From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Ted Zlatanov Newsgroups: gmane.emacs.bugs Subject: bug#17625: 24.4.50; All installed packages marked "unsigned", no archive listed Date: Mon, 29 Sep 2014 20:33:38 -0400 Organization: =?UTF-8?Q?=D0=A2=D0=B5=D0=BE=D0=B4=D0=BE=D1=80_?= =?UTF-8?Q?=D0=97=D0=BB=D0=B0=D1=82=D0=B0=D0=BD=D0=BE=D0=B2?= @ Cienfuegos Message-ID: <87fvfahrq5.fsf@lifelogs.com> References: <87tx89ffax.fsf@pellet.i-did-not-set--mail-host-address--so-tickle-me> <2vvbsnrgpk.fsf@fencepost.gnu.org> <87mwczagnm.fsf@lifelogs.com> <87ionna453.fsf@lifelogs.com> <87egyb9ns6.fsf@lifelogs.com> Reply-To: bug-gnu-emacs@gnu.org NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" X-Trace: ger.gmane.org 1412038234 8455 80.91.229.3 (30 Sep 2014 00:50:34 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Tue, 30 Sep 2014 00:50:34 +0000 (UTC) To: 17625@debbugs.gnu.org Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Tue Sep 30 02:50:26 2014 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1XYle6-0004ia-Ij for geb-bug-gnu-emacs@m.gmane.org; Tue, 30 Sep 2014 02:50:26 +0200 Original-Received: from localhost ([::1]:39854 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XYle6-0008A0-8A for geb-bug-gnu-emacs@m.gmane.org; Mon, 29 Sep 2014 20:50:26 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:35276) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XYldw-00089l-Ar for bug-gnu-emacs@gnu.org; Mon, 29 Sep 2014 20:50:23 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XYldp-0003Gb-JV for bug-gnu-emacs@gnu.org; Mon, 29 Sep 2014 20:50:16 -0400 Original-Received: from debbugs.gnu.org ([140.186.70.43]:35863) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XYldp-0003CM-D1 for bug-gnu-emacs@gnu.org; Mon, 29 Sep 2014 20:50:09 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.80) (envelope-from ) id 1XYldj-0007D2-KU for bug-gnu-emacs@gnu.org; Mon, 29 Sep 2014 20:50:03 -0400 X-Loop: help-debbugs@gnu.org In-Reply-To: <87tx89ffax.fsf@pellet.i-did-not-set--mail-host-address--so-tickle-me> Resent-From: Ted Zlatanov Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Tue, 30 Sep 2014 00:50:03 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 17625 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: security X-Debbugs-Original-To: bug-gnu-emacs@gnu.org Original-Received: via spool by submit@debbugs.gnu.org id=B.141203815027647 (code B ref -1); Tue, 30 Sep 2014 00:50:03 +0000 Original-Received: (at submit) by debbugs.gnu.org; 30 Sep 2014 00:49:10 +0000 Original-Received: from localhost ([127.0.0.1]:55660 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1XYlcr-0007Bo-BA for submit@debbugs.gnu.org; Mon, 29 Sep 2014 20:49:10 -0400 Original-Received: from eggs.gnu.org ([208.118.235.92]:33139) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1XYlcm-0007Ba-Qp for submit@debbugs.gnu.org; Mon, 29 Sep 2014 20:49:05 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XYlcd-0002os-Nh for submit@debbugs.gnu.org; Mon, 29 Sep 2014 20:49:04 -0400 Original-Received: from lists.gnu.org ([2001:4830:134:3::11]:40340) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XYlcd-0002mc-LI for submit@debbugs.gnu.org; Mon, 29 Sep 2014 20:48:55 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:60946) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XYlNd-0006BR-9M for bug-gnu-emacs@gnu.org; Mon, 29 Sep 2014 20:33:31 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XYlNV-0007oI-0J for bug-gnu-emacs@gnu.org; Mon, 29 Sep 2014 20:33:25 -0400 Original-Received: from plane.gmane.org ([80.91.229.3]:37670) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XYlNU-0007ni-Nu for bug-gnu-emacs@gnu.org; Mon, 29 Sep 2014 20:33:16 -0400 Original-Received: from list by plane.gmane.org with local (Exim 4.69) (envelope-from ) id 1XYlNO-0006db-C1 for bug-gnu-emacs@gnu.org; Tue, 30 Sep 2014 02:33:10 +0200 Original-Received: from c-98-229-61-72.hsd1.ma.comcast.net ([98.229.61.72]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 30 Sep 2014 02:33:10 +0200 Original-Received: from tzz by c-98-229-61-72.hsd1.ma.comcast.net with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 30 Sep 2014 02:33:10 +0200 X-Injected-Via-Gmane: http://gmane.org/ Mail-Followup-To: bug-gnu-emacs@gnu.org Original-Lines: 110 Original-X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: c-98-229-61-72.hsd1.ma.comcast.net X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" Mail-Copies-To: never User-Agent: Gnus/5.130008 (Ma Gnus v0.8) Emacs/25.0.50 (gnu/linux) Cancel-Lock: sha1:pVbuUiqXbBWi2qgi745qs16b/ao= X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address (bad octet value). X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x X-Received-From: 140.186.70.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.bugs:93887 Archived-At: --=-=-= Content-Type: text/plain On Wed, 24 Sep 2014 11:05:31 -0400 Stefan Monnier wrote: >> Do you have a plan to start signing GNU ELPA packages so this can get >> tested in a real network setup? SM> GNU ELPA is now signed, Thank you for working on this! The docs should be updated: @c Uncomment this if it becomes true. @ignore The public key for the GNU package archive is distributed with Emacs, in the @file{etc/package-keyring.gpg}. Emacs uses it automatically. @end ignore The ELPA maintainer public key .gpg file is needed. Right now I can't find it so I can't actually verify any packages. Am I missing something? Are there docs on the signing process? I don't see anything in the ELPA repository under admin. >From the code it seems the EPG glue written by Daiki Ueno expects the keyring to live in `(expand-file-name "gnupg" package-user-dir)` which implies we have to provide a way, on startup, to populate that keyring if it's missing. I don't see any docs or functions to do that. It's not terribly complicated, just `gpg --homedir DIRNAME --import KEY` but it would be convenient for users if we provide a wrapper. IMHO any archives that are signed but not the GNU ELPA should be able to use this wrapper. I hope you agree, it's just a matter of avoiding hard-coding too much. I also think that we should set `package-check-signature` aggressively if we can verify a basic signature verification. So maybe that wrapper above can finish with a test run of GnuPG to ensure it will DTRT, and if so, offer to customize and save `package-check-signature`. I can atttempt all of the above... do you agree with the workflow? I am attaching a small patch to provide a "Verify" button in the package description, so the user doesn't have to try install the package to find out if it's signed. If you agree, I can commit it. Thanks Ted --=-=-= Content-Type: text/x-diff Content-Disposition: attachment; filename=package-verify-button.patch === modified file 'lisp/emacs-lisp/package.el' --- lisp/emacs-lisp/package.el 2014-09-03 04:21:40 +0000 +++ lisp/emacs-lisp/package.el 2014-09-30 00:04:22 +0000 @@ -842,8 +842,9 @@ (epg-context-result-for context 'verify))) good-signatures)))) -(defun package-install-from-archive (pkg-desc) - "Download and install a tar package." +(defun package-install-from-archive (pkg-desc &optional just-verify) + "Download and install a tar package. +When JUST-VERIFY is set, only verify the signature." (let* ((location (package-archive-base pkg-desc)) (file (concat (package-desc-full-name pkg-desc) (package-desc-suffix pkg-desc))) @@ -858,7 +859,9 @@ (unless (eq package-check-signature 'allow-unsigned) (error "Unsigned package: `%s'" (package-desc-name pkg-desc))))) - (package-unpack pkg-desc)) + ;; do the actual install + (unless just-verify + (package-unpack pkg-desc))) ;; Here the package has been installed successfully, mark it as ;; signed if appropriate. (when good-signatures @@ -1432,6 +1435,11 @@ (package-make-button "Install" 'action 'package-install-button-action + 'package-desc desc) + (insert " ") + (package-make-button + "Verify signature" + 'action 'package-verify-button-action 'package-desc desc)) (t (insert (capitalize status) "."))) (insert "\n") @@ -1546,6 +1554,13 @@ (revert-buffer nil t) (goto-char (point-min))))) +(defun package-verify-button-action (button) + (let ((pkg-desc (button-get button 'package-desc))) + (with-demoted-errors + (package-install-from-archive pkg-desc t) ; just verify + ;; note errors will preempt the following + (message "Package was verified")))) + (defun package-keyword-button-action (button) (let ((pkg-keyword (button-get button 'package-keyword))) (package-show-package-list t (list pkg-keyword)))) --=-=-=--