a7d2f7e53e
The output of gpgsm changed slightly in gnupg-2.3, causing the git tests for x509 signatures to be skipped. Update the tests to use the machine-parseable --with-colons output. It also appears that we need to reload the gpg-agent in order to pick up the changes the test library makes to the trustlist.txt file. It might be better to store that file with the other gpg files in the test suite rather than generating it. While we're at it, reload all the gpg components rather than just gpg-agent. Adjust the earlier gpgconf kill to use the 'all' keyword as well. Next up, gpgsm removed a debug line from it's output which exposes a problem in git's gpg-interface code. The git code presumes that the '[GNUPG:] SIG_CREATED' line will follow a newline. That is no longer true. The debug line was removed from GnuPG in a6d2f3133 (sm: Replace some debug message by log_error or log_info, 2020-04-21). Finally, a minor bug in gpgsm causes the error message returned when a certificate is not found to differ from previous versions¹. Extend the grep pattern in the test suite to catch both error messages. ¹ https://lists.gnupg.org/pipermail/gnupg-devel/2021-November/034991.html
48 lines
1.7 KiB
Diff
48 lines
1.7 KiB
Diff
From e155951262e6dea419db8b9010342b08b487f96a Mon Sep 17 00:00:00 2001
|
|
From: Todd Zullinger <tmz@pobox.com>
|
|
Date: Thu, 25 Nov 2021 05:05:08 -0500
|
|
Subject: [PATCH] t/lib-gpg: use --with-colons when parsing gpgsm output
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
The output of `gpgsm -K` changed in gnupg-2.3¹, breaking the parsing
|
|
used by the GPGSM prereq.
|
|
|
|
Use the `--with-colons` options for stable, machine-parseable output.
|
|
This allows the grep/cut/tr pipeline (and the subsequent echo which
|
|
appends ' S relax') to be replaced with a single call to awk to create
|
|
the ${GNUPGHOME}/trustlist.txt file.
|
|
|
|
¹ https://dev.gnupg.org/rGe7d70923901e is the change in 2.3, while
|
|
https://dev.gnupg.org/rG9c57de75cf36 is the similar change in 2.2.
|
|
|
|
The latter says: Here in 2.2 we keep the string "fingerprint:" and no
|
|
not change it to "sha1 fpr" as we did in master (2.3). (sic)
|
|
|
|
Signed-off-by: Todd Zullinger <tmz@pobox.com>
|
|
---
|
|
t/lib-gpg.sh | 8 +++-----
|
|
1 file changed, 3 insertions(+), 5 deletions(-)
|
|
|
|
diff --git a/t/lib-gpg.sh b/t/lib-gpg.sh
|
|
index a3f285f515..cbbf74e725 100644
|
|
--- a/t/lib-gpg.sh
|
|
+++ b/t/lib-gpg.sh
|
|
@@ -72,12 +72,10 @@ test_lazy_prereq GPGSM '
|
|
--passphrase-fd 0 --pinentry-mode loopback \
|
|
--import "$TEST_DIRECTORY"/lib-gpg/gpgsm_cert.p12 &&
|
|
|
|
- gpgsm --homedir "${GNUPGHOME}" -K |
|
|
- grep fingerprint: |
|
|
- cut -d" " -f4 |
|
|
- tr -d "\\n" >"${GNUPGHOME}/trustlist.txt" &&
|
|
+ gpgsm --homedir "${GNUPGHOME}" -K --with-colons |
|
|
+ awk -F ":" "/^fpr:/ {printf \"%s S relax\\n\", \$10}" \
|
|
+ >"${GNUPGHOME}/trustlist.txt" &&
|
|
|
|
- echo " S relax" >>"${GNUPGHOME}/trustlist.txt" &&
|
|
echo hello | gpgsm --homedir "${GNUPGHOME}" >/dev/null \
|
|
-u committer@example.com -o /dev/null --sign -
|
|
'
|