[PATCH] [EMACS] Adjust notmuch-crypto gpg call-process function

[PATCH] [EMACS] Adjust notmuch-crypto gpg call-process function

[John Byrnes]

[-- Attachment #1.1: Type: text/plain, Size: 697 bytes --]


Hey Notmuchers,

I'm running the latest NixOS and noticed that the system does not
install gpgv1 by default. This means that the only gpg binary available
is the gpg2 binary.

I found that notmuch-crypto.el hardcodes the GnuPG binary as gpg.  I
thought it might make more sense to rely on the setting provided by 
EasyPG to locate the correct GnuPG binary.

The patch is quite simple - it just replaces "gpg" with the
epg-gpg-program variable in each place it's used.

-	(call-process "gpg" nil t t "--list-keys" fingerprint))
+	(call-process epg-gpg-program nil t t "--list-keys" fingerprint))

I tested the changes locally and it seems to work OK. 

Happy New Year!
John


[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1.2: 0001-Adjusted-notmuch-crypto-gpg-call-process-function-to.patch --]
[-- Type: text/x-patch, Size: 1559 bytes --]

From 88097c2618335bb82b1e1fa197a51f280b5bc15f Mon Sep 17 00:00:00 2001
From: John Byrnes <john@johnbyrnes.info>
Date: Tue, 3 Jan 2017 21:37:49 -0500
Subject: [PATCH] Adjusted notmuch-crypto gpg call-process function to respect
 the GPG program set by the EasyPG epg-gpg-program variable.

This is to correct a problem observed on NixOS where only gpg2 is
installed by default. The Notmuch Emacs frontend fails when trying to
access someone's key to verify their signature when it cannot find the
GPG binary.
---
 emacs/notmuch-crypto.el | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/emacs/notmuch-crypto.el b/emacs/notmuch-crypto.el
index 68a7e9f..c5111fd 100644
--- a/emacs/notmuch-crypto.el
+++ b/emacs/notmuch-crypto.el
@@ -140,7 +140,7 @@ mode."
     (with-selected-window window
       (with-current-buffer buffer
 	(goto-char (point-max))
-	(call-process "gpg" nil t t "--list-keys" fingerprint))
+	(call-process epg-gpg-program nil t t "--list-keys" fingerprint))
       (recenter -1))))
 
 (defun notmuch-crypto-sigstatus-error-callback (button)
@@ -151,9 +151,9 @@ mode."
     (with-selected-window window
       (with-current-buffer buffer
 	(goto-char (point-max))
-	(call-process "gpg" nil t t "--recv-keys" keyid)
+	(call-process epg-gpg-program nil t t "--recv-keys" keyid)
 	(insert "\n")
-	(call-process "gpg" nil t t "--list-keys" keyid))
+	(call-process epg-gpg-program nil t t "--list-keys" keyid))
       (recenter -1))
     (notmuch-show-refresh-view)))
 
-- 
2.10.0


[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 454 bytes --]

Re: [PATCH] [EMACS] Adjust notmuch-crypto gpg call-process function

[Daniel Kahn Gillmor]

[-- Attachment #1: Type: text/plain, Size: 1219 bytes --]

On Tue 2017-01-03 21:55:48 -0500, John Byrnes wrote:
> I'm running the latest NixOS and noticed that the system does not
> install gpgv1 by default. This means that the only gpg binary available
> is the gpg2 binary.
>
> I found that notmuch-crypto.el hardcodes the GnuPG binary as gpg.  I
> thought it might make more sense to rely on the setting provided by 
> EasyPG to locate the correct GnuPG binary.
>
> The patch is quite simple - it just replaces "gpg" with the
> epg-gpg-program variable in each place it's used.
>
> -	(call-process "gpg" nil t t "--list-keys" fingerprint))
> +	(call-process epg-gpg-program nil t t "--list-keys" fingerprint))

I think this is reasonable.  We're already setting epg-gpg-program in
test/test-lib.sh, and in debian, epg-gpg-program is provided by
epg-config.el, which is part of emacs$VERSION-el, which is a dependency
of emacs$VERSION-common.

If we wanted to be extra careful, we could try to make it fall back to
plain "gpg" if epg-gpg-program is unset.

fwiw, debian will be shipping gpg2 as /usr/bin/gpg in stretch, and the
old 1.4 branch will be /usr/bin/gpg1 -- is there a reason that NixOS
isn't shipping gpg2 as /usr/bin/gpg ?

      --dkg

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 832 bytes --]

Re: [PATCH] [EMACS] Adjust notmuch-crypto gpg call-process function

[Tomi Ollila]

On Wed, Jan 04 2017, Daniel Kahn Gillmor <dkg@fifthhorseman.net> wrote:

> On Tue 2017-01-03 21:55:48 -0500, John Byrnes wrote:
>> I'm running the latest NixOS and noticed that the system does not
>> install gpgv1 by default. This means that the only gpg binary available
>> is the gpg2 binary.
>>
>> I found that notmuch-crypto.el hardcodes the GnuPG binary as gpg.  I
>> thought it might make more sense to rely on the setting provided by 
>> EasyPG to locate the correct GnuPG binary.
>>
>> The patch is quite simple - it just replaces "gpg" with the
>> epg-gpg-program variable in each place it's used.
>>
>> -	(call-process "gpg" nil t t "--list-keys" fingerprint))
>> +	(call-process epg-gpg-program nil t t "--list-keys" fingerprint))
>
> I think this is reasonable.  We're already setting epg-gpg-program in
> test/test-lib.sh, and in debian, epg-gpg-program is provided by
> epg-config.el, which is part of emacs$VERSION-el, which is a dependency
> of emacs$VERSION-common.
>
> If we wanted to be extra careful, we could try to make it fall back to
> plain "gpg" if epg-gpg-program is unset.

Well, I don't know how to add epg-gpg-program to this fedora 25
installation... 

>
> fwiw, debian will be shipping gpg2 as /usr/bin/gpg in stretch, and the
> old 1.4 branch will be /usr/bin/gpg1 -- is there a reason that NixOS
> isn't shipping gpg2 as /usr/bin/gpg ?

On Fedora 25:

zsh$ rpm -q -f =gpg

gnupg-1.4.21-1.fc25.x86_64

zsh$ rpm -q -f =gpg2

gnupg2-2.1.13-2.fc25.x86_64

zsh$ echo =gpg =gpg2

/usr/bin/gpg /usr/bin/gpg2

Tomi

>       --dkg

Re: [PATCH] [EMACS] Adjust notmuch-crypto gpg call-process function

[John Byrnes]

[-- Attachment #1: Type: text/plain, Size: 313 bytes --]


Hi Tomi,

> Well, I don't know how to add epg-gpg-program to this fedora 25
> installation... 

epg-gpg-program is an elisp variable which points to the actual GnuPG
binary on your system. You can customize this by setting it in your
init.el or in the Emacs customization mode.

Best regards,
John


[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 455 bytes --]

Re: [PATCH] [EMACS] Adjust notmuch-crypto gpg call-process function

[John Byrnes]

[-- Attachment #1: Type: text/plain, Size: 1862 bytes --]

> I think this is reasonable.  We're already setting epg-gpg-program in
> test/test-lib.sh, and in debian, epg-gpg-program is provided by
> epg-config.el, which is part of emacs$VERSION-el, which is a dependency
> of emacs$VERSION-common.

I believe that epg is part of the standard emacs packages now.  It
should be available wherever Emacs is.

> If we wanted to be extra careful, we could try to make it fall back to
> plain "gpg" if epg-gpg-program is unset.

This isn't a bad idea. My elisp-fu is limited, but I think that I can
probably figure out how to do this.  It looks like epg-gpg-program is
set with this in epg-config.el.

https://github.com/emacs-mirror/emacs/blob/65eee8392ff95f58f7b0bd036e1fe065523658c6/lisp/epg-config.el

(defcustom epg-gpg-program (if (executable-find "gpg2")
                               "gpg2"
                                                            "gpg")
                                                              "The `gpg'
                               executable.
                               Setting this variable directly does not
                               take effect;
                               instead use \\[customize] (see the info
                               node `Easy Customization')."
                                 :version "25.1"
                                   :group 'epg
                                     :type 'string)



> fwiw, debian will be shipping gpg2 as /usr/bin/gpg in stretch, and the
> old 1.4 branch will be /usr/bin/gpg1 -- is there a reason that NixOS
> isn't shipping gpg2 as /usr/bin/gpg ?

I actually have no idea.  I'm usually a Debian user, but liked the idea
of having a reproducible setup which was easy to move between
machines. Nix works pretty well, but there are a lot of rough edges --
like not having gpg linked to gpg2.

Best regards,
John


[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 455 bytes --]

Re: [PATCH] [EMACS] Adjust notmuch-crypto gpg call-process function

[Tomi Ollila]

On Thu, Jan 05 2017, John Byrnes <john@johnbyrnes.info> wrote:

>> I think this is reasonable.  We're already setting epg-gpg-program in
>> test/test-lib.sh, and in debian, epg-gpg-program is provided by
>> epg-config.el, which is part of emacs$VERSION-el, which is a dependency
>> of emacs$VERSION-common.
>
> I believe that epg is part of the standard emacs packages now.  It
> should be available wherever Emacs is.

I found that epg-gpg-program -- thanks -- the problem was that i typoed
this epg (i think egp or something -- it's so hard... ;)


>> If we wanted to be extra careful, we could try to make it fall back to
>> plain "gpg" if epg-gpg-program is unset.

Just tested -- GNU Emacs 23.1.1 has /usr/share/emacs/23.1/lisp/epg-config.elc
and that defines epg-gpg-program (so definitely all (yet supported and)
non-deprecated emacs versions have it.

Tomi

Re: [PATCH] [EMACS] Adjust notmuch-crypto gpg call-process function

[Tomi Ollila]

On Wed, Jan 04 2017, John Byrnes <john@johnbyrnes.info> wrote:

> Hey Notmuchers,
>
> I'm running the latest NixOS and noticed that the system does not
> install gpgv1 by default. This means that the only gpg binary available
> is the gpg2 binary.
>
> I found that notmuch-crypto.el hardcodes the GnuPG binary as gpg.  I
> thought it might make more sense to rely on the setting provided by 
> EasyPG to locate the correct GnuPG binary.
>
> The patch is quite simple - it just replaces "gpg" with the
> epg-gpg-program variable in each place it's used.
>
> -	(call-process "gpg" nil t t "--list-keys" fingerprint))
> +	(call-process epg-gpg-program nil t t "--list-keys" fingerprint))
>
> I tested the changes locally and it seems to work OK. 

epg-gpg-program seems to be available "everywhere" (*) -- just that
(requre 'epg-config) should probably be added.

(*) On Scientific Linux 6.2:
  
  $ rpm -q -f /usr/share/emacs/23.1/lisp/epg-config.elc
  emacs-common-23.1-21.el6.x86_64

So, one should expect it to exist in all newer emacses too...

Tomi

>
> Happy New Year!
> John
>
> From 88097c2618335bb82b1e1fa197a51f280b5bc15f Mon Sep 17 00:00:00 2001
> From: John Byrnes <john@johnbyrnes.info>
> Date: Tue, 3 Jan 2017 21:37:49 -0500
> Subject: [PATCH] Adjusted notmuch-crypto gpg call-process function to respect
>  the GPG program set by the EasyPG epg-gpg-program variable.
>
> This is to correct a problem observed on NixOS where only gpg2 is
> installed by default. The Notmuch Emacs frontend fails when trying to
> access someone's key to verify their signature when it cannot find the
> GPG binary.
> ---
>  emacs/notmuch-crypto.el | 6 +++---
>  1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/emacs/notmuch-crypto.el b/emacs/notmuch-crypto.el
> index 68a7e9f..c5111fd 100644
> --- a/emacs/notmuch-crypto.el
> +++ b/emacs/notmuch-crypto.el
> @@ -140,7 +140,7 @@ mode."
>      (with-selected-window window
>        (with-current-buffer buffer
>  	(goto-char (point-max))
> -	(call-process "gpg" nil t t "--list-keys" fingerprint))
> +	(call-process epg-gpg-program nil t t "--list-keys" fingerprint))
>        (recenter -1))))
>  
>  (defun notmuch-crypto-sigstatus-error-callback (button)
> @@ -151,9 +151,9 @@ mode."
>      (with-selected-window window
>        (with-current-buffer buffer
>  	(goto-char (point-max))
> -	(call-process "gpg" nil t t "--recv-keys" keyid)
> +	(call-process epg-gpg-program nil t t "--recv-keys" keyid)
>  	(insert "\n")
> -	(call-process "gpg" nil t t "--list-keys" keyid))
> +	(call-process epg-gpg-program nil t t "--list-keys" keyid))
>        (recenter -1))
>      (notmuch-show-refresh-view)))
>  
> -- 
> 2.10.0
>
> _______________________________________________
> notmuch mailing list
> notmuch@notmuchmail.org
> https://notmuchmail.org/mailman/listinfo/notmuch