#
#
# patch "NEWS"
#  from [2a563108a72c57d103e283c1b61606851362b26c]
#    to [6f8edd88e9009a6bfa5bd12c1908d65f126cae20]
# 
# patch "cmd_key_cert.cc"
#  from [f4b426aa88a7d6e1e2c92a638d8777b235916d6b]
#    to [b6ed35efc25497f2347adb2cbd7966c6c7c88e7c]
# 
# patch "monotone.texi"
#  from [c61b38b48b6d528d8105e139d3b293cd467c861a]
#    to [0485b5b43a479b58e9d2ce2b82fc365a8f93c281]
# 
# patch "tests/automate_key_manage/__driver__.lua"
#  from [55f0c4b71b2b2387b904dbd53e07aaace3fa7d72]
#    to [18728ef835aa1fae912f3ce587a4c6b3bf892c7b]
#
============================================================
--- NEWS	2a563108a72c57d103e283c1b61606851362b26c
+++ NEWS	6f8edd88e9009a6bfa5bd12c1908d65f126cae20
@@ -83,7 +83,8 @@ Xxx Xxx 99 99:99:99 UTC 2010
 
         New Features
 
-        - New automate versions of 'pubkey' and 'dropkey'. Closes bug 30345.
+        - New automate commands 'pubkey' and 'drop_public_key'. Closes
+          bug 30345.
 
         - The 'disapprove' command now accepts a revision range in
           addition to a single revision.
============================================================
--- cmd_key_cert.cc	f4b426aa88a7d6e1e2c92a638d8777b235916d6b
+++ cmd_key_cert.cc	b6ed35efc25497f2347adb2cbd7966c6c7c88e7c
@@ -139,7 +139,8 @@ dropkey_common (app_state & app,
 
 static void
 dropkey_common (app_state & app,
-                args_vector args)
+                args_vector args,
+                bool drop_private)
 {
   database db(app);
   key_store keys(app);
@@ -165,7 +166,7 @@ dropkey_common (app_state & app,
       checked_db = true;
     }
 
-  if (keys.key_pair_exists(identity.id))
+  if (drop_private && keys.key_pair_exists(identity.id))
     {
       P(F("dropping key pair '%s' from keystore") % identity.id);
       keys.delete_key(identity.id);
@@ -190,18 +191,20 @@ CMD(dropkey, "dropkey", "", CMD_REF(key_
   if (args.size() != 1)
     throw usage(execid);
 
-  dropkey_common (app, args);
+  dropkey_common (app, args,
+                  true); // drop_private
 }
 
-CMD_AUTOMATE(dropkey, N_("KEY_NAME_OR_HASH"),
-    N_("Drops a public and/or private key"),
+CMD_AUTOMATE(drop_public_key, N_("KEY_NAME_OR_HASH"),
+    N_("Drops a public key"),
     "",
     options::opts::none)
 {
   E(args.size() == 1, origin::user,
     F("wrong argument count"));
 
-  dropkey_common (app, args);
+  dropkey_common (app, args,
+                  false); // drop_private
 }
 
 CMD(passphrase, "passphrase", "", CMD_REF(key_and_cert), N_("KEY_NAME_OR_HASH"),
============================================================
--- monotone.texi	c61b38b48b6d528d8105e139d3b293cd467c861a
+++ monotone.texi	0485b5b43a479b58e9d2ce2b82fc365a8f93c281
@@ -9379,7 +9379,7 @@ @section Automation
 
 @end table
 
address@hidden mtn automate dropkey @var{keyid}
address@hidden mtn automate drop_public_key @var{keyid}
 
 @table @strong
 @item Arguments:
@@ -9396,10 +9396,14 @@ @section Automation
 
 @item Purpose:
 
-Same as @command{dropkey}; drops the public and/or private key. This
+Same as @command{dropkey}, except that it does not drop private keys. This
 command should be used with caution as changes are irreversible
 without a backup of the key(s) that were dropped.
 
+Private keys are not dropped because that is very dangerous on a
+server. The only way to drop private keys on a server is via the
+direct @command{mtn dropkey}.
+
 @item Sample output:
 
 None.
============================================================
--- tests/automate_key_manage/__driver__.lua	55f0c4b71b2b2387b904dbd53e07aaace3fa7d72
+++ tests/automate_key_manage/__driver__.lua	18728ef835aa1fae912f3ce587a4c6b3bf892c7b
@@ -1,12 +1,14 @@
 -- Test automate key management functions:
 -- genkey
 -- pubkey
--- dropkey
+-- drop_public_key
 -- read_packets (putkey)
 -- keys
 
 mtn_setup()
 
+include ("common/test_utils_inventory.lua")
+
 check(mtn("automate", "genkey", "address@hidden", "foopass"), 0, false, false)
 check(mtn("pubkey", "address@hidden"), 0, true)
 -- non-automate output uses OS-specific line endings, while automate uses Unix line endings.
@@ -14,11 +16,22 @@ check(samefile("stdout", "key_packet"))
 rename("stdout", "key_packet")
 check(mtn("automate", "pubkey", "address@hidden"), 0, true)
 check(samefile("stdout", "key_packet"))
-check(mtn("automate", "dropkey", "address@hidden"), 0, false, false)
+check(mtn("automate", "drop_public_key", "address@hidden"), 0, false, false)
 
+-- drop_public_key does not drop private key
 check(mtn("automate", "keys"), 0, true)
-check(not qgrep("address@hidden", "stdout"))
+parsed = parse_basic_io(readfile("stdout"))
+i = find_basic_io_line (parsed, {name = "local_name", values = "address@hidden"})
+i = i + 1
+check_basic_io_line (i, parsed[i], "public_location", {"keystore"}, false)
+i = i + 1
+check_basic_io_line (i, parsed[i], "private_location", {"keystore"}, false)
 
 check(mtn("automate", "read_packets", readfile("key_packet")), 0)
 check(mtn("automate", "keys"), 0, true)
-check(qgrep("address@hidden", "stdout"))
+parsed = parse_basic_io(readfile("stdout"))
+i = find_basic_io_line (parsed, {name = "local_name", values = "address@hidden"})
+i = i + 1
+check_basic_io_line (i, parsed[i], "public_location", {"database", "keystore"}, false)
+i = i + 1
+check_basic_io_line (i, parsed[i], "private_location", {"keystore"}, false)