Tags: patch
Here's a series of patches for packaging the latest version.
0435-Use-upstream-repository-for-watch.patch should be applied first, so
import-orig --uscan will pick up tags from the upstream repo. I don't
think the signature option is working as intended, but I don't know how
to fix it so signatures are imported as well.
Then, after importing the newer upstream releases, the other patches can
be applied.
I haven't tested the resulting xpi yet.
From 028146af85f65766d92af20088b8644630880fd7 Mon Sep 17 00:00:00 2001
From: Gregor Riepl <onit...@gmail.com>
Date: Sun, 13 Sep 2020 11:45:02 +0200
Subject: [PATCH 435/439] Use upstream repository for watch
---
debian/watch | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/debian/watch b/debian/watch
index 17a6fb86..56be7ccf 100644
--- a/debian/watch
+++ b/debian/watch
@@ -1,3 +1,2 @@
version=4
-opts=pgpsigurlmangle=s/$/.asc/,dversionmangle=s/\+ds1$//,repacksuffix=+ds1 \
- https://www.enigmail.net/download/source.php .*/enigmail-([\d\.]*).tar.gz
+opts="pgpmode=next" https://gitlab.com/enigmail/enigmail/tags?sort=updated_desc archive/enigmail-@ANY_VERSION@/enigmail-enigmail-\d\S*@ARCHIVE_EXT@
--
2.28.0
From 33c721d334fd45853eac174a8e0954b51517ba44 Mon Sep 17 00:00:00 2001
From: Gregor Riepl <onit...@gmail.com>
Date: Sun, 13 Sep 2020 14:03:20 +0200
Subject: [PATCH 436/439] Fix up dependencies
---
debian/control | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/debian/control b/debian/control
index 89632375..2d7a2078 100644
--- a/debian/control
+++ b/debian/control
@@ -6,6 +6,7 @@ Uploaders:
Alexander Sack <a...@debian.org>,
Willi Mann <wi...@debian.org>,
Daniel Kahn Gillmor <d...@fifthhorseman.net>,
+ Gregor Riepl <onit...@gmail.com>
Build-Depends:
debhelper-compat (= 12),
perl,
@@ -23,7 +24,7 @@ Architecture: all
Depends:
gnupg (>= 2.2.8-2~),
gnupg-agent,
- thunderbird (>= 1:68.0) | icedove (>= 1:68.0),
+ thunderbird (>= 1:78.0) | icedove (>= 1:78.0),
${misc:Depends},
Recommends:
pinentry-x11,
@@ -35,12 +36,16 @@ Enhances:
icedove,
thunderbird,
Breaks:
- icedove (<< 1:68.0),
- thunderbird (<< 1:68.0),
+ icedove (<< 1:78.0),
+ thunderbird (<< 1:78.0),
Description: GPG support for Thunderbird and Debian Icedove
OpenPGP extension for Thunderbird. Enigmail allows users to access the
features provided by the popular GnuPG software from within Thunderbird.
.
+ This version of the extension provides a migration assistant for
+ converting Enigmail configurations to the built-in OpenPGP support in
+ Thunderbird 78.
+ .
Enigmail is capable of signing, authenticating, encrypting and decrypting
email. Additionally, it supports both the inline PGP format, as well as the
PGP/MIME format as described in RFC 3156.
--
2.28.0
From 41e46e01ff8c61f2327b0d5eb7a0f6b0fd4d310e Mon Sep 17 00:00:00 2001
From: Gregor Riepl <onit...@gmail.com>
Date: Sun, 13 Sep 2020 14:09:43 +0200
Subject: [PATCH 437/439] Remove obsolete eslint patch
---
debian/control | 1 +
.../0001-avoid-eslint-during-buildtest.patch | 24 -------------------
debian/patches/series | 1 -
3 files changed, 1 insertion(+), 25 deletions(-)
delete mode 100644 debian/patches/0001-avoid-eslint-during-buildtest.patch
diff --git a/debian/control b/debian/control
index 2d7a2078..0de2db4f 100644
--- a/debian/control
+++ b/debian/control
@@ -13,6 +13,7 @@ Build-Depends:
python3,
unzip,
zip,
+ eslint,
Standards-Version: 4.5.0
Homepage: https://www.enigmail.net/
Vcs-Git: https://salsa.debian.org/debian/enigmail.git -b debian/experimental
diff --git a/debian/patches/0001-avoid-eslint-during-buildtest.patch b/debian/patches/0001-avoid-eslint-during-buildtest.patch
deleted file mode 100644
index 19b77389..00000000
--- a/debian/patches/0001-avoid-eslint-during-buildtest.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-From: Daniel Kahn Gillmor <d...@fifthhorseman.net>
-Date: Mon, 25 Jan 2016 13:22:44 -0500
-Subject: avoid eslint during buildtest
-
-eslint is not yet in debian (see https://bugs.debian.org/743404).
-once it is packaged, we should remove this patch and allow the full
-testsuite to run on the debian buildd infrastructure.
----
- Makefile | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/Makefile b/Makefile
-index 308c34a..f74f9e5 100644
---- a/Makefile
-+++ b/Makefile
-@@ -43,7 +43,7 @@ unit:
- make -C ui/tests
- make -C ipc/tests
-
--test: eslint check unit
-+test: check unit
-
- clean:
- rm -f build/$(XPIFILE) .eslintcache
diff --git a/debian/patches/series b/debian/patches/series
index d5fbba93..ec657037 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,4 +1,3 @@
-0001-avoid-eslint-during-buildtest.patch
0002-Avoid-auto-download-of-pEpEngine-Closes-891882.patch
0003-avoid-OpenPGP.js-when-building.patch
0004-copy-enums.armor-from-OpenPGP.js.patch
--
2.28.0
From 9853f70f9d2d8a46049929d1c9e4e15bace2b5ea Mon Sep 17 00:00:00 2001
From: Gregor Riepl <onit...@gmail.com>
Date: Sun, 13 Sep 2020 14:30:06 +0200
Subject: [PATCH 438/439] Drop obsolete patches
---
.../0003-avoid-OpenPGP.js-when-building.patch | 506 ------------------
...004-copy-enums.armor-from-OpenPGP.js.patch | 61 ---
...d-of-openpgp.js-for-symmetric-encryp.patch | 326 -----------
...ockeypuck-keyservers-reject-uploads-.patch | 64 ---
.../patches/0011-drop-unnecessary-tests.patch | 37 --
...othing-found-broken-Find-keys-for-al.patch | 24 -
debian/patches/series | 6 -
7 files changed, 1024 deletions(-)
delete mode 100644 debian/patches/0003-avoid-OpenPGP.js-when-building.patch
delete mode 100644 debian/patches/0004-copy-enums.armor-from-OpenPGP.js.patch
delete mode 100644 debian/patches/0008-use-GnuPG-instead-of-openpgp.js-for-symmetric-encryp.patch
delete mode 100644 debian/patches/0010-fixed-bug-1057-Hockeypuck-keyservers-reject-uploads-.patch
delete mode 100644 debian/patches/0011-drop-unnecessary-tests.patch
delete mode 100644 debian/patches/0011-skip-record-if-nothing-found-broken-Find-keys-for-al.patch
diff --git a/debian/patches/0003-avoid-OpenPGP.js-when-building.patch b/debian/patches/0003-avoid-OpenPGP.js-when-building.patch
deleted file mode 100644
index 8df461bb..00000000
--- a/debian/patches/0003-avoid-OpenPGP.js-when-building.patch
+++ /dev/null
@@ -1,506 +0,0 @@
-From: Daniel Kahn Gillmor <d...@fifthhorseman.net>
-Date: Wed, 30 May 2018 15:31:50 -0400
-Subject: avoid OpenPGP.js when building
-
-GnuPG should not depend on OpenPGP.js.
-
-This is an attempt to strip out whatever dependency it had and make it
-work with gpg alone.
-
-There is no need for getStrippedKey at all -- it's never invoked in
-the codebase outside of getMinimalPubKey, and it should not be
-relevant there, since we are already filtering appropriately.
-
-Since we explicitly depend on gnupg 2.2.8-2 or greater, we are fine
-with these expectations.
-
-We also don't want to try to test openpgp.js at all.
----
- package/cryptoAPI/Makefile | 1 -
- package/cryptoAPI/README.txt | 8 +-
- package/cryptoAPI/gnupg.js | 67 +++------------
- package/cryptoAPI/openpgp-js.js | 183 ----------------------------------------
- package/tests/main.js | 3 +-
- package/tests/openpgpjs-test.js | 77 -----------------
- stdlib/Makefile | 6 +-
- util/genxpi | 3 -
- 8 files changed, 19 insertions(+), 329 deletions(-)
- delete mode 100644 package/cryptoAPI/openpgp-js.js
- delete mode 100644 package/tests/openpgpjs-test.js
-
-diff --git a/package/cryptoAPI/Makefile b/package/cryptoAPI/Makefile
-index 7e8cfd2..12c2e6a 100644
---- a/package/cryptoAPI/Makefile
-+++ b/package/cryptoAPI/Makefile
-@@ -14,7 +14,6 @@ MODFILES = \
- gnupg-decryption.jsm \
- gnupg-keylist.jsm \
- gnupg-key.jsm \
-- openpgp-js.js \
- interface.js
-
- GENFILES = $(addprefix $(GENDIR)/,$(MODFILES))
-diff --git a/package/cryptoAPI/README.txt b/package/cryptoAPI/README.txt
-index 7bf86ef..003ee3b 100644
---- a/package/cryptoAPI/README.txt
-+++ b/package/cryptoAPI/README.txt
-@@ -17,8 +17,8 @@ Class Hierarchy
- CryptoAPI (interface.js)
- |
- |----- OpenPGPjsCryptoAPI (openpgp-js.js)
-- | |
-- | |-- GnuPGCryptoAPI (gnupg.js)
-+ |
-+ |----- GnuPGCryptoAPI (gnupg.js)
- |
- |----- [SequoiaCryptoAPI (tbd)]
-
-@@ -27,8 +27,8 @@ CryptoAPI is the generic API that does not contain any functionality, except
- for sync().
-
- - OpenPGPjsCryptoAPI holds the implementation for OpenPGP.js (https://openpgpjs.org/).
--- GnuPGCryptoAPI holds the implementation for GnuPG (https://gnupg.org/). Some of its functionality
-- bases on OpenPGP.js.
-+ (OpenPGP.js is not shipped by Debian, see https://bugs.debian.org/787774)
-+- GnuPGCryptoAPI holds the implementation for GnuPG (https://gnupg.org/).
- - SequoiaCryptoAPI will maybe hold in the future the implementation for Sequoia (https://sequoia-pgp.org/).
-
-
-diff --git a/package/cryptoAPI/gnupg.js b/package/cryptoAPI/gnupg.js
-index 3f48354..93d712a 100644
---- a/package/cryptoAPI/gnupg.js
-+++ b/package/cryptoAPI/gnupg.js
-@@ -11,13 +11,11 @@ var EXPORTED_SYMBOLS = ["getGnuPGAPI"];
-
- var Services = Components.utils.import("resource://gre/modules/Services.jsm").Services;
-
--// Load OpenPGP.js (including generic) API
--Services.scriptloader.loadSubScript("chrome://enigmail/content/modules/cryptoAPI/openpgp-js.js",
-- null, "UTF-8"); /* global OpenPGPjsCryptoAPI: false */
--
--/* Globals loaded from openpgp-js.js: */
--/* global getOpenPGP: false, EnigmailLog: false */
-+// Load generic API
-+Services.scriptloader.loadSubScript("chrome://enigmail/content/modules/cryptoAPI/interface.js",
-+ null, "UTF-8"); /* global CryptoAPI */
-
-+const EnigmailLog = ChromeUtils.import("chrome://enigmail/content/modules/log.jsm").EnigmailLog;
- const EnigmailGpg = ChromeUtils.import("chrome://enigmail/content/modules/gpg.jsm").EnigmailGpg;
- const EnigmailExecution = ChromeUtils.import("chrome://enigmail/content/modules/execution.jsm").EnigmailExecution;
- const EnigmailFiles = ChromeUtils.import("chrome://enigmail/content/modules/files.jsm").EnigmailFiles;
-@@ -46,7 +44,7 @@ const {
- * GnuPG implementation of CryptoAPI
- */
-
--class GnuPGCryptoAPI extends OpenPGPjsCryptoAPI {
-+class GnuPGCryptoAPI extends CryptoAPI {
- constructor() {
- super();
- this.api_name = "GnuPG";
-@@ -172,46 +170,14 @@ class GnuPGCryptoAPI extends OpenPGPjsCryptoAPI {
- const statusObj = {};
- const exitCodeObj = {};
- let res = await EnigmailExecution.execAsync(EnigmailGpg.agentPath, args);
-- let exportOK = true;
- let keyBlock = res.stdoutData;
-
-- if (EnigmailGpg.getGpgFeature("export-result")) {
-- // GnuPG 2.1.10+
-- let r = new RegExp("^\\[GNUPG:\\] EXPORTED " + fpr, "m");
-- if (res.stderrData.search(r) < 0) {
-- retObj.exitCode = 2;
-- retObj.errorMsg = EnigmailLocale.getString("failKeyExtract");
-- exportOK = false;
-- }
-- } else {
-- // GnuPG older than 2.1.10
-- if (keyBlock.length < 50) {
-- retObj.exitCode = 2;
-- retObj.errorMsg = EnigmailLocale.getString("failKeyExtract");
-- exportOK = false;
-- }
-+ let r = new RegExp("^\\[GNUPG:\\] EXPORTED " + fpr, "m");
-+ if (res.stderrData.search(r) < 0) {
-+ retObj.exitCode = 2;
-+ retObj.errorMsg = EnigmailLocale.getString("failKeyExtract");
- }
--
-- if (EnigmailGpg.getGpgFeature("export-specific-uid")) {
-- // GnuPG 2.2.9+
-- retObj.keyData = btoa(keyBlock);
-- return retObj;
-- }
--
-- // GnuPG < 2.2.9
-- if (exportOK) {
-- let minKey = await this.getStrippedKey(keyBlock, email);
-- if (minKey) {
-- minimalKeyBlock = btoa(String.fromCharCode.apply(null, minKey));
-- }
--
-- if (!minimalKeyBlock) {
-- retObj.exitCode = 1;
-- retObj.errorMsg = EnigmailLocale.getString("failKeyNoSubkey");
-- }
-- }
--
-- retObj.keyData = minimalKeyBlock;
-+ retObj.keyData = btoa(keyBlock);
- return retObj;
- }
-
-@@ -431,20 +397,11 @@ class GnuPGCryptoAPI extends OpenPGPjsCryptoAPI {
- }
-
- async getKeyListFromKeyBlock(keyBlockStr) {
--
-- let res;
-- try {
-- res = await getGpgKeyData(keyBlockStr);
-- } catch (ex) {
-- if (ex === "unsupported") {
-- res = await this.OPENPGPjs_getKeyListFromKeyBlock(keyBlockStr);
-- } else throw ex;
-- }
-- return res;
-+ return getGpgKeyData(keyBlockStr);
- }
-
- }
-
- function getGnuPGAPI() {
- return new GnuPGCryptoAPI();
--}
-\ No newline at end of file
-+}
-diff --git a/package/cryptoAPI/openpgp-js.js b/package/cryptoAPI/openpgp-js.js
-deleted file mode 100644
-index 0203b5d..0000000
---- a/package/cryptoAPI/openpgp-js.js
-+++ /dev/null
-@@ -1,183 +0,0 @@
--/*
-- * This Source Code Form is subject to the terms of the Mozilla Public
-- * License, v. 2.0. If a copy of the MPL was not distributed with this
-- * file, You can obtain one at http://mozilla.org/MPL/2.0/.
-- */
--
--
--"use strict";
--
--//var EXPORTED_SYMBOLS = ["getOpenPGPjsAPI"];
--
--
--var Services = ChromeUtils.import("resource://gre/modules/Services.jsm").Services;
--const EnigmailLog = Cu.import("chrome://enigmail/content/modules/log.jsm").EnigmailLog;
--const EnigmailLazy = Cu.import("chrome://enigmail/content/modules/lazy.jsm").EnigmailLazy;
--
--const getOpenPGP = EnigmailLazy.loader("enigmail/openpgp.jsm", "EnigmailOpenPGP");
--const getArmor = EnigmailLazy.loader("enigmail/armor.jsm", "EnigmailArmor");
--
--// Load generic API
--Services.scriptloader.loadSubScript("chrome://enigmail/content/modules/cryptoAPI/interface.js",
-- null, "UTF-8"); /* global CryptoAPI */
--
--
--/**
-- * OpenPGP.js implementation of CryptoAPI
-- */
--
--class OpenPGPjsCryptoAPI extends CryptoAPI {
-- constructor() {
-- super();
-- this.api_name = "OpenPGP.js";
-- }
--
-- async getStrippedKey(armoredKey, emailAddr) {
-- EnigmailLog.DEBUG("openpgp-js.js: getStrippedKey()\n");
--
-- let searchUid = undefined;
-- if (emailAddr) {
-- if (emailAddr.search(/^<.{1,500}>$/) < 0) {
-- searchUid = `<${emailAddr}>`;
-- } else searchUid = emailAddr;
-- }
--
-- try {
-- const openpgp = getOpenPGP().openpgp;
-- let msg = await openpgp.key.readArmored(armoredKey);
--
-- if (!msg || msg.keys.length === 0) {
-- if (msg.err) {
-- EnigmailLog.writeException("openpgp-js.js", msg.err[0]);
-- }
-- return null;
-- }
--
-- let key = msg.keys[0];
-- let uid = await key.getPrimaryUser(null, searchUid);
-- if (!uid || !uid.user) return null;
--
-- let signSubkey = await key.getSigningKey();
-- let encSubkey = await key.getEncryptionKey();
-- /*
-- let encSubkey = null,
-- signSubkey = null;
--
-- for (let i = 0; i < key.subKeys.length; i++) {
-- if (key.subKeys[i].subKey === encSubkeyPacket) {
-- encSubkey = key.subKeys[i];
-- break;
-- }
-- }
-- if (!encSubkey) return null;
--
-- if (!signSubkeyPacket.keyid) {
-- for (let i = 0; i < key.subKeys.length; i++) {
-- if (key.subKeys[i].subKey === signSubkeyPacket) {
-- signSubkey = key.subKeys[i];
-- break;
-- }
-- }
-- if (!signSubkey) return null;
-- }
-- */
--
-- let p = new openpgp.packet.List();
-- p.push(key.primaryKey);
-- p.concat(uid.user.toPacketlist());
-- if (key !== signSubkey) {
-- p.concat(signSubkey.toPacketlist());
-- }
-- if (key !== encSubkey) {
-- p.concat(encSubkey.toPacketlist());
-- }
--
-- return p.write();
-- } catch (ex) {
-- EnigmailLog.DEBUG("openpgp-js.js: getStrippedKey: ERROR " + ex.message + "\n" + ex.stack + "\n");
-- }
-- return null;
-- }
--
-- async getKeyListFromKeyBlock(keyBlockStr) {
-- return await this.OPENPGPjs_getKeyListFromKeyBlockkeyBlockStr(keyBlockStr);
-- }
--
-- async OPENPGPjs_getKeyListFromKeyBlock(keyBlockStr) {
-- EnigmailLog.DEBUG("openpgp-js.js: getKeyListFromKeyBlock()\n");
-- const EnigmailTime = ChromeUtils.import("chrome://enigmail/content/modules/time.jsm").EnigmailTime;
--
-- const SIG_TYPE_REVOCATION = 0x20;
--
-- let keyList = [];
-- let key = {};
-- let blocks;
-- let isBinary = false;
-- const EOpenpgp = getOpenPGP();
--
-- if (keyBlockStr.search(/-----BEGIN PGP (PUBLIC|PRIVATE) KEY BLOCK-----/) >= 0) {
-- blocks = getArmor().splitArmoredBlocks(keyBlockStr);
-- } else {
-- isBinary = true;
-- blocks = [EOpenpgp.enigmailFuncs.bytesToArmor(EOpenpgp.openpgp.enums.armor.public_key, keyBlockStr)];
-- }
--
-- for (let b of blocks) {
-- let m = await EOpenpgp.openpgp.message.readArmored(b);
--
-- for (let i = 0; i < m.packets.length; i++) {
-- let packetType = EOpenpgp.openpgp.enums.read(EOpenpgp.openpgp.enums.packet, m.packets[i].tag);
-- switch (packetType) {
-- case "publicKey":
-- case "secretKey":
-- key = {
-- id: m.packets[i].getKeyId().toHex().toUpperCase(),
-- fpr: m.packets[i].getFingerprint().toUpperCase(),
-- uids: [],
-- created: EnigmailTime.getDateTime(m.packets[i].getCreationTime().getTime()/1000, true, false),
-- name: null,
-- isSecret: false,
-- revoke: false
-- };
--
-- if (!(key.id in keyList)) {
-- keyList[key.id] = key;
-- }
--
-- if (packetType === "secretKey") {
-- keyList[key.id].isSecret = true;
-- }
-- break;
-- case "userid":
-- if (!key.name) {
-- key.name = m.packets[i].userid.replace(/[\r\n]+/g, " ");
-- }
-- else {
-- key.uids.push(m.packets[i].userid.replace(/[\r\n]+/g, " "));
-- }
-- break;
-- case "signature":
-- if (m.packets[i].signatureType === SIG_TYPE_REVOCATION) {
-- let keyId = m.packets[i].issuerKeyId.toHex().toUpperCase();
-- if (keyId in keyList) {
-- keyList[keyId].revoke = true;
-- } else {
-- keyList[keyId] = {
-- revoke: true,
-- id: keyId
-- };
-- }
-- }
-- break;
-- }
-- }
-- }
--
-- return keyList;
-- }
--}
--
--
--function getOpenPGPjsAPI() {
-- return new OpenPGPjsCryptoAPI();
--}
-\ No newline at end of file
-diff --git a/package/tests/main.js b/package/tests/main.js
-index fd68452..9b9397f 100644
---- a/package/tests/main.js
-+++ b/package/tests/main.js
-@@ -57,6 +57,5 @@ execTest("rng-test.js");
- execTest("dns-test.js");
- execTest("filters-test.js");
- execTest("webKey-test.js");
--execTest("openpgpjs-test.js");
- execTest("autoSetup-test.js");
--execTest("persistentCrypto-test.js");
-\ No newline at end of file
-+execTest("persistentCrypto-test.js");
-diff --git a/package/tests/openpgpjs-test.js b/package/tests/openpgpjs-test.js
-deleted file mode 100644
-index ff71bb3..0000000
---- a/package/tests/openpgpjs-test.js
-+++ /dev/null
-@@ -1,77 +0,0 @@
--/*global do_load_module: false, do_get_file: false, do_get_cwd: false, testing: false, test: false, Assert: false, resetting: false */
--/*global do_test_pending: false, do_test_finished: false */
--
--/*
-- * This Source Code Form is subject to the terms of the Mozilla Public
-- * License, v. 2.0. If a copy of the MPL was not distributed with this
-- * file, You can obtain one at http://mozilla.org/MPL/2.0/.
-- */
--
--"use strict";
--
--do_load_module("file://" + do_get_cwd().path + "/testHelper.js");
--
--testing("cryptoAPI/openpgp-js.js"); /*global getOpenPGPjsAPI: false */
--
--test(function testGetStrippedKey() {
-- const cApi = getOpenPGPjsAPI();
--
-- const pubKey = "-----BEGIN PGP PUBLIC KEY BLOCK-----" +
-- "\n" +
-- "\nmQINBFVHm5sBEACs94Ln+RMdeyBpWQtTZ/NZnwntsB10Wd3HTgo5sdA/OOFOJrWe" +
-- "\ntJfAZ/HRxiSu1bwRaFVC8p061ftTbxf8bsdfsykYJQQqPODfcO0/oY2n/Z93ya8K" +
-- "\nTzjXR3qBQ1P7f5x71yeuo7Zrj7B0G44Xjfy+1L0eka9paBqmm3U5cUew5wSr772L" +
-- "\ncflipWfncWXD2rBqgRfR339lRHd3Vwo7V8jje8rlP9msOuTMWCvQuQvpEkfIioXA" +
-- "\n7QipP2f0aPzsavNjFnAfC9rm2FDs6lX4syTMVUWy8IblRYo6MjhNaJFlBJkTCl0b" +
-- "\nugT9Ge0ZUifuAI0ihVGBpMSh4GF2B3ZPidwGSjgx1sojNHzU/3vBa9DuOmW95qrD" +
-- "\nNotvz61xYueTpOYK6ZeT880QMDvxXG9S5/H1KJxuOF1jx1DibAn9sfP4gtiQFI3F" +
-- "\nWMV9w3YrrqidoWSZBqyBO0Toqt5fNdRyH4ET6HlJAQmFQUbqqnZrc07s/aITZN36" +
-- "\nd9eupCZQfW6e80UkXRPCU53vhh0GQey9reDyVCsV7xi6oXk1fqlpDYigQwEr4+yJ" +
-- "\n+1qAjtSVHJhFE0inQWkUwc2nxef6n7v/M9HszhP/aABadVE49oDaRm54PtA1l0mC" +
-- "\nT8IHcVR4ZDkaNwrHJtidEQcQ/+YVV3g7UJI9+g2nPvgMhk86AzBIlGpG+wARAQAB" +
-- "\ntCthbm9ueW1vdXMgc3RyaWtlIDxzdHJpa2UuZGV2dGVzdEBnbWFpbC5jb20+iQJO" +
-- "\nBBMBCAA4AhsDBQsJCAcDBRUKCQgLBRYCAwEAAh4BAheAFiEEZVN+IS3BkCWtOO2y" +
-- "\neBYXMZzjEcQFAltV+f8ACgkQeBYXMZzjEcRWcQ/7Bihjn7jidt7pw4iv9ognHsX/" +
-- "\nPfDPQtfaa4wK3NHSDq/LMbI5xR+PtV0j4aIjZxj5C4F3/6pvhCthV9KWiMcxlrL1" +
-- "\nrv92r5JJAqt1T4m/CqYGGcKt+eIiDpuzGj7Ry5VJKyrHL1oFXDo6Sde4L5H87ltH" +
-- "\n+lvyy9LS8TPgknWV8RsR2vn/IWr9HNLhKAdHEIXFGGfYRaS7RRRYHmP05TFFdFwy" +
-- "\nhq2VTWW8OgqYILkSEonLgDo12QEAOu5Q9wCK0TV2in+yxBA/Hh5G/Uwm+u4SrW+v" +
-- "\nSW2pdbYlgk/8Op5ItDQ1n6Q09Jzuyn9CzN+77MJdreAIP9YlnU7eUc7h3iLthHYm" +
-- "\nflYyXOlO51M7Apnvu4SfFi/jq/9MlN9XJ9t4lo1tkGveAqBh88XZHviymRGYDf2F" +
-- "\nDkTw/AhdIv8bVeObIoiXuyaoD8lb7fg16Sa7msUj+0+Z+edJBr1YMgdloetyzcHm" +
-- "\nGFFbqLLiD5GvTRfD6yMdkC/IcfRXtjMITbZxpPMA2NruYqgVXjFzaW76OiTkvjEV" +
-- "\n4Lt+dAiLpLNh9n5S/1KuB4QK2pH2iyJSFMdxIcJsIfHTkZuOHYs746DWqqdxvsQy" +
-- "\nMCXkbUtUa2gHz/2mCgxDyma3piWpRkAtMxV+6YRZuBDsGXd7VNXYRVlm8+mCBikL" +
-- "\nYNyRRnhM4LdkXx7iaaa5Ag0EVUebmwEQAMFfbxtHlDFusY1U9PeMzrQhP6b8ZMsf" +
-- "\nqWbg5xmiYB6P9esE5xf/QFi06qo/sO6vyTQDx9wuRkJIGx7Wbp+98AKjxVt66e/g" +
-- "\nitJPkWBeHttg9mx4jLlTtefR0uqlVclGoy3dQtL9HDLXxfHyP2xckkMAoipngwfC" +
-- "\nAGSc954GcPhobpskC4EQjpFbmWFsbxYUl8KeIW5GeKb5UPq5x/3fHc2QvRNZjSXQ" +
-- "\n9tR1b3awt+IqnWebP7V1GgFyRPvTWwyzamTjw7lj+8/o4QPMXOMZ0DWv1iRuVeM3" +
-- "\n1XGFI3TRaWZyrUOoRTfr4yqLhghCy4Xc19LXf5TaWGOVHkelHF0Mx8eMViWTmGU6" +
-- "\n26+imx5hOUzKQWXwPvLSpIUgCKpWXql2VIFTzhs4segJQZ6ez5SXubRRKHBl1WYy" +
-- "\nJ8XD98nAhJkjwPm8aQzesTtPGscBD87V8mcZk0FGCfwuOdmNEYD+7V/B6m0VjQ3L" +
-- "\nM7mU7NNYjocEmXWExq97aXS+3AE8utFttGHLpnvsE18T1rbDtjhoV6yGMSlbETxt" +
-- "\nAjIysEZpFqJDaWleYDpdhnFDzE5R+y2wBHVMz4luhckO5PD5iFpVrZbtn9HN202d" +
-- "\nqFYIKOm0WrrQO6CAvAAaeOvkdy2kuDC8tUoJ4N9TydyHMKQvseKSHYsLvJJRH9XM" +
-- "\n5FqD9OSPFhFHABEBAAGJAjYEGAEIACACGwwWIQRlU34hLcGQJa047bJ4FhcxnOMR" +
-- "\nxAUCW1X6FAAKCRB4FhcxnOMRxECYEACaDw6JFqgdHI5pH7pkRae9Vif63Ot7XEmS" +
-- "\nxUGpoj/qbzZy+cm9lEfcOHC9cihFa0EwG1WpFUyuzl8z8f6nulJ2vi5unC007D8y" +
-- "\nT5kwL7vaQ+gd1JtcPny3J6qRaNxY2KhlkkLFYFLSnpt/ye0S/HuCH7RjG1lYHga9" +
-- "\nKULqYB+pdpFmfmPy6ogpHHaKQuYf/y9yRyylml/rjdRTWOzCa8L6y2y63y8mkcEZ" +
-- "\nvUJ/WWAzCmka/w43uv3fPrui7wzMLDeCkSEomboax9bgTqqt9/ZNP9H0ja7XUNIj" +
-- "\nHT8zn+h8YkjCHAupHRIltx7ZPaisZiz6RA/iwIE+rtkrYEOyCLsaHT+iXMsPFXLY" +
-- "\nPMgR1usJqg2M3CzVdGmjXl0/ZZzo4a+wKzkRCnA1K4ZsJ/Py24QfqNIw8Jysab86" +
-- "\nSVSpGq3YbDIuKI/6I5CSL36WlfDcsvypr6MvE7X59otGj+1qzmlHuscL95EchJAN" +
-- "\nRJbTW1/IHw2VMqQhRMTBKftrMediC/xP9xtl4U3D8Wybk+ghQdwuW9x3SW9H8Dol" +
-- "\ngzBI3fdHTevZCuJJFdXhmEyEa2eEcRioc/3zaAHGThE+8SnsA8IuuqALT43w3b14" +
-- "\nLizcmRWQcBnH5+PlhXYf3/nAlEnXD6TCZrOGlNCzLTWQTBLg1kw97xS/PQyCg24X" +
-- "\nsnHSt1DRJA==" +
-- "\n=I9l9" +
-- "\n-----END PGP PUBLIC KEY BLOCK-----";
--
-- let minKey = cApi.sync(cApi.getStrippedKey(pubKey));
-- let got = btoa(String.fromCharCode.apply(null, minKey));
-- Assert.equal(got.substr(0, 127), "xsFNBFVHm5sBEACs94Ln+RMdeyBpWQtTZ/NZnwntsB10Wd3HTgo5sdA/OOFOJrWetJfAZ/HRxiSu1bwRaFVC8p061ftTbxf8bsdfsykYJQQqPODfcO0/oY2n/Z93ya8");
-- Assert.equal(got.substr(-127), "QriSRXV4ZhMhGtnhHEYqHP982gBxk4RPvEp7APCLrqgC0+N8N29eC4s3JkVkHAZx+fj5YV2H9/5wJRJ1w+kwmazhpTQsy01kEwS4NZMPe8Uvz0MgoNuF7Jx0rdQ0SQ=");
-- Assert.equal(got.length, 3080);
--});
-\ No newline at end of file
-diff --git a/stdlib/Makefile b/stdlib/Makefile
-index 09841e3..cceaab6 100644
---- a/stdlib/Makefile
-+++ b/stdlib/Makefile
-@@ -13,7 +13,6 @@ MODFILES = \
- compose.jsm \
- misc.jsm \
- msgHdrUtils.jsm \
-- openpgp.worker.js \
- web-streams.jsm
-
- GENFILES = $(addprefix $(GENDIR)/,$(MODFILES))
-@@ -29,8 +28,7 @@ all: deploy
- deploy: createlib $(GENFILES)
-
- createlib:
-- cat openpgp-lib-head.js openpgp-lib.js openpgp-lib-tail.js > openpgp-lib.jsm
-- $(DEPTH)/util/prepPostbox $(TARGET_TOOL) openpgp-lib.jsm $(GENDIR)/openpgp-lib.jsm
-+ echo skipping createlib, no OpenPGP.js in debian build
-
- clean:
-- $(DEPTH)/util/install -u $(DIST)/chrome/content/modules/stdlib $(MODFILES) openpgp-lib.jsm
-+ $(DEPTH)/util/install -u $(DIST)/chrome/content/modules/stdlib $(MODFILES)
-diff --git a/util/genxpi b/util/genxpi
-index 9d7c39e..68d0b81 100755
---- a/util/genxpi
-+++ b/util/genxpi
-@@ -81,7 +81,6 @@ zip -9 --must-match\
- chrome/content/modules/cryptoAPI/gnupg-decryption.jsm \
- chrome/content/modules/cryptoAPI/gnupg-key.jsm \
- chrome/content/modules/cryptoAPI/gnupg-keylist.jsm \
-- chrome/content/modules/cryptoAPI/openpgp-js.js \
- chrome/content/modules/cryptoAPI/interface.js \
- chrome/content/modules/data.jsm \
- chrome/content/modules/dns.jsm \
-@@ -149,8 +148,6 @@ zip -9 --must-match\
- chrome/content/modules/stdlib/compose.jsm \
- chrome/content/modules/stdlib/misc.jsm \
- chrome/content/modules/stdlib/msgHdrUtils.jsm \
-- chrome/content/modules/stdlib/openpgp-lib.jsm \
-- chrome/content/modules/stdlib/openpgp.worker.js \
- chrome/content/modules/stdlib/web-streams.jsm \
- chrome/content/modules/stdlib.jsm \
- chrome/content/modules/streams.jsm \
diff --git a/debian/patches/0004-copy-enums.armor-from-OpenPGP.js.patch b/debian/patches/0004-copy-enums.armor-from-OpenPGP.js.patch
deleted file mode 100644
index 6c9fdc51..00000000
--- a/debian/patches/0004-copy-enums.armor-from-OpenPGP.js.patch
+++ /dev/null
@@ -1,61 +0,0 @@
-From: Daniel Kahn Gillmor <d...@fifthhorseman.net>
-Date: Mon, 11 Jun 2018 00:08:04 -0400
-Subject: copy enums.armor from OpenPGP.js
-
-Since we use this in our own bytesToArmor(), we just copy the simple
-table in here.
----
- package/openpgp.jsm | 33 +++++++++++++++------------------
- 1 file changed, 15 insertions(+), 18 deletions(-)
-
-diff --git a/package/openpgp.jsm b/package/openpgp.jsm
-index 2982850..c6b8f99 100644
---- a/package/openpgp.jsm
-+++ b/package/openpgp.jsm
-@@ -35,31 +35,28 @@ var crc_table = [0x00000000, 0x00864cfb, 0x018ad50d, 0x010c99f6, 0x0393e6e1, 0x0
- 0x575bc9c3, 0x57dd8538
- ];
-
--var gOpenPGPLib;
--
- function initialize() {
- const EnigmailLog = ChromeUtils.import("chrome://enigmail/content/modules/log.jsm").EnigmailLog;
-- const getOpenPGPLibrary = ChromeUtils.import("chrome://enigmail/content/modules/stdlib/openpgp-lib.jsm").getOpenPGPLibrary;
--
- EnigmailLog.DEBUG("openpgp.jsm: initialize()\n");
--
-- try {
-- gOpenPGPLib = getOpenPGPLibrary();
--
-- EnigmailLog.DEBUG(`openpgp.jsm: openpgp: ${gOpenPGPLib}\n`);
-- }
-- catch (ex) {
-- EnigmailLog.ERROR("openpgp.jsm: initialize: error: " + ex.toString() + "\n");
-- }
- }
-
- var EnigmailOpenPGP = {
-- get openpgp() {
-- if (!gOpenPGPLib) {
-- initialize();
-+ openpgp: {
-+ enums: {
-+ /** Armor type
-+ * @enum {Integer}
-+ * @readonly
-+ */
-+ armor: {
-+ multipart_section: 0,
-+ multipart_last: 1,
-+ signed: 2,
-+ message: 3,
-+ public_key: 4,
-+ private_key: 5,
-+ signature: 6
-+ },
- }
--
-- return gOpenPGPLib;
- },
-
- enigmailFuncs: {
diff --git a/debian/patches/0008-use-GnuPG-instead-of-openpgp.js-for-symmetric-encryp.patch b/debian/patches/0008-use-GnuPG-instead-of-openpgp.js-for-symmetric-encryp.patch
deleted file mode 100644
index 5f1013c9..00000000
--- a/debian/patches/0008-use-GnuPG-instead-of-openpgp.js-for-symmetric-encryp.patch
+++ /dev/null
@@ -1,326 +0,0 @@
-From: Daniel Kahn Gillmor <d...@fifthhorseman.net>
-Date: Sun, 30 Sep 2018 01:54:12 -0500
-Subject: use GnuPG instead of openpgp.js for symmetric encryption/decryption
-
-This enables all the test suite to pass, and should enable proper use
-of the Autocrypt setup message.
-
-We need to handle PLAINTEXT status lines that include a possible
-filename in them. And sometimes GnuPG gets confused about the
-different sizes of plaintext: https://dev.gnupg.org/T4741. so just
-warn, don't throw an exception for now as a workaround.
----
- package/autocrypt.jsm | 92 ++++++++++++++---------------
- package/gpg.jsm | 156 +++++++++++++++++++++++++++++++++++++++++++++++++-
- 2 files changed, 201 insertions(+), 47 deletions(-)
-
-diff --git a/package/autocrypt.jsm b/package/autocrypt.jsm
-index d04cd4f..74c7de5 100644
---- a/package/autocrypt.jsm
-+++ b/package/autocrypt.jsm
-@@ -11,8 +11,6 @@
-
- var EXPORTED_SYMBOLS = ["EnigmailAutocrypt"];
-
--const Cr = Components.results;
--
- Components.utils.importGlobalProperties(["crypto"]);
-
- const jsmime = ChromeUtils.import("resource:///modules/jsmime.jsm").jsmime;
-@@ -38,6 +36,7 @@ const EnigmailStdlib = ChromeUtils.import("chrome://enigmail/content/modules/std
- const EnigmailPrefs = ChromeUtils.import("chrome://enigmail/content/modules/prefs.jsm").EnigmailPrefs;
- const EnigmailConstants = ChromeUtils.import("chrome://enigmail/content/modules/constants.jsm").EnigmailConstants;
- const EnigmailCryptoAPI = ChromeUtils.import("chrome://enigmail/content/modules/cryptoAPI.jsm").EnigmailCryptoAPI;
-+const EnigmailGpg = ChromeUtils.import("chrome://enigmail/content/modules/gpg.jsm").EnigmailGpg;
-
- var gCreatedSetupIds = [];
-
-@@ -470,14 +469,15 @@ var EnigmailAutocrypt = {
-
- let bkpCode = createBackupCode();
- let enc = {
-- message: EnigmailOpenPGP.openpgp.message.fromText(innerMsg),
-- passwords: bkpCode,
-+ message: innerMsg,
-+ password: bkpCode,
- armor: true
- };
-
- // create symmetrically encrypted message
-- EnigmailOpenPGP.openpgp.encrypt(enc).then(msg => {
-- let msgData = EnigmailArmor.replaceArmorHeaders(msg.data, {
-+ try {
-+ let msg = EnigmailGpg.symmetricEncrypt(enc);
-+ let msgData = EnigmailArmor.replaceArmorHeaders(msg, {
- 'Passphrase-Format': 'numeric9x4',
- 'Passphrase-Begin': bkpCode.substr(0, 2)
- }).replace(/\n/g, "\r\n");
-@@ -487,10 +487,10 @@ var EnigmailAutocrypt = {
- msg: m,
- passwd: bkpCode
- });
-- }).catch(e => {
-+ } catch(e) {
- EnigmailLog.DEBUG("autocrypt.jsm: createSetupMessage: error " + e + "\n");
- reject(2);
-- });
-+ }
- }
- catch (ex) {
- EnigmailLog.DEBUG("autocrypt.jsm: createSetupMessage: error " + ex.toString() + "\n");
-@@ -598,46 +598,46 @@ var EnigmailAutocrypt = {
- end = {};
- let msgType = EnigmailArmor.locateArmoredBlock(attachmentData, 0, "", start, end, {});
-
-- EnigmailOpenPGP.openpgp.message.readArmored(attachmentData.substring(start.value, end.value)).then(encMessage => {
-- let enc = {
-- message: encMessage,
-- passwords: [passwd],
-- format: 'utf8'
-- };
-+ let encMessage = attachmentData.substring(start.value, end.value);
-
-- return EnigmailOpenPGP.openpgp.decrypt(enc);
-- })
-- .then(msg => {
-- EnigmailLog.DEBUG("autocrypt.jsm: handleBackupMessage: data: " + msg.data.length + "\n");
--
-- let setupData = importSetupKey(msg.data);
-- if (setupData) {
-- EnigmailKeyEditor.setKeyTrust(null, "0x" + setupData.fpr, "5", function(returnCode) {
-- if (returnCode === 0) {
-- let id = EnigmailStdlib.getIdentityForEmail(EnigmailFuncs.stripEmail(fromAddr).toLowerCase());
-- let ac = EnigmailFuncs.getAccountForIdentity(id.identity);
-- ac.incomingServer.setBoolValue("enableAutocrypt", true);
-- ac.incomingServer.setIntValue("acPreferEncrypt", (setupData.preferEncrypt === "mutual" ? 1 : 0));
-- id.identity.setCharAttribute("pgpkeyId", "0x" + setupData.fpr);
-- id.identity.setBoolAttribute("enablePgp", true);
-- id.identity.setBoolAttribute("pgpSignEncrypted", true);
-- id.identity.setBoolAttribute("pgpMimeMode", true);
-- id.identity.setIntAttribute("pgpKeyMode", 1);
-- EnigmailPrefs.setPref("juniorMode", 1);
-- resolve(setupData);
-- }
-- else {
-- reject("keyImportFailed");
-- }
-- });
-- }
-- else {
-- reject("keyImportFailed");
-- }
-- }).
-- catch(err => {
-+ let enc = {
-+ message: encMessage,
-+ password: passwd,
-+ format: 'utf8'
-+ };
-+
-+ try {
-+ let msg = EnigmailGpg.symmetricDecrypt(enc);
-+
-+ EnigmailLog.DEBUG("autocrypt.jsm: handleBackupMessage: data: " + msg.length + "\n");
-+
-+ let setupData = importSetupKey(msg);
-+ if (setupData) {
-+ EnigmailKeyEditor.setKeyTrust(null, "0x" + setupData.fpr, "5", function(returnCode) {
-+ if (returnCode === 0) {
-+ let id = EnigmailStdlib.getIdentityForEmail(EnigmailFuncs.stripEmail(fromAddr).toLowerCase());
-+ let ac = EnigmailFuncs.getAccountForIdentity(id.identity);
-+ ac.incomingServer.setBoolValue("enableAutocrypt", true);
-+ ac.incomingServer.setIntValue("acPreferEncrypt", (setupData.preferEncrypt === "mutual" ? 1 : 0));
-+ id.identity.setCharAttribute("pgpkeyId", "0x" + setupData.fpr);
-+ id.identity.setBoolAttribute("enablePgp", true);
-+ id.identity.setBoolAttribute("pgpSignEncrypted", true);
-+ id.identity.setBoolAttribute("pgpMimeMode", true);
-+ id.identity.setIntAttribute("pgpKeyMode", 1);
-+ EnigmailPrefs.setPref("juniorMode", 1);
-+ resolve(setupData);
-+ }
-+ else {
-+ reject("keyImportFailed");
-+ }
-+ });
-+ }
-+ else {
-+ reject("keyImportFailed");
-+ }
-+ } catch(err) {
- reject("wrongPasswd");
-- });
-+ }
- });
- },
-
-diff --git a/package/gpg.jsm b/package/gpg.jsm
-index 70465bf..489b1cd 100644
---- a/package/gpg.jsm
-+++ b/package/gpg.jsm
-@@ -382,10 +382,164 @@ var EnigmailGpg = {
- }
- },
-
-+ symmetricEncrypt: function(params) {
-+ EnigmailLog.DEBUG("gpg.jsm: symmetricEncrypt:\n");
-+
-+ const args = EnigmailGpg.getStandardArgs(false).
-+ concat(['--no-options',
-+ '--no-keyring',
-+ '--no-symkey-cache',
-+ '--cipher-algo=aes256',
-+ '--pinentry-mode=loopback',
-+ '--passphrase-fd=4',
-+ '--status-fd=5',
-+ '--symmetric']);
-+ if (params.armor)
-+ args.push('--armor');
-+
-+ try {
-+ let statusdata = '';
-+ let ciphertext;
-+ let warnings = [];
-+ const proc = subprocess.call({
-+ command: EnigmailGpg.agentPath,
-+ arguments: args,
-+ environment: EnigmailCore.getEnvList(),
-+ charset: null,
-+ stdin: params.message,
-+ infds: { 4: params.password },
-+ outfds: {
-+ 5: function(data) {
-+ statusdata += data;
-+ }
-+ },
-+ mergeStderr: false,
-+ done: function(result) {
-+ if (result.exitCode != 0) {
-+ warnings.unshift("non-zero return code! " + result.exitCode);
-+ return;
-+ }
-+ if (statusdata.match(/\[GNUPG:\] NEED_PASSPHRASE_SYM \d+ \d+ \d+\n\[GNUPG:\] BEGIN_ENCRYPTION \d+ \d+\n\[GNUPG:\] END_ENCRYPTION\n/) === null) {
-+ warnings.unshift("status return was unexpected: " + statusdata);
-+ return;
-+ }
-+ ciphertext = result.stdout;
-+ }
-+ });
-+ proc.wait();
-+ if (warnings.length) {
-+ for (let ix in warnings) {
-+ /* we display the warnings here because it's not clear to
-+ * dkg that the "done" function is running from a thread
-+ * capable of executing them correctly. */
-+ EnigmailLog.WARNING(warnings[ix]+"\n");
-+ }
-+ }
-+ if (ciphertext == undefined)
-+ EnigmailLog.WARNING("ciphertext output was never received\n");
-+ return ciphertext;
-+ }
-+ catch (ex) {
-+ EnigmailLog.ERROR("enigmailCommon.jsm: encryptSymmetric: subprocess.call failed with '" + ex.toString() + "'\n");
-+ throw ex;
-+ }
-+ },
-+
-+ /* params contains fields: message (string), password (string), and format (string).
-+ */
-+ symmetricDecrypt: function(params) {
-+ EnigmailLog.DEBUG("gpg.jsm: symmetricDecrypt:\n");
-+
-+ const args = EnigmailGpg.getStandardArgs(false).
-+ concat(['--no-options',
-+ '--no-keyring',
-+ '--no-symkey-cache',
-+ '--pinentry-mode=loopback',
-+ '--passphrase-fd=4',
-+ '--status-fd=5',
-+ '--decrypt']);
-+ /* FIXME: format is going to be 'utf8' -- what does that mean, and
-+ * how do we apply it to GnuPG? */
-+
-+ try {
-+ let statusdata = '';
-+ let cleartext;
-+ let warnings = [];
-+ const proc = subprocess.call({
-+ command: EnigmailGpg.agentPath,
-+ arguments: args,
-+ environment: EnigmailCore.getEnvList(),
-+ charset: null,
-+ stdin: params.message,
-+ infds: { 4: params.password },
-+ outfds: {
-+ 5: function(data) {
-+ statusdata += data;
-+ }
-+ },
-+ mergeStderr: false,
-+ done: function(result) {
-+ if (result.exitCode != 0) {
-+ warnings.unshift("non-zero return code when decrypting! " + result.exitCode);
-+ return;
-+ }
-+
-+ let decrypt_status_re = /\[GNUPG:\] NEED_PASSPHRASE_SYM \d+ \d+ \d+\n\[GNUPG:] BEGIN_DECRYPTION\n(\[GNUPG:\] DECRYPTION_COMPLIANCE_MODE \d+\n)?\[GNUPG:\] DECRYPTION_INFO \d+ \d+\n\[GNUPG:\] PLAINTEXT \d+ \d+[^\n]*\n(\[GNUPG:\] PLAINTEXT_LENGTH (\d+)\n)?\[GNUPG:\] DECRYPTION_OKAY\n(\[GNUPG:\] GOODMDC\n)?\[GNUPG:\] END_DECRYPTION\n/m
-+ let matched = false;
-+ let found = decrypt_status_re.exec(statusdata);
-+ if (found !== null) {
-+ let all = found[0];
-+ let compliance = found[1];
-+ let plen_line = found[2];
-+ let plen = found[3];
-+ let mdc = found[4];
-+ if (all != statusdata)
-+ warnings.unshift("Got GnuPG status lines: " + statusdata + "Only matched GnuPG status lines: " + all);
-+ /* PLAINTEXT_LENGTH does not necessarily match exactly:
-+ * see https://dev.gnupg.org/T4741. Instead, we assume
-+ * that the length could be halved (nothing but CRLFs,
-+ * generated on Windows, read on unix) or doubled (nothing
-+ * but LFs on unix, read on Windows) at most.*/
-+ if (plen_line)
-+ if ((result.stdout.length > plen*2) ||
-+ (result.stdout.length < plen/2))
-+ warnings.unshift("Status line claimed " + plen + "bytes, but we got " + result.stdout.length);
-+ if (mdc != "[GNUPG:] GOODMDC\n") {
-+ warnings.unshift("No MDC used in encryption, skipping decryption");
-+ return;
-+ }
-+ matched = true;
-+ }
-+ if (!matched) {
-+ warnings.unshift("Status FDs did not match!");
-+ return;
-+ }
-+ cleartext = result.stdout;
-+ }
-+ });
-+ proc.wait();
-+ if (warnings.length) {
-+ for (let ix in warnings) {
-+ /* we display the warnings here because it's not clear to
-+ * dkg that the "done" function is running from a thread
-+ * capable of executing them correctly. */
-+ EnigmailLog.WARNING(warnings[ix]+"\n");
-+ }
-+ }
-+ if (cleartext == undefined)
-+ EnigmailLog.WARNING("cleartext output was never received\n");
-+ return cleartext;
-+ }
-+ catch (ex) {
-+ EnigmailLog.ERROR("enigmailCommon.jsm: decryptSymmetric: subprocess.call failed with '" + ex.toString() + "'\n");
-+ throw ex;
-+ }
-+ },
-+
- /**
- * For versions of GPG 2.1 and higher, checks to see if the dirmngr is configured to use Tor
- *
- * @return Boolean - True if dirmngr is configured with Tor. False otherwise
- */
- dirmngrConfiguredWithTor: dirmngrConfiguredWithTor
--};
-\ No newline at end of file
-+};
diff --git a/debian/patches/0010-fixed-bug-1057-Hockeypuck-keyservers-reject-uploads-.patch b/debian/patches/0010-fixed-bug-1057-Hockeypuck-keyservers-reject-uploads-.patch
deleted file mode 100644
index 41770461..00000000
--- a/debian/patches/0010-fixed-bug-1057-Hockeypuck-keyservers-reject-uploads-.patch
+++ /dev/null
@@ -1,64 +0,0 @@
-From: Patrick Brunschwig <patr...@enigmail.net>
-Date: Fri, 3 Apr 2020 20:23:14 +0200
-Subject: fixed bug 1057: Hockeypuck keyservers reject uploads that use
- Content-Type: text/plain
-
-(cherry picked from commit 997095d61d2a388c65ec65f9ffd1516390910d03)
----
- package/keyserver.jsm | 10 ++++++++--
- 1 file changed, 8 insertions(+), 2 deletions(-)
-
-diff --git a/package/keyserver.jsm b/package/keyserver.jsm
-index c0d1e53..38f57ee 100644
---- a/package/keyserver.jsm
-+++ b/package/keyserver.jsm
-@@ -173,6 +173,7 @@ const accessHkpInternal = {
-
- let method = "GET";
- let protocol;
-+ let contentType = "text/plain;charset=UTF-8";
-
- switch (keySrv.protocol) {
- case "hkp":
-@@ -189,6 +190,7 @@ const accessHkpInternal = {
- if (actionFlag === EnigmailConstants.UPLOAD_KEY) {
- url += "/pks/add";
- method = "POST";
-+ contentType = "application/x-www-form-urlencoded";
- }
- else if (actionFlag === EnigmailConstants.DOWNLOAD_KEY) {
- if (searchTerm.indexOf("0x") !== 0) {
-@@ -206,6 +208,7 @@ const accessHkpInternal = {
- return {
- url: url,
- host: keySrv.host,
-+ contentType: contentType,
- method: method
- };
- },
-@@ -328,20 +331,23 @@ const accessHkpInternal = {
- let {
- url,
- host,
-- method
-+ method,
-+ contentType
- } = this.createRequestUrl(keyserver, actionFlag, keyId);
-
- if (host === HKPS_POOL_HOST && actionFlag !== EnigmailConstants.GET_SKS_CACERT) {
- this.getSksCACert().then(r => {
- EnigmailLog.DEBUG(`keyserver.jsm: accessHkpInternal.accessKeyServer: getting ${url}\n`);
- xmlReq.open(method, url);
-+ xmlReq.setRequestHeader("Content-Type", contentType);
- xmlReq.send(payLoad);
- });
- }
- else {
- EnigmailLog.DEBUG(`keyserver.jsm: accessHkpInternal.accessKeyServer: requesting ${url}\n`);
- xmlReq.open(method, url);
-- xmlReq.send(payLoad);
-+ xmlReq.setRequestHeader("Content-Type", contentType);
-+ xmlReq.send(payLoad);
- }
- });
- },
diff --git a/debian/patches/0011-drop-unnecessary-tests.patch b/debian/patches/0011-drop-unnecessary-tests.patch
deleted file mode 100644
index 336a4f42..00000000
--- a/debian/patches/0011-drop-unnecessary-tests.patch
+++ /dev/null
@@ -1,37 +0,0 @@
-From: Daniel Kahn Gillmor <d...@fifthhorseman.net>
-Date: Wed, 6 Nov 2019 01:42:24 -0500
-Subject: Drop unnecessary tests in keyObj-test.js
-
-See Message-ID: <8736f1nfsd....@fifthhorseman.net> (and followup
-messages) on enigmail-us...@enigmail.net for more discussion about why
-these tests are bogus and irrelevant for debian.
----
- package/tests/keyObj-test.js | 17 +----------------
- 1 file changed, 1 insertion(+), 16 deletions(-)
-
-diff --git a/package/tests/keyObj-test.js b/package/tests/keyObj-test.js
-index 0042e02..a82caa5 100644
---- a/package/tests/keyObj-test.js
-+++ b/package/tests/keyObj-test.js
-@@ -37,19 +37,4 @@ test(withTestGpgHome(withEnigmail(function shouldExportMinimalSubkey() {
- Assert.equal(minKey.keyData.substr(0, 50), "mQGNBFub08oBDACmb04i4u8xUV1ADbnbN5l83mpr70OyWVJb5E");
- Assert.equal(minKey.keyData.substr(-50, 50), "p9TFNKjguUrrGrVnmnmy/YoGTJWuGqrZy8kcC3LCjg0k2mV0M=");
- }
--
-- EnigmailGpg.agentVersion = "2.2.1";
-- Assert.ok(!EnigmailGpg.getGpgFeature("export-specific-uid"));
--
-- let minKey = keyObj.getMinimalPubKey("bob@somewhere.invalid");
-- Assert.equal(minKey.exitCode, 0);
-- Assert.equal(minKey.keyData.substr(3, 50), "NBFub08oBDACmb04i4u8xUV1ADbnbN5l83mpr70OyWVJb5ElIc");
-- Assert.ok(minKey.keyData.substr(-50, 50) == "1MU0qOC5SusatWeaebL9igZMla4aqtnLyRwLcsKODSTaZXQw==" ||
-- minKey.keyData.substr(-50, 50) == "p9TFNKjguUrrGrVnmnmy/YoGTJWuGqrZy8kcC3LCjg0k2mV0M=", "min key matches");
--
-- minKey = keyObj.getMinimalPubKey("does@not.exist");
-- Assert.equal(minKey.exitCode, 0);
--
-- Assert.equal(minKey.keyData.substr(0, 50), "xsDNBFub08oBDACmb04i4u8xUV1ADbnbN5l83mpr70OyWVJb5E");
-- Assert.equal(minKey.keyData.substr(-50, 50), "1MU0qOC5SusatWeaebL9igZMla4aqtnLyRwLcsKODSTaZXQw==");
--})));
-\ No newline at end of file
-+})));
diff --git a/debian/patches/0011-skip-record-if-nothing-found-broken-Find-keys-for-al.patch b/debian/patches/0011-skip-record-if-nothing-found-broken-Find-keys-for-al.patch
deleted file mode 100644
index d4e1845b..00000000
--- a/debian/patches/0011-skip-record-if-nothing-found-broken-Find-keys-for-al.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-From: Patrick Brunschwig <patr...@enigmail.net>
-Date: Sat, 11 Apr 2020 11:35:53 +0200
-Subject: skip record if nothing found (broken Find keys for all contacts)
- with vks keyservers
-
-(cherry picked from commit 048d65f1846683cd6a3e939b6e65e16e3db3c2c3)
----
- package/keyserver.jsm | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/package/keyserver.jsm b/package/keyserver.jsm
-index 38f57ee..d98b021 100644
---- a/package/keyserver.jsm
-+++ b/package/keyserver.jsm
-@@ -1546,6 +1546,9 @@ const accessVksServer = {
- for (let i in searchArr) {
- let r = await this.accessKeyServer(EnigmailConstants.SEARCH_KEY, keyserver, searchArr[i], listener);
-
-+ // try next item if nothing found
-+ if (!r || !r.length) continue;
-+
- const cApi = EnigmailCryptoAPI();
- let keyList = await cApi.getKeyListFromKeyBlock(r);
-
diff --git a/debian/patches/series b/debian/patches/series
index ec657037..7eca8dc9 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,10 +1,4 @@
0002-Avoid-auto-download-of-pEpEngine-Closes-891882.patch
-0003-avoid-OpenPGP.js-when-building.patch
-0004-copy-enums.armor-from-OpenPGP.js.patch
0006-enable-the-use-of-extra-file-descriptors-and-test-th.patch
0007-add-test-to-do-symmetric-encryption-decryption-with-.patch
-0008-use-GnuPG-instead-of-openpgp.js-for-symmetric-encryp.patch
-0011-drop-unnecessary-tests.patch
0012-Fix-parallel-build.patch
-0010-fixed-bug-1057-Hockeypuck-keyservers-reject-uploads-.patch
-0011-skip-record-if-nothing-found-broken-Find-keys-for-al.patch
--
2.28.0
From 60fffe5358e110eeccc614b8065d8cc97e97644d Mon Sep 17 00:00:00 2001
From: Gregor Riepl <onit...@gmail.com>
Date: Sun, 13 Sep 2020 14:38:07 +0200
Subject: [PATCH 439/439] Refreshed patches
---
...-download-of-pEpEngine-Closes-891882.patch | 10 +--
...f-extra-file-descriptors-and-test-th.patch | 62 +++++++++----------
...ymmetric-encryption-decryption-with-.patch | 12 ++--
debian/patches/0012-Fix-parallel-build.patch | 12 ++--
4 files changed, 48 insertions(+), 48 deletions(-)
diff --git a/debian/patches/0002-Avoid-auto-download-of-pEpEngine-Closes-891882.patch b/debian/patches/0002-Avoid-auto-download-of-pEpEngine-Closes-891882.patch
index 5304f15f..7a047b05 100644
--- a/debian/patches/0002-Avoid-auto-download-of-pEpEngine-Closes-891882.patch
+++ b/debian/patches/0002-Avoid-auto-download-of-pEpEngine-Closes-891882.patch
@@ -9,10 +9,10 @@ the pEp engine and prefer enigmail.
package/prefs/defaultPrefs.js | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
-diff --git a/package/prefs/defaultPrefs.js b/package/prefs/defaultPrefs.js
-index 01a838c..1e7e856 100755
---- a/package/prefs/defaultPrefs.js
-+++ b/package/prefs/defaultPrefs.js
+Index: enigmail/package/prefs/defaultPrefs.js
+===================================================================
+--- enigmail.orig/package/prefs/defaultPrefs.js 2020-09-13 14:10:23.765118145 +0200
++++ enigmail/package/prefs/defaultPrefs.js 2020-09-13 14:10:23.765118145 +0200
@@ -14,7 +14,7 @@
// 0: force using Enigmail
// 1: automatic mode (use pEp if Enigmail and S/MIME are not configured for any identity)
@@ -22,7 +22,7 @@ index 01a838c..1e7e856 100755
// the last configured Enigmail version
pref("extensions.enigmail.configuredVersion", "");
-@@ -210,7 +210,7 @@ pref("extensions.enigmail.warnDownloadContactKeys", true);
+@@ -216,7 +216,7 @@
pref("extensions.enigmail.wrapHtmlBeforeSend", true);
// automatically download pepmda if it is available (without askin user)
diff --git a/debian/patches/0006-enable-the-use-of-extra-file-descriptors-and-test-th.patch b/debian/patches/0006-enable-the-use-of-extra-file-descriptors-and-test-th.patch
index 9c8c6076..95ad73db 100644
--- a/debian/patches/0006-enable-the-use-of-extra-file-descriptors-and-test-th.patch
+++ b/debian/patches/0006-enable-the-use-of-extra-file-descriptors-and-test-th.patch
@@ -18,11 +18,11 @@ Subject: enable the use of extra file descriptors, and test them
ipc/tests/subprocess-test.js | 28 +++++++++++++++++
5 files changed, 136 insertions(+), 4 deletions(-)
-diff --git a/ipc/modules/enigmailprocess_common.jsm b/ipc/modules/enigmailprocess_common.jsm
-index 06859c3..4e64a42 100644
---- a/ipc/modules/enigmailprocess_common.jsm
-+++ b/ipc/modules/enigmailprocess_common.jsm
-@@ -598,12 +598,19 @@ class _BaseProcess {
+Index: enigmail/ipc/modules/enigmailprocess_common.jsm
+===================================================================
+--- enigmail.orig/ipc/modules/enigmailprocess_common.jsm 2020-09-13 14:30:49.310660363 +0200
++++ enigmail/ipc/modules/enigmailprocess_common.jsm 2020-09-13 14:30:49.310660363 +0200
+@@ -598,12 +598,19 @@
* The internal ID of the Process object, which ties it to the
* corresponding process on the Worker side.
* @param {integer[]} fds
@@ -45,7 +45,7 @@ index 06859c3..4e64a42 100644
this.id = processId;
this.worker = worker;
-@@ -626,6 +633,33 @@ class _BaseProcess {
+@@ -626,6 +633,33 @@
this.exitCode = exitCode;
});
});
@@ -79,7 +79,7 @@ index 06859c3..4e64a42 100644
if (fds[0] !== undefined) {
/**
-@@ -670,7 +704,7 @@ class _BaseProcess {
+@@ -670,7 +704,7 @@
return worker.call("spawn", [options]).then(({
processId, fds, pid
}) => {
@@ -88,11 +88,11 @@ index 06859c3..4e64a42 100644
});
}
-diff --git a/ipc/modules/enigmailprocess_main.jsm b/ipc/modules/enigmailprocess_main.jsm
-index 266bf14..2012428 100644
---- a/ipc/modules/enigmailprocess_main.jsm
-+++ b/ipc/modules/enigmailprocess_main.jsm
-@@ -87,6 +87,18 @@ var SubprocessMain = {
+Index: enigmail/ipc/modules/enigmailprocess_main.jsm
+===================================================================
+--- enigmail.orig/ipc/modules/enigmailprocess_main.jsm 2020-09-13 14:30:49.310660363 +0200
++++ enigmail/ipc/modules/enigmailprocess_main.jsm 2020-09-13 14:30:49.310660363 +0200
+@@ -87,6 +87,18 @@
* - `"pipe"`: The process's stderr is redirected to a pipe, which can be read
* from via its `stderr` property.
*
@@ -111,7 +111,7 @@ index 266bf14..2012428 100644
* @param {string} [options.workdir]
* The working directory in which to launch the new process.
*
-@@ -109,6 +121,8 @@ var SubprocessMain = {
+@@ -109,6 +121,8 @@
options.stderr = options.stderr || "ignore";
options.workdir = options.workdir || null;
@@ -120,11 +120,11 @@ index 266bf14..2012428 100644
let environment = {};
if (!options.environment || options.environmentAppend) {
-diff --git a/ipc/modules/enigmailprocess_worker_unix.js b/ipc/modules/enigmailprocess_worker_unix.js
-index ebffdc9..ab4a792 100644
---- a/ipc/modules/enigmailprocess_worker_unix.js
-+++ b/ipc/modules/enigmailprocess_worker_unix.js
-@@ -392,6 +392,14 @@ class Process extends BaseProcess {
+Index: enigmail/ipc/modules/enigmailprocess_worker_unix.js
+===================================================================
+--- enigmail.orig/ipc/modules/enigmailprocess_worker_unix.js 2020-09-13 14:30:49.310660363 +0200
++++ enigmail/ipc/modules/enigmailprocess_worker_unix.js 2020-09-13 14:30:49.310660363 +0200
+@@ -392,6 +392,14 @@
this.fd = our_pipes[3].fd;
delete our_pipes[3];
@@ -139,10 +139,10 @@ index ebffdc9..ab4a792 100644
this.pipes = our_pipes;
return their_pipes;
-diff --git a/ipc/modules/subprocess.jsm b/ipc/modules/subprocess.jsm
-index b62c676..d8ea4ab 100644
---- a/ipc/modules/subprocess.jsm
-+++ b/ipc/modules/subprocess.jsm
+Index: enigmail/ipc/modules/subprocess.jsm
+===================================================================
+--- enigmail.orig/ipc/modules/subprocess.jsm 2020-09-13 14:30:49.310660363 +0200
++++ enigmail/ipc/modules/subprocess.jsm 2020-09-13 14:30:49.310660363 +0200
@@ -25,6 +25,14 @@
* stderr: function(data) {
* dump("got data on stderr:" + data + "\n");
@@ -172,7 +172,7 @@ index b62c676..d8ea4ab 100644
*
* done: optional function that is called when the process has terminated.
* The exit code from the process available via result.exitCode. If
-@@ -231,6 +246,19 @@ var subprocess = {
+@@ -231,6 +246,19 @@
});
}
@@ -192,7 +192,7 @@ index b62c676..d8ea4ab 100644
promises.push(
readAllData(proc.stdout, read, data => {
-@@ -243,6 +271,18 @@ var subprocess = {
+@@ -243,6 +271,18 @@
stdoutData += data;
}));
@@ -211,7 +211,7 @@ index b62c676..d8ea4ab 100644
if (!options.mergeStderr) {
promises.push(
readAllData(proc.stderr, read, data => {
-@@ -301,6 +341,14 @@ var subprocess = {
+@@ -301,6 +341,14 @@
opts.stderr = "pipe";
}
@@ -226,11 +226,11 @@ index b62c676..d8ea4ab 100644
if (options.command instanceof Ci.nsIFile) {
opts.command = options.command.path;
} else {
-diff --git a/ipc/tests/subprocess-test.js b/ipc/tests/subprocess-test.js
-index 5e68b18..5e5f85b 100644
---- a/ipc/tests/subprocess-test.js
-+++ b/ipc/tests/subprocess-test.js
-@@ -294,6 +294,34 @@ function run_test() {
+Index: enigmail/ipc/tests/subprocess-test.js
+===================================================================
+--- enigmail.orig/ipc/tests/subprocess-test.js 2020-09-13 14:30:49.310660363 +0200
++++ enigmail/ipc/tests/subprocess-test.js 2020-09-13 14:30:49.310660363 +0200
+@@ -300,6 +300,34 @@
p.wait();
@@ -264,4 +264,4 @@ index 5e68b18..5e5f85b 100644
+
/////////////////////////////////////////////////////////////////
- // Test many concurrent runs
+ // Test many subsequent runs
diff --git a/debian/patches/0007-add-test-to-do-symmetric-encryption-decryption-with-.patch b/debian/patches/0007-add-test-to-do-symmetric-encryption-decryption-with-.patch
index 7e7c4a6f..aa9fb4be 100644
--- a/debian/patches/0007-add-test-to-do-symmetric-encryption-decryption-with-.patch
+++ b/debian/patches/0007-add-test-to-do-symmetric-encryption-decryption-with-.patch
@@ -6,11 +6,11 @@ Subject: add test to do symmetric encryption/decryption with gpg
ipc/tests/subprocess-test.js | 95 ++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 95 insertions(+)
-diff --git a/ipc/tests/subprocess-test.js b/ipc/tests/subprocess-test.js
-index 5e5f85b..f399cfa 100644
---- a/ipc/tests/subprocess-test.js
-+++ b/ipc/tests/subprocess-test.js
-@@ -322,6 +322,101 @@ function run_test() {
+Index: enigmail/ipc/tests/subprocess-test.js
+===================================================================
+--- enigmail.orig/ipc/tests/subprocess-test.js 2020-09-13 14:30:55.673678043 +0200
++++ enigmail/ipc/tests/subprocess-test.js 2020-09-13 14:30:55.673678043 +0200
+@@ -328,6 +328,101 @@
p.wait();
@@ -111,4 +111,4 @@ index 5e5f85b..f399cfa 100644
+ p.wait();
/////////////////////////////////////////////////////////////////
- // Test many concurrent runs
+ // Test many subsequent runs
diff --git a/debian/patches/0012-Fix-parallel-build.patch b/debian/patches/0012-Fix-parallel-build.patch
index 9878ac95..e74a6503 100644
--- a/debian/patches/0012-Fix-parallel-build.patch
+++ b/debian/patches/0012-Fix-parallel-build.patch
@@ -11,11 +11,11 @@ Signed-off-by: Daniel Kahn Gillmor <d...@fifthhorseman.net>
ui/content/Makefile | 2 ++
1 file changed, 2 insertions(+)
-diff --git a/ui/content/Makefile b/ui/content/Makefile
-index 894db7d..93a6214 100644
---- a/ui/content/Makefile
-+++ b/ui/content/Makefile
-@@ -136,9 +136,11 @@ UIFILES = \
+Index: enigmail/ui/content/Makefile
+===================================================================
+--- enigmail.orig/ui/content/Makefile 2020-09-13 14:32:55.044535366 +0200
++++ enigmail/ui/content/Makefile 2020-09-13 14:32:55.040535117 +0200
+@@ -25,9 +25,11 @@
GENFILES = $(addprefix $(GENDIR)/,$(UIFILES))
$(GENDIR)/%.js: %.js
@@ -26,4 +26,4 @@ index 894db7d..93a6214 100644
+ mkdir -p $(GENDIR)
$(PERL) $(DEPTH)/util/plpp.pl -i $(INCLUDE) -o $@ $<
- $(GENDIR)/%.htm: %.htm
+ $(GENDIR)/%.xhtml: %.xhtml
--
2.28.0
From fa5fbaaca3d0ef52dbb2a43003b734a14543b6ec Mon Sep 17 00:00:00 2001
From: Gregor Riepl <onit...@gmail.com>
Date: Sun, 13 Sep 2020 14:56:04 +0200
Subject: [PATCH 440/440] Updated changelog for 2.2.2
---
debian/changelog | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/debian/changelog b/debian/changelog
index 98c1b706..340163e5 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+enigmail (2:2.2.2-1) UNRELEASED; urgency=medium
+
+ * new upstream release
+ * this version contains a migration wizard for converting existing
+ enigmail configurations to the built-in openpgp support in thunderbird
+ * it will no longer be maintained when thunderbird 78+ enters stable
+
+ -- Gregor Riepl <onit...@gmail.com> Sat, 12 Sep 2020 18:30:17 +0200
+
enigmail (2:2.1.6+ds1-1) unstable; urgency=medium
* new upstream release
--
2.28.0
