Duplicity

Merge lp:~ross-ross-williams/duplicity/gpg-agent-fix into lp:duplicity/0.6

  1. gpg-agent-fix
  2. Merge into 0.6-series
Proposed by Ross Williams
Status: Merged
Merged at revision: 786
Proposed branch: lp:~ross-ross-williams/duplicity/gpg-agent-fix
Merge into: lp:duplicity/0.6
Diff against target: 47 lines (+18/-6)
1 file modified
duplicity/gpg.py (+18/-6)
To merge this branch: bzr merge lp:~ross-ross-williams/duplicity/gpg-agent-fix
Reviewer Review Type Date Requested Status
duplicity-team Pending
Review via email: mp+74278@code.launchpad.net

Description of the change

Have gpg.py check whether use_agent is enabled before asking GnuPGInterface to create a passphrase file descriptor. This works around a GnuPG 2.x-related issue in which --passphrase-fd takes priority over --use-agent as the source of the passphrase. The opposite was true in GnuPG 1.x, so this bug only occurs when using gpg2.

To post a comment you must log in.
Revision history for this message
edso (ed.so) wrote :

On 06.09.2011 20:59, Ross Williams wrote:
> Ross Williams has proposed merging lp:~ross-ross-williams/duplicity/gpg-agent-fix into lp:duplicity.
>
> Requested reviews:
> duplicity-team (duplicity-team)
> Related bugs:
> Bug #842990 in Duplicity: "use-agent doesn't work with gpg2"
> https://bugs.launchpad.net/duplicity/+bug/842990
>
> For more details, see:
> https://code.launchpad.net/~ross-ross-williams/duplicity/gpg-agent-fix/+merge/74278
>
> Have gpg.py check whether use_agent is enabled before asking GnuPGInterface to create a passphrase file descriptor. This works around a GnuPG 2.x-related issue in which --passphrase-fd takes priority over --use-agent as the source of the passphrase. The opposite was true in GnuPG 1.x, so this bug only occurs when using gpg2.

nice.. does it work for gpg1 and 2 now? ..ede/duply.net

Revision history for this message
Ross Williams (ross-ross-williams) wrote :

It doesn't break gpg1, and I'm successfully using gpg2 with separate encryption and signing keys. I have tested also without using gpg-agent, and that works fine.

On Sep 6, 2011, at 3:45 PM, edso <email address hidden> wrote:

> On 06.09.2011 20:59, Ross Williams wrote:
>> Ross Williams has proposed merging lp:~ross-ross-williams/duplicity/gpg-agent-fix into lp:duplicity.
>>
>> Requested reviews:
>> duplicity-team (duplicity-team)
>> Related bugs:
>> Bug #842990 in Duplicity: "use-agent doesn't work with gpg2"
>> https://bugs.launchpad.net/duplicity/+bug/842990
>>
>> For more details, see:
>> https://code.launchpad.net/~ross-ross-williams/duplicity/gpg-agent-fix/+merge/74278
>>
>> Have gpg.py check whether use_agent is enabled before asking GnuPGInterface to create a passphrase file descriptor. This works around a GnuPG 2.x-related issue in which --passphrase-fd takes priority over --use-agent as the source of the passphrase. The opposite was true in GnuPG 1.x, so this bug only occurs when using gpg2.
>
>
> nice.. does it work for gpg1 and 2 now? ..ede/duply.net
>
> --
> https://code.launchpad.net/~ross-ross-williams/duplicity/gpg-agent-fix/+merge/74278
> You are the owner of lp:~ross-ross-williams/duplicity/gpg-agent-fix.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'duplicity/gpg.py'
2--- duplicity/gpg.py 2011-07-16 18:37:47 +0000
3+++ duplicity/gpg.py 2011-09-06 19:10:12 +0000
4@@ -131,25 +131,37 @@
5 cmdlist.append('--symmetric')
6 # use integrity protection
7 gnupg.options.extra_args.append('--force-mdc')
8- p1 = gnupg.run(cmdlist, create_fhs=['stdin', 'passphrase'],
9+ # Skip the passphrase if using the agent
10+ if globals.use_agent:
11+ gnupg_fhs = ['stdin',]
12+ else:
13+ gnupg_fhs = ['stdin','passphrase']
14+ p1 = gnupg.run(cmdlist, create_fhs=gnupg_fhs,
15 attach_fhs={'stdout': encrypt_path.open("wb"),
16 'stderr': self.stderr_fp,
17 'logger': self.logger_fp})
18- p1.handles['passphrase'].write(passphrase)
19- p1.handles['passphrase'].close()
20+ if not(globals.use_agent):
21+ p1.handles['passphrase'].write(passphrase)
22+ p1.handles['passphrase'].close()
23 self.gpg_input = p1.handles['stdin']
24 else:
25 if profile.recipients and profile.encrypt_secring:
26 cmdlist.append('--secret-keyring')
27 cmdlist.append(profile.encrypt_secring)
28 self.status_fp = tempfile.TemporaryFile()
29- p1 = gnupg.run(['--decrypt'], create_fhs=['stdout', 'passphrase'],
30+ # Skip the passphrase if using the agent
31+ if globals.use_agent:
32+ gnupg_fhs = ['stdout',]
33+ else:
34+ gnupg_fhs = ['stdout','passphrase']
35+ p1 = gnupg.run(['--decrypt'], create_fhs=gnupg_fhs,
36 attach_fhs={'stdin': encrypt_path.open("rb"),
37 'status': self.status_fp,
38 'stderr': self.stderr_fp,
39 'logger': self.logger_fp})
40- p1.handles['passphrase'].write(passphrase)
41- p1.handles['passphrase'].close()
42+ if not(globals.use_agent):
43+ p1.handles['passphrase'].write(passphrase)
44+ p1.handles['passphrase'].close()
45 self.gpg_output = p1.handles['stdout']
46 self.gpg_process = p1
47 self.encrypt = encrypt

Subscribers

People subscribed via source and target branches

to all changes: