[Pkg-privacy-commits] [Git][pkg-privacy-team/parcimonie][upstream-master] 6 commits: TODO++
intrigeri
intrigeri at debian.org
Sun Jul 8 07:58:49 BST 2018
intrigeri pushed to branch upstream-master at Privacy Maintainers / parcimonie
Commits:
bd4b0353 by intrigeri at 2016-09-11T09:34:56+00:00
TODO++
- - - - -
561538c8 by intrigeri at 2016-09-11T11:55:08+00:00
Honor custom GnuPG homedir in a few places that did not so far.
This resulted for example in the test suite trying to start a dirmngr
using ~/.gnupg/, while we had instructed it to use a custom GnuPG
homedir; as a result, tests were failing for wrong reasons.
- - - - -
f8727293 by intrigeri at 2016-12-06T15:13:42+00:00
Update setup doc to support GnuPG v2 and drop obsolete details.
- - - - -
2d6cbb52 by intrigeri at 2017-06-27T16:32:24+00:00
parcimonie 0.10.3
- - - - -
330c1d9e by intrigeri at 2018-06-30T15:30:04+00:00
Hide spurious "dirmngr:Network:/usr/bin/dirmngr:1:1:" output.
- - - - -
948a4b81 by intrigeri at 2018-06-30T16:25:27+00:00
Don't bloat the logs with fingerprints of keys that could not be found (Closes: #900388)
Thanks to Paul Wise <pabs at debian.org> for the report.
- - - - -
5 changed files:
- TODO
- bin/parcimonie
- lib/App/Parcimonie.pm
- lib/App/Parcimonie/Daemon.pm
- lib/App/Parcimonie/GnuPG/Interface.pm
Changes:
=====================================
TODO
=====================================
--- a/TODO
+++ b/TODO
@@ -3,6 +3,7 @@
* Robustness++
- Don't wait indefinitely for spawned gpg processes. Somehow timeout.
+ - use MooX::StrictConstructor (available in Debian Stretch)
* User feedback
- custom applet icons
=====================================
bin/parcimonie
=====================================
--- a/bin/parcimonie
+++ b/bin/parcimonie
@@ -6,7 +6,7 @@ parcimonie - privacy-friendly helper to refresh a GnuPG keyring
=head1 VERSION
-Version 0.10.2
+Version 0.10.3
=head1 SYNOPSIS
@@ -31,27 +31,21 @@ models parcimonie attempts to help coping with.
1. Configure GnuPG to be able to use a keyserver.
-You can skip this section if you already have configured a keyserver
-in ~/.gnupg/gpg.conf.
+Skip this section if you already have configured a keyserver, or if
+you have gnupg2 2.1.15-9 or newer installed (it comes with a sensible
+default keyserver configuration).
-Else, add to your gpg.conf something along these lines:
+If you are using GnuPG v2, add to ~/.gnupg/dirmngr.conf something like:
keyserver hkp://pool.sks-keyservers.net
-You obviously can choose your preferred keyserver here; if using
-hkps:// (which would be our second choice behind hkpms://), your GnuPG
-installation should support HKPS; on Debian systems, enabling such
-support is done by installing the gnupg-curl package; see those web
-pages for help with GnuPG hkps:// configuration:
+If are still using GnuPG v1, add to gpg.conf something like:
- http://sks-keyservers.net/overview-of-pools.php#pool_hkps
- http://keys.indymedia.org/
-
-You may want parcimonie to use a different keyserver than the one your
-usual GnuPG invocations do. This can be achieved by passing to
-parcimonie a command-line option such as:
+ keyserver hkp://pool.sks-keyservers.net
- --gnupg-extra-arg "--keyserver=hkps://hkps.pool.sks-keyservers.net"
+For hkps:// support with GnuPG v1, install the gnupg1-curl or
+gnupg-curl package, whichever is available in your distribution.
+Or switch to GnuPG v2.
2. Run "parcimonie --verbose".
@@ -134,7 +128,7 @@ L<http://gaffer.ptitcanardnoir.org/intrigeri/code/parcimonie/>
use strict;
use warnings;
-our $VERSION = '0.10.2';
+our $VERSION = '0.10.3';
use FindBin;
use lib "$FindBin::Bin/../lib";
=====================================
lib/App/Parcimonie.pm
=====================================
--- a/lib/App/Parcimonie.pm
+++ b/lib/App/Parcimonie.pm
@@ -174,7 +174,13 @@ sub checkGpgHasDefinedKeyserver {
my $gnupg2 = $arg_ref->{gnupg2};
if ($gnupg2) {
- my @output = capturex(qw{gpg-connect-agent --dirmngr keyserver /bye});
+ my @homedir_args = defined $gnupg_homedir
+ ? ('--homedir', $gnupg_homedir)
+ : ();
+ my @output = capturex(
+ 'gpg-connect-agent', @homedir_args,
+ qw{--dirmngr keyserver /bye}
+ );
my $res = pop @output;
$res eq "OK\n" || croak "Agent replied: $res";
if (@output) {
=====================================
lib/App/Parcimonie/Daemon.pm
=====================================
--- a/lib/App/Parcimonie/Daemon.pm
+++ b/lib/App/Parcimonie/Daemon.pm
@@ -341,7 +341,9 @@ sub tryRecvKey {
my $self = shift;
my $keyid = shift;
my $gpg_output;
- my $gpg_error;
+ my $gpg_error = '';
+ my $filtered_gpg_error = '';
+ my $success;
$self->debug(sprintf("tryRecvKey: trying to fetch %s", $keyid));
$self->notify({ signal => 'FetchBegin', keyid => $keyid });
@@ -353,19 +355,42 @@ sub tryRecvKey {
already_torified => $self->gnupg_already_torified,
gnupg2 => $self->gnupg2,
);
+ $success = 1;
} catch {
$gpg_error = $_;
+ $success = 0;
};
- $gpg_output ||= '';
- my $success = 0;
- if (defined $gpg_error) {
- warn $self->encoding->encode($gpg_error);
+ if ($success) {
+ $gpg_output ||= '';
+ $gpg_error = '';
+ $self->debug($gpg_output);
}
else {
- $self->debug($gpg_output);
- $success = 1;
- $gpg_error = '';
+ if (defined $gpg_error) {
+ $filtered_gpg_error = $gpg_error;
+ # Filter out lines such as:
+ # gpg: keyserver receive failed: No data
+ # gpg: key "0123456789ABCDEF0123456789ABCDEF01234567" not found: Not found
+ # ... followed by " at /path/to/App/Parcimonie/Daemon.pm line 350"
+ $filtered_gpg_error =~ s{
+ ^gpg:\s+
+ (?:
+ keyserver\s+receive\s+failed:\s+No\s+data
+ |
+ key\s+"[^"\n]+"\s+not\s+found:\s+Not\s+found
+ )
+ $
+ (?:
+ [\n]
+ \s+at\s+[^\n]+\s+line\s+\d+[.]
+ $
+ )?
+ [\n]*
+ }{}xmsg;
+ warn $self->encoding->encode($filtered_gpg_error)
+ if length($filtered_gpg_error);
+ }
}
$self->notify({
=====================================
lib/App/Parcimonie/GnuPG/Interface.pm
=====================================
--- a/lib/App/Parcimonie/GnuPG/Interface.pm
+++ b/lib/App/Parcimonie/GnuPG/Interface.pm
@@ -38,10 +38,17 @@ after 'BUILD' => sub {
my $self = shift;
if ($self->gnupg2) {
unless ($self->already_torified) {
- system(q{echo 'use-tor:0:1' | gpgconf --change-options dirmngr});
+ my $gnupg_homedir = defined $self->options->homedir()
+ ? $self->options->homedir()
+ : '';
+ system(
+ q{echo 'use-tor:0:1' | } .
+ "GNUPGHOME='$gnupg_homedir' gpgconf --change-options dirmngr " .
+ ">/dev/null"
+ );
# Passing --runtime to the previous command does not work,
# so we have to:
- systemx(qw{gpgconf --reload dirmngr});
+ system("GNUPGHOME='$gnupg_homedir' gpgconf --reload dirmngr");
}
$self->call('gpg2');
}
View it on GitLab: https://salsa.debian.org/pkg-privacy-team/parcimonie/compare/110ec2d6a4961f061ff0187074cbdf1aa73ffb61...948a4b8142e7141ce12ebe69d63d7aaae828871d
--
View it on GitLab: https://salsa.debian.org/pkg-privacy-team/parcimonie/compare/110ec2d6a4961f061ff0187074cbdf1aa73ffb61...948a4b8142e7141ce12ebe69d63d7aaae828871d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-privacy-commits/attachments/20180708/62c1fa9e/attachment-0001.html>
More information about the Pkg-privacy-commits
mailing list