Control: tags -1 + patch Hi,
Axel Beckert wrote:
> > the 2.1.x version of GnuPG (which is what will offer /usr/bin/gpg in
> > debian stretch) stores its secret key material in a different way
> > (~/.gnupg/private-keys-v1.d) than gpg1 does (~/.gnupg/secring.gpg). If
> > you want rephrase to recover a partially-known passphrase against gpg
> > 2.1.x, having one that "works" against gpg1 isn't going to be useful at
> > all.
[...]
> > A better short-term fix would be to add "--pinentry-mode", "loopback" to
> > the arguments passed to the gpg invocations in rephrase.c.
>
> I'll try to come up with a patch for that.
The attached patch works for me with gpg aka gpg2.
I'd also upload it as NMU in case I don't hear from the Debian
Forensics team in time before a potential removal from testing (or if
the team prefers the NMU).
Regards, Axel
--
,''`. | Axel Beckert <[email protected]>, http://people.debian.org/~abe/
: :' : | Debian Developer, ftp.ch.debian.org Admin
`. `' | 4096R: 2517 B724 C5F6 CA99 5329 6E61 2FF9 CD59 6126 16B5
`- | 1024D: F067 EA27 26B9 C3FC 1486 202E C09E 1D89 9593 0EDE
commit befaa3010553b8b3046481487200a17e560e509c Author: Axel Beckert <[email protected]> Date: Fri Feb 3 20:22:30 2017 +0100 Add patch to unconditionally call gpg with "--pinentry-mode loopback" Closes: #853935 diff --git a/debian/changelog b/debian/changelog index c75e1c0..51db79c 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +rephrase (0.2-1.1) unstable; urgency=medium + + * Non-maintainer upload. + * Add patch to unconditionally call gpg with "--pinentry-mode loopback". + (Closes: #853935) + + -- Axel Beckert <[email protected]> Thu, 02 Feb 2017 11:29:59 +0100 + rephrase (0.2-1) unstable; urgency=medium * Team upload. diff --git a/debian/patches/02_minimal_gpg2_support.patch b/debian/patches/02_minimal_gpg2_support.patch new file mode 100644 index 0000000..47f1b47 --- /dev/null +++ b/debian/patches/02_minimal_gpg2_support.patch @@ -0,0 +1,23 @@ +Description: Make rephrase working with gpg2 +Author: Axel Beckert <[email protected]> after an idea by Daniel Kahn Gillmor <[email protected]> +Bug-Debian: https://bugs.debian.org/853935 + +--- a/rephrase.c ++++ b/rephrase.c +@@ -63,14 +63,14 @@ + struct profile profiles[] = { + { + "--gpg-key", +- { GPG, "--default-key", "%1", "--passphrase-fd", "0", "--batch", "--no-tty", "--dry-run", "--clearsign", "/dev/null", NULL }, ++ { GPG, "--pinentry-mode", "loopback", "--default-key", "%1", "--passphrase-fd", "0", "--batch", "--no-tty", "--dry-run", "--clearsign", "/dev/null", NULL }, + 1, + 0, + -1 + }, + { + "--gpg-symmetric", +- { GPG, "--passphrase-fd", "0", "--batch", "--no-tty", "--decrypt", "%1", NULL }, ++ { GPG, "--pinentry-mode", "loopback", "--passphrase-fd", "0", "--batch", "--no-tty", "--decrypt", "%1", NULL }, + 1, + 0, + -1 diff --git a/debian/patches/series b/debian/patches/series index 99e88ef..96f7bb0 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1 +1,2 @@ 01_fix_bin_path.patch +02_minimal_gpg2_support.patch
signature.asc
Description: Digital signature
_______________________________________________ forensics-devel mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel
