avoid evaluating shell in paths used in apt-key

apt-key creates internally a script (since ~1.1) which it will call to
avoid dealing with an array of different options in the code itself, but
while writing this script it wraps the values in "", which will cause
the shell to evaluate its content upon execution.
To make 'use' of this either set a absolute gpg command or TMPDIR to
something as interesting as:
"/tmp/This is fü\$\$ing cràzy, \$(man man | head -n1 | cut -d' ' -f1)\$!"

If such paths can be encountered in reality is a different question…

1 files changed, 8 insertions, 0 deletions

diff --git a/test/integration/test-apt-key b/test/integration/test-apt-key
index 6a4e0d867..7a2849b4e 100755
--- a/test/integration/test-apt-key
+++ b/test/integration/test-apt-key
@@ -1,6 +1,13 @@
 #!/bin/sh
 set -e
 
+# apt-key is a shell script, so relatively prune to be effected by 'crazy' things:
+# confuses config parser as there exists no way of escaping " currently.
+#TMPDIR="$(mktemp -d)/This is \"fü\$\$ing cràzy\", \$(man man | head -n1 | cut -d' ' -f 1)\$!"
+# gpg doesn't like | in path names – documented e.g. in the man gpg2 --agent-program
+#TMPDIR="$(mktemp -d)/This is fü\$\$ing cràzy, \$(man man | head -n1 | cut -d' ' -f 1)\$!"
+TMPDIR_ADD="This is fü\$\$ing cràzy, \$(apt -v)\$!"
+
 TESTDIR="$(readlink -f "$(dirname "$0")")"
 . "$TESTDIR/framework"
 
@@ -187,6 +194,7 @@ gpg:              unchanged: 1' aptkey --fakeroot update
 	echo 'Verify me. This is my signature.' > signature
 	testsuccess --nomsg aptkey --quiet --keyring keys/marvinparanoid.pub --secret-keyring keys/marvinparanoid.sec --readonly \
 		adv --batch --yes --default-key 'Marvin' --armor --detach-sign --sign --output signature.gpg signature
+	testsuccess test -s signature.gpg -a -s signature
 
 
 	for GPGV in '' 'gpgv' 'gpgv2'; do