gnu: password-store: Fix compatibility with GnuPG 2.1.19.

* gnu/packages/patches/password-store-gnupg-compat.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/password-utils.scm (password-store)[source]: Use it.

Signed-off-by: Clément Lassieur <clement@lassieur.org>
This commit is contained in:
Clément Lassieur 2017-03-15 23:49:32 +01:00
parent 2441c28414
commit 2c715a9223
No known key found for this signature in database
GPG key ID: 89F96D4808F359C7
3 changed files with 58 additions and 1 deletions

View file

@ -9,6 +9,7 @@
# Copyright © 2016 Adonay "adfeno" Felipe Nogueira <https://libreplanet.org/wiki/User:Adfeno> <adfeno@openmailbox.org> # Copyright © 2016 Adonay "adfeno" Felipe Nogueira <https://libreplanet.org/wiki/User:Adfeno> <adfeno@openmailbox.org>
# Copyright © 2016, 2017 Ricardo Wurmus <rekado@elephly.net> # Copyright © 2016, 2017 Ricardo Wurmus <rekado@elephly.net>
# Copyright © 2016 Ben Woodcroft <donttrustben@gmail.com> # Copyright © 2016 Ben Woodcroft <donttrustben@gmail.com>
# Copyright © 2017 Clément Lassieur <clement@lassieur.org>
# #
# This file is part of GNU Guix. # This file is part of GNU Guix.
# #
@ -806,6 +807,7 @@ dist_patch_DATA = \
%D%/packages/patches/ots-no-include-missing-file.patch \ %D%/packages/patches/ots-no-include-missing-file.patch \
%D%/packages/patches/p7zip-CVE-2016-9296.patch \ %D%/packages/patches/p7zip-CVE-2016-9296.patch \
%D%/packages/patches/p7zip-remove-unused-code.patch \ %D%/packages/patches/p7zip-remove-unused-code.patch \
%D%/packages/patches/password-store-gnupg-compat.patch \
%D%/packages/patches/patchelf-page-size.patch \ %D%/packages/patches/patchelf-page-size.patch \
%D%/packages/patches/patchelf-rework-for-arm.patch \ %D%/packages/patches/patchelf-rework-for-arm.patch \
%D%/packages/patches/patchutils-xfail-gendiff-tests.patch \ %D%/packages/patches/patchutils-xfail-gendiff-tests.patch \

View file

@ -8,6 +8,7 @@
;;; Copyright © 2016 Lukas Gradl <lgradl@openmailbox.org> ;;; Copyright © 2016 Lukas Gradl <lgradl@openmailbox.org>
;;; Copyright © 2016 Alex Griffin <a@ajgrf.com> ;;; Copyright © 2016 Alex Griffin <a@ajgrf.com>
;;; Copyright © 2017 Leo Famulari <leo@famulari.name> ;;; Copyright © 2017 Leo Famulari <leo@famulari.name>
;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
;;; ;;;
;;; This file is part of GNU Guix. ;;; This file is part of GNU Guix.
;;; ;;;
@ -291,7 +292,8 @@ (define-public password-store
name "-" version ".tar.xz")) name "-" version ".tar.xz"))
(sha256 (sha256
(base32 (base32
"002mw7j0m33bw483rllzhcf41wp3ixka8yma6kqrfaj57jyw66hn")))) "002mw7j0m33bw483rllzhcf41wp3ixka8yma6kqrfaj57jyw66hn"))
(patches (search-patches "password-store-gnupg-compat.patch"))))
(build-system gnu-build-system) (build-system gnu-build-system)
(arguments (arguments
'(#:phases '(#:phases

View file

@ -0,0 +1,53 @@
Copied from upstream mailing list:
https://lists.zx2c4.com/pipermail/password-store/2017-March/002844.html.
The patch actually restores compatibility with GnuPG 2.1.19, the '2.2.19' in
the commit message is a typo.
From 8723d8e8192683891904aff321446b0fac37d1ad Mon Sep 17 00:00:00 2001
From: Andreas Stieger <astieger@suse.com>
Date: Fri, 10 Mar 2017 15:43:26 +0100
Subject: [PATCH] Fix compatibility with GnuPG 2.2.19
GnuPG 2.2.19 added a warning when no command was given.
* src/password-store.sh (reencrypt_path): Add --decrypt to --list-only
* tests/t0300-reencryption.sh (gpg_keys_from_encrypted_file): same
https://bugs.gnupg.org/gnupg/msg9873
http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=810adfd47801fc01e45fb71af9f05c91f7890cdb
https://bugzilla.suse.com/show_bug.cgi?id=1028867
---
src/password-store.sh | 2 +-
tests/t0300-reencryption.sh | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/password-store.sh b/src/password-store.sh
index 1ab6fb5..bad8d4f 100755
--- a/src/password-store.sh
+++ b/src/password-store.sh
@@ -125,7 +125,7 @@ reencrypt_path() {
done
gpg_keys="$($GPG $PASSWORD_STORE_GPG_OPTS --list-keys --with-colons "${GPG_RECIPIENTS[@]}" | sed -n 's/sub:[^:]*:[^:]*:[^:]*:\([^:]*\):[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[a-zA-Z]*e[a-zA-Z]*:.*/\1/p' | LC_ALL=C sort -u)"
fi
- current_keys="$($GPG $PASSWORD_STORE_GPG_OPTS -v --no-secmem-warning --no-permission-warning --list-only --keyid-format long "$passfile" 2>&1 | cut -d ' ' -f 5 | LC_ALL=C sort -u)"
+ current_keys="$($GPG $PASSWORD_STORE_GPG_OPTS -v --no-secmem-warning --no-permission-warning --decrypt --list-only --keyid-format long "$passfile" 2>&1 | cut -d ' ' -f 5 | LC_ALL=C sort -u)"
if [[ $gpg_keys != "$current_keys" ]]; then
echo "$passfile_display: reencrypting to ${gpg_keys//$'\n'/ }"
diff --git a/tests/t0300-reencryption.sh b/tests/t0300-reencryption.sh
index 9d46580..6d5811d 100755
--- a/tests/t0300-reencryption.sh
+++ b/tests/t0300-reencryption.sh
@@ -10,7 +10,7 @@ canonicalize_gpg_keys() {
$GPG --list-keys --with-colons "$@" | sed -n 's/sub:[^:]*:[^:]*:[^:]*:\([^:]*\):[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[a-zA-Z]*e[a-zA-Z]*:.*/\1/p' | LC_ALL=C sort -u
}
gpg_keys_from_encrypted_file() {
- $GPG -v --no-secmem-warning --no-permission-warning --list-only --keyid-format long "$1" 2>&1 | cut -d ' ' -f 5 | LC_ALL=C sort -u
+ $GPG -v --no-secmem-warning --no-permission-warning --decrypt --list-only --keyid-format long "$1" 2>&1 | cut -d ' ' -f 5 | LC_ALL=C sort -u
}
gpg_keys_from_group() {
local output="$($GPG --list-config --with-colons | sed -n "s/^cfg:group:$1:\\(.*\\)/\\1/p" | head -n 1)"
--
2.12.0