From: Todd Zullinger <tmz@pobox.com>
To: Fabian Stelzer <fs@gigacodes.de>
Cc: git@vger.kernel.org, Henning Schild <henning.schild@siemens.com>,
"brian m . carlson" <sandals@crustytoothpaste.net>,
Hans Jerry Illikainen <hji@dyntopia.com>,
Junio C Hamano <gitster@pobox.com>
Subject: Re: [PATCH 1/3] gpg-interface/gpgsm: fix for v2.3
Date: Mon, 28 Feb 2022 12:57:50 -0500 [thread overview]
Message-ID: <Yh0NHkyquB7nht3W@pobox.com> (raw)
In-Reply-To: <20220224100628.612789-1-fs@gigacodes.de>
Hi,
Fabian Stelzer wrote:
> gpgsm v2.3 changed some details about its output:
> - instead of displaying `fingerprint:` for keys it will print `sha1
> fpr:` and `sha2 fpr:`
> - some wording of errors has changed
> - signing will omit an extra debug output line before the [GNUPG]: tag
>
> This change adjusts the gpgsm test prerequisite to work with v2.3 as
> well by accepting `sha1 fpr:` as well as `fingerprint:`. To make this
> parsing more robust switch to gpg's `--with-colons` output format.
> Also allow both variants of errors for unknown certs.
I ran this series through the fedora buildsystem on releases
with gnupg 2.2 and 2.3. All the tests pass, as expected.
I think we may be able to simplify the wording above and the
patch below regarding the fingerprint/shaN fpr output
change, I'll add a comment below the changed hunk.
> diff --git a/t/lib-gpg.sh b/t/lib-gpg.sh
> index 3e7ee1386a..e997ce10ea 100644
> --- a/t/lib-gpg.sh
> +++ b/t/lib-gpg.sh
> @@ -72,12 +72,10 @@ test_lazy_prereq GPGSM '
> --passphrase-fd 0 --pinentry-mode loopback \
> --import "$TEST_DIRECTORY"/lib-gpg/gpgsm_cert.p12 &&
>
> - gpgsm --homedir "${GNUPGHOME}" -K |
> - grep fingerprint: |
> - cut -d" " -f4 |
> - tr -d "\\n" >"${GNUPGHOME}/trustlist.txt" &&
> + gpgsm --homedir "${GNUPGHOME}" -K --with-colons |
> + awk -F ":" "/^(fpr|fingerprint):/ {printf \"%s S relax\\n\", \$10}" \
> + >"${GNUPGHOME}/trustlist.txt" &&
Using --with-colons to parse the output, we shouldn't be
affected by the changed output. The pattern for awk can be
simplified to '^fpr:' as older and newer versions of gnupg
have used that string in the --with-colons output for many,
many years.
Perhaps that allows the commit message to say less about the
specific's the gnugp-2.3 output change and just mention that
it changed and using --with-colons is the preferred way to
parse the output (where we must parse output at all).
Switch to gpg's `--with-colons` output format to make
parsing more robust. This avoids issues where the
human-readable output from gpg commands changes.
or something?
Thanks,
--
Todd
next prev parent reply other threads:[~2022-02-28 18:22 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-03 12:37 [PATCH] gpg-interface: fix for gpgsm v2.3 Fabian Stelzer
2022-02-03 18:55 ` Junio C Hamano
2022-02-03 20:01 ` Todd Zullinger
2022-02-03 21:38 ` Junio C Hamano
2022-02-03 22:07 ` Todd Zullinger
2022-02-03 22:46 ` Junio C Hamano
2022-02-07 10:52 ` Fabian Stelzer
2022-02-07 16:38 ` Todd Zullinger
2022-02-09 8:33 ` Fabian Stelzer
2022-02-09 16:20 ` Todd Zullinger
2022-02-21 9:22 ` Fabian Stelzer
2022-02-23 4:38 ` Todd Zullinger
2022-02-24 10:06 ` [PATCH 1/3] gpg-interface/gpgsm: fix for v2.3 Fabian Stelzer
2022-02-28 17:57 ` Todd Zullinger [this message]
2022-03-02 9:02 ` [PATCH v3 " Fabian Stelzer
2022-03-02 19:18 ` Junio C Hamano
2022-03-03 11:51 ` Fabian Stelzer
2022-03-04 10:25 ` [PATCH v4 " Fabian Stelzer
2022-03-04 10:25 ` [PATCH v4 2/3] t/lib-gpg: reload gpg components after updating trustlist Fabian Stelzer
2022-03-04 10:25 ` [PATCH v4 3/3] t/lib-gpg: kill all gpg components, not just gpg-agent Fabian Stelzer
2022-03-02 9:02 ` [PATCH v3 2/3] t/lib-gpg: reload gpg components after updating trustlist Fabian Stelzer
2022-03-02 9:02 ` [PATCH v3 3/3] t/lib-gpg: kill all gpg components, not just gpg-agent Fabian Stelzer
2022-02-24 10:06 ` [PATCH 2/3] t/lib-gpg: reload gpg components after updating trustlist Fabian Stelzer
2022-02-24 10:06 ` [PATCH 3/3] t/lib-gpg: kill all gpg components, not just gpg-agent Fabian Stelzer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Yh0NHkyquB7nht3W@pobox.com \
--to=tmz@pobox.com \
--cc=fs@gigacodes.de \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=henning.schild@siemens.com \
--cc=hji@dyntopia.com \
--cc=sandals@crustytoothpaste.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.