pacman-key: call gpg fewer times for revocation keys

Instead of iterating over the revocation keyfile and calling gpg once
for each key, map the file into an array and call gpg once, iterating
over this output to mark each key as revoked.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>

1 files changed, 5 insertions, 6 deletions

diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in
index 947d59f9..80bfa5e3 100644
--- a/scripts/pacman-key.sh.in
+++ b/scripts/pacman-key.sh.in
@@ -284,8 +284,7 @@ populate_keyring() {
 	verify_keyring_input || exit 1
 
 	# Variable used for iterating on keyrings
-	local key
-	local key_id
+	local keys key_id
 
 	# Add keys from requested keyrings
 	for keyring in "${KEYRINGIDS[@]}"; do
@@ -331,13 +330,13 @@ populate_keyring() {
 	local -A revoked_ids
 	for keyring in "${KEYRINGIDS[@]}"; do
 		if [[ -f "${KEYRING_IMPORT_DIR}/${keyring}-revoked" ]]; then
-			while read key; do
-				key_id="$("${GPG_PACMAN[@]}" --quiet --with-colons --list-key "${key}" 2>/dev/null | grep ^pub | cut -d: -f5)"
-				if [[ -n ${key_id} ]]; then
+			IFS=$'\n' read -r -d '' -a keys < "${KEYRING_IMPORT_DIR}/${keyring}-revoked"
+			while IFS=: read _ _ _ _ key_id _; do
+				if [[ -n $key_id ]]; then
 					# Mark this key to be disabled
 					revoked_ids[$key_id]="${keyring}"
 				fi
-			done < "${KEYRING_IMPORT_DIR}/${keyring}-revoked"
+			done < <("${GPG_PACMAN[@]}" --quiet --with-colons --list-keys "${keys[@]}" 2>/dev/null)
 		fi
 	done