From: Todd Zullinger <tmz@pobox.com>
To: Fabian Stelzer <fs@gigacodes.de>
Cc: git@vger.kernel.org, Henning Schild <henning.schild@siemens.com>,
"brian m . carlson" <sandals@crustytoothpaste.net>,
Hans Jerry Illikainen <hji@dyntopia.com>,
Junio C Hamano <gitster@pobox.com>
Subject: Re: [PATCH 1/3] gpg-interface/gpgsm: fix for v2.3
Date: Mon, 28 Feb 2022 12:57:50 -0500 [thread overview]
Message-ID: <Yh0NHkyquB7nht3W@pobox.com> (raw)
In-Reply-To: <20220224100628.612789-1-fs@gigacodes.de>
Hi,
Fabian Stelzer wrote:
> gpgsm v2.3 changed some details about its output:
> - instead of displaying `fingerprint:` for keys it will print `sha1
> fpr:` and `sha2 fpr:`
> - some wording of errors has changed
> - signing will omit an extra debug output line before the [GNUPG]: tag
>
> This change adjusts the gpgsm test prerequisite to work with v2.3 as
> well by accepting `sha1 fpr:` as well as `fingerprint:`. To make this
> parsing more robust switch to gpg's `--with-colons` output format.
> Also allow both variants of errors for unknown certs.
I ran this series through the fedora buildsystem on releases
with gnupg 2.2 and 2.3. All the tests pass, as expected.
I think we may be able to simplify the wording above and the
patch below regarding the fingerprint/shaN fpr output
change, I'll add a comment below the changed hunk.
> diff --git a/t/lib-gpg.sh b/t/lib-gpg.sh
> index 3e7ee1386a..e997ce10ea 100644
> --- a/t/lib-gpg.sh
> +++ b/t/lib-gpg.sh
> @@ -72,12 +72,10 @@ test_lazy_prereq GPGSM '
> --passphrase-fd 0 --pinentry-mode loopback \
> --import "$TEST_DIRECTORY"/lib-gpg/gpgsm_cert.p12 &&
>
> - gpgsm --homedir "${GNUPGHOME}" -K |
> - grep fingerprint: |
> - cut -d" " -f4 |
> - tr -d "\\n" >"${GNUPGHOME}/trustlist.txt" &&
> + gpgsm --homedir "${GNUPGHOME}" -K --with-colons |
> + awk -F ":" "/^(fpr|fingerprint):/ {printf \"%s S relax\\n\", \$10}" \
> + >"${GNUPGHOME}/trustlist.txt" &&
Using --with-colons to parse the output, we shouldn't be
affected by the changed output. The pattern for awk can be
simplified to '^fpr:' as older and newer versions of gnupg
have used that string in the --with-colons output for many,
many years.
Perhaps that allows the commit message to say less about the
specific's the gnugp-2.3 output change and just mention that
it changed and using --with-colons is the preferred way to
parse the output (where we must parse output at all).
Switch to gpg's `--with-colons` output format to make
parsing more robust. This avoids issues where the
human-readable output from gpg commands changes.
or something?
Thanks,
--
Todd
next prev parent reply other threads:[~2022-02-28 18:22 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-03 12:37 [PATCH] gpg-interface: fix for gpgsm v2.3 Fabian Stelzer
2022-02-03 18:55 ` Junio C Hamano
2022-02-03 20:01 ` Todd Zullinger
2022-02-03 21:38 ` Junio C Hamano
2022-02-03 22:07 ` Todd Zullinger
2022-02-03 22:46 ` Junio C Hamano
2022-02-07 10:52 ` Fabian Stelzer
2022-02-07 16:38 ` Todd Zullinger
2022-02-09 8:33 ` Fabian Stelzer
2022-02-09 16:20 ` Todd Zullinger
2022-02-21 9:22 ` Fabian Stelzer
2022-02-23 4:38 ` Todd Zullinger
2022-02-24 10:06 ` [PATCH 1/3] gpg-interface/gpgsm: fix for v2.3 Fabian Stelzer
2022-02-28 17:57 ` Todd Zullinger [this message]
2022-03-02 9:02 ` [PATCH v3 " Fabian Stelzer
2022-03-02 19:18 ` Junio C Hamano
2022-03-03 11:51 ` Fabian Stelzer
2022-03-04 10:25 ` [PATCH v4 " Fabian Stelzer
2022-03-04 10:25 ` [PATCH v4 2/3] t/lib-gpg: reload gpg components after updating trustlist Fabian Stelzer
2022-03-04 10:25 ` [PATCH v4 3/3] t/lib-gpg: kill all gpg components, not just gpg-agent Fabian Stelzer
2022-03-02 9:02 ` [PATCH v3 2/3] t/lib-gpg: reload gpg components after updating trustlist Fabian Stelzer
2022-03-02 9:02 ` [PATCH v3 3/3] t/lib-gpg: kill all gpg components, not just gpg-agent Fabian Stelzer
2022-02-24 10:06 ` [PATCH 2/3] t/lib-gpg: reload gpg components after updating trustlist Fabian Stelzer
2022-02-24 10:06 ` [PATCH 3/3] t/lib-gpg: kill all gpg components, not just gpg-agent Fabian Stelzer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Yh0NHkyquB7nht3W@pobox.com \
--to=tmz@pobox.com \
--cc=fs@gigacodes.de \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=henning.schild@siemens.com \
--cc=hji@dyntopia.com \
--cc=sandals@crustytoothpaste.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).