Philipp Hörist pushed to branch gajim_0.16 at gajim / gajim
Commits:
2da22cf3 by Philipp Hörist at 2017-06-08T23:30:08+02:00
Pass use_agent to GPG init instead of overwrite
- - - - -
35f8893b by Philipp Hörist at 2017-06-08T23:30:57+02:00
Remove unused GPG code
- - - - -
5433b2a2 by Philipp Hörist at 2017-06-08T23:31:09+02:00
Always pass utf8 encoded strings to python-gnupg
self.encoding which we set in the init is only intended
to decode gpg´s stderr which uses a system specific encoding.
if we dont encode the data we pass to python-gnupg ourself, it will fallback
and use self.encoding.
This might be of no concern if self.encoding is set to 'utf8' and when
we are on Linux
which has a preferred encoding of 'utf8'.
But if we are on Windows the preferred encoding for stderr
is most of the time not 'utf8'. If python-gnupg tries to decode a
stderr stream that is for example
encoded with 'cp1252' with our set encoding of 'utf8' this will
fail.
The solution is to pre-encode the data before we pass it to python-gnupg, so it
does not have to
use self.encoding as a fallback. And set self.encoding='latin1' because
latin1 will not yield exceptions
on decoding errors. Also gpg itself will fallback to latin1 as stderr encoding
when it cant determine the
preferred encoding of a system.
self.decode_errors is used for something differently, and has no influence on
the situation.
Fixes #8644
- - - - -
2 changed files:
- src/common/connection.py
- src/common/gpg.py
Changes:
=====================================
src/common/connection.py
=====================================
--- a/src/common/connection.py
+++ b/src/common/connection.py
@@ -147,7 +147,7 @@ class CommonConnection:
self.USE_GPG = False
if gajim.HAVE_GPG:
self.USE_GPG = True
- self.gpg = gpg.GnuPG(gajim.config.get('use_gpg_agent'))
+ self.gpg = gpg.GnuPG()
self.status = ''
self.old_show = ''
self.priority = gajim.get_priority(name, 'offline')
@@ -248,8 +248,7 @@ class CommonConnection:
signed = ''
keyID = gajim.config.get_per('accounts', self.name, 'keyid')
if keyID and self.USE_GPG:
- use_gpg_agent = gajim.config.get('use_gpg_agent')
- if self.gpg.passphrase is None and not use_gpg_agent:
+ if self.gpg.passphrase is None and not self.gpg.use_agent:
# We didn't set a passphrase
return None
signed = self.gpg.sign(msg, keyID)
@@ -692,8 +691,7 @@ class CommonConnection:
def gpg_passphrase(self, passphrase):
if self.gpg:
- use_gpg_agent = gajim.config.get('use_gpg_agent')
- if use_gpg_agent:
+ if self.gpg.use_agent:
self.gpg.passphrase = None
else:
self.gpg.passphrase = passphrase
@@ -740,7 +738,7 @@ class CommonConnection:
self.server_resource = self._compute_resource()
if gajim.HAVE_GPG:
self.USE_GPG = True
- self.gpg = gpg.GnuPG(gajim.config.get('use_gpg_agent'))
+ self.gpg = gpg.GnuPG()
gajim.nec.push_incoming_event(BeforeChangeShowEvent(None,
conn=self, show=show, message=msg))
self.connect_and_init(show, msg, sign_msg)
@@ -1017,8 +1015,7 @@ class Connection(CommonConnection, ConnectionHandlers):
return
if gajim.HAVE_GPG:
self.USE_GPG = True
- self.gpg = gpg.GnuPG(gajim.config.get(
- 'use_gpg_agent'))
+ self.gpg = gpg.GnuPG()
gajim.nec.push_incoming_event(
AccountCreatedEvent(None, conn=self,
account_info = self.new_account_info))
=====================================
src/common/gpg.py
=====================================
--- a/src/common/gpg.py
+++ b/src/common/gpg.py
@@ -32,26 +32,16 @@ if gajim.HAVE_GPG:
gnupg.logger = logging.getLogger('gajim.c.gnupg')
class GnuPG(gnupg.GPG):
- def __init__(self, use_agent=False):
- gnupg.GPG.__init__(self, gpgbinary=gajim.GPG_BINARY)
+ def __init__(self):
+ use_agent = gajim.config.get('use_gpg_agent')
+ gnupg.GPG.__init__(self, gpgbinary=gajim.GPG_BINARY,
use_agent=use_agent)
encoding = gajim.config.get('pgp_encoding')
if encoding:
self.encoding = encoding
self.decode_errors = 'replace'
self.passphrase = None
- self.use_agent = use_agent
self.always_trust = [] # list of keyID to always trust
- def _setup_my_options(self):
- self.options.armor = 1
- self.options.meta_interactive = 0
- self.options.extra_args.append('--no-secmem-warning')
- # disable photo viewer when verifying keys
- self.options.extra_args.append('--verify-options')
- self.options.extra_args.append('no-show-photo')
- if self.use_agent:
- self.options.extra_args.append('--use-agent')
-
def encrypt(self, str_, recipients, always_trust=False):
trust = always_trust
if not trust:
@@ -69,7 +59,7 @@ if gajim.HAVE_GPG:
return '', 'NOT_TRUSTED ' + key['keyid'][-8:]
else:
trust = True
- result = super(GnuPG, self).encrypt(str_, recipients,
+ result = super(GnuPG, self).encrypt(str_.encode('utf8'),
recipients,
always_trust=trust, passphrase=self.passphrase)
if result.ok:
@@ -81,13 +71,13 @@ if gajim.HAVE_GPG:
def decrypt(self, str_, keyID):
data = self._addHeaderFooter(str_, 'MESSAGE')
- result = super(GnuPG, self).decrypt(data,
+ result = super(GnuPG, self).decrypt(data.encode('utf8'),
passphrase=self.passphrase)
return str(result)
def sign(self, str_, keyID):
- result = super(GnuPG, self).sign(str_, keyid=keyID, detach=True,
+ result = super(GnuPG, self).sign(str_.encode('utf8'), keyid=keyID,
detach=True,
passphrase=self.passphrase)
if result.fingerprint:
@@ -110,7 +100,7 @@ if gajim.HAVE_GPG:
str_,
self._addHeaderFooter(sign, 'SIGNATURE')]
)
- result = super(GnuPG, self).verify(data)
+ result = super(GnuPG, self).verify(data.encode('utf8'))
if result.valid:
return result.key_id
View it on GitLab:
https://dev.gajim.org/gajim/gajim/compare/cc42fba09bcf837042e5bd72c81f1448738b1617...5433b2a20b45e821cbbbee5f2590b0c4fe869953
_______________________________________________
Commits mailing list
[email protected]
https://lists.gajim.org/cgi-bin/listinfo/commits
