[#14548] php-horde-crypto: needs updating for gpg2 cli changes
Summary php-horde-crypto: needs updating for gpg2 cli changes
Queue Horde Framework Packages
Type Bug
State Duplicate
Priority 2. Medium
Requester nish.aravamudan (at) canonical (dot) com
Created 2016-12-22 (1769 days ago)
Updated 2017-01-13 (1747 days ago)
Assigned 2017-01-13 (1747 days ago)
Resolved 2017-01-13 (1747 days ago)
Patch No

2017-01-13 20:50:12 Jan Schneider Comment #5
State ⇒ Duplicate
Patch ⇒ No
Reply to this comment
Besides the questionable parameter, this breaks GnuPG 1 support 
completely, and doesn't even fix the failing unit tests with GnuPG 2. 
In the end it's just a duplicate of ticket #14014.
2017-01-13 17:34:35 nish (dot) aravamudan (at) canonical (dot) com Comment #4 Reply to this comment

I believe it would be appropriate to update the testsuite to use full 
keys everywhere. But the way the tests are written now, that is not 
the case (and without the specified flag, the tests fail, afaict). I 
agree it's not ideal, but I am not a Horde developer (or even a gnupg 
developer). I am just trying to pass along an issue and a suggested 
(base for a full) fix.
2017-01-13 12:11:12 Jan Schneider Comment #3
State ⇒ Feedback
Reply to this comment
I agree with Mathieu. Nishanth, can you please explain why you used 
this and eventually update your patch to leave this out?
2016-12-27 05:42:51 math (dot) parent (at) gmail (dot) com Comment #2 Reply to this comment

Debian maintainer here.

I'm concerned by this patch, "--keyid-format short", should not be 
used. See http://gwolf.org/node/4070/ for more info.
2016-12-22 23:42:59 nish (dot) aravamudan (at) canonical (dot) com Comment #1
Type ⇒ Bug
State ⇒ Unconfirmed
Priority ⇒ 2. Medium
Summary ⇒ php-horde-crypto: needs updating for gpg2 cli changes
Queue ⇒ Horde Framework Packages
Milestone ⇒
Patch ⇒ Yes
New Attachment: update_tests_gnupg2.patch Download
Reply to this comment
gpg2 (now the default e.g. on Ubuntu), has a different CLI output 
format. But the Horde Crypto library relies on parsing that output for 
self-verification (and I assume, therefore, for behavior).

The changes in the attached patch include setting a GPG environment 
variable (without which you get a cryptic error message from gpg2) and 
then setting some global flags for gpg (--keyid-format short and (if 
not v1) --pinentry-mode loopback).

I also split testVerifyPassphrase into two tests. This is because gpg2 
always spawns a gpg-agent which caches passphrases. So within one gpg2 
session (which each test counts as), the first successful message 
decryption (using the correct passphrase) ends up staying cached and 
falsely passing the bad passphrase case. Alternatively, the function 
could be left as one and the order of the calls could be changed.

Saved Queries