[Rt-commit] rt branch, 5.0/support-gpg2, updated. rt-5.0.0alpha1-468-gd4f9e706e6
Aaron Trevena
ast at bestpractical.com
Fri May 15 10:20:47 EDT 2020
The branch, 5.0/support-gpg2 has been updated
via d4f9e706e61a622b226dbd25e89d2a0a570bd516 (commit)
via 0d9e4e570162983c31ebb468e41dc3397e8f15bc (commit)
from e993f773d947b4d958dda006d040381babab06a0 (commit)
Summary of changes:
lib/RT/Crypt/GnuPG.pm | 4 +-
t/data/gnupg2/keyrings/gpg-agent.conf | 2 +
t/mail/gnupg-incoming.t | 242 ++++++++++++++++++++++------------
3 files changed, 161 insertions(+), 87 deletions(-)
- Log -----------------------------------------------------------------
commit 0d9e4e570162983c31ebb468e41dc3397e8f15bc
Author: Aaron Trevena <ast at bestpractical.com>
Date: Fri May 15 15:15:13 2020 +0100
Gnupg fix DECRYPTION_COMPLIANCE_MODE keyword parsing
diff --git a/lib/RT/Crypt/GnuPG.pm b/lib/RT/Crypt/GnuPG.pm
index 2d3f44b023..906fbc361b 100644
--- a/lib/RT/Crypt/GnuPG.pm
+++ b/lib/RT/Crypt/GnuPG.pm
@@ -1343,7 +1343,7 @@ my %parse_keyword = map { $_ => 1 } qw(
USERID_HINT
SIG_CREATED GOODSIG BADSIG ERRSIG
END_ENCRYPTION
- DECRYPTION_FAILED DECRYPTION_OKAY DECRYPTION_COMPLIANCE_MODE
+ DECRYPTION_FAILED DECRYPTION_OKAY
BAD_PASSPHRASE GOOD_PASSPHRASE
NO_SECKEY NO_PUBKEY
NO_RECP INV_RECP NODATA UNEXPECTED FAILURE
@@ -1356,7 +1356,7 @@ my %ignore_keyword = map { $_ => 1 } qw(
BEGIN_ENCRYPTION SIG_ID VALIDSIG NEWSIG IMPORT_OK
ENC_TO BEGIN_DECRYPTION END_DECRYPTION GOODMDC
TRUST_UNDEFINED TRUST_NEVER TRUST_MARGINAL TRUST_FULLY TRUST_ULTIMATE
- DECRYPTION_INFO KEY_CONSIDERED PINENTRY_LAUNCHED DECRYPTION_KEY
+ DECRYPTION_INFO KEY_CONSIDERED PINENTRY_LAUNCHED DECRYPTION_KEY DECRYPTION_COMPLIANCE_MODE
);
sub ParseStatus {
commit d4f9e706e61a622b226dbd25e89d2a0a570bd516
Author: Aaron Trevena <ast at bestpractical.com>
Date: Fri May 15 15:19:04 2020 +0100
Fixes to GnuPG incoming mail test
Fixes to some incoming mail tests, added longer caching of keys in gpg-agent.conf
for testing with gpg2
diff --git a/t/data/gnupg2/keyrings/gpg-agent.conf b/t/data/gnupg2/keyrings/gpg-agent.conf
index 563b2d1a2c..1c93bee124 100644
--- a/t/data/gnupg2/keyrings/gpg-agent.conf
+++ b/t/data/gnupg2/keyrings/gpg-agent.conf
@@ -1,3 +1,5 @@
allow-loopback-pinentry
+default-cache-ttl 7200
+maximum-cache-ttl 9600
#pinentry-program /home/user/projects/rt/t/data/gnupg2/bin/fake-pinentry.pl
#pinentry-program /usr/bin/pinentry
diff --git a/t/mail/gnupg-incoming.t b/t/mail/gnupg-incoming.t
index 2aa84ed7a9..a13d4fd80d 100644
--- a/t/mail/gnupg-incoming.t
+++ b/t/mail/gnupg-incoming.t
@@ -2,7 +2,7 @@ use strict;
use warnings;
use RT::Test::GnuPG
- tests => 53,
+ tests => 50,
actual_server => 1,
gnupg_options => {
passphrase => 'rt-test',
@@ -191,78 +191,150 @@ RT::Test->close_mailgate_ok($mail);
}
-# # test that if it gets base64 transfer-encoded, we still get the content out
-# $buf = encode_base64($buf);
-# $mail = RT::Test->open_mailgate_ok($baseurl);
-# print $mail <<"EOF";
-# From: recipient\@example.com
-# To: general\@$RT::rtname
-# Content-transfer-encoding: base64
-# Subject: Encrypted message for queue
+#####
-# $buf
-# EOF
-# RT::Test->close_mailgate_ok($mail);
-# {
-# my $tick = RT::Test->last_ticket;
-# is( $tick->Subject, 'Encrypted message for queue',
-# "Created the ticket"
-# );
+# test for signed and encrypted mail
+{
+ my $buf = '';
+ run3(
+ shell_quote(
+ qw(gpg --batch --no-tty --encrypt --armor --sign),
+ '--recipient' => 'general at example.com',
+ '--default-key' => 'recipient at example.com',
+ '--homedir' => $homedir,
+ '--passphrase' => 'recipient',
+ '--no-permission-warning',
+ ),
+ \"orzzzzzz\r\n",
+ \$buf,
+ \*STDOUT,
+ \*STDERR
+ );
-# my $txn = $tick->Transactions->First;
-# my ($msg, $attach, $orig) = @{$txn->Attachments->ItemsArrayRef};
-
-# is( $msg->GetHeader('X-RT-Incoming-Encryption'),
-# 'Success',
-# 'recorded incoming mail that is encrypted'
-# );
-# is( $msg->GetHeader('X-RT-Privacy'),
-# 'GnuPG',
-# 'recorded incoming mail that is encrypted'
-# );
-# like( $attach->Content, qr/orz/);
-
-# is( $orig->GetHeader('Content-Type'), 'application/x-rt-original-message');
-# ok(index($orig->Content, $buf) != -1, 'found original msg');
-# }
+ my $mail = RT::Test->open_mailgate_ok($baseurl);
+ print $mail <<"EOF";
+From: recipient\@example.com
+To: general\@$RT::rtname
+Subject: Encrypted message for queue
-# # test for signed mail by other key
-# $buf = '';
+$buf
+EOF
+ RT::Test->close_mailgate_ok($mail);
-# run3(
-# shell_quote(
-# qw(gpg --batch --no-tty --armor --sign),
-# '--default-key' => 'rt at example.com',
-# '--homedir' => $homedir,
-# '--passphrase' => 'test',
-# '--no-permission-warning',
-# ),
-# \"alright\r\n",
-# \$buf,
-# \*STDOUT
-# );
+ my $tick = RT::Test->last_ticket;
+ is( $tick->Subject, 'Encrypted message for queue',
+ "Created the ticket"
+ );
-# $mail = RT::Test->open_mailgate_ok($baseurl);
-# print $mail <<"EOF";
+ my $txn = $tick->Transactions->First;
+ my ($msg, $attach, $orig, @other_attachments) = @{$txn->Attachments->ItemsArrayRef};
+
+ is( $msg->GetHeader('X-RT-Incoming-Encryption'),
+ 'Success',
+ 'recorded incoming mail that is encrypted'
+ );
+ is( $msg->GetHeader('X-RT-Privacy'),
+ 'GnuPG',
+ 'recorded incoming mail that is encrypted'
+ );
+
+ is( $orig->GetHeader('Content-Type'), 'application/x-rt-original-message');
+ ok(index($orig->Content, $buf) != -1, 'found original msg');
+}
+
+
+# test that if it gets base64 transfer-encoded, we still get the content out
+{
+ my $buf = '';
+ run3(
+ shell_quote(
+ qw(gpg --batch --no-tty --encrypt --armor --sign),
+ '--recipient' => 'general at example.com',
+ '--default-key' => 'recipient at example.com',
+ '--homedir' => $homedir,
+ '--passphrase' => 'recipient',
+ '--no-permission-warning',
+ ),
+ \"orzzzzzz\r\n",
+ \$buf,
+ \*STDOUT,
+ \*STDERR
+ );
+
+ $buf = encode_base64($buf);
+ $mail = RT::Test->open_mailgate_ok($baseurl);
+ print $mail <<"EOF";
+From: recipient\@example.com
+To: general\@$RT::rtname
+Content-transfer-encoding: base64
+Subject: Encrypted message for queue
+
+$buf
+EOF
+ RT::Test->close_mailgate_ok($mail);
+
+ my $tick = RT::Test->last_ticket;
+ is( $tick->Subject, 'Encrypted message for queue',
+ "Created the ticket"
+ );
+
+ my $txn = $tick->Transactions->First;
+ my ($msg, $attach, $orig) = @{$txn->Attachments->ItemsArrayRef};
+
+ is( $msg->GetHeader('X-RT-Incoming-Encryption'),
+ 'Success',
+ 'recorded incoming mail that is encrypted'
+ );
+ is( $msg->GetHeader('X-RT-Privacy'),
+ 'GnuPG',
+ 'recorded incoming mail that is encrypted'
+ );
+ like( $attach->Content, qr/orz/);
+
+ is( $orig->GetHeader('Content-Type'), 'application/x-rt-original-message');
+ ok(index($orig->Content, $buf) != -1, 'found original msg');
+}
+
+# # test for signed mail by other key
+# {
+# my $buf = '';
+# run3(
+# shell_quote(
+# qw(gpg --batch --no-tty --armor --sign),
+# '--default-key' => 'rt at example.com',
+# '--homedir' => $homedir,
+# '--passphrase' => 'test',
+# '--no-permission-warning',
+# ( $using_legacy_gnupg ? ( ) : ( '--passphrase-fd' => 0)),
+# 't/data/alright.txt'
+# ),
+# ( $using_legacy_gnupg ? ( \"\n" ) : \'test\r\n'),
+# \$buf,
+# \*STDOUT,
+# \*STDERR
+# );
+#
+# $mail = RT::Test->open_mailgate_ok($baseurl);
+# print $mail <<"EOF";
# From: recipient\@example.com
# To: general\@$RT::rtname
# Subject: signed message for queue
# $buf
# EOF
-# RT::Test->close_mailgate_ok($mail);
+# RT::Test->close_mailgate_ok($mail);
-# {
-# my $tick = RT::Test->last_ticket;
-# my $txn = $tick->Transactions->First;
-# my ($msg, $attach) = @{$txn->Attachments->ItemsArrayRef};
-# # XXX: in this case, which credential should we be using?
-# is( $msg->GetHeader('X-RT-Incoming-Signature'),
-# 'Test User <rt at example.com>',
-# 'recorded incoming mail signed by others'
-# );
-# }
+# my $tick = RT::Test->last_ticket;
+# my $txn = $tick->Transactions->First;
+# my ($msg, $attach) = @{$txn->Attachments->ItemsArrayRef};
+
+# # XXX: in this case, which credential should we be using?
+# is( $msg->GetHeader('X-RT-Incoming-Signature'),
+# 'Test User <rt at example.com>',
+# 'recorded incoming mail signed by others'
+# );
+#}
# # test for encrypted mail with key not associated to the queue
# $buf = '';
@@ -342,33 +414,33 @@ RT::Test->close_mailgate_ok($mail);
# }
-# # test that if it gets base64 transfer-encoded long mail then it doesn't hang
-# {
-# local $SIG{ALRM} = sub {
-# ok 0, "timed out, web server is probably in deadlock";
-# exit;
-# };
-# alarm 30;
-# $buf = encode_base64('a'x(250*1024));
-# $mail = RT::Test->open_mailgate_ok($baseurl);
-# print $mail <<"EOF";
-# From: recipient\@example.com
-# To: general\@$RT::rtname
-# Content-transfer-encoding: base64
-# Subject: Long not encrypted message for queue
+# test that if it gets base64 transfer-encoded long mail then it doesn't hang
+{
+ local $SIG{ALRM} = sub {
+ ok 0, "timed out, web server is probably in deadlock";
+ exit;
+ };
+ alarm 30;
+ my $buf = encode_base64('a'x(250*1024));
+ my $mail = RT::Test->open_mailgate_ok($baseurl);
+ print $mail <<"EOF";
+From: recipient\@example.com
+To: general\@$RT::rtname
+Content-transfer-encoding: base64
+Subject: Long not encrypted message for queue
-# $buf
-# EOF
-# RT::Test->close_mailgate_ok($mail);
-# alarm 0;
+$buf
+EOF
+ RT::Test->close_mailgate_ok($mail);
+ alarm 0;
-# my $tick = RT::Test->last_ticket;
-# is( $tick->Subject, 'Long not encrypted message for queue',
-# "Created the ticket"
-# );
-# my $content = $tick->Transactions->First->Content;
-# like $content, qr/a{1024,}/, 'content is not lost';
-# }
+ my $tick = RT::Test->last_ticket;
+ is( $tick->Subject, 'Long not encrypted message for queue',
+ "Created the ticket"
+ );
+ my $content = $tick->Transactions->First->Content;
+ like $content, qr/a{1024,}/, 'content is not lost';
+}
sub write_gpg_input {
-----------------------------------------------------------------------
More information about the rt-commit
mailing list