Your message dated Fri, 12 Feb 2021 21:49:25 +0000
with message-id <[email protected]>
and subject line Bug#982627: fixed in schleuder 3.6.0-1.1
has caused the Debian Bug report #982627,
regarding schleuder: fails with more recent versions of gpg
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
982627: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982627
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: schleuder
Version: 3.6.0-1
Control: tags -1 + patch upstream
Control: affects -1 + gpg src:gnupg2
Forwarded: https://0xacab.org/schleuder/schleuder/-/merge_requests/358
When GnuPG was upgraded to 2.2.27-1, schleuder's autopkgtests broke:
https://ci.debian.net/data/autopkgtest/testing/amd64/s/schleuder/10394911/log.gz
they were working fine with GnuPG was at 2.2.20-1:
https://ci.debian.net/data/autopkgtest/testing/amd64/s/schleuder/10384390/log.gz
The failures are reported as:
```
Failures:
1) Schleuder::Runner#run mails not encrypted to the list key handles a mail
which was encrypted to a passphrase and returns DecryptionFailed error
Failure/Error: result = Schleuder::Runner.new().run(mail, list.email)
GPGME::Error:
No such file or directory
# ./spec/schleuder/runner_spec.rb:246:in `block (4 levels) in <top
(required)>'
# ./spec/spec_helper.rb:48:in `block (3 levels) in <top (required)>'
# ./spec/spec_helper.rb:47:in `block (2 levels) in <top (required)>'
```
I reported this to upstream, and paz produced the merge request linked
above, and the proposed patch attached here.
I'm trying to apply it to 3.6.0-1, and can NMU if there are no
objections.
--dkg
From: paz <[email protected]>
Date: Fri, 12 Feb 2021 15:40:38 +0100
Subject: Change way to block passphrase interaction
This changes the way we block gpg from asking interactively for a
passphrase, ever. It's also a less hacky way to force this. This works
with gpg-2.0.26+gpgme-1.5.1, gpg-2.1.18+gpgme-1.8.0,
gpg-2.2.27+gpgme-1.14.0, and gpg-2.2.27+gpgme-1.15.1, which makes me
optimistic that it's universally working.
The previous solution brought problems for some platforms and specific
combinations of gnupg with gpgme (resulting in "GPGME::Error no such
file or directory").
(cherry picked from commit 0b7c3a9ffd0178c7610752899e569758704ffd32)
---
lib/schleuder.rb | 3 ---
lib/schleuder/mail/message.rb | 4 +++-
2 files changed, 3 insertions(+), 4 deletions(-)
diff --git a/lib/schleuder.rb b/lib/schleuder.rb
index f164420..b87becd 100644
--- a/lib/schleuder.rb
+++ b/lib/schleuder.rb
@@ -68,9 +68,6 @@ ENV["SCHLEUDER_CONFIG"] ||= '/etc/schleuder/schleuder.yml'
ENV["SCHLEUDER_LIST_DEFAULTS"] ||= '/etc/schleuder/list-defaults.yml'
ENV["SCHLEUDER_ENV"] ||= 'production'
ENV["SCHLEUDER_ROOT"] = rootdir.to_s
-# Ensure that gnupg never-ever tries to ask for a passphrase.
-ENV["GPG_TTY"] = "/nonexistant-#{rand}"
-ENV["DISPLAY"] = nil
GPGME::Ctx.set_gpg_path_from_env
GPGME::Ctx.check_gpg_version
diff --git a/lib/schleuder/mail/message.rb b/lib/schleuder/mail/message.rb
index e0875f7..8eadbca 100644
--- a/lib/schleuder/mail/message.rb
+++ b/lib/schleuder/mail/message.rb
@@ -24,7 +24,9 @@ module Mail
# Message#initialize.
def setup
if self.encrypted?
- new = self.decrypt(verify: true)
+ # Specify 'loopback'-pinentry-mode to ensure that gnupg never-ever
+ # tries to interactively ask for a passphrase.
+ new = self.decrypt(verify: true, pinentry_mode: GPGME::PINENTRY_MODE_LOOPBACK)
# Test if there's a signed multipart inside the ciphertext
# ("encapsulated" format of pgp/mime).
if encapsulated_signed?(new)
signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: schleuder
Source-Version: 3.6.0-1.1
Done: Daniel Kahn Gillmor <[email protected]>
We believe that the bug you reported is fixed in the latest version of
schleuder, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Daniel Kahn Gillmor <[email protected]> (supplier of updated schleuder
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 12 Feb 2021 11:55:30 -0500
Source: schleuder
Architecture: source
Version: 3.6.0-1.1
Distribution: unstable
Urgency: medium
Maintainer: Debian Ruby Team
<[email protected]>
Changed-By: Daniel Kahn Gillmor <[email protected]>
Closes: 982627
Changes:
schleuder (3.6.0-1.1) unstable; urgency=medium
.
* Non-maintainer upload
* improve hack to block passphrase interaction (Closes: #982627)
Checksums-Sha1:
e5c1d5f72aeb3f96d30feb196e1284b156ccf896 1674 schleuder_3.6.0-1.1.dsc
a2dbdce446f06f736bd2bfae681241d9c38588c5 25740
schleuder_3.6.0-1.1.debian.tar.xz
4712e2ccf652fcc1a560693fc4fd2c689c239cb0 15306
schleuder_3.6.0-1.1_source.buildinfo
Checksums-Sha256:
cc6e667e23ce77e41434ba6f1e17598eb45d14da4de71943b972fc7d608333e4 1674
schleuder_3.6.0-1.1.dsc
4f6d46f529861e425e6e72e587e9b7662b4082cd52c5ad522186274c80622742 25740
schleuder_3.6.0-1.1.debian.tar.xz
b9db06960f02b6c82ac8590f8ffe1233941830612f10a78d319140a03b40c980 15306
schleuder_3.6.0-1.1_source.buildinfo
Files:
86858a5cbb2d42df8f84924e5bf1945b 1674 mail optional schleuder_3.6.0-1.1.dsc
91d742cb5128d2741d2bee85bd9b3b52 25740 mail optional
schleuder_3.6.0-1.1.debian.tar.xz
5fbe015867902112070dab413cc783af 15306 mail optional
schleuder_3.6.0-1.1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iHUEARYIAB0WIQQttUkcnfDcj0MoY88+nXFzcd5WXAUCYCb0SAAKCRA+nXFzcd5W
XD4GAQCmqRiEMi/dzVjztPkzz9fhGeCphRqZvmPY1KV9c2iGQQEAoqYybLKxmYh4
7pyvPrPd9HdRPYwPhg4lTJWFHLOZEwA=
=3U1+
-----END PGP SIGNATURE-----
--- End Message ---