Launchpad itself

Merge lp:~cjwatson/launchpad/force-gpg1 into lp:launchpad

  1. force-gpg1
  2. Merge into devel
Proposed by Colin Watson on 2017-01-12
Status: Merged
Merged at revision: 18307
Proposed branch: lp:~cjwatson/launchpad/force-gpg1
Merge into: lp:launchpad
Diff against target: 157 lines (+31/-18)
2 files modified
lib/lp/services/gpg/handler.py (+26/-16)
lib/lp/testing/gpgkeys/__init__.py (+5/-2)
To merge this branch: bzr merge lp:~cjwatson/launchpad/force-gpg1
Reviewer Review Type Date Requested Status
William Grant code 2017-01-12 Approve on 2017-01-14
Review via email: mp+314632@code.launchpad.net

Commit Message

Force GPGME to stick to GnuPG 1.

Description of the Change

GnuPG 2 (the default on xenial) is test failures galore for us, probably at least because of persistent agents. GnuPG 1 still works fine, though, and is generally better for server use anyway.

I don't object if we end up on GnuPG 2 eventually, but for now let's do the easy thing to get tests passing.

To post a comment you must log in.
William Grant (wgrant) wrote :

Should we also add gnupg to launchpad-dependencies, or does something else pull it in?

review: Approve (code)
Colin Watson (cjwatson) wrote :

It's in minimal, so we're still safe for the moment. All the same, I've committed (though not bothered to upload yet) an appropriate launchpad-dependencies change.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'lib/lp/services/gpg/handler.py'
2--- lib/lp/services/gpg/handler.py 2016-11-03 15:07:36 +0000
3+++ lib/lp/services/gpg/handler.py 2017-01-12 15:33:49 +0000
4@@ -1,4 +1,4 @@
5-# Copyright 2009-2016 Canonical Ltd. This software is licensed under the
6+# Copyright 2009-2017 Canonical Ltd. This software is licensed under the
7 # GNU Affero General Public License version 3 (see the file LICENSE).
8
9 __metaclass__ = type
10@@ -108,6 +108,14 @@
11
12 atexit.register(removeHome, self.home)
13
14+ def _getContext(self):
15+ """Return a new appropriately-configured GPGME context."""
16+ context = gpgme.Context()
17+ # Stick to GnuPG 1.
18+ context.set_engine_info(gpgme.PROTOCOL_OpenPGP, "/usr/bin/gpg", None)
19+ context.armor = True
20+ return context
21+
22 def sanitizeFingerprint(self, fingerprint):
23 """See IGPGHandler."""
24 return sanitize_fingerprint(fingerprint)
25@@ -152,7 +160,7 @@
26 assert not isinstance(content, unicode)
27 assert not isinstance(signature, unicode)
28
29- ctx = gpgme.Context()
30+ ctx = self._getContext()
31
32 # from `info gpgme` about gpgme_op_verify(SIG, SIGNED_TEXT, PLAIN):
33 #
34@@ -226,8 +234,7 @@
35 def importPublicKey(self, content):
36 """See IGPGHandler."""
37 assert isinstance(content, str)
38- context = gpgme.Context()
39- context.armor = True
40+ context = self._getContext()
41
42 newkey = StringIO(content)
43 result = context.import_(newkey)
44@@ -261,8 +268,7 @@
45 if 'GPG_AGENT_INFO' in os.environ:
46 del os.environ['GPG_AGENT_INFO']
47
48- context = gpgme.Context()
49- context.armor = True
50+ context = self._getContext()
51 newkey = StringIO(content)
52 import_result = context.import_(newkey)
53
54@@ -287,7 +293,7 @@
55
56 def generateKey(self, name):
57 """See `IGPGHandler`."""
58- context = gpgme.Context()
59+ context = self._getContext()
60
61 # Make sure that gpg-agent doesn't interfere.
62 if 'GPG_AGENT_INFO' in os.environ:
63@@ -325,8 +331,7 @@
64 raise TypeError('Content cannot be Unicode.')
65
66 # setup context
67- ctx = gpgme.Context()
68- ctx.armor = True
69+ ctx = self._getContext()
70
71 # setup containers
72 plain = StringIO(content)
73@@ -356,9 +361,7 @@
74
75 # Find the key and make it the only one allowed to sign content
76 # during this session.
77- context = gpgme.Context()
78- context.armor = True
79-
80+ context = self._getContext()
81 context.signers = [removeSecurityProxy(key.key)]
82
83 # Set up containers.
84@@ -385,7 +388,7 @@
85 """Get an iterator of the keys this gpg handler
86 already knows about.
87 """
88- ctx = gpgme.Context()
89+ ctx = self._getContext()
90
91 # XXX michaeln 2010-05-07 bug=576405
92 # Currently gpgme.Context().keylist fails if passed a unicode
93@@ -544,9 +547,17 @@
94 self._buildFromGpgmeKey(key)
95 return self
96
97+ def _getContext(self):
98+ """Return a new appropriately-configured GPGME context."""
99+ context = gpgme.Context()
100+ # Stick to GnuPG 1.
101+ context.set_engine_info(gpgme.PROTOCOL_OpenPGP, "/usr/bin/gpg", None)
102+ context.armor = True
103+ return context
104+
105 def _buildFromFingerprint(self, fingerprint):
106 """Build key information from a fingerprint."""
107- context = gpgme.Context()
108+ context = self._getContext()
109 # retrive additional key information
110 try:
111 key = context.get_key(fingerprint, False)
112@@ -594,8 +605,7 @@
113 stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
114 return p.stdout.read()
115
116- context = gpgme.Context()
117- context.armor = True
118+ context = self._getContext()
119 keydata = StringIO()
120 context.export(self.fingerprint.encode('ascii'), keydata)
121
122
123=== modified file 'lib/lp/testing/gpgkeys/__init__.py'
124--- lib/lp/testing/gpgkeys/__init__.py 2016-11-03 15:07:36 +0000
125+++ lib/lp/testing/gpgkeys/__init__.py 2017-01-12 15:33:49 +0000
126@@ -1,4 +1,4 @@
127-# Copyright 2009 Canonical Ltd. This software is licensed under the
128+# Copyright 2009-2017 Canonical Ltd. This software is licensed under the
129 # GNU Affero General Public License version 3 (see the file LICENSE).
130
131 """OpenPGP keys used for testing.
132@@ -32,6 +32,7 @@
133 IGPGHandler,
134 )
135
136+
137 gpgkeysdir = os.path.join(os.path.dirname(__file__), 'data')
138
139
140@@ -130,6 +131,8 @@
141
142 # setup context
143 ctx = gpgme.Context()
144+ # Stick to GnuPG 1.
145+ ctx.set_engine_info(gpgme.PROTOCOL_OpenPGP, "/usr/bin/gpg", None)
146 ctx.armor = True
147
148 # setup containers
149@@ -141,7 +144,7 @@
150
151 ctx.passphrase_cb = passphrase_cb
152
153- # Do the deecryption.
154+ # Do the decryption.
155 try:
156 ctx.decrypt(cipher, plain)
157 except gpgme.GpgmeError: