Hello, GnuPG 2.2.19 added a warning when no command was given. Some invocations do not specify a command, specifically where --list-only is used to retrieve the keys a file may be encrypted to.
Adds --decrypt in this these cases. For reference: https://bugs.gnupg.org/gnupg/msg9873 http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=810adfd47801fc01e45fb71af9f05c91f7890cdb https://bugzilla.suse.com/show_bug.cgi?id=1028867 Andreas -- Andreas Stieger <[email protected]> Project Manager Security SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg)
From 8723d8e8192683891904aff321446b0fac37d1ad Mon Sep 17 00:00:00 2001 From: Andreas Stieger <[email protected]> Date: Fri, 10 Mar 2017 15:43:26 +0100 Subject: [PATCH] Fix compatibility with GnuPG 2.2.19 GnuPG 2.2.19 added a warning when no command was given. * src/password-store.sh (reencrypt_path): Add --decrypt to --list-only * tests/t0300-reencryption.sh (gpg_keys_from_encrypted_file): same https://bugs.gnupg.org/gnupg/msg9873 http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=810adfd47801fc01e45fb71af9f05c91f7890cdb https://bugzilla.suse.com/show_bug.cgi?id=1028867 --- src/password-store.sh | 2 +- tests/t0300-reencryption.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/password-store.sh b/src/password-store.sh index 1ab6fb5..bad8d4f 100755 --- a/src/password-store.sh +++ b/src/password-store.sh @@ -125,7 +125,7 @@ reencrypt_path() { done gpg_keys="$($GPG $PASSWORD_STORE_GPG_OPTS --list-keys --with-colons "${GPG_RECIPIENTS[@]}" | sed -n 's/sub:[^:]*:[^:]*:[^:]*:\([^:]*\):[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[a-zA-Z]*e[a-zA-Z]*:.*/\1/p' | LC_ALL=C sort -u)" fi - current_keys="$($GPG $PASSWORD_STORE_GPG_OPTS -v --no-secmem-warning --no-permission-warning --list-only --keyid-format long "$passfile" 2>&1 | cut -d ' ' -f 5 | LC_ALL=C sort -u)" + current_keys="$($GPG $PASSWORD_STORE_GPG_OPTS -v --no-secmem-warning --no-permission-warning --decrypt --list-only --keyid-format long "$passfile" 2>&1 | cut -d ' ' -f 5 | LC_ALL=C sort -u)" if [[ $gpg_keys != "$current_keys" ]]; then echo "$passfile_display: reencrypting to ${gpg_keys//$'\n'/ }" diff --git a/tests/t0300-reencryption.sh b/tests/t0300-reencryption.sh index 9d46580..6d5811d 100755 --- a/tests/t0300-reencryption.sh +++ b/tests/t0300-reencryption.sh @@ -10,7 +10,7 @@ canonicalize_gpg_keys() { $GPG --list-keys --with-colons "$@" | sed -n 's/sub:[^:]*:[^:]*:[^:]*:\([^:]*\):[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[a-zA-Z]*e[a-zA-Z]*:.*/\1/p' | LC_ALL=C sort -u } gpg_keys_from_encrypted_file() { - $GPG -v --no-secmem-warning --no-permission-warning --list-only --keyid-format long "$1" 2>&1 | cut -d ' ' -f 5 | LC_ALL=C sort -u + $GPG -v --no-secmem-warning --no-permission-warning --decrypt --list-only --keyid-format long "$1" 2>&1 | cut -d ' ' -f 5 | LC_ALL=C sort -u } gpg_keys_from_group() { local output="$($GPG --list-config --with-colons | sed -n "s/^cfg:group:$1:\\(.*\\)/\\1/p" | head -n 1)" -- 2.12.0
_______________________________________________ Password-Store mailing list [email protected] https://lists.zx2c4.com/mailman/listinfo/password-store
