--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian....@packages.debian.org
Usertags: unblock
Please unblock package monkeysign
The 2.0.x branch is specifically design to do hotfixes for
Debian. Since the freeze, a few major issues have come up due to the
extra scrutiny and have been fixed in the git repository.
Since this is a native package which, as the upstream, I maintain
directly in Debian, I am witholding an upload to unstable before I
validate with the release team that my approach is valid and the
patchset is sane.
So far, 2.0.2 would feature the following diff:
diff --git a/monkeysign/cli.py b/monkeysign/cli.py
index a72cc56..3511428 100644
--- a/monkeysign/cli.py
+++ b/monkeysign/cli.py
@@ -99,10 +99,11 @@ def choose_uid(self, prompt, key):
prompt += _(' (1-%d or full UID, control-c to abort): ') %
len(allowed_uids)
- pattern = raw_input(prompt)
+ # workaround http://bugs.python.org/issue7768
+ pattern = raw_input(prompt.encode(sys.stdout.encoding))
while not (pattern in allowed_uids or (pattern.isdigit() and
int(pattern)-1 in range(0,len(allowed_uids)))):
print _('invalid uid')
- pattern = raw_input(prompt)
+ pattern = raw_input(prompt.encode(sys.stdout.encoding))
if pattern.isdigit():
pattern = allowed_uids[int(pattern)-1]
return pattern
diff --git a/monkeysign/gpg.py b/monkeysign/gpg.py
index 8507a4c..15164d7 100644
--- a/monkeysign/gpg.py
+++ b/monkeysign/gpg.py
@@ -320,8 +320,8 @@ def export_data(self, fpr = None, secret = False):
self.context.call_command(command)
return self.context.stdout
- def verify_file(self, filename, sigfile):
- self.context.call_command(['verify', filename, sigfile])
+ def verify_file(self, sigfile, filename):
+ self.context.call_command(['verify', sigfile, filename])
fd = StringIO(self.context.stderr)
try:
self.context.seek(fd, 'VALIDSIG')
diff --git a/monkeysign/gtkui.py b/monkeysign/gtkui.py
index 52590c8..de2a9cb 100644
--- a/monkeysign/gtkui.py
+++ b/monkeysign/gtkui.py
@@ -264,7 +264,7 @@ def create_qrcode_display(self):
self.clip = gtk.Clipboard() # Clipboard
self.qrcodewidget = gtk.VBox()
swin = gtk.ScrolledWindow()
- swin.set_policy(gtk.POLICY_AUTOMATIC, gtk.POLICY_AUTOMATIC)
+ swin.set_policy(gtk.POLICY_NEVER, gtk.POLICY_NEVER)
swin.add_with_viewport(self.qrcode)
label = gtk.Label(_('This is a QR-code version of your OpenPGP
fingerprint. Scan this with another Monkeysign to transfer your fingerprint.'))
label.set_line_wrap(True)
@@ -394,13 +394,17 @@ def scan_image(self, filename):
# extract results
found = False
for symbol in rawimage:
- self.zbarframe.remove(self.zbar)
+ try:
+ self.zbarframe.remove(self.zbar)
+ except AttributeError:
+ # no video display, ignore
+ pass
self.zbarframe.add(self.capture)
self.zbarframe.set_shadow_type(gtk.SHADOW_ETCHED_IN)
self.process_scan(symbol.data)
found = True
if not found:
- self.msui.warn(_('data found in image!'))
+ self.msui.warn(_('no data found in image!'))
def save_qrcode(self, widget=None):
@@ -474,7 +478,14 @@ def watch_out_callback(self, pid, condition):
"""callback invoked when gpg key download is finished
"""
self.keep_pulsing=False
- self.dialog.destroy()
+ try:
+ self.dialog.destroy()
+ except AttributeError:
+ # XXX: this should be handled better, bugfix for:
+ #
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770900
+ # this is actually because the key was
+ # imported without having to create a dialog
+ pass
self.msui.log(_('fetching finished'))
if condition == 0:
# 2. copy the signing key secrets into the keyring
diffstat:
cli.py | 5 +++--
gpg.py | 4 ++--
gtkui.py | 19 +++++++++++++++----
3 files changed, 20 insertions(+), 8 deletions(-)
The above patchset should fix RC bugs #771032 and #770900, along with
GTK UI bugs reported on the mailing list outside of Debian.
I would also like to include a patch that will improve error logging
signicantly and ease my life for the lifetime of jessie:
commit da227d9bc1fa48368395c32fd292b5cfb3601816
Author: Antoine Beaupré <anar...@koumbit.org>
Date: Fri Nov 21 19:52:43 2014 -0500
Revert "improve error handling again: distinguish different failure cases
and clearly transmit GPG errors"
We are trying to get those hotfixes in jessie, and this is unlikely to
make it as it is mostly cosmetic.
This reverts commit 69172223b8bcbe8f03091db08c15d6d8189fb670.
diff --git a/monkeysign/gpg.py b/monkeysign/gpg.py
index 4c5f928..15164d7 100644
--- a/monkeysign/gpg.py
+++ b/monkeysign/gpg.py
@@ -468,9 +468,9 @@ def sign_key(self, pattern, signall = False, local = False):
try:
multiuid = self.context.seek(proc.stderr, 'GET_BOOL
keyedit.sign_all.okay')
except GpgProtocolError as e:
- raise GpgRuntimeError(self.context.returncode, _('cannot
select uid for signing: %s') % e.found().decode('utf-8'))
+ raise GpgRuntimeError(self.context.returncode, _('cannot
sign: %s') % re.sub(r'^.*found "(.*)', r'\1', str(e)).decode('utf-8'))
else:
- raise GpgRuntimeError(self.context.returncode, _('cannot
select uid for signing: %s') % e.found().decode('utf-8'))
+ raise GpgRuntimeError(self.context.returncode, _('cannot sign:
%s') % re.sub(r'^.*found "(.*)', r'\1', str(e)).decode('utf-8'))
if multiuid:
if signall: # special case, sign all keys
print >>proc.stdin, "y"
@@ -483,7 +483,7 @@ def sign_key(self, pattern, signall = False, local = False):
raise GpgRuntimeError(self.context.returncode, _('you
already signed that key'))
else:
# propagate gpg error message up
- raise GpgRuntimeError(self.context.returncode,
_('unable to confirm key signing: %s') % e.found().decode('utf-8'))
+ raise GpgRuntimeError(self.context.returncode,
_('unable to open key for editing: %s') % re.sub(r'^expected.*, found "(.*)$"',
r'\1', str(e)).decode('utf-8'))
print >>proc.stdin, 'y'
self.context.expect(proc.stderr, 'GOT_IT')
# expect the passphrase confirmation
@@ -516,7 +516,7 @@ def sign_key(self, pattern, signall = False, local = False):
self.context.expect(proc.stderr, 'GET_BOOL sign_uid.okay')
except GpgProtocolError as e:
# propagate gpg error message up
- raise GpgRuntimeError(self.context.returncode, _('unable to
confirm signing one key: %s') % e.found().decode('utf-8'))
+ raise GpgRuntimeError(self.context.returncode, _('unable to
open key for editing: %s') % re.sub(r'^expected.*, found "(.*)$"', r'\1',
str(e)).decode('utf-8'))
# we fallthrough here if there's only one key to sign
print >>proc.stdin, 'y'
@@ -529,7 +529,7 @@ def sign_key(self, pattern, signall = False, local = False):
if 'EXPIRED' in str(e):
raise GpgRuntimeError(self.context.returncode, _('key is
expired, cannot sign'))
else:
- raise GpgRuntimeError(self.context.returncode, _('unable to
signing a single key: %s') % e.found().decode('utf-8') + proc.stderr.read())
+ raise GpgRuntimeError(self.context.returncode, _('cannot sign,
unknown error from gpg: %s') % str(e) + proc.stderr.read())
# expect the passphrase confirmation
try:
self.context.seek(proc.stderr, 'GOOD_PASSPHRASE')
@@ -764,21 +764,7 @@ class GpgProtocolError(IOError):
module should instead raise a GpgRutimeError with a user-readable
error message (e.g. "key not found").
"""
-
- def match(self):
- return re.search(r'(?:\[Errno [0-9]*\] )?expected "([^"]*)", found
"(.*)\n*"', str(self))
-
- def found(self):
- if self.match():
- return self.match().group(2)
- else:
- return '<no error found in GPG output>'
-
- def expected(self):
- if self.match():
- return self.match().group(1)
- else:
- return '<not waiting for pattern>'
+ pass
class GpgRuntimeError(IOError):
pass
diff --git a/tests/test_gpg.py b/tests/test_gpg.py
index 39fef0c..40517e9 100755
--- a/tests/test_gpg.py
+++ b/tests/test_gpg.py
@@ -245,11 +245,10 @@ def test_sign_key_as_user(self):
self.gpg.context.set_option('local-user', '96F47C6A')
self.assertTrue(self.gpg.sign_key('7B75921E', True))
+ @unittest.expectedFailure
def test_sign_already_signed(self):
"""test if signing a already signed key fails with a meaningful
message"""
- self.assertTrue(self.gpg.sign_key('Antoine Beaupré
<anar...@debian.org>'))
- with self.assertRaises(GpgRuntimeError):
- self.gpg.sign_key('Antoine Beaupré <anar...@debian.org>')
+ raise NotImplementedError('not detecting already signed keys properly
yet')
def test_encrypt_decrypt_data_armored_untrusted(self):
"""test if we can encrypt data to our private key (and decrypt it)"""
But the latter is not absolutely necessary to fix any critical bugs
right now.
Let me know if this process is the right one and if those patches are
okay.
Thanks for your hard work!
unblock monkeysign/2.0.2
-- System Information:
Debian Release: jessie/sid
APT prefers testing
APT policy: (500, 'testing'), (1, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.16-3-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
--- End Message ---
signature.asc
