[Rt-commit] rt branch, 4.4/work-with-both-gnupgs, updated. rt-4.4.2-108-g357e8e956
Brian Duggan
brian at bestpractical.com
Thu May 3 10:30:50 EDT 2018
The branch, 4.4/work-with-both-gnupgs has been updated
via 357e8e956da2f8bb6c1af2936a31dde69965a9ff (commit)
via cae2234eef3eba70ac6ee1b2a44ed7fdd5563c37 (commit)
via 4848a10615e2556117cc6a7feb95d137f6cd6294 (commit)
via 2bc9f5abde11dec0dcccf551da7941d50cc3081b (commit)
via 682a93d0e63b95243b8701280e17311a2c8a86f8 (commit)
via ccb2780277f73579b188a7525fd6a6ee8a48c57c (commit)
from 61f359f1c4f7e36d5e399c1a6c73b277d097e7d6 (commit)
Summary of changes:
lib/RT/Crypt/GnuPG.pm | 8 +++--
t/mail/gnupg-bad.t | 35 ++++++++++++++++++++--
t/mail/gnupg-incoming.t | 29 ++++++++++++++++--
t/mail/gnupg-outgoing-signed-plaintext.t | 31 +++++++++++++++++++
.../CVE-2012-4735-incoming-encryption-header.t | 2 +-
5 files changed, 96 insertions(+), 9 deletions(-)
- Log -----------------------------------------------------------------
commit ccb2780277f73579b188a7525fd6a6ee8a48c57c
Author: Brian C. Duggan <brian at bestpractical.com>
Date: Thu Apr 19 12:51:02 2018 -0400
Parse GnuPG subkeys for 2.x
Parse subkeys in colons output for gpg 2.x. Preserve behavior for
previous versions.
diff --git a/lib/RT/Crypt/GnuPG.pm b/lib/RT/Crypt/GnuPG.pm
index db7df668d..72aa74fe0 100644
--- a/lib/RT/Crypt/GnuPG.pm
+++ b/lib/RT/Crypt/GnuPG.pm
@@ -1657,12 +1657,15 @@ sub ParseKeysInfo {
my %gpg_opt = RT->Config->Get('GnuPGOptions');
+ my $gnupg = GnuPG::Interface->new;
+ my @gnupg_versions = split /\./, $gnupg->version;
+
my @res = ();
foreach my $line( @lines ) {
chomp $line;
my $tag;
($tag, $line) = split /:/, $line, 2;
- if ( $tag eq 'pub' ) {
+ if ( $tag eq 'pub' || $gnupg_versions[0] >= 2 && $tag eq 'sub' ) {
my %info;
@info{ qw(
TrustChar KeyLength Algorithm Key
@@ -1690,7 +1693,7 @@ sub ParseKeysInfo {
foreach qw(Created Expire);
push @res, \%info;
}
- elsif ( $tag eq 'sec' ) {
+ elsif ( $tag eq 'sec' || $gnupg_versions[0] >= 2 && $tag eq 'ssb' ) {
my %info;
@info{ qw(
Empty KeyLength Algorithm Key
commit 682a93d0e63b95243b8701280e17311a2c8a86f8
Author: Brian C. Duggan <brian at bestpractical.com>
Date: Thu Apr 19 12:59:27 2018 -0400
Ignore DECRYPTION_KEY GnuPG status message
diff --git a/lib/RT/Crypt/GnuPG.pm b/lib/RT/Crypt/GnuPG.pm
index 72aa74fe0..e12dd30d2 100644
--- a/lib/RT/Crypt/GnuPG.pm
+++ b/lib/RT/Crypt/GnuPG.pm
@@ -1328,6 +1328,7 @@ my %ignore_keyword = map { $_ => 1 } qw(
ENC_TO BEGIN_DECRYPTION END_DECRYPTION GOODMDC
TRUST_UNDEFINED TRUST_NEVER TRUST_MARGINAL TRUST_FULLY TRUST_ULTIMATE
DECRYPTION_INFO KEY_CONSIDERED PINENTRY_LAUNCHED FAILURE
+ DECRYPTION_KEY
);
sub ParseStatus {
commit 2bc9f5abde11dec0dcccf551da7941d50cc3081b
Author: Brian C. Duggan <brian at bestpractical.com>
Date: Thu Apr 19 13:16:33 2018 -0400
Use GnuPG 2.1 homedir for t/mail/gnupg-bad.t
Use homedir with 2.1.x-specific configurations. Stop gpg-agent at the
beginning and end of the test.
diff --git a/t/mail/gnupg-bad.t b/t/mail/gnupg-bad.t
index a9fd45a49..50db69566 100644
--- a/t/mail/gnupg-bad.t
+++ b/t/mail/gnupg-bad.t
@@ -1,13 +1,42 @@
use strict;
use warnings;
+my $gnupg;
+my @gnupg_versions;
+my $homedir;
+BEGIN {
+ require RT::Test;
+ require GnuPG::Interface;
+
+ $gnupg = GnuPG::Interface->new;
+ @gnupg_versions = split /\./, $gnupg->version;
+
+ if ($gnupg_versions[0] < 2) {
+ $homedir =
+ RT::Test::get_abs_relocatable_dir( File::Spec->updir(),
+ qw/data gnupg keyrings/ );
+ } else {
+ $homedir =
+ RT::Test::get_abs_relocatable_dir( File::Spec->updir(),
+ qw/data gnupg2 keyrings/ );
+ $ENV{'GNUPGHOME'} = $homedir;
+ system('gpgconf', '--quiet', '--kill', 'gpg-agent');
+ }
+
+}
+
+END {
+ if ($gnupg_versions[0] >= 2) {
+ system('gpgconf', '--quiet', '--kill', 'gpg-agent');
+ delete $ENV{'GNUPGHOME'};
+ }
+}
+
use RT::Test::GnuPG
tests => 7,
gnupg_options => {
passphrase => 'rt-test',
- homedir => RT::Test::get_abs_relocatable_dir(
- File::Spec->updir(), qw/data gnupg keyrings/
- ),
+ homedir => $homedir
};
my ($baseurl, $m) = RT::Test->started_ok;
commit 4848a10615e2556117cc6a7feb95d137f6cd6294
Author: Brian C. Duggan <brian at bestpractical.com>
Date: Thu Apr 19 13:18:25 2018 -0400
Use GnuPG 2.1 homedir for t/mail/gnupg-incoming.t
Use homedir with 2.1.x-specific configurations. Stop gpg-agent at
the beginning and end of the test.
diff --git a/t/mail/gnupg-incoming.t b/t/mail/gnupg-incoming.t
index 54b30d2a3..a246e3def 100644
--- a/t/mail/gnupg-incoming.t
+++ b/t/mail/gnupg-incoming.t
@@ -1,12 +1,35 @@
use strict;
use warnings;
+my $gnupg;
+my @gnupg_versions;
my $homedir;
BEGIN {
require RT::Test;
- $homedir =
- RT::Test::get_abs_relocatable_dir( File::Spec->updir(),
- qw/data gnupg keyrings/ );
+ require GnuPG::Interface;
+
+ $gnupg = GnuPG::Interface->new;
+ @gnupg_versions = split /\./, $gnupg->version;
+
+ if ($gnupg_versions[0] < 2) {
+ $homedir =
+ RT::Test::get_abs_relocatable_dir( File::Spec->updir(),
+ qw/data gnupg keyrings/ );
+ } else {
+ $homedir =
+ RT::Test::get_abs_relocatable_dir( File::Spec->updir(),
+ qw/data gnupg2 keyrings/ );
+ $ENV{'GNUPGHOME'} = $homedir;
+ system('gpgconf', '--quiet', '--kill', 'gpg-agent');
+ }
+
+}
+
+END {
+ if ($gnupg_versions[0] >= 2) {
+ system('gpgconf', '--quiet', '--kill', 'gpg-agent');
+ delete $ENV{'GNUPGHOME'};
+ }
}
use RT::Test::GnuPG
commit cae2234eef3eba70ac6ee1b2a44ed7fdd5563c37
Author: Brian C. Duggan <brian at bestpractical.com>
Date: Thu Apr 19 13:19:12 2018 -0400
Use GnuPG 2.1 homedir for t/mail/gnupg-outgoing-signed-plaintext.t
Use homedir with 2.1.x-specific configurations. Stop gpg-agent at
the beginning and end of the test.
diff --git a/t/mail/gnupg-outgoing-signed-plaintext.t b/t/mail/gnupg-outgoing-signed-plaintext.t
index e51676243..07ed0296e 100644
--- a/t/mail/gnupg-outgoing-signed-plaintext.t
+++ b/t/mail/gnupg-outgoing-signed-plaintext.t
@@ -1,12 +1,43 @@
use strict;
use warnings;
+my $gnupg;
+my @gnupg_versions;
+my $homedir;
+BEGIN {
+ require RT::Test;
+ require GnuPG::Interface;
+
+ $gnupg = GnuPG::Interface->new;
+ @gnupg_versions = split /\./, $gnupg->version;
+
+ if ($gnupg_versions[0] < 2) {
+ $homedir =
+ RT::Test::get_abs_relocatable_dir( File::Spec->updir(),
+ qw/data gnupg keyrings/ );
+ } else {
+ $homedir =
+ RT::Test::get_abs_relocatable_dir( File::Spec->updir(),
+ qw/data gnupg2 keyrings/ );
+ $ENV{'GNUPGHOME'} = $homedir;
+ system('gpgconf', '--quiet', '--kill', 'gpg-agent');
+ }
+}
+
+END {
+ if ($gnupg_versions[0] >= 2 && $gnupg_versions[1] >= 1) {
+ system('gpgconf', '--quiet', '--kill', 'gpg-agent');
+ delete $ENV{'GNUPGHOME'};
+ }
+}
+
use RT::Test::GnuPG
tests => undef,
text_templates => 1,
gnupg_options => {
passphrase => 'rt-test',
'trust-model' => 'always',
+ homedir => $homedir,
};
RT::Test->import_gnupg_key('rt-recipient at example.com');
commit 357e8e956da2f8bb6c1af2936a31dde69965a9ff
Author: Brian C. Duggan <brian at bestpractical.com>
Date: Thu Apr 19 13:29:22 2018 -0400
Allow GnuPG 2.1 warning, keybox instead of keyring
GnuPG 2.1 calls a keyring a keybox. Expand the warning regex to match.
diff --git a/t/security/CVE-2012-4735-incoming-encryption-header.t b/t/security/CVE-2012-4735-incoming-encryption-header.t
index 6c1563297..56767cf2c 100644
--- a/t/security/CVE-2012-4735-incoming-encryption-header.t
+++ b/t/security/CVE-2012-4735-incoming-encryption-header.t
@@ -57,7 +57,7 @@ EOF
warnings_like {
($status, $id) = RT::Test->send_via_mailgate($mail);
ok $id, "created a ticket";
- } [qr/keyring .* created/,
+ } [qr/key(ring|box) .* created/,
qr/Failure during GnuPG data: No data has been found\. The reason is 'Invalid packet found'/,
qr/Failure during GnuPG data: No data has been found\. The reason is 'No armored data'/,
];
-----------------------------------------------------------------------
More information about the rt-commit
mailing list