Re: GnuPG homedir and package.el?

[Jens Lechtenboerger <jens.lechtenboerger@fsfe.org>]

[-- Attachment #1: Type: text/plain, Size: 754 bytes --]

On 2017-04-04, at 11:04, Ted Zlatanov wrote:

> I was wondering if you could provide explicit options to this variable
> with :tag descriptions, so users customizing this variable have a nice
> interface? Something like (the middle one is very untested):

That's added now.  I don't know whether there are conventions for
this, but I changed the order to have the default appear first.
I also changed the wording a bit to show my original motivation for
this patch, omit --homedir.  

What I personally don't like about this tag usage is that the
customize buffer does not show the variable's real value any longer.
Is that a bug or a feature?

Besides, I changed NEWS to mention --homedir and extended the
explanation for the manual.

Best wishes
Jens


[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0001-Introduce-customizable-variable-package-gnupghome-di.patch --]
[-- Type: text/x-diff, Size: 5890 bytes --]

From c20f785330992c3dedd587d3e016e6d246c958a0 Mon Sep 17 00:00:00 2001
From: Jens Lechtenboerger <jens.lechtenboerger@fsfe.org>
Date: Wed, 5 Apr 2017 12:19:08 +0200
Subject: [PATCH] Introduce customizable variable package-gnupghome-dir

* lisp/emacs-lisp/package.el (package-import-keyring,
  package--check-signature-content, package-check-signature):
  Use new variable package-gnupghome-dir to control which GnuPG homedir
  to use.
* doc/emacs/package.texi: Mention this.
* etc/NEWS: Mention this.
---
 doc/emacs/package.texi     | 13 ++++++++++---
 etc/NEWS                   |  7 +++++++
 lisp/emacs-lisp/package.el | 35 ++++++++++++++++++++++++++---------
 3 files changed, 43 insertions(+), 12 deletions(-)

diff --git a/doc/emacs/package.texi b/doc/emacs/package.texi
index d6f88aa..7f08000 100644
--- a/doc/emacs/package.texi
+++ b/doc/emacs/package.texi
@@ -194,14 +194,21 @@ Package Installation
 private/public pair of cryptographic keys, and use the private key to
 create a @dfn{signature file} for each package.  With the public key, you
 can use the signature files to verify who created the package, and
-that it has not been modified.  A valid signature is not a cast-iron
+that it has not been modified.  For signature verification,
+@uref{https://www.gnupg.org/, GnuPG} is used via the interface EasyPG,
+@pxref{Top,, EasyPG, epa, Emacs EasyPG Assistant Manual}.
+A valid signature is not a cast-iron
 guarantee that a package is not malicious, so you should still
 exercise caution.  Package archives should provide instructions
 on how you can obtain their public key.  One way is to download the
 key from a server such as @url{http://pgp.mit.edu/}.
 Use @kbd{M-x package-import-keyring} to import the key into Emacs.
-Emacs stores package keys in the @file{gnupg} subdirectory
-of @code{package-user-dir}.
+Emacs stores package keys in the directory specified by the variable
+@code{package-gnupghome-dir}, by default in the @file{gnupg}
+subdirectory of @code{package-user-dir}, which causes Emacs to invoke
+GnuPG with the option @samp{--homedir} when verifying signatures.
+If @code{package-gnupghome-dir} is @code{nil}, GnuPG's option
+@samp{--homedir} is omitted.
 The public key for the GNU package archive is distributed with Emacs,
 in the @file{etc/package-keyring.gpg}.  Emacs uses it automatically.
 
diff --git a/etc/NEWS b/etc/NEWS
index 8b17f16..25276e4 100644
--- a/etc/NEWS
+++ b/etc/NEWS
@@ -629,6 +629,13 @@ In 'visual-line-mode' it will look for the true beginning of a header
 while in non-'visual-line-mode' it will move the point to the indented
 header's value.
 
+** Package
+
++++
+*** The new variable 'package-gnupghome-dir' has been added to control
+where the GnuPG home directory (used for signature verification) is
+located and whether GnuPG's option "--homedir" is used or not.
+
 ** Tramp
 
 +++
diff --git a/lisp/emacs-lisp/package.el b/lisp/emacs-lisp/package.el
index 7698562..bef1e8d 100644
--- a/lisp/emacs-lisp/package.el
+++ b/lisp/emacs-lisp/package.el
@@ -307,6 +307,23 @@ package-directory-list
 (declare-function epg-find-configuration "epg-config"
                   (protocol &optional no-cache program-alist))
 
+(defcustom package-gnupghome-dir (expand-file-name "gnupg" package-user-dir)
+  "Directory containing GnuPG keyring or nil.
+This variable specifies the GnuPG home directory used by package.
+That directory is passed via the option \"--homedir\" to GnuPG.
+If nil, do not use the option \"--homedir\", but stick with GnuPG's
+default directory."
+  :type `(choice
+          (const
+           :tag "Default Emacs package management GnuPG home directory"
+           ,(expand-file-name "gnupg" package-user-dir))
+          (const
+           :tag "Default GnuPG directory (GnuPG option --homedir not used)"
+           nil)
+          (directory :tag "A specific GnuPG --homedir"))
+  :risky t
+  :version "26.1")
+
 (defcustom package-check-signature
   (if (and (require 'epg-config)
            (epg-find-configuration 'OpenPGP))
@@ -1209,9 +1226,9 @@ package--check-signature-content
   "Check signature CONTENT against STRING.
 SIG-FILE is the name of the signature file, used when signaling
 errors."
-  (let* ((context (epg-make-context 'OpenPGP))
-         (homedir (expand-file-name "gnupg" package-user-dir)))
-    (setf (epg-context-home-directory context) homedir)
+  (let ((context (epg-make-context 'OpenPGP)))
+    (when package-gnupghome-dir
+      (setf (epg-context-home-directory context) package-gnupghome-dir))
     (condition-case error
         (epg-verify-string context content string)
       (error (package--display-verify-error context sig-file)
@@ -1238,7 +1255,7 @@ package--check-signature
   "Check signature of the current buffer.
 Download the signature file from LOCATION by appending \".sig\"
 to FILE.
-GnuPG keyring is located under \"gnupg\" in `package-user-dir'.
+GnuPG keyring location depends on `package-gnupghome-dir'.
 STRING is the string to verify, it defaults to `buffer-string'.
 If ASYNC is non-nil, the download of the signature file is
 done asynchronously.
@@ -1478,11 +1495,11 @@ package-import-keyring
   "Import keys from FILE."
   (interactive "fFile: ")
   (setq file (expand-file-name file))
-  (let ((context (epg-make-context 'OpenPGP))
-        (homedir (expand-file-name "gnupg" package-user-dir)))
-    (with-file-modes 448
-      (make-directory homedir t))
-    (setf (epg-context-home-directory context) homedir)
+  (let ((context (epg-make-context 'OpenPGP)))
+    (when package-gnupghome-dir
+      (with-file-modes 448
+        (make-directory package-gnupghome-dir t))
+      (setf (epg-context-home-directory context) package-gnupghome-dir))
     (message "Importing %s..." (file-name-nondirectory file))
     (epg-import-keys-from-file context file)
     (message "Importing %s...done" (file-name-nondirectory file))))
-- 
2.7.4