From debbugs-submit-bounces@debbugs.gnu.org Thu Sep 23 04:09:51 2021 Received: (at submit) by debbugs.gnu.org; 23 Sep 2021 08:09:51 +0000 Received: from localhost ([127.0.0.1]:52618 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mTJni-0001pb-Vs for submit@debbugs.gnu.org; Thu, 23 Sep 2021 04:09:51 -0400 Received: from lists.gnu.org ([209.51.188.17]:39604) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mTJnh-0001pU-6E for submit@debbugs.gnu.org; Thu, 23 Sep 2021 04:09:49 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:59202) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mTJnf-00072r-Jy for guix-patches@gnu.org; Thu, 23 Sep 2021 04:09:48 -0400 Received: from mail-ed1-x52f.google.com ([2a00:1450:4864:20::52f]:35365) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1mTJnd-00032T-1Y for guix-patches@gnu.org; Thu, 23 Sep 2021 04:09:47 -0400 Received: by mail-ed1-x52f.google.com with SMTP id y89so9750580ede.2 for ; Thu, 23 Sep 2021 01:09:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=sender:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=FQDba65Fk8m4KDaYsx5MljHdT9jSDBGR4b5pRKfb0RA=; b=V0X9dVf2txX5HslOuexrKZIAPN1Hx65jR5hrqG+GFE1m6IgYeFL3mFbGIbYyd2HlDf DSnzHBHBSjVxjutHkOkh1T+i6HYVqAuq4ySAEfuf0WWs3lO4wIrbDK3DEpc8vFzSX72h /GcdZ4eCEzaPy35/JrXGZtwpkOh+uHZZLP+7Tk0LMLCNzJS0TPyN8ueV/pzcGJeEXHHT 5OAjjUXyYctXaeAYs0ckec1kzz3Iojeqnd9rfgI++yRynv1fI1MKJ705qSXpx5iARUDo BGibbbHl5N3l21v+VpYpggdHSeRw+HP/MmciQtUd91vqaFRUnpWN192jz82N+b/MmOzA MKFQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :mime-version:content-transfer-encoding; bh=FQDba65Fk8m4KDaYsx5MljHdT9jSDBGR4b5pRKfb0RA=; b=iytSVBI3G6AHtILG0yrJFGg3no5nawvmbCKiSm/8splDua/aLk7tenXYNavL20p6+Y xMmL2nGu5m8Ay9EH1pDE9BQXSTQAlFQAP8msaXkJtyu5ytxA3nUYBxPEU91gk8Lkb9Eg 82DXZkZssuQiVLZnxkzj+ahOqAu3I7ftA8m9czq8OKXk243xlXygnBOR5IM2M+x8pAcl cZmsgOntYg77cBpfIMzaLqSaBwDGhxjid4ETxLE0glvicTWA6crUu2a7xy2Y1nxFMZXL xVqvsqXHnpKo6zqQ3PaIodZnbEUzBsGroWRcqRHAXMUklcA5qMdhQeV5/rNFBBfJtoI5 7/sw== X-Gm-Message-State: AOAM53313+/WCcWTxjvAfFsUeuLAlqK6PplibnDSWDqVwHjl70dI43rr 2mSKUWMsBDd3Kxku0Os+dmYAL8UPmms= X-Google-Smtp-Source: ABdhPJy2b5k0om+285KONuMoIIUPp/wcngPw3v4VjgYDsiDxiGetJPAGcIdyJopq6qX7I3rfNuYl1g== X-Received: by 2002:a50:cb8b:: with SMTP id k11mr3960020edi.256.1632384582432; Thu, 23 Sep 2021 01:09:42 -0700 (PDT) Received: from lelap.lan (catv-213-222-131-28.catv.broadband.hu. [213.222.131.28]) by smtp.gmail.com with ESMTPSA id c28sm2663073ejc.102.2021.09.23.01.09.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 23 Sep 2021 01:09:41 -0700 (PDT) From: Attila Lendvai To: guix-patches@gnu.org Subject: [PATCH 1/2] gnu: Add trezor-gpg-pinentry-tk 0.0.10. Date: Thu, 23 Sep 2021 10:09:14 +0200 Message-Id: <20210923080914.6149-1-attila@lendvai.name> X-Mailer: git-send-email 2.33.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=2a00:1450:4864:20::52f; envelope-from=attila.lendvai@gmail.com; helo=mail-ed1-x52f.google.com X-Spam_score_int: -14 X-Spam_score: -1.5 X-Spam_bar: - X-Spam_report: (-1.5 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.248, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=no autolearn_force=no X-Spam_action: no action X-Spam-Score: -0.8 (/) X-Debbugs-Envelope-To: submit Cc: Attila Lendvai X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.8 (-) * gnu/packages/finance.scm (trezor-gpg-pinentry-tk): New variable. --- gnu/packages/finance.scm | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/gnu/packages/finance.scm b/gnu/packages/finance.scm index 4aaab58906..9b073541de 100644 --- a/gnu/packages/finance.scm +++ b/gnu/packages/finance.scm @@ -884,6 +884,31 @@ the Monero GUI client.") Ledger Nano as a hardware SSH/GPG agent.") (license license:lgpl3))) +(define-public trezor-gpg-pinentry-tk + (package + (name "trezor-gpg-pinentry-tk") + (version "0.0.10") + (source + (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/rendaw/trezor-gpg-pinentry-tk/") + (commit (string-append "v" version)))) + (file-name (git-file-name name version)) + (sha256 + (base32 "1mblx4favmw4nf7k9rfl00ivv77kgdiwghyz4xv5cp0v410kjaqc")))) + (build-system python-build-system) + (propagated-inputs + `(("python-tkinter" ,python "tk"))) + (home-page "https://github.com/rendaw/trezor-gpg-pinentry-tk") + (synopsis "A GPG PIN entry program for use with trezor-agent +or for people with number-only PINs.") + (description + "An alternate PIN entry for use with trezor-agent, or for people +with number-only PINs. It displays a grid of unlabeled buttons and +supports configurable keyboard mappings.") + (license license:lgpl3))) + (define-public python-mnemonic (package (name "python-mnemonic") -- 2.33.0 From debbugs-submit-bounces@debbugs.gnu.org Thu Sep 23 04:27:59 2021 Received: (at 50750) by debbugs.gnu.org; 23 Sep 2021 08:27:59 +0000 Received: from localhost ([127.0.0.1]:52656 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mTK5H-0002LE-6w for submit@debbugs.gnu.org; Thu, 23 Sep 2021 04:27:59 -0400 Received: from mail-4317.protonmail.ch ([185.70.43.17]:60702) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mTK5D-0002Kv-VV for 50750@debbugs.gnu.org; Thu, 23 Sep 2021 04:27:57 -0400 Date: Thu, 23 Sep 2021 08:27:48 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lendvai.name; s=protonmail2; t=1632385669; bh=fZ4Xo3JeN3dddCrIaHiNfEeQkqv91mvCbTxkVeB8YrI=; h=Date:To:From:Reply-To:Subject:In-Reply-To:References:From; b=CeCFX+dMZf2ZilDOdsgbJ+dxzKSNHQtq52wZX2C3gyQfg12OKUmGo7r0sfUZ8jsMk Tl0R1buznhbOJnKmkddEE0MLtjp14y8EFvkGgHs/VrxeTL4Ugmedg0/ciLRY9dQp44 L0FTOF6p2ufas7My2TDISprlot5JR57PsI14dM2wQS7gUdAXD6c/jpZA3ofBTfLS9L nqaKB02jD4V5GC4TBtZF6MznTX9GGbD2guOyphGVbPJVg2H164b0k1hGowqU2RcPw3 JaBy3Lx7tIrAjQdSI0D3hDvm3ePNWHf1Ds/dyl7niq74fN3VwCnCZ53rQtOsoLweHc X/hOqL5FPNaFA== To: "50750@debbugs.gnu.org" <50750@debbugs.gnu.org> From: Attila Lendvai Subject: Re: [PATCH 1/2] gnu: Add trezor-gpg-pinentry-tk 0.0.10. Message-ID: In-Reply-To: <20210923080914.6149-1-attila@lendvai.name> References: <20210923080914.6149-1-attila@lendvai.name> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-1.2 required=10.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF shortcircuit=no autolearn=disabled version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on mailout.protonmail.ch X-Spam-Score: -0.0 (/) X-Debbugs-Envelope-To: 50750 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Attila Lendvai Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) please ignore the 1of2 part. i meant to send only one patch, but i'm still = learning git send-email. i'll send the updating of Trezor support in a separate email. - attila PGP:=C2=A05D5F 45C7 DFCD 0A39 From debbugs-submit-bounces@debbugs.gnu.org Fri Sep 24 09:49:41 2021 Received: (at 50750) by debbugs.gnu.org; 24 Sep 2021 13:49:41 +0000 Received: from localhost ([127.0.0.1]:56991 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mTla9-0005cP-Js for submit@debbugs.gnu.org; Fri, 24 Sep 2021 09:49:41 -0400 Received: from h87-96-130-155.cust.a3fiber.se ([87.96.130.155]:44328 helo=mail.yoctocell.xyz) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mTla7-0005c5-9z for 50750@debbugs.gnu.org; Fri, 24 Sep 2021 09:49:40 -0400 From: Xinglu Chen DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=yoctocell.xyz; s=mail; t=1632491369; bh=NCPaf2YAGM+babjPslE/3D5s9qzOLrbuWSqNYwTT2yk=; h=From:To:Cc:Subject:In-Reply-To:References:Date; b=ZitM/y7Chz2LiUFu5ok7YG51pp7Ax9inQi7r7UiXTmd9rOFYMh6giXmoDTpwCbYEW jc0i35XfkcAwOEuijK0GaWGA+RfpBvKFxSSDZyHw6zTAXNepsHkkRLDTmwxl1jlLKd qK3y49bSKrkjKITw9XgAibfwIQJ+/dyUtGwN2MeE= To: Attila Lendvai , 50750@debbugs.gnu.org Subject: Re: [bug#50750] [PATCH 1/2] gnu: Add trezor-gpg-pinentry-tk 0.0.10. In-Reply-To: <20210923080914.6149-1-attila@lendvai.name> References: <20210923080914.6149-1-attila@lendvai.name> Date: Fri, 24 Sep 2021 15:49:25 +0200 Message-ID: <87pmsyjd7e.fsf@yoctocell.xyz> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha256; protocol="application/pgp-signature" X-Spam-Score: 2.9 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: On Thu, Sep 23 2021, Attila Lendvai wrote: > * gnu/packages/finance.scm (trezor-gpg-pinentry-tk): New variable. > --- > gnu/packages/finance.scm | 25 +++++++++++++++++++++++++ > 1 file changed, 25 insertions(+) > > diff --git a/gnu/packages/fi [...] Content analysis details: (2.9 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 2.0 PDS_OTHER_BAD_TLD Untrustworthy TLDs [URI: yoctocell.xyz (xyz)] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.5 FROM_SUSPICIOUS_NTLD From abused NTLD 0.4 RDNS_DYNAMIC Delivered to internal network by host with dynamic-looking rDNS 0.0 PDS_RDNS_DYNAMIC_FP RDNS_DYNAMIC with FP steps X-Debbugs-Envelope-To: 50750 Cc: Attila Lendvai X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 2.9 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: On Thu, Sep 23 2021, Attila Lendvai wrote: > * gnu/packages/finance.scm (trezor-gpg-pinentry-tk): New variable. > --- > gnu/packages/finance.scm | 25 +++++++++++++++++++++++++ > 1 file changed, 25 insertions(+) > > diff --git a/gnu/packages/fi [...] Content analysis details: (2.9 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 2.0 PDS_OTHER_BAD_TLD Untrustworthy TLDs [URI: yoctocell.xyz (xyz)] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.5 FROM_SUSPICIOUS_NTLD From abused NTLD 0.4 RDNS_DYNAMIC Delivered to internal network by host with dynamic-looking rDNS 1.0 BULK_RE_SUSP_NTLD Precedence bulk and RE: from a suspicious TLD -1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list manager 0.0 PDS_RDNS_DYNAMIC_FP RDNS_DYNAMIC with FP steps --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On Thu, Sep 23 2021, Attila Lendvai wrote: > * gnu/packages/finance.scm (trezor-gpg-pinentry-tk): New variable. > --- > gnu/packages/finance.scm | 25 +++++++++++++++++++++++++ > 1 file changed, 25 insertions(+) > > diff --git a/gnu/packages/finance.scm b/gnu/packages/finance.scm > index 4aaab58906..9b073541de 100644 > --- a/gnu/packages/finance.scm > +++ b/gnu/packages/finance.scm > @@ -884,6 +884,31 @@ the Monero GUI client.") > Ledger Nano as a hardware SSH/GPG agent.") > (license license:lgpl3))) >=20=20 > +(define-public trezor-gpg-pinentry-tk > + (package > + (name "trezor-gpg-pinentry-tk") > + (version "0.0.10") > + (source > + (origin > + (method git-fetch) > + (uri (git-reference > + (url "https://github.com/rendaw/trezor-gpg-pinentry-tk/") > + (commit (string-append "v" version)))) > + (file-name (git-file-name name version)) > + (sha256 > + (base32 "1mblx4favmw4nf7k9rfl00ivv77kgdiwghyz4xv5cp0v410kjaqc"))= )) > + (build-system python-build-system) > + (propagated-inputs > + `(("python-tkinter" ,python "tk"))) > + (home-page "https://github.com/rendaw/trezor-gpg-pinentry-tk") > + (synopsis "A GPG PIN entry program for use with trezor-agent > +or for people with number-only PINs.") The synopsis starts with an article, and it is a bit long (see =E2=80=9C16.= 4.4 Synopses and Descriptions=E2=80=9D in the manual for more details), I sugge= st GPG pinentry program for use with @code{trezor-agent} > + (description > + "An alternate PIN entry for use with trezor-agent, or for people > +with number-only PINs. It displays a grid of unlabeled buttons and > +supports configurable keyboard mappings.") The first sentence lacks a subject, and there should be two spaces after a period. I suggest This package provides a GPG pinentry program for use with @code{trezor-agent}, or for people with number-only PINs. It displays a grid of unlabeled buttons and supports configurable keyboard settings. > + (license license:lgpl3))) The =E2=80=98license.txt=E2=80=99 file says BSD-2. Could you send an updated patch? --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQJJBAEBCAAzFiEEAVhh4yyK5+SEykIzrPUJmaL7XHkFAmFN12UVHHB1YmxpY0B5 b2N0b2NlbGwueHl6AAoJEKz1CZmi+1x5nNEP/2Tm6IMCeCOc65QrMCmaZotWaBXJ RATJ9ddxWgg8y8QKW5Usgb5bxWnT1OTpHg/G7XKfGJtEZOZrrXumoEciYdQH/YBT c//3IMtqTFItKfJ/TVughYyGXTn27j2YJBFE08BPuNKI6eAsQcz7Yga0idteGUrL x1yrGqroNrmhuZ8Zzt1S5dt/ODEjLJ92PrtgZO/tYubwH+hSptZDHVBQO2ZkPQug ymwTZ0P2qUs7B0pHNRqX4/czdTgvBVS7RUmhwmjwfLE3wG0pLCkk+ebylYQatHU7 mihnWUPWNxoYlQW12yKGn7jRY5KAMJ9+L+YgadA1EZts8TyyRHa1ky595LZD8f9r EkeNg15Wq7cutKJeOFAH1Oca6UdEunaA7PBk0NQtQtjfAnXdkW/y7/1z3AmkuVZa ZahX+rPbH9/YCv1soDY59eYfI/SIMgOZVv6vb649Hq9IrtomU03U3OFWdtFAmbLD gNyds2/vvonD7eeun3u5ru26QfLlr2DezPcGtvE5TQiSHFi9Iv+UV0hXXwDwNqgS 51dEXmflOUymeBRDn4qAqiRdnHgy8XbRLZAxKGC4XLvYtwOfn9Cg5IgKQxfXzifF 6Je8K4zdinZd10IeHtd5zrS+vxKa0XcZ+Zxa/8+nAuoSgI+RJJsbBid9dAOJRPW5 fVil5k/dDD5Aq5+4 =B3A5 -----END PGP SIGNATURE----- --=-=-=-- From debbugs-submit-bounces@debbugs.gnu.org Sat Sep 25 12:09:45 2021 Received: (at 50750) by debbugs.gnu.org; 25 Sep 2021 16:09:45 +0000 Received: from localhost ([127.0.0.1]:34448 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mUAFE-0000nl-TX for submit@debbugs.gnu.org; Sat, 25 Sep 2021 12:09:45 -0400 Received: from mail-ed1-f54.google.com ([209.85.208.54]:36685) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mUAFD-0000nZ-9L for 50750@debbugs.gnu.org; Sat, 25 Sep 2021 12:09:43 -0400 Received: by mail-ed1-f54.google.com with SMTP id v24so48895342eda.3 for <50750@debbugs.gnu.org>; Sat, 25 Sep 2021 09:09:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=sender:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=1Abr0wcMwPjZcZWv3Pc8E/fCkm83hd6sd9TSj9AdEUs=; b=cgYrDdXOa6onXT/PNZ6E+dkPSgu/+XXpwax2AqIyQzmw+0Hi9a+jhmBFk5FSyeOOAO I0QkqKxEuEDb+HTdGIFHNfTveyJ1S8268yoPX8CS90tP3d9FUrUBljvcexT3zRxkmUKR H1qBhLoXCpw0SKWAwpqlgPdm+gY8Ydagta1KR2ZFLn8iIHo6H2nBgjjIGelWJ0XjtOc8 L9IV49uzozkL9tVHfOi0IjINcxEXuDE7YdVV+SEfKoXrcJLj671LySbSZX2bFITXXOq2 LyIfcSDSr+XFfckLNe3fjgeozhrrCP38Y7e5VvdN+HZj97vfYnvUPrGC1AH7viCeNK1Z znEA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :mime-version:content-transfer-encoding; bh=1Abr0wcMwPjZcZWv3Pc8E/fCkm83hd6sd9TSj9AdEUs=; b=b7wPhjyu8H/KCJjh255OTziiMIc0TEETbvKehsPVMZSq0enNWMNuVjrHNPjkVM/LDO GGK/lHRVdDHJCikMXgsivmzB+TYsGZP8QG503aeGSgIqR2onmijVkj0VSW+YeaCDsqsU bRN9ucqPeZ/XWmhlKug2Hy5jxGiwNDQsId1FGvnLlqHhiBeyXytWhK2uXm1ZUYEaqAFr m2E62SidLr7bmao/T3SJBcDpTOjwmef3Ov2mciQOdugV5T6OLaWWBKCmxb2Qj9K2t9Fw WSraOpih2VMcx8qkAP36PnAGDefbqllo2OJhlkEXO79R2yQkVl75heHvP5L0NESeZ5ED pE7g== X-Gm-Message-State: AOAM5319GbuhIrpcuBGuAC6/vVDRegDupN2C4y60HQAnwU8GHf1SGTEw LDaCotX9g8JO1hlJ/Ppq0C1x5nlAQOg= X-Google-Smtp-Source: ABdhPJw71lWqV3JB0JV4Z13llNUTw41oFpxJzLMI8huF4K8t+DTP4P6vmYOCCwgD92qMfsnrqwk0/Q== X-Received: by 2002:a17:906:c2c6:: with SMTP id ch6mr18371994ejb.76.1632586177483; Sat, 25 Sep 2021 09:09:37 -0700 (PDT) Received: from localhost.localdomain ([2a02:ab88:370d:c380:4c15:c040:7494:7502]) by smtp.gmail.com with ESMTPSA id q18sm6470871ejc.84.2021.09.25.09.09.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 25 Sep 2021 09:09:36 -0700 (PDT) From: Attila Lendvai To: 50750@debbugs.gnu.org Subject: [PATCH] gnu: Add trezor-gpg-pinentry-tk 0.0.10. Date: Sat, 25 Sep 2021 18:08:04 +0200 Message-Id: <20210925160803.2679-1-attila@lendvai.name> X-Mailer: git-send-email 2.33.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: 0.5 (/) X-Debbugs-Envelope-To: 50750 Cc: Attila Lendvai X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.5 (/) * gnu/packages/finance.scm (trezor-gpg-pinentry-tk): New variable. --- Thank you for catching all these mistakes, especially the licence! gnu/packages/finance.scm | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/gnu/packages/finance.scm b/gnu/packages/finance.scm index 4aaab58906..8347821af5 100644 --- a/gnu/packages/finance.scm +++ b/gnu/packages/finance.scm @@ -884,6 +884,31 @@ the Monero GUI client.") Ledger Nano as a hardware SSH/GPG agent.") (license license:lgpl3))) +(define-public trezor-gpg-pinentry-tk + (package + (name "trezor-gpg-pinentry-tk") + (version "0.0.10") + (source + (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/rendaw/trezor-gpg-pinentry-tk/") + (commit (string-append "v" version)))) + (file-name (git-file-name name version)) + (sha256 + (base32 "1mblx4favmw4nf7k9rfl00ivv77kgdiwghyz4xv5cp0v410kjaqc")))) + (build-system python-build-system) + (propagated-inputs + `(("python-tkinter" ,python "tk"))) + (home-page "https://github.com/rendaw/trezor-gpg-pinentry-tk") + (synopsis "GPG pinentry program for use with @code{trezor-agent}") + (description + "This package provides a GPG pinentry program for use with +@code{trezor-agent}, or for people with number-only PINs. It displays +a grid of unlabeled buttons and supports configurable keyboard +settings.") + (license license:bsd-2))) + (define-public python-mnemonic (package (name "python-mnemonic") -- 2.33.0 From debbugs-submit-bounces@debbugs.gnu.org Sun Sep 26 05:23:57 2021 Received: (at 50750) by debbugs.gnu.org; 26 Sep 2021 09:23:57 +0000 Received: from localhost ([127.0.0.1]:35882 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mUQO5-0003Jd-KW for submit@debbugs.gnu.org; Sun, 26 Sep 2021 05:23:57 -0400 Received: from h87-96-130-155.cust.a3fiber.se ([87.96.130.155]:44082 helo=mail.yoctocell.xyz) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mUQO2-0003JI-2D for 50750@debbugs.gnu.org; Sun, 26 Sep 2021 05:23:55 -0400 From: Xinglu Chen DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=yoctocell.xyz; s=mail; t=1632648224; bh=2n0a5jfcNT7/yJM3cJX2kmNMgBvjwTV9vYfqp4J2wjM=; h=From:To:Cc:Subject:In-Reply-To:References:Date; b=OLJsL4ry3VhlnHn7ldtHpKCEHX6xoMpp1MvVqvpEA1wBdKVl8MoDXXkafoCJCU774 PYZf9t85lYPYoUK1DLTjYXVYp8qLa3oSH0u1+aQfkAouBzXJp3fPTXaPXuBKP11udI lcLBw1+JKCnUJj6Ib5BVmcyL+k3sFHb0im4+4p5w= To: Attila Lendvai , 50750@debbugs.gnu.org Subject: Re: [bug#50750] [PATCH] gnu: Add trezor-gpg-pinentry-tk 0.0.10. In-Reply-To: <20210925160803.2679-1-attila@lendvai.name> References: <20210923080914.6149-1-attila@lendvai.name> <20210925160803.2679-1-attila@lendvai.name> Date: Sun, 26 Sep 2021 11:23:41 +0200 Message-ID: <878rzjk7vm.fsf@yoctocell.xyz> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha256; protocol="application/pgp-signature" X-Spam-Score: 2.9 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: On Sat, Sep 25 2021, Attila Lendvai wrote: > * gnu/packages/finance.scm (trezor-gpg-pinentry-tk): New variable. > --- > > Thank you for catching all these mistakes, especially the licence! You are welcome! The updated patch LGTM, but I don’t have commit access, so someone else will have to merge it. Content analysis details: (2.9 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 2.0 PDS_OTHER_BAD_TLD Untrustworthy TLDs [URI: yoctocell.xyz (xyz)] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.5 FROM_SUSPICIOUS_NTLD From abused NTLD 0.4 RDNS_DYNAMIC Delivered to internal network by host with dynamic-looking rDNS 0.0 PDS_RDNS_DYNAMIC_FP RDNS_DYNAMIC with FP steps X-Debbugs-Envelope-To: 50750 Cc: Attila Lendvai X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 2.9 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: On Sat, Sep 25 2021, Attila Lendvai wrote: > * gnu/packages/finance.scm (trezor-gpg-pinentry-tk): New variable. > --- > > Thank you for catching all these mistakes, especially the licence! You are welcome! The updated patch LGTM, but I don’t have commit access, so someone else will have to merge it. Content analysis details: (2.9 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 2.0 PDS_OTHER_BAD_TLD Untrustworthy TLDs [URI: yoctocell.xyz (xyz)] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.5 FROM_SUSPICIOUS_NTLD From abused NTLD 0.4 RDNS_DYNAMIC Delivered to internal network by host with dynamic-looking rDNS 1.0 BULK_RE_SUSP_NTLD Precedence bulk and RE: from a suspicious TLD -1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list manager 0.0 PDS_RDNS_DYNAMIC_FP RDNS_DYNAMIC with FP steps --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On Sat, Sep 25 2021, Attila Lendvai wrote: > * gnu/packages/finance.scm (trezor-gpg-pinentry-tk): New variable. > --- > > Thank you for catching all these mistakes, especially the licence! You are welcome! The updated patch LGTM, but I don=E2=80=99t have commit access, so someone else will have to merge it. --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQJJBAEBCAAzFiEEAVhh4yyK5+SEykIzrPUJmaL7XHkFAmFQPB4VHHB1YmxpY0B5 b2N0b2NlbGwueHl6AAoJEKz1CZmi+1x5KO0QAIn8jWbgrckY7kdVP74r/rMGwf3D F2YeiFJmCn0lxXu5Sd17sl/w3oB8vW5AepGCGhd6v6CFrBHhwj08M/ZXfcSoXMSA 0ehvbjE3Xn9xYqlWNCZ/sQcaQKUeVn1/HlExHK3ovVsqnWCkG6FjFemYKEI5XKiJ s43kEvAoF8TzRkW3RjK/u9zf4jaKZfOMnkxokr3JC6C3ruGVdsV8xv49nnnyMfAP a5NpXBScDbDRrOnQyWf8LEg4GOkezPg++Tvlggxrtr9CA2vXlFYi03eU5blTi+It mlRRg+7D3z5ZcGFtyZvsLI4Ngqb3dteVm7p80GEryOHyFRsE6z9mfFtGd3JoLiIh GJF1MRm10+8W3srppyqFz4y55JR4TscIBfHgAi/oIzaSzVleC84U7llklU1xYxbM HALw3L+fUr9eVbL5tXLnTTjQvD/G4wmmwh1eynnef7bHCEWQuxMig7vUnfQOp83z 9ZbWYFAbmdd+dawZuwajq+e0XqIIfvOihK0B+vVokpBVYmJfWkU3pB/8oUGAmyOP JhK/k4/ClwgjEO/fLp0wzuv/Wg/ihR1QlftMNOxXtIlp7/BhRASPiXH6s0YbES+H 3BRIAv3zg1RkETtzoel0KS5MJcCRdHVwq1SFz4uVXZ1YqvQVA+AxIwcsvGTjmucp 29IzvL01HK/Axi2Y =Af70 -----END PGP SIGNATURE----- --=-=-=-- From debbugs-submit-bounces@debbugs.gnu.org Mon Sep 27 20:42:05 2021 Received: (at 50750) by debbugs.gnu.org; 28 Sep 2021 00:42:05 +0000 Received: from localhost ([127.0.0.1]:43209 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mV1C8-0005qF-Tf for submit@debbugs.gnu.org; Mon, 27 Sep 2021 20:42:05 -0400 Received: from mail-ed1-f43.google.com ([209.85.208.43]:36467) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mV1C4-0005p6-Ma for 50750@debbugs.gnu.org; Mon, 27 Sep 2021 20:42:01 -0400 Received: by mail-ed1-f43.google.com with SMTP id y35so25245934ede.3 for <50750@debbugs.gnu.org>; Mon, 27 Sep 2021 17:42:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=sender:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=7kd0E7PC/LNXP+KlKpXFrhoFwEqqFjwgJX8oTvH5C64=; b=gErrjWE9Rju8+WkmlB8p3AsL53KN79onuSOISZcEkY3iYKcqWINrGz4CTLZlHGLDYJ mBIHY5bPMxVOn8ppxxq9qGhsWrBq/+EeNvuTF1rNGCtsqoBSuU3JXMHH3ZnXzuVLYsMS /VZBhMG269oL6YVn4m6xK24Ck7RCWCx2Vo2a1HFCyfFMhXdR3OGPZaBhP64YB2bi09fx N5wJVL9amCXSxt4Jo2vBqTcEbUr7av07jbbd0vzJ33dCW3EOhHJmF3ipuEuHIbg5VxFa zcmNIf1y5cmbrHhDEuBJ4jCKgsMitFrbSUFsWP+q09yZZArfypMWrpgSfBizN5GiqzTn qKZw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :mime-version:content-transfer-encoding; bh=7kd0E7PC/LNXP+KlKpXFrhoFwEqqFjwgJX8oTvH5C64=; b=epJyFdKCTgQNADFrSBp5dvt5JhXCNqm7xX0TbhSjV8dtAw/Gz5Uw1tZkVfk5B8u79/ N7/qNtx2tbnOqInf7T91z4vBrNKSkk1wqzIJNUuuKB2Zi37h82APoyU/tlwsxw/D4fVY 8hRp+YGdXr0hIa2wg9ImGg2R6cJEbwRxYOtMTUG744yQF8AfX1ECJShmPL6VaUSrPVzr 3O1hm2opTyU8p6SpCrFyKMVG620Di5sjtlf+V4B/vnjysjMy5sEHUaeZJ9uWCiUeo5n+ KGEavkQqbZLX8+iC6OrYztNWHWmwxwzNgubLqdFs+6DgeahvWZso0lmSKoE8qOkSIhpF tM1A== X-Gm-Message-State: AOAM5307iH1PBzN3No5aSXDsfRTjYDn0/GREM6G0DqcXFY7QP/gslNF5 tey4gFYZhRv8KcYdWKEQYyeNb34DlL4= X-Google-Smtp-Source: ABdhPJwh6FYXyhkNSCUv1Z3TIIhFy94m1UUQoINbL8rtWauxn4qyZSvvnia4bKmXYcOYx1Lo2kG9ZQ== X-Received: by 2002:a17:906:5010:: with SMTP id s16mr3550628ejj.245.1632789714789; Mon, 27 Sep 2021 17:41:54 -0700 (PDT) Received: from lelap.lan (catv-213-222-131-28.catv.broadband.hu. [213.222.131.28]) by smtp.gmail.com with ESMTPSA id u4sm9396207ejc.19.2021.09.27.17.41.53 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 27 Sep 2021 17:41:54 -0700 (PDT) From: Attila Lendvai To: 50750@debbugs.gnu.org Subject: [PATCH 1/4] tests: Smarten up git repository testing framework. Date: Tue, 28 Sep 2021 02:40:03 +0200 Message-Id: <20210928004005.28786-1-attila@lendvai.name> X-Mailer: git-send-email 2.33.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: 0.5 (/) X-Debbugs-Envelope-To: 50750 Cc: Attila Lendvai X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.5 (/) * guix/tests/git.scm (with-git-repository): New macro that can be used in a nested way under a with-temporary-git-repository. (populate-git-repository): Extend the DSL with (add "some-noise"), (reset "[commit hash]"), (checkout "branch" orphan). * guix/tests/gnupg.scm (key-fingerprint-vector): New function. --- guix/tests/git.scm | 23 +++++++++++++++++++++-- guix/tests/gnupg.scm | 8 ++++++-- 2 files changed, 27 insertions(+), 4 deletions(-) diff --git a/guix/tests/git.scm b/guix/tests/git.scm index 69960284d9..76f5a8b937 100644 --- a/guix/tests/git.scm +++ b/guix/tests/git.scm @@ -26,6 +26,7 @@ #:use-module (ice-9 control) #:export (git-command with-temporary-git-repository + with-git-repository find-commit)) (define git-command @@ -59,8 +60,9 @@ Return DIRECTORY on success." (apply invoke (git-command) "-C" directory command args))))) - (mkdir-p directory) - (git "init") + (unless (directory-exists? (string-append directory "/.git")) + (mkdir-p directory) + (git "init")) (let loop ((directives directives)) (match directives @@ -78,6 +80,9 @@ Return DIRECTORY on success." port))) (git "add" file) (loop rest))) + ((('add file-name-and-content) rest ...) + (loop (cons `(add ,file-name-and-content ,file-name-and-content) + rest))) ((('remove file) rest ...) (git "rm" "-f" file) (loop rest)) @@ -99,12 +104,18 @@ Return DIRECTORY on success." ((('checkout branch) rest ...) (git "checkout" branch) (loop rest)) + ((('checkout branch 'orphan) rest ...) + (git "checkout" "--orphan" branch) + (loop rest)) ((('merge branch message) rest ...) (git "merge" branch "-m" message) (loop rest)) ((('merge branch message ('signer fingerprint)) rest ...) (git "merge" branch "-m" message (string-append "--gpg-sign=" fingerprint)) + (loop rest)) + ((('reset to) rest ...) + (git "reset" "--hard" to) (loop rest))))) (define (call-with-temporary-git-repository directives proc) @@ -121,6 +132,14 @@ per DIRECTIVES." (lambda (directory) exp ...))) +(define-syntax-rule (with-git-repository directory + directives exp ...) + "Evaluate EXP in a context where DIRECTORY is (further) populated as +per DIRECTIVES." + (begin + (populate-git-repository directory directives) + exp ...)) + (define (find-commit repository message) "Return the commit in REPOSITORY whose message includes MESSAGE, a string." (let/ec return diff --git a/guix/tests/gnupg.scm b/guix/tests/gnupg.scm index eb8ff63a43..c7630db912 100644 --- a/guix/tests/gnupg.scm +++ b/guix/tests/gnupg.scm @@ -33,6 +33,7 @@ read-openpgp-packet key-fingerprint + key-fingerprint-vector key-id)) (define gpg-command @@ -76,7 +77,10 @@ process is terminated afterwards." (open-bytevector-input-port (call-with-input-file file read-radix-64)))) +(define key-fingerprint-vector + (compose openpgp-public-key-fingerprint + read-openpgp-packet)) + (define key-fingerprint (compose openpgp-format-fingerprint - openpgp-public-key-fingerprint - read-openpgp-packet)) + key-fingerprint-vector)) -- 2.33.0 From debbugs-submit-bounces@debbugs.gnu.org Mon Sep 27 20:42:05 2021 Received: (at 50750) by debbugs.gnu.org; 28 Sep 2021 00:42:06 +0000 Received: from localhost ([127.0.0.1]:43211 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mV1C9-0005qH-8N for submit@debbugs.gnu.org; Mon, 27 Sep 2021 20:42:05 -0400 Received: from mail-ed1-f54.google.com ([209.85.208.54]:43776) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mV1C5-0005p9-P0 for 50750@debbugs.gnu.org; Mon, 27 Sep 2021 20:42:02 -0400 Received: by mail-ed1-f54.google.com with SMTP id v10so71902858edj.10 for <50750@debbugs.gnu.org>; Mon, 27 Sep 2021 17:42:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=sender:from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=mxCmtYduNfzRY4W65cpguVjKtVAsqcGpiJxJEGG3V5E=; b=oJAKtiQPPVOUzQYvy9PcmHHZ3tP/i0u7cP0RKK8XPXZoxTH6W9c3SlsPTT0B1Fv7CB ZDg3N8kzixZEcMZQlaX3RmmMsjYHUVsk4VV8FB7PWysAPYuhX85GjSNCWHfvExbV8qnX Z2FuikT8sYRRnrbk6V3G2NcoIJzXoDbLmSmfHpkYHWDFHmRO2qEaNxMiWwUoyDSvROSn yg+zl7joj+vLDZOW6MwqIo6epcd5F6QcqpCntGittbOxDuZKq8O7NYUKMOpyIhkHEwI1 MVtUel7bjtmc+9r8q7gnkTVlu8SZPREvIR4NoSwlAkxjyl/jxS7Aa4l7tzhnCf0Dr1D0 ywkg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; bh=mxCmtYduNfzRY4W65cpguVjKtVAsqcGpiJxJEGG3V5E=; b=oK+qN5d+vY7ElTzHwyKwJ8oQQGD/dqspR0WI9JIXzOHgPBdqizFLcTb2KIcZxREaf/ bVRHU26Z2fIHflr+735IEqDEs/gplnLlxeTJNKKac9IYVGLXl1I/toqQpvcReVZDjSHY 4ES9ijgpooWFqOt4jO7kcnI/EhbWUnpzRlmYL/MBtTr5ZrgMM3eDrvE35Pzgf4qq1EcD 3MY/DcMt/f2/xLJUCb3f8tMGZsvYOmsXKvf1b7j9tnZmcdt6ql1rk3eBunaQyyKhrw1N jhohQEHTM58l4khXWdPgr/AEHUSUN0WYncxXZeclXVdiB2dgHDQTazQi6gGcqh12ZmMw 45qQ== X-Gm-Message-State: AOAM531lDkwxD2wuyv87egXPg6pBtjtMq75uI2Sz+JN3xkYTpD0CJNhK er8RdFry2AxxekFpFsC4UsBFfnKY7r0= X-Google-Smtp-Source: ABdhPJypf1XZXTI7RWzjkjHq3UujMuuTO7gpnEy/Mwbtsc0uC50/sZnb5rGLMAz7jJAPFINOp/cPJA== X-Received: by 2002:a17:906:49d0:: with SMTP id w16mr3469784ejv.455.1632789716157; Mon, 27 Sep 2021 17:41:56 -0700 (PDT) Received: from lelap.lan (catv-213-222-131-28.catv.broadband.hu. [213.222.131.28]) by smtp.gmail.com with ESMTPSA id u4sm9396207ejc.19.2021.09.27.17.41.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 27 Sep 2021 17:41:55 -0700 (PDT) From: Attila Lendvai To: 50750@debbugs.gnu.org Subject: [PATCH 3/4] tests: Add failing test for .guix-authorizations and channel intro. Date: Tue, 28 Sep 2021 02:40:05 +0200 Message-Id: <20210928004005.28786-3-attila@lendvai.name> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20210928004005.28786-1-attila@lendvai.name> References: <20210928004005.28786-1-attila@lendvai.name> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: 0.5 (/) X-Debbugs-Envelope-To: 50750 Cc: Attila Lendvai X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.5 (/) Will be fixed in a subsequent commit. * tests/git-authenticate.scm: New test "signed commits, .guix-authorizations, channel-introduction". --- tests/git-authenticate.scm | 112 +++++++++++++++++++++++++++++++++++++ 1 file changed, 112 insertions(+) diff --git a/tests/git-authenticate.scm b/tests/git-authenticate.scm index f66ef191b0..91eaac73c1 100644 --- a/tests/git-authenticate.scm +++ b/tests/git-authenticate.scm @@ -24,6 +24,7 @@ #:use-module (guix tests git) #:use-module (guix tests gnupg) #:use-module (guix build utils) + #:use-module ((ice-9 control) #:select (let/ec)) #:use-module (srfi srfi-1) #:use-module (srfi srfi-34) #:use-module (srfi srfi-64) @@ -226,6 +227,117 @@ #:keyring-reference "master") #f))))))) +(unless (gpg+git-available?) (test-skip 1)) +(test-assert "signed commits, .guix-authorizations, channel-introduction" + (let* ((result #true) + (key1 %ed25519-public-key-file) + (key2 %ed25519-2-public-key-file) + (key3 %ed25519-3-public-key-file)) + (with-fresh-gnupg-setup (list key1 %ed25519-secret-key-file + key2 %ed25519-2-secret-key-file + key3 %ed25519-3-secret-key-file) + (with-temporary-git-repository dir + `((checkout "keyring" orphan) + (add "signer1.key" ,(call-with-input-file key1 get-string-all)) + (add "signer2.key" ,(call-with-input-file key2 get-string-all)) + (add "signer3.key" ,(call-with-input-file key3 get-string-all)) + (commit "keyring commit") + + (checkout "main" orphan) + (add "noise0") + (add ".guix-authorizations" + ,(object->string + `(authorizations + (version 0) + ((,(key-fingerprint key1) (name "Alice")))))) + (commit "commit 0" (signer ,(key-fingerprint key3))) + (add "noise1") + (commit "commit 1" (signer ,(key-fingerprint key1))) + (add "noise2") + (commit "commit 2" (signer ,(key-fingerprint key1)))) + (with-repository dir repo + (let* ((commit-0 (find-commit repo "commit 0")) + (check-from + (lambda* (commit #:key (should-fail? #false) (key key1) + (historical-authorizations + ;; key3 is trusted to authorize commit 0 + (list (key-fingerprint-vector key3)))) + (guard (c ((unauthorized-commit-error? c) + (if should-fail? + c + (let ((port (current-output-port))) + (format port "FAILURE: Unexpected exception at commit '~s':~%" + commit) + (print-exception port (stack-ref (make-stack #t) 1) + c (exception-args c)) + (set! result #false) + '())))) + (format #true "~%~%Checking ~s, should-fail? ~s, repo commits:~%" + commit should-fail?) + ;; to be able to inspect in the logs + (invoke "git" "-C" dir "log" "--reverse" "--pretty=oneline" "main") + (set! commit (find-commit repo commit)) + (authenticate-repository + repo + (commit-id commit) + (key-fingerprint-vector key) + #:historical-authorizations historical-authorizations) + (when should-fail? + (format #t "FAILURE: Authenticating commit '~s' should have failed.~%" commit) + (set! result #false)) + '())))) + (check-from "commit 0" #:key key3) + (check-from "commit 1") + (check-from "commit 2") + (with-git-repository dir + `((add "noise 3") + ;; a commit with key2 + (commit "commit 3" (signer ,(key-fingerprint key2)))) + ;; Should fail because it is signed with key2, not key1 + (check-from "commit 3" #:should-fail? #true) + ;; Specify commit 3 as a channel-introduction signed with + ;; key2. This is valid, but it should warn the user, because + ;; .guix-authorizations is not updated to include key2, which + ;; means that any subsequent commits with the same key will be + ;; rejected. + ;; + ;; TODO we should check somehow that a warning is issued + (check-from "commit 3" #:key key2)) + (with-git-repository dir + `((reset ,(oid->string (commit-id (find-commit repo "commit 2")))) + (add "noise 4") + ;; set it up properly + (add ".guix-authorizations" + ,(object->string + `(authorizations + (version 0) + ((,(key-fingerprint key1) (name "Alice")) + (,(key-fingerprint key2) (name "Bob")))))) + (commit "commit 4" (signer ,(key-fingerprint key2)))) + ;; This should fail because even though commit 4 adds key2 to + ;; .guix-authorizations, the commit itself is not authorized. + (check-from "commit 1" #:should-fail? #true) + ;; This should pass, because it's a valid channel intro at commit 4 + (check-from "commit 4" #:key key2)) + (with-git-repository dir + `((add "noise 5") + (commit "commit 5" (signer ,(key-fingerprint key2)))) + ;; This is not very intuitive: because commit 4 has once been + ;; used as a channel intro, it got marked as trusted in the + ;; ~/.cache/, and because commit 1 is one of its parent, it is + ;; also trusted. + (check-from "commit 1") + (check-from "commit 2") + ;; Should still be fine, but only when starting from commit 4 + (check-from "commit 4" #:key key2)) + (with-git-repository dir + `((add "noise 6") + (commit "commit 6" (signer ,(key-fingerprint key1)))) + (check-from "commit 1") + (check-from "commit 2") + (check-from "commit 4" #:key key2)))))) + result)) + (unless (gpg+git-available?) (test-skip 1)) (test-assert "signed commits, .guix-authorizations, authorized merge" (with-fresh-gnupg-setup (list %ed25519-public-key-file -- 2.33.0 From debbugs-submit-bounces@debbugs.gnu.org Mon Sep 27 20:42:16 2021 Received: (at 50750) by debbugs.gnu.org; 28 Sep 2021 00:42:16 +0000 Received: from localhost ([127.0.0.1]:43213 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mV1C9-0005qP-Rv for submit@debbugs.gnu.org; Mon, 27 Sep 2021 20:42:16 -0400 Received: from mail-ed1-f50.google.com ([209.85.208.50]:37526) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mV1C5-0005p8-7Q for 50750@debbugs.gnu.org; Mon, 27 Sep 2021 20:42:03 -0400 Received: by mail-ed1-f50.google.com with SMTP id ba1so18402333edb.4 for <50750@debbugs.gnu.org>; Mon, 27 Sep 2021 17:42:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=sender:from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=wKLPN+hyW7Q7RhWCvqkAqijXtBIb+aPmo8Jz/p1xlwg=; b=g9a1UPUVUbVMxLgGRGvwpTeihKmIAxStTuAP68ol6HevqDg2IN20ROpEW3nuj0UG+q yF6msNh/sSnqDjhO2kMw6Um+eGR768pyjpTGD/cCpnbIIzb4Mgj0RDNf3lGL5FOuji7u VVfuzBPYH//SAlumNBJitx/dlCHXkbS3qV1q14RerHl98ab9sotzFDtQK75yXTYiZLRT +lGyyiac/1Eq1FWi4wqT/l11dEmSP8Sa+lVeklU861KdeAluDMnRPvWPqrPX4TeQnzRt PoTYzGc3NFqXzqK36cSb7t/UzunoJ4RqET9BHvjvBJClKxpGj5Ba3NtKWZKahXRI/d3N zyOA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; bh=wKLPN+hyW7Q7RhWCvqkAqijXtBIb+aPmo8Jz/p1xlwg=; b=xaKv6DaxkvWcWkjniglBAlqZ/dzmc8VyeD/9Yd85N67EPtcUl3CtxQZ0cvmb5l3urp GDai2l1cI/uoXvcR4qILXgdz5aadR9t8Z10elblck8W6YzRZ8flbbqenijVtQqGBji5j tZSf1Zpk9/sr31gO7hBNFmxUvF9QaTlkxNIDC1D/ZXpAv4OzMt7X11coJIk3Po14HWLA 8PKB9+IhVmxRvumQ5mWpJHy7Ki3lwpiAIEZzxYdY9RpG9ZZPg3evH2VTyphGteUeFvaT PNnsGBqvFkYAfatmns1jmunFPsPop6yCLyrkKeb0Th4jHWAvc7j9f4g/pyLzka+X/xjf 5n1Q== X-Gm-Message-State: AOAM530lBvPES+BYE20qokR8yC5mHXMskjXahWIlvc1TdblbtOSbH4Z7 Eu6UbewBX8I0Tbq/lK9UJvhJqTgtqNg= X-Google-Smtp-Source: ABdhPJxViId52tOVGdzUh2+ctIjN+F/i96LDw3RDGBQ4tTlaz16VZXknxTyytgHQXNAIxNwKNN+gzg== X-Received: by 2002:a17:906:ccca:: with SMTP id ot10mr3476340ejb.429.1632789715499; Mon, 27 Sep 2021 17:41:55 -0700 (PDT) Received: from lelap.lan (catv-213-222-131-28.catv.broadband.hu. [213.222.131.28]) by smtp.gmail.com with ESMTPSA id u4sm9396207ejc.19.2021.09.27.17.41.54 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 27 Sep 2021 17:41:55 -0700 (PDT) From: Attila Lendvai To: 50750@debbugs.gnu.org Subject: [PATCH 2/4] tests: Move keys into ./tests/keys/ and add a third ed25519 key. Date: Tue, 28 Sep 2021 02:40:04 +0200 Message-Id: <20210928004005.28786-2-attila@lendvai.name> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20210928004005.28786-1-attila@lendvai.name> References: <20210928004005.28786-1-attila@lendvai.name> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: 0.6 (/) X-Debbugs-Envelope-To: 50750 Cc: Attila Lendvai X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.4 (/) The third key will be used in in upcoming commit. Rename public keys to .pub. * guix/tests/gnupg.scm (%ed25519-3-public-key-file): New variable. (%ed25519-3-secret-key-file): New variable. (%ed25519-2-public-key-file): Renamed from %ed25519bis-public-key-file. (%ed25519-2-secret-key-file): Renamed from %ed25519bis-secret-key-file. * tests/keys/ed25519-3.key: New file. * tests/keys/ed25519-3.sec: New file. --- Makefile.am | 20 +++++----- build-aux/test-env.in | 6 +-- guix/tests/gnupg.scm | 22 ++++++---- tests/channels.scm | 18 ++++----- tests/git-authenticate.scm | 23 +++++------ tests/guix-authenticate.sh | 4 +- tests/{civodul.key => keys/civodul.pub} | 0 tests/{dsa.key => keys/dsa.pub} | 0 tests/{ed25519bis.key => keys/ed25519-2.pub} | 0 tests/{ed25519bis.sec => keys/ed25519-2.sec} | 0 tests/keys/ed25519-3.pub | 9 +++++ tests/keys/ed25519-3.sec | 10 +++++ tests/{ed25519.key => keys/ed25519.pub} | 0 tests/{ => keys}/ed25519.sec | 0 tests/{rsa.key => keys/rsa.pub} | 0 tests/{ => keys}/signing-key.pub | 0 tests/{ => keys}/signing-key.sec | 0 tests/openpgp.scm | 42 +++++++++++--------- 18 files changed, 93 insertions(+), 61 deletions(-) rename tests/{civodul.key => keys/civodul.pub} (100%) rename tests/{dsa.key => keys/dsa.pub} (100%) rename tests/{ed25519bis.key => keys/ed25519-2.pub} (100%) rename tests/{ed25519bis.sec => keys/ed25519-2.sec} (100%) create mode 100644 tests/keys/ed25519-3.pub create mode 100644 tests/keys/ed25519-3.sec rename tests/{ed25519.key => keys/ed25519.pub} (100%) rename tests/{ => keys}/ed25519.sec (100%) rename tests/{rsa.key => keys/rsa.pub} (100%) rename tests/{ => keys}/signing-key.pub (100%) rename tests/{ => keys}/signing-key.sec (100%) diff --git a/Makefile.am b/Makefile.am index 042cf28464..c0a5b14f02 100644 --- a/Makefile.am +++ b/Makefile.am @@ -640,16 +640,18 @@ EXTRA_DIST += \ build-aux/update-guix-package.scm \ build-aux/update-NEWS.scm \ tests/test.drv \ - tests/signing-key.pub \ - tests/signing-key.sec \ tests/cve-sample.json \ - tests/civodul.key \ - tests/rsa.key \ - tests/dsa.key \ - tests/ed25519.key \ - tests/ed25519.sec \ - tests/ed25519bis.key \ - tests/ed25519bis.sec \ + tests/keys/signing-key.pub \ + tests/keys/signing-key.sec \ + tests/keys/civodul.pub \ + tests/keys/rsa.pub \ + tests/keys/dsa.pub \ + tests/keys/ed25519.pub \ + tests/keys/ed25519.sec \ + tests/keys/ed25519-2.pub \ + tests/keys/ed25519-2.sec \ + tests/keys/ed25519-3.pub \ + tests/keys/ed25519-3.sec \ build-aux/config.rpath \ bootstrap \ doc/build.scm \ diff --git a/build-aux/test-env.in b/build-aux/test-env.in index 7efc43206c..ca786437e9 100644 --- a/build-aux/test-env.in +++ b/build-aux/test-env.in @@ -73,9 +73,9 @@ then # Copy the keys so that the secret key has the right permissions (the # daemon errors out when this is not the case.) mkdir -p "$GUIX_CONFIGURATION_DIRECTORY" - cp "@abs_top_srcdir@/tests/signing-key.sec" \ - "@abs_top_srcdir@/tests/signing-key.pub" \ - "$GUIX_CONFIGURATION_DIRECTORY" + cp "@abs_top_srcdir@/tests/keys/signing-key.sec" \ + "@abs_top_srcdir@/tests/keys/signing-key.pub" \ + "$GUIX_CONFIGURATION_DIRECTORY" chmod 400 "$GUIX_CONFIGURATION_DIRECTORY/signing-key.sec" fi diff --git a/guix/tests/gnupg.scm b/guix/tests/gnupg.scm index c7630db912..09f02a2b67 100644 --- a/guix/tests/gnupg.scm +++ b/guix/tests/gnupg.scm @@ -28,8 +28,10 @@ %ed25519-public-key-file %ed25519-secret-key-file - %ed25519bis-public-key-file - %ed25519bis-secret-key-file + %ed25519-2-public-key-file + %ed25519-2-secret-key-file + %ed25519-3-public-key-file + %ed25519-3-secret-key-file read-openpgp-packet key-fingerprint @@ -64,13 +66,17 @@ process is terminated afterwards." (call-with-fresh-gnupg-setup imported (lambda () exp ...))) (define %ed25519-public-key-file - (search-path %load-path "tests/ed25519.key")) + (search-path %load-path "tests/keys/ed25519.pub")) (define %ed25519-secret-key-file - (search-path %load-path "tests/ed25519.sec")) -(define %ed25519bis-public-key-file - (search-path %load-path "tests/ed25519bis.key")) -(define %ed25519bis-secret-key-file - (search-path %load-path "tests/ed25519bis.sec")) + (search-path %load-path "tests/keys/ed25519.sec")) +(define %ed25519-2-public-key-file + (search-path %load-path "tests/keys/ed25519-2.pub")) +(define %ed25519-2-secret-key-file + (search-path %load-path "tests/keys/ed25519-2.sec")) +(define %ed25519-3-public-key-file + (search-path %load-path "tests/keys/ed25519-3.pub")) +(define %ed25519-3-secret-key-file + (search-path %load-path "tests/keys/ed25519-3.sec")) (define (read-openpgp-packet file) (get-openpgp-packet diff --git a/tests/channels.scm b/tests/channels.scm index 3e82315b0c..d45c450241 100644 --- a/tests/channels.scm +++ b/tests/channels.scm @@ -480,8 +480,8 @@ #t (with-fresh-gnupg-setup (list %ed25519-public-key-file %ed25519-secret-key-file - %ed25519bis-public-key-file - %ed25519bis-secret-key-file) + %ed25519-2-public-key-file + %ed25519-2-secret-key-file) (with-temporary-git-repository directory `((add ".guix-channel" ,(object->string @@ -507,7 +507,7 @@ (commit-id-string commit1) (openpgp-public-key-fingerprint (read-openpgp-packet - %ed25519bis-public-key-file)))) ;different key + %ed25519-2-public-key-file)))) ;different key (channel (channel (name 'example) (url (string-append "file://" directory)) (introduction intro)))) @@ -519,7 +519,7 @@ (oid->string (commit-id commit1)) (key-fingerprint %ed25519-public-key-file) (key-fingerprint - %ed25519bis-public-key-file)))))) + %ed25519-2-public-key-file)))))) (authenticate-channel channel directory (commit-id-string commit2) #:keyring-reference-prefix "") @@ -530,8 +530,8 @@ #t (with-fresh-gnupg-setup (list %ed25519-public-key-file %ed25519-secret-key-file - %ed25519bis-public-key-file - %ed25519bis-secret-key-file) + %ed25519-2-public-key-file + %ed25519-2-secret-key-file) (with-temporary-git-repository directory `((add ".guix-channel" ,(object->string @@ -552,12 +552,12 @@ (signer ,(key-fingerprint %ed25519-public-key-file))) (add "c.txt" "C") (commit "third commit" - (signer ,(key-fingerprint %ed25519bis-public-key-file))) + (signer ,(key-fingerprint %ed25519-2-public-key-file))) (branch "channel-keyring") (checkout "channel-keyring") (add "signer.key" ,(call-with-input-file %ed25519-public-key-file get-string-all)) - (add "other.key" ,(call-with-input-file %ed25519bis-public-key-file + (add "other.key" ,(call-with-input-file %ed25519-2-public-key-file get-string-all)) (commit "keyring commit") (checkout "master")) @@ -588,7 +588,7 @@ (unauthorized-commit-error-signing-key c)) (openpgp-public-key-fingerprint (read-openpgp-packet - %ed25519bis-public-key-file)))))) + %ed25519-2-public-key-file)))))) (authenticate-channel channel directory (commit-id-string commit3) #:keyring-reference-prefix "") diff --git a/tests/git-authenticate.scm b/tests/git-authenticate.scm index d87eacc659..f66ef191b0 100644 --- a/tests/git-authenticate.scm +++ b/tests/git-authenticate.scm @@ -161,14 +161,14 @@ (test-assert "signed commits, .guix-authorizations, unauthorized merge" (with-fresh-gnupg-setup (list %ed25519-public-key-file %ed25519-secret-key-file - %ed25519bis-public-key-file - %ed25519bis-secret-key-file) + %ed25519-2-public-key-file + %ed25519-2-secret-key-file) (with-temporary-git-repository directory `((add "signer1.key" ,(call-with-input-file %ed25519-public-key-file get-string-all)) (add "signer2.key" - ,(call-with-input-file %ed25519bis-public-key-file + ,(call-with-input-file %ed25519-2-public-key-file get-string-all)) (add ".guix-authorizations" ,(object->string @@ -184,7 +184,7 @@ (checkout "devel") (add "devel/1.txt" "1") (commit "first devel commit" - (signer ,(key-fingerprint %ed25519bis-public-key-file))) + (signer ,(key-fingerprint %ed25519-2-public-key-file))) (checkout "master") (add "b.txt" "B") (commit "second commit" @@ -203,7 +203,7 @@ (openpgp-public-key-fingerprint (unauthorized-commit-error-signing-key c)) (openpgp-public-key-fingerprint - (read-openpgp-packet %ed25519bis-public-key-file))))) + (read-openpgp-packet %ed25519-2-public-key-file))))) (and (authenticate-commits repository (list master1 master2) #:keyring-reference "master") @@ -230,14 +230,14 @@ (test-assert "signed commits, .guix-authorizations, authorized merge" (with-fresh-gnupg-setup (list %ed25519-public-key-file %ed25519-secret-key-file - %ed25519bis-public-key-file - %ed25519bis-secret-key-file) + %ed25519-2-public-key-file + %ed25519-2-secret-key-file) (with-temporary-git-repository directory `((add "signer1.key" ,(call-with-input-file %ed25519-public-key-file get-string-all)) (add "signer2.key" - ,(call-with-input-file %ed25519bis-public-key-file + ,(call-with-input-file %ed25519-2-public-key-file get-string-all)) (add ".guix-authorizations" ,(object->string @@ -258,12 +258,12 @@ %ed25519-public-key-file) (name "Alice")) (,(key-fingerprint - %ed25519bis-public-key-file)))))) + %ed25519-2-public-key-file)))))) (commit "first devel commit" (signer ,(key-fingerprint %ed25519-public-key-file))) (add "devel/2.txt" "2") (commit "second devel commit" - (signer ,(key-fingerprint %ed25519bis-public-key-file))) + (signer ,(key-fingerprint %ed25519-2-public-key-file))) (checkout "master") (add "b.txt" "B") (commit "second commit" @@ -273,7 +273,7 @@ ;; After the merge, the second signer is authorized. (add "c.txt" "C") (commit "third commit" - (signer ,(key-fingerprint %ed25519bis-public-key-file)))) + (signer ,(key-fingerprint %ed25519-2-public-key-file)))) (with-repository directory repository (let ((master1 (find-commit repository "first commit")) (master2 (find-commit repository "second commit")) @@ -328,4 +328,3 @@ 'failed))))))) (test-end "git-authenticate") - diff --git a/tests/guix-authenticate.sh b/tests/guix-authenticate.sh index 3a05b232c1..0de6da1878 100644 --- a/tests/guix-authenticate.sh +++ b/tests/guix-authenticate.sh @@ -28,7 +28,7 @@ rm -f "$sig" "$hash" trap 'rm -f "$sig" "$hash"' EXIT -key="$abs_top_srcdir/tests/signing-key.sec" +key="$abs_top_srcdir/tests/keys/signing-key.sec" key_len="`echo -n $key | wc -c`" # A hexadecimal string as long as a sha256 hash. @@ -67,7 +67,7 @@ test "$code" -ne 0 # encoded independently of the current locale: . hash="636166e9636166e9636166e9636166e9636166e9636166e9636166e9636166e9" latin1_cafe="caf$(printf '\351')" -echo "sign 21:tests/signing-key.sec 64:$hash" | guix authenticate \ +echo "sign 26:tests/keys/signing-key.sec 64:$hash" | guix authenticate \ | LC_ALL=C grep "hash sha256 \"$latin1_cafe" # Test for : make sure 'guix authenticate' produces diff --git a/tests/civodul.key b/tests/keys/civodul.pub similarity index 100% rename from tests/civodul.key rename to tests/keys/civodul.pub diff --git a/tests/dsa.key b/tests/keys/dsa.pub similarity index 100% rename from tests/dsa.key rename to tests/keys/dsa.pub diff --git a/tests/ed25519bis.key b/tests/keys/ed25519-2.pub similarity index 100% rename from tests/ed25519bis.key rename to tests/keys/ed25519-2.pub diff --git a/tests/ed25519bis.sec b/tests/keys/ed25519-2.sec similarity index 100% rename from tests/ed25519bis.sec rename to tests/keys/ed25519-2.sec diff --git a/tests/keys/ed25519-3.pub b/tests/keys/ed25519-3.pub new file mode 100644 index 0000000000..72f311984c --- /dev/null +++ b/tests/keys/ed25519-3.pub @@ -0,0 +1,9 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mDMEYVH/7xYJKwYBBAHaRw8BAQdALMLeUhjEG2/UPCJj2j/debFwwAK5gT3G0l5d +ILfFldm0FTxleGFtcGxlQGV4YW1wbGUuY29tPoiWBBMWCAA+FiEEjO6M85jMSK68 +7tINGBzA7NyoagkFAmFR/+8CGwMFCQPCZwAFCwkIBwIGFQoJCAsCBBYCAwECHgEC +F4AACgkQGBzA7Nyoagl3lgEAw6yqIlX11lTqwxBGhZk/Oy34O13cbJSZCGv+m0ja ++hcA/3DCNOmT+oXjgO/w6enQZUQ1m/d6dUjCc2wOLlLz+ZoG +=+r3i +-----END PGP PUBLIC KEY BLOCK----- diff --git a/tests/keys/ed25519-3.sec b/tests/keys/ed25519-3.sec new file mode 100644 index 0000000000..04128a4131 --- /dev/null +++ b/tests/keys/ed25519-3.sec @@ -0,0 +1,10 @@ +-----BEGIN PGP PRIVATE KEY BLOCK----- + +lFgEYVH/7xYJKwYBBAHaRw8BAQdALMLeUhjEG2/UPCJj2j/debFwwAK5gT3G0l5d +ILfFldkAAP92goSbbzQ0ttElr9lr5Cm6rmQtqUZ2Cu/Jk9fvfZROwxI0tBU8ZXhh +bXBsZUBleGFtcGxlLmNvbT6IlgQTFggAPhYhBIzujPOYzEiuvO7SDRgcwOzcqGoJ +BQJhUf/vAhsDBQkDwmcABQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEBgcwOzc +qGoJd5YBAMOsqiJV9dZU6sMQRoWZPzst+Dtd3GyUmQhr/ptI2voXAP9wwjTpk/qF +44Dv8Onp0GVENZv3enVIwnNsDi5S8/maBg== +=EmOt +-----END PGP PRIVATE KEY BLOCK----- diff --git a/tests/ed25519.key b/tests/keys/ed25519.pub similarity index 100% rename from tests/ed25519.key rename to tests/keys/ed25519.pub diff --git a/tests/ed25519.sec b/tests/keys/ed25519.sec similarity index 100% rename from tests/ed25519.sec rename to tests/keys/ed25519.sec diff --git a/tests/rsa.key b/tests/keys/rsa.pub similarity index 100% rename from tests/rsa.key rename to tests/keys/rsa.pub diff --git a/tests/signing-key.pub b/tests/keys/signing-key.pub similarity index 100% rename from tests/signing-key.pub rename to tests/keys/signing-key.pub diff --git a/tests/signing-key.sec b/tests/keys/signing-key.sec similarity index 100% rename from tests/signing-key.sec rename to tests/keys/signing-key.sec diff --git a/tests/openpgp.scm b/tests/openpgp.scm index c2be26fa49..1f20466772 100644 --- a/tests/openpgp.scm +++ b/tests/openpgp.scm @@ -59,18 +59,22 @@ vBSFjNSiVHsuAA== (define %civodul-fingerprint "3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5") -(define %civodul-key-id #x090B11993D9AEBB5) ;civodul.key - -;; Test keys. They were generated in a container along these lines: -;; guix environment -CP --ad-hoc gnupg pinentry -;; then, within the container: -;; mkdir ~/.gnupg -;; echo pinentry-program ~/.guix-profile/bin/pinentry-tty > ~/.gnupg/gpg-agent.conf -;; gpg --quick-gen-key '' rsa -;; or similar. -(define %rsa-key-id #xAE25DA2A70DEED59) ;rsa.key -(define %dsa-key-id #x587918047BE8BD2C) ;dsa.key -(define %ed25519-key-id #x771F49CBFAAE072D) ;ed25519.key +(define %civodul-key-id #x090B11993D9AEBB5) ;civodul.pub + +#| +Test keys in ./tests/keys. They were generated in a container along these lines: + guix environment -CP --ad-hoc gnupg pinentry coreutils +then, within the container: + mkdir ~/.gnupg && chmod -R og-rwx ~/.gnupg + gpg --batch --passphrase '' --quick-gen-key '' ed25519 + gpg --armor --export example@example.com + gpg --armor --export-secret-key example@example.com + # echo pinentry-program ~/.guix-profile/bin/pinentry-curses > ~/.gnupg/gpg-agent.conf +or similar. +|# +(define %rsa-key-id #xAE25DA2A70DEED59) ;rsa.pub +(define %dsa-key-id #x587918047BE8BD2C) ;dsa.pub +(define %ed25519-key-id #x771F49CBFAAE072D) ;ed25519.pub (define %rsa-key-fingerprint (base16-string->bytevector @@ -168,7 +172,7 @@ Pz7oopeN72xgggYUNT37ezqN3MeCqw0= (not (port-ascii-armored? (open-bytevector-input-port %binary-sample)))) (test-assert "get-openpgp-keyring" - (let* ((key (search-path %load-path "tests/civodul.key")) + (let* ((key (search-path %load-path "tests/keys/civodul.pub")) (keyring (get-openpgp-keyring (open-bytevector-input-port (call-with-input-file key read-radix-64))))) @@ -228,8 +232,10 @@ Pz7oopeN72xgggYUNT37ezqN3MeCqw0= (verify-openpgp-signature signature keyring (open-input-string "Hello!\n")))) (list status (openpgp-public-key-id key))))) - (list "tests/rsa.key" "tests/dsa.key" - "tests/ed25519.key" "tests/ed25519.key" "tests/ed25519.key") + (list "tests/keys/rsa.pub" "tests/keys/dsa.pub" + "tests/keys/ed25519.pub" + "tests/keys/ed25519.pub" + "tests/keys/ed25519.pub") (list %hello-signature/rsa %hello-signature/dsa %hello-signature/ed25519/sha256 %hello-signature/ed25519/sha512 @@ -248,9 +254,9 @@ Pz7oopeN72xgggYUNT37ezqN3MeCqw0= (call-with-input-file key read-radix-64)) keyring))) %empty-keyring - '("tests/rsa.key" "tests/dsa.key" - "tests/ed25519.key" "tests/ed25519.key" - "tests/ed25519.key")))) + '("tests/keys/rsa.pub" "tests/keys/dsa.pub" + "tests/keys/ed25519.pub" "tests/keys/ed25519.pub" + "tests/keys/ed25519.pub")))) (map (lambda (signature) (let ((signature (string->openpgp-packet signature))) (let-values (((status key) -- 2.33.0 From debbugs-submit-bounces@debbugs.gnu.org Mon Sep 27 20:42:17 2021 Received: (at 50750) by debbugs.gnu.org; 28 Sep 2021 00:42:17 +0000 Received: from localhost ([127.0.0.1]:43215 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mV1CK-0005qi-Hz for submit@debbugs.gnu.org; Mon, 27 Sep 2021 20:42:17 -0400 Received: from mail-ed1-f49.google.com ([209.85.208.49]:42577) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mV1C6-0005pB-KF for 50750@debbugs.gnu.org; Mon, 27 Sep 2021 20:42:03 -0400 Received: by mail-ed1-f49.google.com with SMTP id bd28so14922991edb.9 for <50750@debbugs.gnu.org>; Mon, 27 Sep 2021 17:42:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=sender:from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=lWtT8BOmyy/2jXn/1WdKfoZ+RFAfwZ9sIqhi3+mQWkk=; b=fhmVcW6/tbLVG54H0ZimqNWLXS7S2fEDlWBUi6JpwHTy6D4wPQG6DkeZDKgLYkp6aX TBgs8KmHb4xBzONDtCuF4pl5Dpou3IhVSVb0hcVVdz6lY011rTyVBfzJA5SmgwOLm7Qv M2UL4/zkSuTu6d91CJpY2qqfJshyk1g6Q9YHhbHyDKWIeR/ggSph1I46br8BOwKxH9Hs n1AV1qoWb0dMOVngCHJO7jactHrs5hz/l2LgEVLMVw/xaL3BzLOe2AwxcqrgDudivGwW xiCH4o9Fqe1DL7kDmaX75NiCKATib0JTeJpQPV9Ap8gRz0VNEvSbJfoBqylPbw7fT15T u1dg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; bh=lWtT8BOmyy/2jXn/1WdKfoZ+RFAfwZ9sIqhi3+mQWkk=; b=KGIQi9p/gVMKSyxeJE6FlnMHI5UZtIGdQOp5BewjCZYbNz8dJrVlLeqdaOkYXk+/Ry iw0KGYAWgFdLJmIHP2VwQcnv1UAyj/5MRSDzD8tbfr/ojCJ25J599G5UAUF1a58dQLyR sjOVGZsmYT0RVDrPU55dO9rObe0wux4YGJpIhIRTGq3ktGDUjFQqhUDTxJ1Z0dHaJT64 xwazRPDsRxu0SjeGdNFVkDxjd/VtgMS2lAUl3ScHUmjksM7ArDbq+5uKks95psnkpB/O R6PEK5gtvf/S58QJ/UCtNpxJPAO4do+sUpILsqG4yHZ1Jq3+97gLJ8/hB2+tJed9NOpK 6XBw== X-Gm-Message-State: AOAM532R9D0qneAwcpH3CpykNB0Boh7rsLQtlLkEqVmw01D4CEnMuZjl W5g2Wo2uvdTkqZvGbXL4K1RuQAnjHpg= X-Google-Smtp-Source: ABdhPJwBnd22PGfItRVB+MMcAgyujPSU/kW5euy++cwvsADu9RAxvG4Cy2eIOacym/ljZ7Js/QM9bA== X-Received: by 2002:a17:906:63ca:: with SMTP id u10mr3527203ejk.411.1632789716912; Mon, 27 Sep 2021 17:41:56 -0700 (PDT) Received: from lelap.lan (catv-213-222-131-28.catv.broadband.hu. [213.222.131.28]) by smtp.gmail.com with ESMTPSA id u4sm9396207ejc.19.2021.09.27.17.41.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 27 Sep 2021 17:41:56 -0700 (PDT) From: Attila Lendvai To: 50750@debbugs.gnu.org Subject: [PATCH 4/4] guix: git-authenticate: Fix authenticate-repository. Date: Tue, 28 Sep 2021 02:40:06 +0200 Message-Id: <20210928004005.28786-4-attila@lendvai.name> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20210928004005.28786-1-attila@lendvai.name> References: <20210928004005.28786-1-attila@lendvai.name> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: 0.5 (/) X-Debbugs-Envelope-To: 50750 Cc: Attila Lendvai X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.5 (/) Also authenticate the channel intro commit. * guix/git-authenticate.scm (authenticate-commit): Reword and extend the error message to point to the relevant part of the manual. (authenticate-repository): Eliminate optimizations to make the code path less dependent on the input. Always trust the intro-commit itself. Always call verify-introductory-commit. (verify-introductory-commit): Check if the commit contains the key that was used to sign it, and issue a warning otherwise. This is to avoid the confusion caused by only the *second* commit yielding an error, because intro-commits are always trusted. (authenticate-commit): Clarify error message. (authorized-keys-at-commit): Factored out to the toplevel from commit-authorized-keys. --- guix/channels.scm | 4 +- guix/git-authenticate.scm | 153 ++++++++++++++++++++++---------------- 2 files changed, 91 insertions(+), 66 deletions(-) diff --git a/guix/channels.scm b/guix/channels.scm index e4e0428eb5..b84064537f 100644 --- a/guix/channels.scm +++ b/guix/channels.scm @@ -347,8 +347,8 @@ commits)...~%") (progress-reporter/bar (length commits))) (define authentic-commits - ;; Consider the currently-used commit of CHANNEL as authentic so - ;; authentication can skip it and all its closure. + ;; Optimization: consider the currently-used commit of CHANNEL as + ;; authentic, so that authentication can skip it and all its closure. (match (find (lambda (candidate) (eq? (channel-name candidate) (channel-name channel))) (current-channels)) diff --git a/guix/git-authenticate.scm b/guix/git-authenticate.scm index ab3fcd8b2f..713642d2ea 100644 --- a/guix/git-authenticate.scm +++ b/guix/git-authenticate.scm @@ -30,6 +30,7 @@ #:select (cache-directory with-atomic-file-output)) #:use-module ((guix build utils) #:select (mkdir-p)) + #:use-module (guix diagnostics) #:use-module (guix progress) #:use-module (srfi srfi-1) #:use-module (srfi srfi-11) @@ -38,6 +39,7 @@ #:use-module (srfi srfi-35) #:use-module (rnrs bytevectors) #:use-module (rnrs io ports) + #:use-module (ice-9 exceptions) #:use-module (ice-9 match) #:autoload (ice-9 pretty-print) (pretty-print) #:export (read-authorizations @@ -159,11 +161,10 @@ return a list of authorized fingerprints." (string-downcase (string-filter char-set:graphic fingerprint)))) fingerprints)))) -(define* (commit-authorized-keys repository commit - #:optional (default-authorizations '())) - "Return the list of OpenPGP fingerprints authorized to sign COMMIT, based on -authorizations listed in its parent commits. If one of the parent commits -does not specify anything, fall back to DEFAULT-AUTHORIZATIONS." +(define (authorized-keys-at-commit repository commit default-authorizations) + "Return the list of authorized key fingerprints from the '.guix-authorizations' +file at the given commit." + (define (parents-have-authorizations-file? commit) ;; Return true if at least one of the parents of COMMIT has the ;; '.guix-authorizations' file. @@ -185,28 +186,35 @@ does not specify anything, fall back to DEFAULT-AUTHORIZATIONS." to remove '.guix-authorizations' file") (oid->string (commit-id commit))))))) - (define (commit-authorizations commit) - (catch 'git-error - (lambda () - (let* ((tree (commit-tree commit)) - (entry (tree-entry-bypath tree ".guix-authorizations")) - (blob (blob-lookup repository (tree-entry-id entry)))) - (read-authorizations - (open-bytevector-input-port (blob-content blob))))) - (lambda (key error) - (if (= (git-error-code error) GIT_ENOTFOUND) - (begin - ;; Prevent removal of '.guix-authorizations' since it would make - ;; it trivial to force a fallback to DEFAULT-AUTHORIZATIONS. - (assert-parents-lack-authorizations commit) - default-authorizations) - (throw key error))))) + (catch 'git-error + (lambda () + (let* ((tree (commit-tree commit)) + (entry (tree-entry-bypath tree ".guix-authorizations")) + (blob (blob-lookup repository (tree-entry-id entry)))) + (read-authorizations + (open-bytevector-input-port (blob-content blob))))) + (lambda (key error) + (if (= (git-error-code error) GIT_ENOTFOUND) + (begin + ;; Prevent removal of '.guix-authorizations' since it would make + ;; it trivial to force a fallback to DEFAULT-AUTHORIZATIONS. + (assert-parents-lack-authorizations commit) + default-authorizations) + (throw key error))))) +(define* (commit-authorized-keys repository commit + #:optional (default-authorizations '())) + "Return the list of OpenPGP fingerprints authorized to sign COMMIT, based on +authorizations listed in its parent commits. If one of the parent commits +does not specify anything, fall back to DEFAULT-AUTHORIZATIONS." (match (commit-parents commit) (() default-authorizations) (parents (apply lset-intersection bytevector=? - (map commit-authorizations parents))))) + (map (lambda (commit) + (authorized-keys-at-commit repository commit + default-authorizations)) + parents))))) (define* (authenticate-commit repository commit keyring #:key (default-authorizations '())) @@ -236,8 +244,8 @@ not specify anything, fall back to DEFAULT-AUTHORIZATIONS." (condition (&unauthorized-commit-error (commit id) (signing-key signing-key))) - (formatted-message (G_ "commit ~a not signed by an authorized \ -key: ~a") + (formatted-message (G_ "commit ~a is signed by an unauthorized \ +key: ~a\nSee info guix \"Specifying Channel Authorizations\".") (oid->string id) (openpgp-format-fingerprint (openpgp-public-key-fingerprint @@ -356,7 +364,8 @@ authenticated (only COMMIT-ID is written to cache, though)." (base64-encode (sha256 (string->utf8 (repository-directory repository)))))) -(define (verify-introductory-commit repository keyring commit expected-signer) +(define (verify-introductory-commit repository commit expected-signer keyring + authorizations) "Look up COMMIT in REPOSITORY, and raise an exception if it is not signed by EXPECTED-SIGNER." (define actual-signer @@ -364,13 +373,25 @@ EXPECTED-SIGNER." (commit-signing-key repository (commit-id commit) keyring))) (unless (bytevector=? expected-signer actual-signer) - (raise (formatted-message (G_ "initial commit ~a is signed by '~a' \ + (raise (make-compound-condition + (condition (&unauthorized-commit-error (commit (commit-id commit)) + (signing-key actual-signer))) + (formatted-message (G_ "initial commit ~a is signed by '~a' \ instead of '~a'") - (oid->string (commit-id commit)) - (openpgp-format-fingerprint actual-signer) - (openpgp-format-fingerprint expected-signer))))) - -(define* (authenticate-repository repository start signer + (oid->string (commit-id commit)) + (openpgp-format-fingerprint actual-signer) + (openpgp-format-fingerprint expected-signer))))) + (unless (member actual-signer + (authorized-keys-at-commit repository commit authorizations) + bytevector=?) + ;; FIXME Is this the right way to tell the user about this situation? It + ;; would also be nice if the tests could assert for this warning. + (warning (G_ "initial commit ~a does not add \ +the key it is signed with (~a) to the '.guix-authorizations' file.") + (oid->string (commit-id commit)) + (openpgp-format-fingerprint actual-signer)))) + +(define* (authenticate-repository repository intro-commit-hash intro-signer #:key (keyring-reference "keyring") (cache-key (repository-cache-key repository)) @@ -380,11 +401,12 @@ instead of '~a'") (historical-authorizations '()) (make-reporter (const progress-reporter/silent))) - "Authenticate REPOSITORY up to commit END, an OID. Authentication starts -with commit START, an OID, which must be signed by SIGNER; an exception is -raised if that is not the case. Commits listed in AUTHENTIC-COMMITS and their -closure are considered authentic. Return an alist mapping OpenPGP public keys -to the number of commits signed by that key that have been traversed. + "Authenticate REPOSITORY up to commit END, an OID. Authentication starts with +commit INTRO-COMMIT-HASH, an OID, which must be signed by INTRO-SIGNER; an +exception is raised if that is not the case. Commits listed in +AUTHENTIC-COMMITS and their closure are considered authentic. Return an +alist mapping OpenPGP public keys to the number of commits signed by that +key that have been traversed. The OpenPGP keyring is loaded from KEYRING-REFERENCE in REPOSITORY, where KEYRING-REFERENCE is the name of a branch. The list of authenticated commits @@ -393,8 +415,10 @@ is cached in the authentication cache under CACHE-KEY. HISTORICAL-AUTHORIZATIONS must be a list of OpenPGP fingerprints (bytevectors) denoting the authorized keys for commits whose parent lack the '.guix-authorizations' file." - (define start-commit - (commit-lookup repository start)) + + (define intro-commit + (commit-lookup repository intro-commit-hash)) + (define end-commit (commit-lookup repository end)) @@ -404,36 +428,37 @@ denoting the authorized keys for commits whose parent lack the (define authenticated-commits ;; Previously-authenticated commits that don't need to be checked again. (filter-map (lambda (id) + ;; We need to tolerate when cached commits disappear due to + ;; --allow-downgrades. (false-if-git-not-found (commit-lookup repository (string->oid id)))) (append (previously-authenticated-commits cache-key) - authentic-commits))) + authentic-commits + ;; The intro commit is unconditionally trusted. + (list (oid->string intro-commit-hash))))) (define commits ;; Commits to authenticate, excluding the closure of ;; AUTHENTICATED-COMMITS. - (commit-difference end-commit start-commit - authenticated-commits)) - - ;; When COMMITS is empty, it's because END-COMMIT is in the closure of - ;; START-COMMIT and/or AUTHENTICATED-COMMITS, in which case it's known to - ;; be authentic already. - (if (null? commits) - '() - (let ((reporter (make-reporter start-commit end-commit commits))) - ;; If it's our first time, verify START-COMMIT's signature. - (when (null? authenticated-commits) - (verify-introductory-commit repository keyring - start-commit signer)) - - (let ((stats (call-with-progress-reporter reporter - (lambda (report) - (authenticate-commits repository commits - #:keyring keyring - #:default-authorizations - historical-authorizations - #:report-progress report))))) - (cache-authenticated-commit cache-key - (oid->string (commit-id end-commit))) - - stats)))) + (commit-difference end-commit intro-commit + authenticated-commits)) + + (verify-introductory-commit repository intro-commit + intro-signer keyring + historical-authorizations) + + (let* ((reporter (make-reporter intro-commit end-commit commits)) + (stats (call-with-progress-reporter reporter + (lambda (report) + (authenticate-commits repository commits + #:keyring keyring + #:default-authorizations + historical-authorizations + #:report-progress report))))) + ;; Note that this will make the then current end commit of any channel, + ;; that has been used/trusted in the past with a channel introduction, + ;; remain trusted until the cache is cleared. + (cache-authenticated-commit cache-key + (oid->string (commit-id end-commit))) + + stats)) -- 2.33.0 From debbugs-submit-bounces@debbugs.gnu.org Mon Sep 27 20:47:13 2021 Received: (at 50750) by debbugs.gnu.org; 28 Sep 2021 00:47:13 +0000 Received: from localhost ([127.0.0.1]:43223 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mV1H7-0005yR-LY for submit@debbugs.gnu.org; Mon, 27 Sep 2021 20:47:13 -0400 Received: from mail-4316.protonmail.ch ([185.70.43.16]:17275) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mV1H5-0005yD-56 for 50750@debbugs.gnu.org; Mon, 27 Sep 2021 20:47:12 -0400 Date: Tue, 28 Sep 2021 00:47:02 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lendvai.name; s=protonmail2; t=1632790024; bh=/RDMMcKqsE0xg9ENRD9bFSQqdiAsQqDiWAUd5jZ/9lI=; h=Date:To:From:Reply-To:Subject:From; b=RoRSxJCIPSVhKnYmvKlKCnD8cAi/lIsFhvCEpsJoyoDfCDEIkYRSU2mExoVhpDMSx kMk5Iwq2f4EW5QIYeRstWjLXT1uS01MmE/QD6gLyuDLt07MwmXvcWJ4QVd6Q/4DsPL 2TegU5r8fct7kS2o/RSSDlMVAeQAyLZNZIFyfZbkHdLaDbLAUPiM3WDLbRHTCJklQP 5PNpawxBhlDctLWjL2nqSDQZMuocAbWq9oIjEodyhzQ06oCeIkSBMKpZZcSTmYzUYr ExEEjTrV0mbR5iqVKFMEEue16w4Be9cFJ4gon35tfHvJZEHxfWWrOC93O1BYPwcVUT iooirI6+MddvQ== To: "50750@debbugs.gnu.org" <50750@debbugs.gnu.org> From: Attila Lendvai Subject: (No Subject) Message-ID: MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="b1_zA12DEaT1gTT1pIA0fIR5J63xm12UC3ZToXJqSII" X-Spam-Status: No, score=-1.2 required=10.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,HTML_MESSAGE shortcircuit=no autolearn=disabled version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on mailout.protonmail.ch X-Spam-Score: 2.0 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: please ignore the 4-part unrelated patch series, i have sent them to the wrong address... :/ sorry for the mess! i'm still learning this alien workflow. - attila Content analysis details: (2.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 2.0 SLIGHTLY_BAD_SUBJECT Subject contains something slightly spammy -0.0 RCVD_IN_MSPIKE_H4 RBL: Very Good reputation (+4) [185.70.43.16 listed in wl.mailspike.net] -0.0 SPF_PASS SPF: sender matches SPF record -0.0 SPF_HELO_PASS SPF: HELO matches SPF record 0.0 HTML_MESSAGE BODY: HTML included in message -0.0 RCVD_IN_MSPIKE_WL Mailspike good senders X-Debbugs-Envelope-To: 50750 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Attila Lendvai Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 1.0 (+) This is a multi-part message in MIME format. --b1_zA12DEaT1gTT1pIA0fIR5J63xm12UC3ZToXJqSII Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: base64 cGxlYXNlIGlnbm9yZSB0aGUgNC1wYXJ0IHVucmVsYXRlZCBwYXRjaCBzZXJpZXMsIGkgaGF2ZSBz ZW50IHRoZW0gdG8gdGhlIHdyb25nIGFkZHJlc3MuLi4gOi8KCnNvcnJ5IGZvciB0aGUgbWVzcyEg aSdtIHN0aWxsIGxlYXJuaW5nIHRoaXMgYWxpZW4gd29ya2Zsb3cuCgotIGF0dGlsYQ== --b1_zA12DEaT1gTT1pIA0fIR5J63xm12UC3ZToXJqSII Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: base64 PGRpdj5wbGVhc2UgaWdub3JlIHRoZSA0LXBhcnQgdW5yZWxhdGVkIHBhdGNoIHNlcmllcywgaSBo YXZlIHNlbnQgdGhlbSB0byB0aGUgd3JvbmcgYWRkcmVzcy4uLiA6Lzxicj48L2Rpdj48ZGl2Pjxi cj48L2Rpdj48ZGl2PnNvcnJ5IGZvciB0aGUgbWVzcyEgaSdtIHN0aWxsIGxlYXJuaW5nIHRoaXMg YWxpZW4gd29ya2Zsb3cuPC9kaXY+PGRpdj48YnI+PC9kaXY+PGRpdiBjbGFzcz0icHJvdG9ubWFp bF9zaWduYXR1cmVfYmxvY2siPjxkaXYgY2xhc3M9InByb3Rvbm1haWxfc2lnbmF0dXJlX2Jsb2Nr LXVzZXIiPjxkaXY+LSBhdHRpbGE8YnI+PC9kaXY+PGRpdj48YnI+PC9kaXY+PC9kaXY+PC9kaXY+ PGRpdj48YnI+PC9kaXY+ --b1_zA12DEaT1gTT1pIA0fIR5J63xm12UC3ZToXJqSII-- From debbugs-submit-bounces@debbugs.gnu.org Mon Oct 04 04:45:07 2021 Received: (at 50750-done) by debbugs.gnu.org; 4 Oct 2021 08:45:07 +0000 Received: from localhost ([127.0.0.1]:35638 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mXJat-0008HP-B2 for submit@debbugs.gnu.org; Mon, 04 Oct 2021 04:45:07 -0400 Received: from flashner.co.il ([178.62.234.194]:56792) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mXJar-0008GZ-0q for 50750-done@debbugs.gnu.org; Mon, 04 Oct 2021 04:45:06 -0400 Received: from localhost (unknown [141.226.169.107]) by flashner.co.il (Postfix) with ESMTPSA id C5352402D0; Mon, 4 Oct 2021 08:44:58 +0000 (UTC) Date: Mon, 4 Oct 2021 11:42:39 +0300 From: Efraim Flashner To: Attila Lendvai Subject: Re: [bug#50750] [PATCH] gnu: Add trezor-gpg-pinentry-tk 0.0.10. Message-ID: Mail-Followup-To: Efraim Flashner , Attila Lendvai , 50750-done@debbugs.gnu.org References: <20210923080914.6149-1-attila@lendvai.name> <20210925160803.2679-1-attila@lendvai.name> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="uvrfyg+iehGsw0kb" Content-Disposition: inline In-Reply-To: <20210925160803.2679-1-attila@lendvai.name> X-PGP-Key-ID: 0x41AAE7DCCA3D8351 X-PGP-Key: https://flashner.co.il/~efraim/efraim_flashner.asc X-PGP-Fingerprint: A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351 X-Spam-Score: -0.0 (/) X-Debbugs-Envelope-To: 50750-done Cc: 50750-done@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) --uvrfyg+iehGsw0kb Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Thanks. I made a few other small changes. I added #:tests? #f to arguments, since there weren't any tests. I also moved python:tk to inputs. Since it is a leaf package we can rely on the PYTHONPATH wrapping of the binary to ensure it is available at runtime. Patch pushed! --=20 Efraim Flashner =D7=A8=D7=A0=D7=A9=D7=9C=D7=A4 = =D7=9D=D7=99=D7=A8=D7=A4=D7=90 GPG key =3D A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351 Confidentiality cannot be guaranteed on emails sent or received unencrypted --uvrfyg+iehGsw0kb Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEoov0DD5VE3JmLRT3Qarn3Mo9g1EFAmFavnsACgkQQarn3Mo9 g1EXSg/+N/1JGUfiF1jG1UKWLVM6NQmKOQXK1AOo0/SYbZqXn+amiabZrnMnPlO8 sYGSvXamhewTg+lUsjFDu8/HQ0TrujoLRtLbpKlrRmjM1ZxopYPyGejriInGI/9p Yz5s4izcRZ0STLolooB/713Mxci+srR85OUQtytbox2kTSn548yIBkv5VQdmhVRD HYBwayXIAWf/Fb7Eq0uE1ZXmO9+s06zgR29DWYyaYG16IPFZqDUonrt1wN1b9x2g qfcaCJg4QUWF587FHDqMWnKxwujnV/eEoWXvBQIs9yO8IBb4KWe2wWDfEfOGB0Fj poRFmIa5OK0GvJXBiYDYx4xkJnCdFCrXX08ng1ruFCNXZ1BbpyeYJUMycrvaTdfT saDFyLx8BgmX3u/z6WtARdxab2vCZ8eQOUvWVJ+3h/jgvEk9uiVmoJAgY9S2XgUZ mf4wF38++MG3x4mO+z0EhnUePOZWS+j81X8+mv7KQq5zYGkdnvTVciJVFdZWJqWS /NkEYj1GtH+z+MKFWRpG8/wbHqN0vv4ye00exd6xs7H5YzdgxMsPtob7qHPqJeVq CIUt+yNDIWZG4ngeo6NoOlwpE3n8O2WC07awr5P15glMCe/0qZEkGwmb8W5sRaU+ 9RxU2x2DaCjF376aGB+tHb2m9fzHkPQZ9E35rYQBrOjC7AEH3VE= =WHOi -----END PGP SIGNATURE----- --uvrfyg+iehGsw0kb-- From unknown Mon Jun 23 13:15:19 2025 Received: (at fakecontrol) by fakecontrolmessage; To: internal_control@debbugs.gnu.org From: Debbugs Internal Request Subject: Internal Control Message-Id: bug archived. Date: Mon, 01 Nov 2021 11:24:06 +0000 User-Agent: Fakemail v42.6.9 # This is a fake control message. # # The action: # bug archived. thanks # This fakemail brought to you by your local debbugs # administrator