aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorClément Lassieur <clement@lassieur.org>2017-03-15 23:49:32 +0100
committerClément Lassieur <clement@lassieur.org>2017-03-16 19:58:43 +0100
commit2c715a922324e0cd1ab50c5ea0b70f12a33565d5 (patch)
treeb5d9f3638b9696a5b5e90667175f4359d22e38ed
parent2441c284140ddbd354b61c9d1606af1357f95c1f (diff)
downloadguix-2c715a922324e0cd1ab50c5ea0b70f12a33565d5.tar.gz
guix-2c715a922324e0cd1ab50c5ea0b70f12a33565d5.zip
gnu: password-store: Fix compatibility with GnuPG 2.1.19.
* gnu/packages/patches/password-store-gnupg-compat.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/password-utils.scm (password-store)[source]: Use it. Signed-off-by: Clément Lassieur <clement@lassieur.org>
-rw-r--r--gnu/local.mk2
-rw-r--r--gnu/packages/password-utils.scm4
-rw-r--r--gnu/packages/patches/password-store-gnupg-compat.patch53
3 files changed, 58 insertions, 1 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index c1b076a5f3..b3aa79ad90 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -9,6 +9,7 @@
# Copyright © 2016 Adonay "adfeno" Felipe Nogueira <https://libreplanet.org/wiki/User:Adfeno> <adfeno@openmailbox.org>
# Copyright © 2016, 2017 Ricardo Wurmus <rekado@elephly.net>
# Copyright © 2016 Ben Woodcroft <donttrustben@gmail.com>
+# Copyright © 2017 Clément Lassieur <clement@lassieur.org>
#
# This file is part of GNU Guix.
#
@@ -806,6 +807,7 @@ dist_patch_DATA = \
%D%/packages/patches/ots-no-include-missing-file.patch \
%D%/packages/patches/p7zip-CVE-2016-9296.patch \
%D%/packages/patches/p7zip-remove-unused-code.patch \
+ %D%/packages/patches/password-store-gnupg-compat.patch \
%D%/packages/patches/patchelf-page-size.patch \
%D%/packages/patches/patchelf-rework-for-arm.patch \
%D%/packages/patches/patchutils-xfail-gendiff-tests.patch \
diff --git a/gnu/packages/password-utils.scm b/gnu/packages/password-utils.scm
index 811173cae4..3f125a0119 100644
--- a/gnu/packages/password-utils.scm
+++ b/gnu/packages/password-utils.scm
@@ -8,6 +8,7 @@
;;; Copyright © 2016 Lukas Gradl <lgradl@openmailbox.org>
;;; Copyright © 2016 Alex Griffin <a@ajgrf.com>
;;; Copyright © 2017 Leo Famulari <leo@famulari.name>
+;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -291,7 +292,8 @@ any X11 window.")
name "-" version ".tar.xz"))
(sha256
(base32
- "002mw7j0m33bw483rllzhcf41wp3ixka8yma6kqrfaj57jyw66hn"))))
+ "002mw7j0m33bw483rllzhcf41wp3ixka8yma6kqrfaj57jyw66hn"))
+ (patches (search-patches "password-store-gnupg-compat.patch"))))
(build-system gnu-build-system)
(arguments
'(#:phases
diff --git a/gnu/packages/patches/password-store-gnupg-compat.patch b/gnu/packages/patches/password-store-gnupg-compat.patch
new file mode 100644
index 0000000000..c314ba6647
--- /dev/null
+++ b/gnu/packages/patches/password-store-gnupg-compat.patch
@@ -0,0 +1,53 @@
+Copied from upstream mailing list:
+https://lists.zx2c4.com/pipermail/password-store/2017-March/002844.html.
+
+The patch actually restores compatibility with GnuPG 2.1.19, the '2.2.19' in
+the commit message is a typo.
+
+From 8723d8e8192683891904aff321446b0fac37d1ad Mon Sep 17 00:00:00 2001
+From: Andreas Stieger <astieger@suse.com>
+Date: Fri, 10 Mar 2017 15:43:26 +0100
+Subject: [PATCH] Fix compatibility with GnuPG 2.2.19
+
+GnuPG 2.2.19 added a warning when no command was given.
+
+* src/password-store.sh (reencrypt_path): Add --decrypt to --list-only
+* tests/t0300-reencryption.sh (gpg_keys_from_encrypted_file): same
+
+https://bugs.gnupg.org/gnupg/msg9873
+http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=810adfd47801fc01e45fb71af9f05c91f7890cdb
+https://bugzilla.suse.com/show_bug.cgi?id=1028867
+---
+ src/password-store.sh | 2 +-
+ tests/t0300-reencryption.sh | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/password-store.sh b/src/password-store.sh
+index 1ab6fb5..bad8d4f 100755
+--- a/src/password-store.sh
++++ b/src/password-store.sh
+@@ -125,7 +125,7 @@ reencrypt_path() {
+ done
+ gpg_keys="$($GPG $PASSWORD_STORE_GPG_OPTS --list-keys --with-colons "${GPG_RECIPIENTS[@]}" | sed -n 's/sub:[^:]*:[^:]*:[^:]*:\([^:]*\):[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[a-zA-Z]*e[a-zA-Z]*:.*/\1/p' | LC_ALL=C sort -u)"
+ fi
+- current_keys="$($GPG $PASSWORD_STORE_GPG_OPTS -v --no-secmem-warning --no-permission-warning --list-only --keyid-format long "$passfile" 2>&1 | cut -d ' ' -f 5 | LC_ALL=C sort -u)"
++ current_keys="$($GPG $PASSWORD_STORE_GPG_OPTS -v --no-secmem-warning --no-permission-warning --decrypt --list-only --keyid-format long "$passfile" 2>&1 | cut -d ' ' -f 5 | LC_ALL=C sort -u)"
+
+ if [[ $gpg_keys != "$current_keys" ]]; then
+ echo "$passfile_display: reencrypting to ${gpg_keys//$'\n'/ }"
+diff --git a/tests/t0300-reencryption.sh b/tests/t0300-reencryption.sh
+index 9d46580..6d5811d 100755
+--- a/tests/t0300-reencryption.sh
++++ b/tests/t0300-reencryption.sh
+@@ -10,7 +10,7 @@ canonicalize_gpg_keys() {
+ $GPG --list-keys --with-colons "$@" | sed -n 's/sub:[^:]*:[^:]*:[^:]*:\([^:]*\):[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[a-zA-Z]*e[a-zA-Z]*:.*/\1/p' | LC_ALL=C sort -u
+ }
+ gpg_keys_from_encrypted_file() {
+- $GPG -v --no-secmem-warning --no-permission-warning --list-only --keyid-format long "$1" 2>&1 | cut -d ' ' -f 5 | LC_ALL=C sort -u
++ $GPG -v --no-secmem-warning --no-permission-warning --decrypt --list-only --keyid-format long "$1" 2>&1 | cut -d ' ' -f 5 | LC_ALL=C sort -u
+ }
+ gpg_keys_from_group() {
+ local output="$($GPG --list-config --with-colons | sed -n "s/^cfg:group:$1:\\(.*\\)/\\1/p" | head -n 1)"
+--
+2.12.0
+