Hi, This is the latest update in the Thunderbird / Enigmail changes that are happening in jessie. I have built a series of test packages, partly from stretch (gnupg2, enigmail) and partly from backports (libassuan, libgcrypt, libgpg-error, npth) and uploaded them here:
https://people.debian.org/~anarcat/debian/jessie-lts/ I need people to test those packages, and not just enigmail users. Some of those packages have pernicious and deep ramifications. I am particularly worried about libgcrypt, which is used for example by cryptsetup. I am also concerned about the interactions between gpg2 and legacy gpg 1.4. I have made sure that gpg binaries are not clobbered by gpg2, which means it *should* be possible to run both side by side. But this does mean having multiple key storage at once when gpg2 is in used, something we have managed to avoid in the 1.4 -> 2.x migration in stretch so far. I am also specifically concerned about statements such as "[even though co-installability was considered while designing 2.1, in practice 1.4 and 2.1+ don't mix well][gnupg]" that were said elsewhere. [gnupg]: https://lists.gnupg.org/pipermail/gnupg-users/2018-February/059988.html Nevertheless, I have gone through the process of testing the packages against their dependencies in a jessie virtual machine, as much as possible. The following tools were tested, based on [advice from dkg][]: * cryptsetup: no build-time test suite, smoke-tested (luksFormat/Open + mkfs + edit file / close loop), main related change is libgpgerror and libgcrypt bumps * gpgme: build-time test suite passes, no further direct test although covered by later mutt tests, i believe * gmime: untested * libotr: depends on libgcrypt11, so presumed not affected. built, but no build-time test suite * mutt: no test suite, segfaults when hitting "enter" when no key match, but bug already present in jessie before proposed changes. other smoke tests seem okay. * claws: untested * mcabber: untested * enigmail: self-test suite passes at build time, had several problems during account setup (revocation cert failed to create during key init; can encrypt to a client, but not sign or decrypt. so something definitely wrong), related to missing pinentry packages. once pinentry is installed, all functionality seems to be working, including receiving and sending encrypted+signed and encrypted emails. autocrypt not tested. Regarding the latter, it seems like autocrypt caused some problems at least with the [Tails team][15923]. It might be advisable to upgrade to Enigmail 2.0.9 in stretch and jessie before completing this work, as it seems to address those issues specifically. [advice from dkg]: https://lists.debian.org/[email protected] [15923]: https://redmine.tails.boum.org/code/issues/15923 I would appreciate code reviews, although the changes to perform the backports are generally trivial: downgrade debhelper from 10 to 9, delete the dh-strip --dbgsym-migration overrides, remove the mingw packages, etc. Those who want to review the changes in code might want to use the git repositories on salsa, because all packages are conveniently available there. I created a debian/jessie-security branch on every repository I had write access to, or on a fork in my own namespace otherwise: https://salsa.debian.org/debian/enigmail https://salsa.debian.org/debian/gnupg2 https://salsa.debian.org/debian/libassuan https://salsa.debian.org/anarcat/libgcrypt https://salsa.debian.org/debian/libgpg-error https://salsa.debian.org/anarcat/npth Unless I get significant pushback on this, I plan on uploading those packages next tuesday. Phew! Maybe we'll get through that one at last. :) A. -- Seul a un caractère scientifique ce qui peut être réfuté. Ce qui n'est pas réfutable relève de la magie ou de la mystique. - Karl Popper
