[DRE-commits] [schleuder] 25/52: New upstream version 3.0.0~beta16
Georg Faerber
georg-alioth-guest at moszumanska.debian.org
Mon Feb 6 11:21:20 UTC 2017
This is an automated email from the git hooks/post-receive script.
georg-alioth-guest pushed a commit to branch master
in repository schleuder.
commit 8e71212fae0123f434854a20e7992916219f5390
Author: Georg Faerber <georg at riseup.net>
Date: Wed Jan 11 13:57:26 2017 +0100
New upstream version 3.0.0~beta16
---
CHANGELOG.md | 15 +++++-
Gemfile.lock | 2 +-
README.md | 8 +--
bin/pinentry-clearpassphrase | 87 +++++++++++++++++++++++++++++++
lib/schleuder/cli.rb | 31 ++++++++----
lib/schleuder/gpgme/key.rb | 74 +++++++++++++++++++++++++++
lib/schleuder/version.rb | 2 +-
spec/fixtures/v2list/list.conf | 50 ++++++++++++++++++
spec/fixtures/v2list/list.log | 0
spec/fixtures/v2list/members.conf | 5 ++
spec/fixtures/v2list/pubring.gpg | Bin 0 -> 6256 bytes
spec/fixtures/v2list/random_seed | Bin 0 -> 600 bytes
spec/fixtures/v2list/secring.gpg | Bin 0 -> 6686 bytes
spec/fixtures/v2list/trustdb.gpg | Bin 0 -> 1360 bytes
spec/schleuder/integration/cli_spec.rb | 90 +++++++++++++++++++++++++++++++++
spec/spec_helper.rb | 4 ++
16 files changed, 352 insertions(+), 16 deletions(-)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 3b36f94..7a8d427 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,7 +6,20 @@ This project adheres to [Semantic Versioning](http://semver.org/).
The format of this file is based on [Keep a Changelog](http://keepachangelog.com/).
-## [3.0.0.beta15]
+## [3.0.0.beta16] / 2017-01-11
+
+### Fixed
+
+* Fix running `schleuder migrate...`.
+* Fix assigning list-attributes when migrating a list.
+
+### Added
+
+* Import the secret key and clear its passphrase when migrating a list from v2.
+* More tests.
+
+
+## [3.0.0.beta15] / 2017-01-10
### Changed
diff --git a/Gemfile.lock b/Gemfile.lock
index 3cd4226..c355ec7 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -1,7 +1,7 @@
PATH
remote: .
specs:
- schleuder (3.0.0.beta15)
+ schleuder (3.0.0.beta16)
activerecord (~> 4.1)
mail-gpg (~> 0.3.0)
rake (~> 10)
diff --git a/README.md b/README.md
index 4fa5345..dbd4151 100644
--- a/README.md
+++ b/README.md
@@ -42,15 +42,15 @@ Additionally these **rubygems** are required (will be installed automatically un
Installing Schleuder
------------
-1. Download [the gem](https://git.codecoop.org/schleuder/schleuder3/raw/master/gems/schleuder-3.0.0.beta15.gem) and [the OpenPGP-signature](https://git.codecoop.org/schleuder/schleuder3/raw/master/gems/schleuder-3.0.0.beta15.gem.sig) and verify:
+1. Download [the gem](https://git.codecoop.org/schleuder/schleuder3/raw/master/gems/schleuder-3.0.0.beta16.gem) and [the OpenPGP-signature](https://git.codecoop.org/schleuder/schleuder3/raw/master/gems/schleuder-3.0.0.beta16.gem.sig) and verify:
```
gpg --recv-key 0xB3D190D5235C74E1907EACFE898F2C91E2E6E1F3
- gpg --verify schleuder-3.0.0.beta15.gem.sig
+ gpg --verify schleuder-3.0.0.beta16.gem.sig
```
2. If all went well install the gem:
```
- gem install schleuder-3.0.0.beta15.gem
+ gem install schleuder-3.0.0.beta16.gem
```
3. Set up schleuder:
@@ -124,4 +124,4 @@ GNU GPL 3.0. Please see [LICENSE.txt](LICENSE.txt).
Alternative Download
--------------------
-Alternatively to the gem-files you can download the latest release as [a tarball](https://git.codecoop.org/schleuder/schleuder3/raw/master/gems/schleuder-3.0.0.beta15.tar.gz) and [its OpenPGP-signature](https://git.codecoop.org/schleuder/schleuder3/raw/master/gems/schleuder-3.0.0.beta15.tar.gz.sig).
+Alternatively to the gem-files you can download the latest release as [a tarball](https://git.codecoop.org/schleuder/schleuder3/raw/master/gems/schleuder-3.0.0.beta16.tar.gz) and [its OpenPGP-signature](https://git.codecoop.org/schleuder/schleuder3/raw/master/gems/schleuder-3.0.0.beta16.tar.gz.sig).
diff --git a/bin/pinentry-clearpassphrase b/bin/pinentry-clearpassphrase
new file mode 100755
index 0000000..f171aae
--- /dev/null
+++ b/bin/pinentry-clearpassphrase
@@ -0,0 +1,87 @@
+#!/usr/bin/env ruby
+
+# This file can be deleted once we cease to support gnupg 2.0.
+
+require 'fileutils'
+require 'openssl'
+require 'cgi'
+
+def respond(msg, flush=true)
+ log '>', msg
+ $stdout.puts msg
+ if flush
+ $stdout.flush
+ end
+end
+
+def send_ok(flush=true)
+ respond 'OK', flush
+end
+
+def send_password
+ if File.exist?(OLDPWDSENTFILE)
+ pwd = ''
+ if File.exist?(EMPTYPWDSENTFILE1)
+ FileUtils.touch(EMPTYPWDSENTFILE2)
+ else
+ FileUtils.touch(EMPTYPWDSENTFILE1)
+ end
+ else
+ pwd = OLDPASSWD
+ FileUtils.touch(OLDPWDSENTFILE)
+ end
+ respond "D #{pwd}"
+end
+
+def do_exit
+ if File.exist?(EMPTYPWDSENTFILE2)
+ log "deleting tmpdir"
+ FileUtils.rm_rf(TMPDIR)
+ end
+ log "exiting\n"
+ exit 0
+end
+
+def log(*args)
+ if DEBUG
+ File.open('/tmp/pinentry.log', 'a') do |f|
+ f.puts "#{args.join(' ')}"
+ end
+ end
+end
+
+
+OLDPASSWD = CGI.escape(ENV['PINENTRY_USER_DATA'].to_s)
+if OLDPASSWD.empty?
+ respond "Fatal error: passed PINENTRY_USER_DATA was empty, cannot continue"
+ exit 1
+end
+
+DEBUG = false
+SALT = 'Thank you, Edward!'
+TMPNAME = Digest::SHA256.hexdigest(SALT + ENV['GNUPGHOME'].to_s)
+TMPDIR = "/tmp/schleuder-#{TMPNAME}"
+OLDPWDSENTFILE = File.join(TMPDIR, "1")
+EMPTYPWDSENTFILE1 = File.join(TMPDIR, '2')
+EMPTYPWDSENTFILE2 = File.join(TMPDIR, '3')
+if ! Dir.exist?(TMPDIR)
+ Dir.mkdir(TMPDIR)
+end
+
+log "\nnew connection at #{Time.now}"
+respond "OK - what's up?"
+
+while line = $stdin.gets do
+ log '<', line
+ case line
+ when /^GETPIN/
+ send_password
+ send_ok
+ when /^BYE/
+ send_ok false
+ do_exit
+ else
+ send_ok
+ end
+end
+
diff --git a/lib/schleuder/cli.rb b/lib/schleuder/cli.rb
index 26f8f8a..947f31b 100644
--- a/lib/schleuder/cli.rb
+++ b/lib/schleuder/cli.rb
@@ -143,7 +143,7 @@ module Schleuder
# Create list.
begin
- list, messages = Schleuder::ListBuilder.new({email: listname, fingerprint: fingerprint}).run
+ list, messages = Schleuder::ListBuilder.new({email: listname, fingerprint: listkey.fingerprint}).run
rescue => exc
fatal exc
end
@@ -153,12 +153,25 @@ module Schleuder
fatal list.errors.full_messages.join(" - ")
end
+ # Import keys
+ list.import_key(File.read(dir + 'pubring.gpg'))
+ list.import_key(File.read(dir + 'secring.gpg'))
+
+ # Clear passphrase of imported list-key.
+ output = list.key.clearpassphrase(conf['gpg_password'])
+ if output
+ fatal "while clearing passphrase of list-key: #{output.inspect}"
+ end
+
# Set list-options.
List.configurable_attributes.each do |option|
option = option.to_s
- if conf[option]
- value = if option.match(/^keywords_/)
+ if conf.keys.include?(option)
+ value = case option
+ when /^keywords_/
filter_keywords(conf[option])
+ when 'log_level'
+ conf[option].to_s.downcase
else
conf[option]
end
@@ -167,23 +180,23 @@ module Schleuder
end
# Set changed options.
- { 'prefix' => 'subject_prefix',
+ changed_options = {
+ 'prefix' => 'subject_prefix',
'prefix_in' => 'subject_prefix_in',
'prefix_out' => 'subject_prefix_out',
'dump_incoming_mail' => 'forward_all_incoming_to_admins',
'receive_from_member_emailaddresses_only' => 'receive_from_subscribed_emailaddresses_only',
'bounces_notify_admin' => 'bounces_notify_admins',
'max_message_size' => 'max_message_size_kb'
- }.each do |old, new|
- if conf[old] && ! conf[old].to_s.empty?
+ }
+
+ changed_options.each do |old, new|
+ if conf.keys.include?(old)
list.set_attribute(new, conf[old])
end
end
list.save!
- # Import keys
- list.import_key(File.read(dir + 'pubring.gpg'))
-
# Subscribe members
YAML.load(File.read(dir + 'members.conf')).each do |member|
list.subscribe(member['email'], member['fingerprint'])
diff --git a/lib/schleuder/gpgme/key.rb b/lib/schleuder/gpgme/key.rb
index 39ca979..efba5d9 100644
--- a/lib/schleuder/gpgme/key.rb
+++ b/lib/schleuder/gpgme/key.rb
@@ -58,5 +58,79 @@ module GPGME
end
end
+ def clearpassphrase(oldpw)
+ # This block can be deleted once we cease to support gnupg 2.0.
+ if ! GPGME::Ctx.sufficient_gpg_version?('2.1.0')
+ return clearpassphrase_v20(oldpw)
+ end
+
+ oldpw_given = false
+ # Don't use '--passwd', it claims to fail (even though it factually doesn't).
+ GPGME::Ctx.gpgcli_expect(" --pinentry-mode loopback --edit-key '#{self.fingerprint}' passwd") do |line|
+ case line
+ when /passphrase.enter/
+ if ! oldpw_given
+ oldpw_given = true
+ oldpw
+ else
+ ""
+ end
+ when /BAD_PASSPHRASE/
+ [false, 'bad passphrase']
+ when /change_passwd.empty.okay/
+ 'y'
+ when /keyedit.prompt/
+ "save"
+ when /USERID_HINT|NEED_PASSPHRASE|GOT_IT|GOOD_PASSPHRASE|MISSING_PASSPHRASE|KEY_CONSIDERED|INQUIRE_MAXLEN|PROGRESS/
+ nil
+ else
+ [false, "Unexpected line: #{line}"]
+ end
+ end
+ end
+
+ # This method can be deleted once we cease to support gnupg 2.0.
+ def clearpassphrase_v20(oldpw)
+ ENV['PINENTRY_USER_DATA'] = oldpw
+ pinentry = File.join(ENV['SCHLEUDER_ROOT'], 'bin', 'pinentry-clearpassphrase')
+ delete_gpg_agent_socket
+ gpg_agent_log = "/tmp/schleuder-gpg-agent-#{rand}.log"
+ gpg_agent_cmd = "gpg-agent --use-standard-socket --pinentry-program #{pinentry} --daemon > #{gpg_agent_log} 2>&1"
+ if ! system(gpg_agent_cmd)
+ return [false, "gpg-agent exited with code #{$?}, output in #{gpg_agent_log}"]
+ end
+ # Don't use '--passwd', it claims to fail (even though it factually doesn't).
+ output = GPGME::Ctx.gpgcli_expect("--edit-key '#{self.fingerprint}' passwd") do |line|
+ case line
+ when /BAD_PASSPHRASE/
+ [false, 'bad passphrase']
+ when /change_passwd.empty.okay/
+ 'y'
+ when /keyedit.prompt/
+ "save"
+ when /USERID_HINT|NEED_PASSPHRASE|GOT_IT|GOOD_PASSPHRASE|MISSING_PASSPHRASE|KEY_CONSIDERED|INQUIRE_MAXLEN|PROGRESS/
+ nil
+ else
+ [false, "Unexpected line: #{line}"]
+ end
+ end
+ # gpg-agent terminates itself if its socket goes away.
+ delete_gpg_agent_socket
+ delete_file(gpg_agent_log)
+ output
+ end
+
+ # This method can be deleted once we cease to support gnupg 2.0.
+ def delete_gpg_agent_socket
+ delete_file(ENV['GNUPGHOME'], 'S.gpg-agent')
+ end
+
+ # This method can be deleted once we cease to support gnupg 2.0.
+ def delete_file(*args)
+ path = File.join(Array(args))
+ if File.exist?(path)
+ File.delete(path)
+ end
+ end
end
end
diff --git a/lib/schleuder/version.rb b/lib/schleuder/version.rb
index f6be2f2..23a6cba 100644
--- a/lib/schleuder/version.rb
+++ b/lib/schleuder/version.rb
@@ -1,3 +1,3 @@
module Schleuder
- VERSION = '3.0.0.beta15'
+ VERSION = '3.0.0.beta16'
end
diff --git a/spec/fixtures/v2list/list.conf b/spec/fixtures/v2list/list.conf
new file mode 100644
index 0000000..376cce4
--- /dev/null
+++ b/spec/fixtures/v2list/list.conf
@@ -0,0 +1,50 @@
+---
+headers_to_meta:
+- :from
+- :to
+- :cc
+- :date
+receive_from_member_emailaddresses_only: false
+keep_msgid: true
+log_level: WARN
+log_syslog: false
+keywords_admin_only:
+- ADD-MEMBER
+- DELETE-MEMBER
+- DELETE-KEY
+- SAVE-MEMBERS
+- DEL-KEY
+myname: v2 List
+default_mime: MIME
+receive_authenticated_only: false
+receive_admin_only: false
+bounces_drop_all: false
+include_list_headers: true
+myaddr: v2list at example.org
+key_fingerprint: 0392CF72B345256BB730049789226FD6A42B2A7A
+log_file: list.log
+archive: false
+prefix_out: "[out]"
+log_io: false
+openpgp_header_preference: signencrypt
+prefix: "[v2]"
+bounces_drop_on_headers:
+ x-spam-flag: "yes"
+receive_encrypted_only: false
+bounces_notify_admin: true
+max_message_size: 10240
+gpg_password: te=65k:3N4*leKo[js:=[+p[DGFd%6ui
+send_encrypted_only: false
+receive_signed_only: false
+public_footer: "-- \nfooter"
+dump_incoming_mail: false
+include_openpgp_header: true
+admins:
+- key_fingerprint: C4D60F8833789C7CAA44496FD3FFA6613AB10ECE
+ mime: MIME
+ email: schleuder2 at example.org
+ encrypted_only: false
+prefix_in: "[in]"
+keywords_admin_notify:
+- ADD-KEY
+- UNSUBSCRIBE
diff --git a/spec/fixtures/v2list/list.log b/spec/fixtures/v2list/list.log
new file mode 100644
index 0000000..e69de29
diff --git a/spec/fixtures/v2list/members.conf b/spec/fixtures/v2list/members.conf
new file mode 100644
index 0000000..839eb7d
--- /dev/null
+++ b/spec/fixtures/v2list/members.conf
@@ -0,0 +1,5 @@
+---
+- key_fingerprint: C4D60F8833789C7CAA44496FD3FFA6613AB10ECE
+ mime: MIME
+ email: schleuder2 at example.org
+ encrypted_only: false
diff --git a/spec/fixtures/v2list/pubring.gpg b/spec/fixtures/v2list/pubring.gpg
new file mode 100644
index 0000000..67835d0
Binary files /dev/null and b/spec/fixtures/v2list/pubring.gpg differ
diff --git a/spec/fixtures/v2list/random_seed b/spec/fixtures/v2list/random_seed
new file mode 100644
index 0000000..b9341c6
Binary files /dev/null and b/spec/fixtures/v2list/random_seed differ
diff --git a/spec/fixtures/v2list/secring.gpg b/spec/fixtures/v2list/secring.gpg
new file mode 100644
index 0000000..83c7d93
Binary files /dev/null and b/spec/fixtures/v2list/secring.gpg differ
diff --git a/spec/fixtures/v2list/trustdb.gpg b/spec/fixtures/v2list/trustdb.gpg
new file mode 100644
index 0000000..97d9ffa
Binary files /dev/null and b/spec/fixtures/v2list/trustdb.gpg differ
diff --git a/spec/schleuder/integration/cli_spec.rb b/spec/schleuder/integration/cli_spec.rb
new file mode 100644
index 0000000..664d86a
--- /dev/null
+++ b/spec/schleuder/integration/cli_spec.rb
@@ -0,0 +1,90 @@
+require "spec_helper"
+
+describe 'cli' do
+ context "migrates a v2-list to v3.0" do
+ it 'creates the list' do
+ v2list_path = 'spec/fixtures/v2list'
+
+ output = run_cli("migrate #{v2list_path}")
+ list = Schleuder::List.by_recipient('v2list at example.org')
+
+ expect(output).to be_present
+ expect(list).to be_present
+ end
+
+ it "imports the public keys" do
+ v2list_path = 'spec/fixtures/v2list'
+
+ output = run_cli("migrate #{v2list_path}")
+ list = Schleuder::List.by_recipient('v2list at example.org')
+
+ expect(output).not_to match('Error:')
+
+ keys = list.keys.map(&:fingerprint)
+ expect(list.key.fingerprint).to eq '0392CF72B345256BB730049789226FD6A42B2A7A'
+ expect(keys).to include 'C4D60F8833789C7CAA44496FD3FFA6613AB10ECE'
+ end
+
+ it "imports the secret key" do
+ v2list_path = 'spec/fixtures/v2list'
+
+ output = run_cli("migrate #{v2list_path}")
+ list = Schleuder::List.by_recipient('v2list at example.org')
+
+ expect(output).not_to match('Error:')
+
+ expect(list.secret_key).to be_present
+ expect(list.secret_key.fingerprint).to eq '0392CF72B345256BB730049789226FD6A42B2A7A'
+
+ signed = GPGME::Crypto.new(:armor => true).clearsign('lala').read
+
+ expect(signed).to match(/^-----BEGIN PGP SIGNED MESSAGE-----\n.*\n\nlala\n-----BEGIN PGP SIGNATURE-----\n.*\n-----END PGP SIGNATURE-----\n$/m)
+ end
+
+ it "imports the config" do
+ v2list_path = 'spec/fixtures/v2list'
+
+ output = run_cli("migrate #{v2list_path}")
+ list = Schleuder::List.by_recipient('v2list at example.org')
+
+ expect(output).not_to match('Error:')
+
+ expect(list.to_s).to eq 'v2list at example.org'
+ expect(list.log_level).to eq 'warn'
+ expect(list.fingerprint).to eq '0392CF72B345256BB730049789226FD6A42B2A7A'
+ expect(list.keywords_admin_only).to eq %w[subscribe unsubscribe delete-key]
+ expect(list.keywords_admin_notify).to eq %w[add-key unsubscribe]
+ expect(list.send_encrypted_only).to eq false
+ expect(list.receive_encrypted_only).to eq false
+ expect(list.receive_signed_only).to eq false
+ expect(list.receive_authenticated_only).to eq false
+ expect(list.receive_from_subscribed_emailaddresses_only).to eq false
+ expect(list.receive_admin_only).to eq false
+ expect(list.keep_msgid).to eq true
+ expect(list.bounces_drop_all).to eq false
+ expect(list.bounces_notify_admins).to eq true
+ expect(list.include_list_headers).to eq true
+ expect(list.include_openpgp_header).to eq true
+ expect(list.openpgp_header_preference).to eq 'signencrypt'
+ expect(list.headers_to_meta).to eq %w[from to cc date]
+ expect(list.bounces_drop_on_headers).to eq({'x-spam-flag' => "yes"})
+ expect(list.subject_prefix).to eq '[v2]'
+ expect(list.subject_prefix_in).to eq '[in]'
+ expect(list.subject_prefix_out).to eq '[out]'
+ expect(list.max_message_size_kb).to eq 10240
+ expect(list.public_footer).to eq "-- \nfooter"
+ end
+
+ it "imports the subscriptions" do
+ v2list_path = 'spec/fixtures/v2list'
+
+ output = run_cli("migrate #{v2list_path}")
+ list = Schleuder::List.by_recipient('v2list at example.org')
+ subscription_emails = list.subscriptions.map(&:email)
+
+ expect(output).not_to match('Error:')
+
+ expect(subscription_emails).to eq ['schleuder2 at example.org']
+ end
+ end
+end
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
index e415cd8..9635a62 100644
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -77,6 +77,10 @@ RSpec.configure do |config|
`SCHLEUDER_ENV=test SCHLEUDER_CONFIG=spec/schleuder.yml bin/schleuder #{command} #{email} < #{message_path} 2>&1`
end
+ def run_cli(command)
+ `SCHLEUDER_ENV=test SCHLEUDER_CONFIG=spec/schleuder.yml bin/schleuder #{command} 2>&1`
+ end
+
Mail.defaults do
delivery_method :test
end
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-ruby-extras/schleuder.git
More information about the Pkg-ruby-extras-commits
mailing list