Control: tags -1 + patch Hi,
Axel Beckert wrote:
> > the 2.1.x version of GnuPG (which is what will offer /usr/bin/gpg in
> > debian stretch) stores its secret key material in a different way
> > (~/.gnupg/private-keys-v1.d) than gpg1 does (~/.gnupg/secring.gpg). If
> > you want rephrase to recover a partially-known passphrase against gpg
> > 2.1.x, having one that "works" against gpg1 isn't going to be useful at
> > all.
[...]
> > A better short-term fix would be to add "--pinentry-mode", "loopback" to
> > the arguments passed to the gpg invocations in rephrase.c.
>
> I'll try to come up with a patch for that.
The attached patch works for me with gpg aka gpg2.
I'd also upload it as NMU in case I don't hear from the Debian
Forensics team in time before a potential removal from testing (or if
the team prefers the NMU).
Regards, Axel
--
,''`. | Axel Beckert <a...@debian.org>, http://people.debian.org/~abe/
: :' : | Debian Developer, ftp.ch.debian.org Admin
`. `' | 4096R: 2517 B724 C5F6 CA99 5329 6E61 2FF9 CD59 6126 16B5
`- | 1024D: F067 EA27 26B9 C3FC 1486 202E C09E 1D89 9593 0EDE
commit befaa3010553b8b3046481487200a17e560e509c
Author: Axel Beckert <a...@deuxchevaux.org>
Date: Fri Feb 3 20:22:30 2017 +0100
Add patch to unconditionally call gpg with "--pinentry-mode loopback"
Closes: #853935
diff --git a/debian/changelog b/debian/changelog
index c75e1c0..51db79c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+rephrase (0.2-1.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * Add patch to unconditionally call gpg with "--pinentry-mode loopback".
+ (Closes: #853935)
+
+ -- Axel Beckert <a...@debian.org> Thu, 02 Feb 2017 11:29:59 +0100
+
rephrase (0.2-1) unstable; urgency=medium
* Team upload.
diff --git a/debian/patches/02_minimal_gpg2_support.patch b/debian/patches/02_minimal_gpg2_support.patch
new file mode 100644
index 0000000..47f1b47
--- /dev/null
+++ b/debian/patches/02_minimal_gpg2_support.patch
@@ -0,0 +1,23 @@
+Description: Make rephrase working with gpg2
+Author: Axel Beckert <a...@debian.org> after an idea by Daniel Kahn Gillmor <d...@fifthhorseman.net>
+Bug-Debian: https://bugs.debian.org/853935
+
+--- a/rephrase.c
++++ b/rephrase.c
+@@ -63,14 +63,14 @@
+ struct profile profiles[] = {
+ {
+ "--gpg-key",
+- { GPG, "--default-key", "%1", "--passphrase-fd", "0", "--batch", "--no-tty", "--dry-run", "--clearsign", "/dev/null", NULL },
++ { GPG, "--pinentry-mode", "loopback", "--default-key", "%1", "--passphrase-fd", "0", "--batch", "--no-tty", "--dry-run", "--clearsign", "/dev/null", NULL },
+ 1,
+ 0,
+ -1
+ },
+ {
+ "--gpg-symmetric",
+- { GPG, "--passphrase-fd", "0", "--batch", "--no-tty", "--decrypt", "%1", NULL },
++ { GPG, "--pinentry-mode", "loopback", "--passphrase-fd", "0", "--batch", "--no-tty", "--decrypt", "%1", NULL },
+ 1,
+ 0,
+ -1
diff --git a/debian/patches/series b/debian/patches/series
index 99e88ef..96f7bb0 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1 +1,2 @@
01_fix_bin_path.patch
+02_minimal_gpg2_support.patch
signature.asc
Description: Digital signature
