Fix use with Sequoia Chameleon #17
Conversation
|
CI fails in several jobs. And also, please add reference to python/cpython#79174 to the description of the commit vendoring in that class. |
I’ll sort this out
It’s actually worse: we need to vendor the entire stream infrastructure, because the
|
Documentation says "It is not recommended to instantiate StreamReader objects directly", which is not the same as unsupported. |
GnuPG uses fingerprints for these keys that are 64 hex bytes, not 40 like for the other algorithms. Fix the tests to account for this.
Debian does not support these algorithms.
This command is used by Sequoia Chameleon. Fixes: QubesOS/qubes-issues#9483.
This option makes no sense in the context of split-gpg2 and fails if the gpg-agent-connection is restricted, causing Sequoia Chameleon to disconnect. Return a fake 'OK' response instead of passing the command to the agent. Fixes: QubesOS/qubes-issues#9527
DemiMarie
changed the title
DemiMarie
force-pushed
the
nop
branch
2 times, most recently
from
80ef103
to
6d95de2
Compare
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #17 +/- ##
==========================================
+ Coverage 80.86% 81.28% +0.42%
==========================================
Files 2 2
Lines 1348 1373 +25
==========================================
+ Hits 1090 1116 +26
+ Misses 258 257 -1 ☔ View full report in Codecov by Sentry. |
Since 58efb86 ("Return fake 'OK' to setting 'display' option") it has no users.
pinentry-mode=ask is the default, so this is a no-op. Return OK instead of an error code. Sequoia Chameleon sends pinentry-mode=ask and disconnects when it gets an error. Fixes: QubesOS/qubes-issues#9528
Currently, this command is blocked. GnuPG detects that the agent connection is restricted and doesn't try to use it, while Sequoia Chameleon does not implement the fallback and is unable to list secret keys or decrypt messages. Furthermore, gpg prints "gpg: problem with fast path key listing: Forbidden - ignored", which Mutt interprets as a prompt the user must respond to. This causes the user to need to press enter twice to send a signed email. Fix these problems by allowing this request. The request does not work over a restricted connection, so an unrestricted connection must be used. However, the filtering done by split-gpg2 is far stronger than the access checks in gpg-agent so there is no loss of security. Fixes: QubesOS/qubes-issues#9529
This bug is old, but it only triggers if there are no UIDs, which is why testing didn't reveal it. I suspect old versions of mypy just did not catch the bug.
- Compile all regular expressions during initialization. - Check for newline injection before sending data to the agent. - Misc cleanups.
No functional change intended.
This saves some code.
These commands are forbidden over a restricted connection to the agent, but GnuPG wars if they are not present and Sequoia Chameleon requires them. Fortunately, they are trivial to sanitize input for, so there is zero risk of an injection vulnerability. Therefore, use a separate unrestricted agent connection for these commands.
See individual commit messages for details.
Fixes: QubesOS/qubes-issues#9483
Fixes: QubesOS/qubes-issues#9527
Fixes: QubesOS/qubes-issues#9528
Fixes: QubesOS/qubes-issues#9529