Hello community, here is the log from the commit of package gnome-keysign for openSUSE:Factory checked in at 2016-07-18 21:23:34 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/gnome-keysign (Old) and /work/SRC/openSUSE:Factory/.gnome-keysign.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "gnome-keysign" Changes: -------- --- /work/SRC/openSUSE:Factory/gnome-keysign/gnome-keysign.changes 2016-07-03 12:27:44.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.gnome-keysign.new/gnome-keysign.changes 2016-07-18 21:24:23.000000000 +0200 @@ -1,0 +2,16 @@ +Wed Jul 07 22:55:06 UTC 2016 - [email protected] + +- Update to version 0.6: + * GetKey: Properly call TempKeyring, not TemporaryKeyring + * Using gi.require for Gtk, Gst, and GstVideo + * Increased py3k compatibilty +- Add gnome-keysign-gpg-2.1-returncode.patch: Improve GPG 2.1 + compatibility. Patch has been submitted to monkeysign upstream: + https://lists.riseup.net/www/arc/monkeysphere/2016-07/msg00000.html + +------------------------------------------------------------------- +Sat Jun 25 17:03:07 UTC 2016 - [email protected] + +- Add python-requests Requires: manadatory dependency. + +------------------------------------------------------------------- Old: ---- gnome-keysign-0.5.tar.xz New: ---- gnome-keysign-0.6.tar.xz gnome-keysign-gpg-2.1-returncode.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gnome-keysign.spec ++++++ --- /var/tmp/diff_new_pack.D1LLeB/_old 2016-07-18 21:24:24.000000000 +0200 +++ /var/tmp/diff_new_pack.D1LLeB/_new 2016-07-18 21:24:24.000000000 +0200 @@ -17,7 +17,7 @@ Name: gnome-keysign -Version: 0.5 +Version: 0.6 Release: 0 Summary: GNOME OpenGPG key signing helper License: GPL-3.0+ @@ -26,6 +26,8 @@ Source: %{name}-%{version}.tar.xz # PATCH-FIX-UPSTREAM gnome-keysign-gpg-2.1.patch [email protected] -- Fix execution with GPG 2.1 Patch0: gnome-keysign-gpg-2.1.patch +# PATCH-FIX-UPSTREAM gnome-keysign-gpg-2.1-returncode.patch [email protected] -- Improve GPG 2.1 compatibility +Patch1: gnome-keysign-gpg-2.1-returncode.patch BuildRequires: gobject-introspection BuildRequires: python-setuptools BuildRequires: update-desktop-files @@ -34,13 +36,14 @@ %else Requires: gstreamer1(element-zbar) %endif +Requires: dbus-1-python Requires: python-avahi Requires: python-cairo -Requires: dbus-1-python Requires: python-gobject Requires: python-gobject-Gdk Requires: python-monkeysign Requires: python-qrcode +Requires: python-requests BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -70,6 +73,7 @@ %setup -q pushd monkeysign %patch0 -p1 +%patch1 -p1 popd %build ++++++ _service ++++++ --- /var/tmp/diff_new_pack.D1LLeB/_old 2016-07-18 21:24:24.000000000 +0200 +++ /var/tmp/diff_new_pack.D1LLeB/_new 2016-07-18 21:24:24.000000000 +0200 @@ -6,7 +6,7 @@ <param name="versionformat">@PARENT_TAG@</param> <param name="submodules">enable</param> <param name="changesgenerate">enable</param> - <param name="revision">refs/tags/0.5</param> + <param name="revision">refs/tags/0.6</param> </service> <service name="recompress" mode="disabled"> <param name="file">*.tar</param> ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.D1LLeB/_old 2016-07-18 21:24:24.000000000 +0200 +++ /var/tmp/diff_new_pack.D1LLeB/_new 2016-07-18 21:24:24.000000000 +0200 @@ -1,4 +1,4 @@ <servicedata> <service name="tar_scm"> <param name="url">https://github.com/muelli/geysigning.git</param> - <param name="changesrevision">c99b59b9eac13e5f63b09baa92b450c6a2f1aef9</param></service></servicedata> \ No newline at end of file + <param name="changesrevision">adac0e30c3dd6bef702a4ca27fcca171509d82cc</param></service></servicedata> \ No newline at end of file ++++++ gnome-keysign-0.5.tar.xz -> gnome-keysign-0.6.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/gnome-keysign-0.5/RELEASE_NOTES new/gnome-keysign-0.6/RELEASE_NOTES --- old/gnome-keysign-0.5/RELEASE_NOTES 2016-06-16 23:49:48.000000000 +0200 +++ new/gnome-keysign-0.6/RELEASE_NOTES 2016-06-23 00:55:01.000000000 +0200 @@ -1,20 +1,18 @@ GNOME Keysign is a tool to make signing OpenPGP keys as easy as possible. -This is the v0.5 release which +This is the v0.6 release which fixes a few bugs and increases py3k +compatibilty. Changes ========== - * Replace qrencode with python-qrcode - * Defend against a network attacker by MACing - the data to be transferred - * Defend against someone who could inject just - one frame by displaying the image which caused - a barcode to be decoded. + * Fixed manually typing the fingerprint + * Made gsignal definitions use str() for names + * Got rid of warning from gi when importing Resources ========= -Download: https://github.com/muelli/geysigning/releases/download/0.5/gnome-keysign-0.5.tar.gz +Download: https://github.com/muelli/geysigning/releases/download/0.5/gnome-keysign-0.6.tar.gz sha256sum: Web site: https://wiki.gnome.org/GnomeKeysign diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/gnome-keysign-0.5/keysign/GetKeySection.py new/gnome-keysign-0.6/keysign/GetKeySection.py --- old/gnome-keysign-0.5/keysign/GetKeySection.py 2016-06-16 23:49:48.000000000 +0200 +++ new/gnome-keysign-0.6/keysign/GetKeySection.py 2016-06-23 00:55:01.000000000 +0200 @@ -360,7 +360,7 @@ try: keydata = self.download_key_http(address, port) yield keydata - except ConnectionError, e: + except ConnectionError as e: # FIXME : We probably have other errors to catch self.log.exception("While downloading key from %s %i", address, port) @@ -370,7 +370,7 @@ if mac: result = mac_verify(fingerprint, downloaded_data, mac) else: - tmpkeyring = TemporaryKeyring() + tmpkeyring = TempKeyring() if tmpkeyring.import_data(downloaded_data): imported_key_fpr = tmpkeyring.get_keys().keys()[0] if imported_key_fpr == fingerprint: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/gnome-keysign-0.5/keysign/Keyserver.py new/gnome-keysign-0.6/keysign/Keyserver.py --- old/gnome-keysign-0.5/keysign/Keyserver.py 2016-06-16 23:49:48.000000000 +0200 +++ new/gnome-keysign-0.6/keysign/Keyserver.py 2016-06-23 00:55:01.000000000 +0200 @@ -140,7 +140,7 @@ log.info('Trying to add Avahi Service') ap.add_service() - except socket.error, value: + except socket.error as value: errno = value.errno if errno == 10054 or errno == 32: # This seems to be harmless diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/gnome-keysign-0.5/keysign/QRCode.py new/gnome-keysign-0.6/keysign/QRCode.py --- old/gnome-keysign-0.5/keysign/QRCode.py 2016-06-16 23:49:48.000000000 +0200 +++ new/gnome-keysign-0.6/keysign/QRCode.py 2016-06-23 00:55:01.000000000 +0200 @@ -113,8 +113,8 @@ stride = (size + 3) / 4 * 4 data = bytearray(stride * size) - for x in xrange(size): - for y in xrange(size): + for x in range(size): + for y in range(size): if matrix[x][y]: data[x + y * stride] = 0xff diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/gnome-keysign-0.5/keysign/SignPages.py new/gnome-keysign-0.6/keysign/SignPages.py --- old/gnome-keysign-0.5/keysign/SignPages.py 2016-06-16 23:49:48.000000000 +0200 +++ new/gnome-keysign-0.6/keysign/SignPages.py 2016-06-23 00:55:01.000000000 +0200 @@ -139,7 +139,7 @@ the fingerprint with a formatted version. ''' fpr = "" - for i in xrange(0, len(fingerprint), 4): + for i in range(0, len(fingerprint), 4): fpr += fingerprint[i:i+4] if i != 0 and (i+4) % 20 == 0: @@ -220,7 +220,7 @@ try: exp_date = datetime.fromtimestamp(float(openPgpKey.expiry)) expiry = "Expires {:%Y-%m-%d %H:%M:%S}".format(exp_date) - except ValueError, e: + except ValueError as e: expiry = "No expiration date" self.expireLabel.set_markup(expiry) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/gnome-keysign-0.5/keysign/__init__.py new/gnome-keysign-0.6/keysign/__init__.py --- old/gnome-keysign-0.5/keysign/__init__.py 2016-06-16 23:49:48.000000000 +0200 +++ new/gnome-keysign-0.6/keysign/__init__.py 2016-06-23 00:55:01.000000000 +0200 @@ -16,8 +16,7 @@ # You should have received a copy of the GNU General Public License # along with GNOME Keysign. If not, see <http://www.gnu.org/licenses/>. -__version__ = '0.5' - +from ._version import __version__ def main(): # These imports were moved here because the keysign module @@ -25,6 +24,8 @@ # imports the __version__ import logging, sys, signal + import gi + gi.require_version('Gtk', '3.0') from gi.repository import GLib, Gtk from .MainWindow import MainWindow diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/gnome-keysign-0.5/keysign/_version.py new/gnome-keysign-0.6/keysign/_version.py --- old/gnome-keysign-0.5/keysign/_version.py 1970-01-01 01:00:00.000000000 +0100 +++ new/gnome-keysign-0.6/keysign/_version.py 2016-06-23 00:55:01.000000000 +0200 @@ -0,0 +1,2 @@ +#!/usr/bin/env python +__version__ = '0.6' diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/gnome-keysign-0.5/keysign/network/AvahiBrowser.py new/gnome-keysign-0.6/keysign/network/AvahiBrowser.py --- old/gnome-keysign-0.5/keysign/network/AvahiBrowser.py 2016-06-16 23:49:48.000000000 +0200 +++ new/gnome-keysign-0.6/keysign/network/AvahiBrowser.py 2016-06-23 00:55:01.000000000 +0200 @@ -17,6 +17,7 @@ # # You should have received a copy of the GNU General Public License # along with GNOME Keysign. If not, see <http://www.gnu.org/licenses/>. +from __future__ import print_function import avahi, dbus from dbus import DBusException from dbus.mainloop.glib import DBusGMainLoop @@ -62,10 +63,10 @@ class AvahiBrowser(GObject.GObject): __gsignals__ = { - 'new_service': (GObject.SIGNAL_RUN_LAST, None, + str('new_service'): (GObject.SIGNAL_RUN_LAST, None, # name, address (could be an int too (for IPv4)), port, txt_dict (str, str, int, object)), - 'remove_service': (GObject.SIGNAL_RUN_LAST, None, + str('remove_service'): (GObject.SIGNAL_RUN_LAST, None, # string 'remove'(placeholder: tuple element must be sequence), name (str, str)), } @@ -122,8 +123,8 @@ def on_error(self, *args): - print 'error_handler' - print args[0] + print('error_handler') + print(args[0]) def main(): @@ -134,7 +135,7 @@ ab = AvahiBrowser() def print_signal(*args): - print "Signal ahoi", args + print("Signal ahoi", args) ab.connect('new_service', print_signal) ab.connect('remove_service', print_signal) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/gnome-keysign-0.5/keysign/scan_barcode.py new/gnome-keysign-0.6/keysign/scan_barcode.py --- old/gnome-keysign-0.5/keysign/scan_barcode.py 2016-06-16 23:49:48.000000000 +0200 +++ new/gnome-keysign-0.6/keysign/scan_barcode.py 2016-06-23 00:55:01.000000000 +0200 @@ -23,6 +23,9 @@ import sys import cairo +import gi +gi.require_version('Gst', '1.0') +gi.require_version('GstVideo', '1.0') from gi.repository import GObject from gi.repository import Gst from gi.repository import Gtk, GLib @@ -220,11 +223,11 @@ class BarcodeReaderGTK(BarcodeReader, Gtk.DrawingArea): __gsignals__ = { - 'barcode': (GObject.SIGNAL_RUN_LAST, None, - (str, # The barcode string - Gst.Message.__gtype__, # The GStreamer message itself - GdkPixbuf.Pixbuf.__gtype__, # The pixbuf which caused the - # above string to be decoded + str('barcode'): (GObject.SIGNAL_RUN_LAST, None, + (str, # The barcode string + Gst.Message.__gtype__, # The GStreamer message itself + GdkPixbuf.Pixbuf.__gtype__, # The pixbuf which caused + # the above string to be decoded ), ) } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/gnome-keysign-0.5/setup.py new/gnome-keysign-0.6/setup.py --- old/gnome-keysign-0.5/setup.py 2016-06-16 23:49:48.000000000 +0200 +++ new/gnome-keysign-0.6/setup.py 2016-06-23 00:55:01.000000000 +0200 @@ -1,17 +1,18 @@ #!/usr/bin/env python # -from keysign import __version__ as version - from setuptools import setup from setuptools.command.install import install #import py2exe import sys +# This should define __version__ +with open('keysign/_version.py') as f: exec(f.read()) + setup( name = 'gnome-keysign', - version = version, + version = __version__, description = 'OpenPGP key signing helper', author = 'Tobias Mueller', author_email = '[email protected]', ++++++ gnome-keysign-gpg-2.1-returncode.patch ++++++ >From c01552eb9f15e39e7458ed2ab233385357e2f139 Mon Sep 17 00:00:00 2001 From: Tobias Mueller <[email protected]> Date: Thu, 7 Jul 2016 20:24:12 +0200 Subject: [PATCH] gpg: Checking for the return code when signing It seems that gpg2.1 does not necessarily send GOOD_PASSPHRASE when the agent has a cached passphrase. In fact, I can't produce two signatures because of the following exception: File "/tmp/gks-foo-install/local/lib/python2.7/site- packages/gnome_keysign-0.6-py2.7.egg/monkeysign/gpg.py", line 510, in sign_key raise GpgRuntimeError(self.context.returncode, _('unable to prompt for passphrase, is gpg-agent running?')) monkeysign.gpg.GpgRuntimeError: [Errno 0] unable to prompt for passphrase, is gpg-agent running? We can see the Errno 0. According to the man page, that's no problem, though. The modification appears to work with both, gpg1.4 and gpg2.1. I haven't checked 2.0, though. --- monkeysign/gpg.py | 28 +++++++++++++++++++--------- 1 file changed, 19 insertions(+), 9 deletions(-) diff --git a/monkeysign/gpg.py b/monkeysign/gpg.py index 56d21a1..8260cb2 100644 --- a/monkeysign/gpg.py +++ b/monkeysign/gpg.py @@ -498,10 +498,19 @@ class Keyring(): self.context.expect(proc.stderr, 'GOT_IT') # expect the passphrase confirmation # we seek because i have seen a USERID_HINT <keyid> <uid> in some cases - try: - self.context.seek(proc.stderr, 'GOOD_PASSPHRASE') - except GpgProtocolError: - raise GpgRuntimeError(self.context.returncode, _('unable to prompt for passphrase, is gpg-agent running?')) + + # The GnuPG (1.4 and 2.1) man page states that all is fine + # if gpg exits with 0. So let's assume that once we see + # 0, we're good. + # We have seen instances in which the GOOD_PASSPHRASE + # is not sent with GnuPG 2.1, maybe because the agent + # cached the passphrase. + if self.context.returncode != 0: + try: + self.context.seek(proc.stderr, 'GOOD_PASSPHRASE') + except GpgProtocolError: + raise GpgRuntimeError(self.context.returncode, + _('unable to prompt for passphrase, is gpg-agent running?')) return proc.wait() == 0 # don't sign all uids @@ -540,11 +549,12 @@ class Keyring(): raise GpgRuntimeError(self.context.returncode, _('key is expired, cannot sign')) else: raise GpgRuntimeError(self.context.returncode, _('unable to signing a single key: %s') % e.found().decode('utf-8') + proc.stderr.read()) - # expect the passphrase confirmation - try: - self.context.seek(proc.stderr, 'GOOD_PASSPHRASE') - except GpgProtocolError: - raise GpgRuntimeError(self.context.returncode, _('password confirmation failed')) + # expect the passphrase confirmation if return code indicates problems + if self.context.returncode != 0: + try: + self.context.seek(proc.stderr, 'GOOD_PASSPHRASE') + except GpgProtocolError: + raise GpgRuntimeError(self.context.returncode, _('password confirmation failed')) if multiuid: # we save the resulting key in uid selection mode self.context.expect(proc.stderr, 'GET_LINE keyedit.prompt') -- 2.7.4
