From 1a79d9ae58bb375715d207046ef2ce209e9243d8 Mon Sep 17 00:00:00 2001 From: Maykel Moya Date: Wed, 16 Oct 2013 20:42:42 +0200 Subject: [PATCH] apt_key: Validate key_id and accept a leading '0x' --- library/packaging/apt_key | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/library/packaging/apt_key b/library/packaging/apt_key index 8c8dc2bce6..c9a85313b2 100644 --- a/library/packaging/apt_key +++ b/library/packaging/apt_key @@ -76,10 +76,10 @@ EXAMPLES = ''' # Remove an Apt signing key, uses whichever key is at the URL - apt_key: url=https://ftp-master.debian.org/keys/archive-key-6.0.asc state=absent -# Remove a Apt specific signing key -- apt_key: id=473041FA state=absent +# Remove a Apt specific signing key, leading 0x is valid +- apt_key: id=0x473041FA state=absent -# Add a key from a file on the Ansible server +# Add a key from a file on the Ansible server - apt_key: data="{{ lookup('file', 'apt.gpg') }}" state=present # Add an Apt signing key to a specific keyring file @@ -187,7 +187,13 @@ def main(): keyring = module.params['keyring'] state = module.params['state'] changed = False - + + try: + _ = int(key_id, 16) + key_id = key_id.lstrip('0x') + except ValueError: + module.fail_json("Invalid key_id") + # FIXME: I think we have a common facility for this, if not, want check_missing_binaries(module)