
 fi
 
 # actually revoke:
-if <"$GNUPGHOME_HOST/secring.gpg" "$SYSSHAREDIR/keytrans" revokeuserid \
+
+# the gpg secring might not contain the host key we are trying to
+# revoke (let alone any selfsig over that host key), but the plain
+# --export won't contain the secret key.  "keytrans revokeuserid"
+# needs access to both pieces, so we feed it both of them.
+
+if (cat "$GNUPGHOME_HOST/secring.gpg" && gpg_host --export "$HOST_FINGERPRINT") | \
+    "$SYSSHAREDIR/keytrans" revokeuserid \
     "$HOST_FINGERPRINT" "$userID" | gpg_host --import ; then
     gpg_host --check-trustdb