* bug#52483: GnuPG 2.2.30 cannot do symmetric encryption
@ 2021-12-14 16:46 Leo Famulari
2021-12-14 17:32 ` Leo Famulari
` (2 more replies)
0 siblings, 3 replies; 12+ messages in thread
From: Leo Famulari @ 2021-12-14 16:46 UTC (permalink / raw)
To: 52483
[-- Attachment #1.1: Type: text/plain, Size: 786 bytes --]
Our GnuPG package is version 2.2.30, which includes this bug:
https://dev.gnupg.org/T5577
The effect of this bug is that symmetric encryption / decryption does
not work. The bug was fixed in 2.2.31 and 2.3.3.
Changing GnuPG will cause 2406 rebuilds. I think that's suboptimal but
it's the situation.
There is a gnupg-2.2.32 package, but it's hidden because it would break
emacs-pinentry:
https://git.savannah.gnu.org/cgit/guix.git/tree/gnu/packages/gnupg.scm?id=861ee6d908fefc47d765f81e33cdf6f84b6d50eb#n350
Here is a patch that unhides gnupg-2.2.32, updates it to 2.2.33, and
makes emacs-pinentry use that package variant.
If emacs-pinentry cannot use a current GnuPG, what should we do? And
maybe we don't need emacs-pinentry anymore?:
https://emacs.stackexchange.com/a/64721
[-- Attachment #1.2: 0001-gnu-GnuPG-Update-gnupg-2.2.32-to-2.2.33.patch --]
[-- Type: text/plain, Size: 2319 bytes --]
From b80a537cb9529b2f186519684901fe2be9e0a0f0 Mon Sep 17 00:00:00 2001
From: Leo Famulari <leo@famulari.name>
Date: Tue, 14 Dec 2021 11:40:28 -0500
Subject: [PATCH] gnu: GnuPG: Update gnupg-2.2.32 to 2.2.33.
* gnu/packages/gnupg.scm (gnupg-2.2.32): Replace with ...
(gnupg-2.2.33): ... new variable.
* gnu/packages/emacs-xyz.scm (emacs-pinentry)[propagated-inputs]: Use
gnupg-2.2.33.
---
gnu/packages/emacs-xyz.scm | 2 +-
gnu/packages/gnupg.scm | 13 +++----------
2 files changed, 4 insertions(+), 11 deletions(-)
diff --git a/gnu/packages/emacs-xyz.scm b/gnu/packages/emacs-xyz.scm
index 32915fb6ed..5ce07645ce 100644
--- a/gnu/packages/emacs-xyz.scm
+++ b/gnu/packages/emacs-xyz.scm
@@ -21238,7 +21238,7 @@ (define-public emacs-pinentry
"1lf30q6r8nz5cjzclbb9bbymsk2y75nskvb55hnjdv93gr3j0sik"))))
(build-system emacs-build-system)
(propagated-inputs
- (list gnupg))
+ (list gnupg-2.2.33))
(home-page "https://elpa.gnu.org/packages/pinentry.html")
(synopsis "GnuPG Pinentry server implementation")
(description
diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm
index 665e9e3021..fc7c1fbee0 100644
--- a/gnu/packages/gnupg.scm
+++ b/gnu/packages/gnupg.scm
@@ -347,24 +347,17 @@ (define-public gnupg
(properties '((ftp-server . "ftp.gnupg.org")
(ftp-directory . "/gcrypt/gnupg")))))
-(define-public gnupg-2.2.32
+(define-public gnupg-2.2.33
(package
(inherit gnupg)
- (version "2.2.32")
-
- ;; Hide this version because packages like 'emacs-pinentry' propagate the
- ;; default GnuPG and "guix install gnupg emacs-pinentry" would fail with a
- ;; collision error.
- (properties `((hidden? . #t)
- ,@(package-properties gnupg)))
-
+ (version "2.2.33")
(source (origin
(inherit (package-source gnupg))
(uri (string-append "mirror://gnupg/gnupg/gnupg-" version
".tar.bz2"))
(sha256
(base32
- "0506gv54z10c96z5821z9p0ksibk1pfilsmag39ffqrcz0sinmxj"))))))
+ "1qz403080hwba8j8vpnfkvh7clg1dbg74kdn1d0p0g84iip87246"))))))
(define-public gnupg-1
(package (inherit gnupg)
--
2.34.0
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply related [flat|nested] 12+ messages in thread
* bug#52483: GnuPG 2.2.30 cannot do symmetric encryption
2021-12-14 16:46 bug#52483: GnuPG 2.2.30 cannot do symmetric encryption Leo Famulari
@ 2021-12-14 17:32 ` Leo Famulari
2021-12-14 17:33 ` bug#52483: [PATCH v2] gnu: GnuPG: Update gnupg-2.2.32 to 2.2.33 Leo Famulari
2021-12-19 1:32 ` Michael Rohleder
2 siblings, 0 replies; 12+ messages in thread
From: Leo Famulari @ 2021-12-14 17:32 UTC (permalink / raw)
To: 52483
[-- Attachment #1: Type: text/plain, Size: 413 bytes --]
On Tue, Dec 14, 2021 at 11:46:12AM -0500, Leo Famulari wrote:
> Here is a patch that unhides gnupg-2.2.32, updates it to 2.2.33, and
> makes emacs-pinentry use that package variant.
After sending this patch, I noticed that gnupg-2.2.32 is also used by
qgpgme. This bug was noticed earlier, but misinterpreted.
Expect a v2 patch that uses 'gnupg-next' instead of gnupg-2.2.33, and
adjusts all users accordingly.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 12+ messages in thread
* bug#52483: [PATCH v2] gnu: GnuPG: Update gnupg-2.2.32 to 2.2.33.
2021-12-14 16:46 bug#52483: GnuPG 2.2.30 cannot do symmetric encryption Leo Famulari
2021-12-14 17:32 ` Leo Famulari
@ 2021-12-14 17:33 ` Leo Famulari
2021-12-17 17:32 ` Leo Famulari
2021-12-19 1:32 ` Michael Rohleder
2 siblings, 1 reply; 12+ messages in thread
From: Leo Famulari @ 2021-12-14 17:33 UTC (permalink / raw)
To: 52483
* gnu/packages/gnupg.scm (gnupg-2.2.32): Replace with ...
(gnupg-next): ... new variable.
(qgpgme)[native-inputs]: Replace gnupg-2.2.32 with gnupg-next.
* gnu/packages/emacs-xyz.scm (emacs-pinentry)[propagated-inputs]: Use
gnupg-next.
---
gnu/packages/emacs-xyz.scm | 2 +-
gnu/packages/gnupg.scm | 18 ++++--------------
2 files changed, 5 insertions(+), 15 deletions(-)
diff --git a/gnu/packages/emacs-xyz.scm b/gnu/packages/emacs-xyz.scm
index 32915fb6ed..b9818e92b9 100644
--- a/gnu/packages/emacs-xyz.scm
+++ b/gnu/packages/emacs-xyz.scm
@@ -21238,7 +21238,7 @@ (define-public emacs-pinentry
"1lf30q6r8nz5cjzclbb9bbymsk2y75nskvb55hnjdv93gr3j0sik"))))
(build-system emacs-build-system)
(propagated-inputs
- (list gnupg))
+ (list gnupg-next))
(home-page "https://elpa.gnu.org/packages/pinentry.html")
(synopsis "GnuPG Pinentry server implementation")
(description
diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm
index 665e9e3021..78dc1e2276 100644
--- a/gnu/packages/gnupg.scm
+++ b/gnu/packages/gnupg.scm
@@ -347,24 +347,17 @@ (define-public gnupg
(properties '((ftp-server . "ftp.gnupg.org")
(ftp-directory . "/gcrypt/gnupg")))))
-(define-public gnupg-2.2.32
+(define-public gnupg-next
(package
(inherit gnupg)
- (version "2.2.32")
-
- ;; Hide this version because packages like 'emacs-pinentry' propagate the
- ;; default GnuPG and "guix install gnupg emacs-pinentry" would fail with a
- ;; collision error.
- (properties `((hidden? . #t)
- ,@(package-properties gnupg)))
-
+ (version "2.2.33")
(source (origin
(inherit (package-source gnupg))
(uri (string-append "mirror://gnupg/gnupg/gnupg-" version
".tar.bz2"))
(sha256
(base32
- "0506gv54z10c96z5821z9p0ksibk1pfilsmag39ffqrcz0sinmxj"))))))
+ "1qz403080hwba8j8vpnfkvh7clg1dbg74kdn1d0p0g84iip87246"))))))
(define-public gnupg-1
(package (inherit gnupg)
@@ -440,11 +433,8 @@ (define-public qgpgme
(chdir "lang/qt")
#t)))))
(native-inputs
- ;; Use GnuPG 2.2.32. With 2.2.30, 'testSymmetricEncryptDecrypt' in
- ;; t-encrypt.cpp fails because 'gpg' wrongfully ask for a passphrase do
- ;; decrypt the cypher text.
(modify-inputs (package-native-inputs gpgme)
- (replace "gnupg" gnupg-2.2.32)
+ (replace "gnupg" gnupg-next)
(prepend pkg-config)))
(inputs
(modify-inputs (package-inputs gpgme)
--
2.34.0
^ permalink raw reply related [flat|nested] 12+ messages in thread
* bug#52483: [PATCH v2] gnu: GnuPG: Update gnupg-2.2.32 to 2.2.33.
2021-12-14 17:33 ` bug#52483: [PATCH v2] gnu: GnuPG: Update gnupg-2.2.32 to 2.2.33 Leo Famulari
@ 2021-12-17 17:32 ` Leo Famulari
2021-12-18 4:56 ` bug#52483: GnuPG 2.2.30 cannot do symmetric encryption Maxim Cournoyer
0 siblings, 1 reply; 12+ messages in thread
From: Leo Famulari @ 2021-12-17 17:32 UTC (permalink / raw)
To: 52483
On Tue, Dec 14, 2021 at 12:33:39PM -0500, Leo Famulari wrote:
> -(define-public gnupg-2.2.32
> +(define-public gnupg-next
I noticed that this package variant omits the pinentry patch. In any
case, I'm testing a full upgrade of gnupg to 2.2.33 for the version-1.4.0
branch.
^ permalink raw reply [flat|nested] 12+ messages in thread
* bug#52483: GnuPG 2.2.30 cannot do symmetric encryption
2021-12-17 17:32 ` Leo Famulari
@ 2021-12-18 4:56 ` Maxim Cournoyer
2021-12-18 23:53 ` Leo Famulari
0 siblings, 1 reply; 12+ messages in thread
From: Maxim Cournoyer @ 2021-12-18 4:56 UTC (permalink / raw)
To: Leo Famulari; +Cc: 52483
Hi!
Leo Famulari <leo@famulari.name> writes:
> On Tue, Dec 14, 2021 at 12:33:39PM -0500, Leo Famulari wrote:
>> -(define-public gnupg-2.2.32
>> +(define-public gnupg-next
>
> I noticed that this package variant omits the pinentry patch. In any
> case, I'm testing a full upgrade of gnupg to 2.2.33 for the version-1.4.0
> branch.
I'm testing this:
--8<---------------cut here---------------start------------->8---
gnu: gnupg: Update to 2.3.3.
* gnu/packages/gnupg.scm (gnupg): Update to 2.3.3.
(gnupg-2.2.32): Delete variable.
(qgpgme)[native-inputs]: Use the regular gnupg package.
1 file changed, 4 insertions(+), 28 deletions(-)
gnu/packages/gnupg.scm | 32 ++++----------------------------
modified gnu/packages/gnupg.scm
@@ -279,15 +279,15 @@ (define-public npth
(define-public gnupg
(package
(name "gnupg")
- (version "2.2.30")
+ (version "2.3.3")
(source (origin
(method url-fetch)
- (uri (string-append "mirror://gnupg/gnupg/gnupg-" version
+ (uri (string-append "ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-" version
".tar.bz2"))
(patches (search-patches "gnupg-default-pinentry.patch"))
(sha256
(base32
- "1111ry31gaxv76miqsy6l0kwxwlx8sz0jk41jhyrjwx649p6sqyc"))))
+ "0dz9x0r5021bhk1kjh29m1q13xbslwb8yn9qzcp7b9m1lrnvi2ap"))))
(build-system gnu-build-system)
(native-inputs
(list pkg-config))
@@ -347,25 +347,6 @@ (define-public gnupg
(properties '((ftp-server . "ftp.gnupg.org")
(ftp-directory . "/gcrypt/gnupg")))))
-(define-public gnupg-2.2.32
- (package
- (inherit gnupg)
- (version "2.2.32")
-
- ;; Hide this version because packages like 'emacs-pinentry' propagate the
- ;; default GnuPG and "guix install gnupg emacs-pinentry" would fail with a
- ;; collision error.
- (properties `((hidden? . #t)
- ,@(package-properties gnupg)))
-
- (source (origin
- (inherit (package-source gnupg))
- (uri (string-append "mirror://gnupg/gnupg/gnupg-" version
- ".tar.bz2"))
- (sha256
- (base32
- "0506gv54z10c96z5821z9p0ksibk1pfilsmag39ffqrcz0sinmxj"))))))
-
(define-public gnupg-1
(package (inherit gnupg)
(version "1.4.23")
@@ -437,14 +418,9 @@ (define-public qgpgme
"lang/cpp/src/libgpgmepp.la")
(symlink (string-append gpgme "/lib/libgpgme.la")
"src/libgpgme.la"))
- (chdir "lang/qt")
- #t)))))
+ (chdir "lang/qt"))))))
(native-inputs
- ;; Use GnuPG 2.2.32. With 2.2.30, 'testSymmetricEncryptDecrypt' in
- ;; t-encrypt.cpp fails because 'gpg' wrongfully ask for a passphrase do
- ;; decrypt the cypher text.
(modify-inputs (package-native-inputs gpgme)
- (replace "gnupg" gnupg-2.2.32)
(prepend pkg-config)))
(inputs
(modify-inputs (package-inputs gpgme)
--8<---------------cut here---------------end--------------->8---
Maxim
^ permalink raw reply [flat|nested] 12+ messages in thread
* bug#52483: GnuPG 2.2.30 cannot do symmetric encryption
2021-12-18 4:56 ` bug#52483: GnuPG 2.2.30 cannot do symmetric encryption Maxim Cournoyer
@ 2021-12-18 23:53 ` Leo Famulari
2021-12-19 20:25 ` Maxim Cournoyer
0 siblings, 1 reply; 12+ messages in thread
From: Leo Famulari @ 2021-12-18 23:53 UTC (permalink / raw)
To: Maxim Cournoyer; +Cc: 52483
On Fri, Dec 17, 2021 at 11:56:41PM -0500, Maxim Cournoyer wrote:
> I'm testing this:
>
> --8<---------------cut here---------------start------------->8---
> gnu: gnupg: Update to 2.3.3.
>
> * gnu/packages/gnupg.scm (gnupg): Update to 2.3.3.
> (gnupg-2.2.32): Delete variable.
> (qgpgme)[native-inputs]: Use the regular gnupg package.
Okay. Make sure to also adjust emacs-pinentry.
I tested with GnuPG 2.2.23 by building all packages that depend directly
on GnuPG. There were no new failures on x86_64-linux when using GnuPG
2.2.32.
^ permalink raw reply [flat|nested] 12+ messages in thread
* bug#52483: GnuPG 2.2.30 cannot do symmetric encryption
2021-12-14 16:46 bug#52483: GnuPG 2.2.30 cannot do symmetric encryption Leo Famulari
2021-12-14 17:32 ` Leo Famulari
2021-12-14 17:33 ` bug#52483: [PATCH v2] gnu: GnuPG: Update gnupg-2.2.32 to 2.2.33 Leo Famulari
@ 2021-12-19 1:32 ` Michael Rohleder
2 siblings, 0 replies; 12+ messages in thread
From: Michael Rohleder @ 2021-12-19 1:32 UTC (permalink / raw)
To: Leo Famulari; +Cc: 52483
[-- Attachment #1: Type: text/plain, Size: 591 bytes --]
Leo Famulari <leo@famulari.name> writes:
> If emacs-pinentry cannot use a current GnuPG, what should we do? And
> maybe we don't need emacs-pinentry anymore?:
>
> https://emacs.stackexchange.com/a/64721
>
I don't think emacs-pinentry is needed, because adding
"allow-emacs-pinentry" to gpg-agent.conf worked (for me) (at least)
since several years in (guix) emacs w/o using emacs-pinentry (or other
emacs customization).
---
Wir kommen nackt auf diese Welt und atmen ein.
Wir atmen aus und verlassen diese Welt mit leeren Händen.
und dazwischen gestalten wir unser Leben.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 511 bytes --]
^ permalink raw reply [flat|nested] 12+ messages in thread
* bug#52483: GnuPG 2.2.30 cannot do symmetric encryption
2021-12-18 23:53 ` Leo Famulari
@ 2021-12-19 20:25 ` Maxim Cournoyer
2021-12-19 20:33 ` Leo Famulari
2021-12-19 20:36 ` Leo Famulari
0 siblings, 2 replies; 12+ messages in thread
From: Maxim Cournoyer @ 2021-12-19 20:25 UTC (permalink / raw)
To: Leo Famulari; +Cc: 52483
Hi Leo,
Leo Famulari <leo@famulari.name> writes:
> On Fri, Dec 17, 2021 at 11:56:41PM -0500, Maxim Cournoyer wrote:
>> I'm testing this:
>>
>> --8<---------------cut here---------------start------------->8---
>> gnu: gnupg: Update to 2.3.3.
>>
>> * gnu/packages/gnupg.scm (gnupg): Update to 2.3.3.
>> (gnupg-2.2.32): Delete variable.
>> (qgpgme)[native-inputs]: Use the regular gnupg package.
>
> Okay. Make sure to also adjust emacs-pinentry.
>
> I tested with GnuPG 2.2.23 by building all packages that depend directly
> on GnuPG. There were no new failures on x86_64-linux when using GnuPG
> 2.2.32.
I ended up sticking with 2.2.33, since this is the current "LTS"
release. Unfortunately it fails 3 new tests of python-gnupg, and its
author think it is a regression in GnuPG itself [0].
[0] https://github.com/vsajip/python-gnupg/issues/163
We'll see what upstream has to say about it.
Thank you,
Maxim
^ permalink raw reply [flat|nested] 12+ messages in thread
* bug#52483: GnuPG 2.2.30 cannot do symmetric encryption
2021-12-19 20:25 ` Maxim Cournoyer
@ 2021-12-19 20:33 ` Leo Famulari
2021-12-19 20:36 ` Leo Famulari
1 sibling, 0 replies; 12+ messages in thread
From: Leo Famulari @ 2021-12-19 20:33 UTC (permalink / raw)
To: Maxim Cournoyer; +Cc: 52483
On Sun, Dec 19, 2021 at 03:25:42PM -0500, Maxim Cournoyer wrote:
> I ended up sticking with 2.2.33, since this is the current "LTS"
> release. Unfortunately it fails 3 new tests of python-gnupg, and its
> author think it is a regression in GnuPG itself [0].
>
> [0] https://github.com/vsajip/python-gnupg/issues/163
Right, this is why I used 2.2.32.
^ permalink raw reply [flat|nested] 12+ messages in thread
* bug#52483: GnuPG 2.2.30 cannot do symmetric encryption
2021-12-19 20:25 ` Maxim Cournoyer
2021-12-19 20:33 ` Leo Famulari
@ 2021-12-19 20:36 ` Leo Famulari
2021-12-23 0:01 ` Leo Famulari
2021-12-26 22:46 ` Leo Famulari
1 sibling, 2 replies; 12+ messages in thread
From: Leo Famulari @ 2021-12-19 20:36 UTC (permalink / raw)
To: Maxim Cournoyer; +Cc: 52483
On Sun, Dec 19, 2021 at 03:25:42PM -0500, Maxim Cournoyer wrote:
> > I tested with GnuPG 2.2.23 by building all packages that depend directly
> > on GnuPG. There were no new failures on x86_64-linux when using GnuPG
> > 2.2.32.
I see that my message was confusing, with mixed up version numbers.
There's no regressions on x86_64 with 2.2.32. Since it fixes this bug,
I'd like to make it available soon. Maybe we can unhide the gnupg-2.2.32
variable, and remove emacs-pinentry, since everyone is saying that it's
no longer useful.
^ permalink raw reply [flat|nested] 12+ messages in thread
* bug#52483: GnuPG 2.2.30 cannot do symmetric encryption
2021-12-19 20:36 ` Leo Famulari
@ 2021-12-23 0:01 ` Leo Famulari
2021-12-26 22:46 ` Leo Famulari
1 sibling, 0 replies; 12+ messages in thread
From: Leo Famulari @ 2021-12-23 0:01 UTC (permalink / raw)
To: Maxim Cournoyer; +Cc: 52483
On Sun, Dec 19, 2021 at 03:36:25PM -0500, Leo Famulari wrote:
> On Sun, Dec 19, 2021 at 03:25:42PM -0500, Maxim Cournoyer wrote:
> > > I tested with GnuPG 2.2.23 by building all packages that depend directly
> > > on GnuPG. There were no new failures on x86_64-linux when using GnuPG
> > > 2.2.32.
>
> I see that my message was confusing, with mixed up version numbers.
> There's no regressions on x86_64 with 2.2.32. Since it fixes this bug,
> I'd like to make it available soon. Maybe we can unhide the gnupg-2.2.32
> variable, and remove emacs-pinentry, since everyone is saying that it's
> no longer useful.
Here are patches for this: <https://issues.guix.gnu.org/52744>
^ permalink raw reply [flat|nested] 12+ messages in thread
* bug#52483: GnuPG 2.2.30 cannot do symmetric encryption
2021-12-19 20:36 ` Leo Famulari
2021-12-23 0:01 ` Leo Famulari
@ 2021-12-26 22:46 ` Leo Famulari
1 sibling, 0 replies; 12+ messages in thread
From: Leo Famulari @ 2021-12-26 22:46 UTC (permalink / raw)
To: Maxim Cournoyer; +Cc: 52483-done
On Sun, Dec 19, 2021 at 03:36:25PM -0500, Leo Famulari wrote:
> On Sun, Dec 19, 2021 at 03:25:42PM -0500, Maxim Cournoyer wrote:
> > > I tested with GnuPG 2.2.23 by building all packages that depend directly
> > > on GnuPG. There were no new failures on x86_64-linux when using GnuPG
> > > 2.2.32.
>
> I see that my message was confusing, with mixed up version numbers.
> There's no regressions on x86_64 with 2.2.32. Since it fixes this bug,
> I'd like to make it available soon. Maybe we can unhide the gnupg-2.2.32
> variable, and remove emacs-pinentry, since everyone is saying that it's
> no longer useful.
I pushed commit d03aa942d, which makes GnuPG 2.2.32 available in the UI.
I didn't remove emacs-pinentry... that's something that Emacs users
should decide how to handle.
^ permalink raw reply [flat|nested] 12+ messages in thread
end of thread, other threads:[~2021-12-26 22:47 UTC | newest]
Thread overview: 12+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2021-12-14 16:46 bug#52483: GnuPG 2.2.30 cannot do symmetric encryption Leo Famulari
2021-12-14 17:32 ` Leo Famulari
2021-12-14 17:33 ` bug#52483: [PATCH v2] gnu: GnuPG: Update gnupg-2.2.32 to 2.2.33 Leo Famulari
2021-12-17 17:32 ` Leo Famulari
2021-12-18 4:56 ` bug#52483: GnuPG 2.2.30 cannot do symmetric encryption Maxim Cournoyer
2021-12-18 23:53 ` Leo Famulari
2021-12-19 20:25 ` Maxim Cournoyer
2021-12-19 20:33 ` Leo Famulari
2021-12-19 20:36 ` Leo Famulari
2021-12-23 0:01 ` Leo Famulari
2021-12-26 22:46 ` Leo Famulari
2021-12-19 1:32 ` Michael Rohleder
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.