From d6921742e2338a64cd6cf37c2933ef38d2bc8044 Mon Sep 17 00:00:00 2001
From: Jerome Charaoui <jerome@riseup.net>
Date: Tue, 19 Jul 2016 15:12:55 -0400
Subject: [PATCH] Always delete revoked UIDs (closes #723763)

Finds and deletes all revoked UIDs after finding
a public key.
---
 monkeysign/gpg.py |  2 +-
 monkeysign/ui.py  | 13 +++++++++++++
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/monkeysign/gpg.py b/monkeysign/gpg.py
index 4a05468..dc079fd 100644
--- a/monkeysign/gpg.py
+++ b/monkeysign/gpg.py
@@ -435,7 +435,7 @@ class Keyring():
         # end of copy-paste from sign_key()
         self.context.write(proc.stdin, 'deluid')
         self.context.expect(proc.stderr, 'GOT_IT')
-        self.context.expect(proc.stderr, 'GET_BOOL keyedit.remove.uid.okay')
+        self.context.expect(proc.stderr, r'GET_LINE keyedit.prompt|GET_BOOL keyedit.remove.uid.okay')
         self.context.write(proc.stdin, 'y')
         self.context.expect(proc.stderr, 'GOT_IT')
         self.context.expect(proc.stderr, 'GET_LINE keyedit.prompt')
diff --git a/monkeysign/ui.py b/monkeysign/ui.py
index 304c5f0..9247f90 100644
--- a/monkeysign/ui.py
+++ b/monkeysign/ui.py
@@ -265,6 +265,19 @@ this should not interrupt the flow of the program, but must be visible to the us
             if not self.tmpkeyring.fetch_keys(self.pattern):
                 self.abort(_('could not find key %s in your keyring or keyservers') % self.pattern)
 
+        """we should never sign a revoked UID"""
+        self.del_revoked_uids()
+
+    def del_revoked_uids(self):
+        """this will remove all revoked UIDs"""
+        for fpr, key in self.tmpkeyring.get_keys().iteritems():
+            todelete = []
+            for uid in key.uids.values():
+                if uid.trust == 'r':
+                    todelete.append(uid.uid)
+            for uid in todelete:
+                self.tmpkeyring.del_uid(fpr, uid)
+
     def copy_secrets(self):
         """import secret keys (but only the public part) from your keyring
 
-- 
GitLab