From 2c715a922324e0cd1ab50c5ea0b70f12a33565d5 Mon Sep 17 00:00:00 2001 From: Clément Lassieur Date: Wed, 15 Mar 2017 23:49:32 +0100 Subject: gnu: password-store: Fix compatibility with GnuPG 2.1.19. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/packages/patches/password-store-gnupg-compat.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/password-utils.scm (password-store)[source]: Use it. Signed-off-by: Clément Lassieur --- gnu/local.mk | 2 + gnu/packages/password-utils.scm | 4 +- .../patches/password-store-gnupg-compat.patch | 53 ++++++++++++++++++++++ 3 files changed, 58 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/password-store-gnupg-compat.patch diff --git a/gnu/local.mk b/gnu/local.mk index c1b076a5f3..b3aa79ad90 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -9,6 +9,7 @@ # Copyright © 2016 Adonay "adfeno" Felipe Nogueira # Copyright © 2016, 2017 Ricardo Wurmus # Copyright © 2016 Ben Woodcroft +# Copyright © 2017 Clément Lassieur # # This file is part of GNU Guix. # @@ -806,6 +807,7 @@ dist_patch_DATA = \ %D%/packages/patches/ots-no-include-missing-file.patch \ %D%/packages/patches/p7zip-CVE-2016-9296.patch \ %D%/packages/patches/p7zip-remove-unused-code.patch \ + %D%/packages/patches/password-store-gnupg-compat.patch \ %D%/packages/patches/patchelf-page-size.patch \ %D%/packages/patches/patchelf-rework-for-arm.patch \ %D%/packages/patches/patchutils-xfail-gendiff-tests.patch \ diff --git a/gnu/packages/password-utils.scm b/gnu/packages/password-utils.scm index 811173cae4..3f125a0119 100644 --- a/gnu/packages/password-utils.scm +++ b/gnu/packages/password-utils.scm @@ -8,6 +8,7 @@ ;;; Copyright © 2016 Lukas Gradl ;;; Copyright © 2016 Alex Griffin ;;; Copyright © 2017 Leo Famulari +;;; Copyright © 2017 Clément Lassieur ;;; ;;; This file is part of GNU Guix. ;;; @@ -291,7 +292,8 @@ any X11 window.") name "-" version ".tar.xz")) (sha256 (base32 - "002mw7j0m33bw483rllzhcf41wp3ixka8yma6kqrfaj57jyw66hn")))) + "002mw7j0m33bw483rllzhcf41wp3ixka8yma6kqrfaj57jyw66hn")) + (patches (search-patches "password-store-gnupg-compat.patch")))) (build-system gnu-build-system) (arguments '(#:phases diff --git a/gnu/packages/patches/password-store-gnupg-compat.patch b/gnu/packages/patches/password-store-gnupg-compat.patch new file mode 100644 index 0000000000..c314ba6647 --- /dev/null +++ b/gnu/packages/patches/password-store-gnupg-compat.patch @@ -0,0 +1,53 @@ +Copied from upstream mailing list: +https://lists.zx2c4.com/pipermail/password-store/2017-March/002844.html. + +The patch actually restores compatibility with GnuPG 2.1.19, the '2.2.19' in +the commit message is a typo. + +From 8723d8e8192683891904aff321446b0fac37d1ad Mon Sep 17 00:00:00 2001 +From: Andreas Stieger +Date: Fri, 10 Mar 2017 15:43:26 +0100 +Subject: [PATCH] Fix compatibility with GnuPG 2.2.19 + +GnuPG 2.2.19 added a warning when no command was given. + +* src/password-store.sh (reencrypt_path): Add --decrypt to --list-only +* tests/t0300-reencryption.sh (gpg_keys_from_encrypted_file): same + +https://bugs.gnupg.org/gnupg/msg9873 +http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=810adfd47801fc01e45fb71af9f05c91f7890cdb +https://bugzilla.suse.com/show_bug.cgi?id=1028867 +--- + src/password-store.sh | 2 +- + tests/t0300-reencryption.sh | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/password-store.sh b/src/password-store.sh +index 1ab6fb5..bad8d4f 100755 +--- a/src/password-store.sh ++++ b/src/password-store.sh +@@ -125,7 +125,7 @@ reencrypt_path() { + done + gpg_keys="$($GPG $PASSWORD_STORE_GPG_OPTS --list-keys --with-colons "${GPG_RECIPIENTS[@]}" | sed -n 's/sub:[^:]*:[^:]*:[^:]*:\([^:]*\):[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[a-zA-Z]*e[a-zA-Z]*:.*/\1/p' | LC_ALL=C sort -u)" + fi +- current_keys="$($GPG $PASSWORD_STORE_GPG_OPTS -v --no-secmem-warning --no-permission-warning --list-only --keyid-format long "$passfile" 2>&1 | cut -d ' ' -f 5 | LC_ALL=C sort -u)" ++ current_keys="$($GPG $PASSWORD_STORE_GPG_OPTS -v --no-secmem-warning --no-permission-warning --decrypt --list-only --keyid-format long "$passfile" 2>&1 | cut -d ' ' -f 5 | LC_ALL=C sort -u)" + + if [[ $gpg_keys != "$current_keys" ]]; then + echo "$passfile_display: reencrypting to ${gpg_keys//$'\n'/ }" +diff --git a/tests/t0300-reencryption.sh b/tests/t0300-reencryption.sh +index 9d46580..6d5811d 100755 +--- a/tests/t0300-reencryption.sh ++++ b/tests/t0300-reencryption.sh +@@ -10,7 +10,7 @@ canonicalize_gpg_keys() { + $GPG --list-keys --with-colons "$@" | sed -n 's/sub:[^:]*:[^:]*:[^:]*:\([^:]*\):[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[a-zA-Z]*e[a-zA-Z]*:.*/\1/p' | LC_ALL=C sort -u + } + gpg_keys_from_encrypted_file() { +- $GPG -v --no-secmem-warning --no-permission-warning --list-only --keyid-format long "$1" 2>&1 | cut -d ' ' -f 5 | LC_ALL=C sort -u ++ $GPG -v --no-secmem-warning --no-permission-warning --decrypt --list-only --keyid-format long "$1" 2>&1 | cut -d ' ' -f 5 | LC_ALL=C sort -u + } + gpg_keys_from_group() { + local output="$($GPG --list-config --with-colons | sed -n "s/^cfg:group:$1:\\(.*\\)/\\1/p" | head -n 1)" +-- +2.12.0 + -- cgit v1.2.3