Deal with incompatability in gpg2, which caused prompts for encryption passphrases rather than using the supplied --passphrase-fd.

This commit is contained in:
Joey Hess 2013-01-16 15:27:46 -04:00
parent 264bc5354e
commit 88df952243
4 changed files with 18 additions and 1 deletions

View file

@ -58,6 +58,9 @@ pipeStrict params input = do
- should write to it all the data to input to gpg. Finally, runs
- a reader action that is passed a handle to gpg's output.
-
- Runs gpg in batch mode; this is necessary to avoid gpg 2.x prompting for
- the passphrase.
-
- Note that to avoid deadlock with the cleanup stage,
- the reader must fully consume gpg's input before returning. -}
feedRead :: [CommandParam] -> String -> (Handle -> IO ()) -> (Handle -> IO a) -> IO a
@ -71,7 +74,7 @@ feedRead params passphrase feeder reader = do
let Fd pfd = frompipe
let passphrasefd = [Param "--passphrase-fd", Param $ show pfd]
params' <- stdParams $ passphrasefd ++ params
params' <- stdParams $ [Param "--batch"] ++ passphrasefd ++ params
closeFd frompipe `after`
withBothHandles createProcessSuccess (proc "gpg" params') go
where

2
debian/changelog vendored
View file

@ -8,6 +8,8 @@ git-annex (3.20130115) UNRELEASED; urgency=low
* webapp: Has a page to view the log, accessed from the control menu.
* webapp: Fix crash adding removable drive that has an annex directory
in it that is not a git repository.
* Deal with incompatability in gpg2, which caused prompts for encryption
passphrases rather than using the supplied --passphrase-fd.
-- Joey Hess <joeyh@debian.org> Mon, 14 Jan 2013 18:35:01 -0400

View file

@ -15,3 +15,7 @@ So I create a new passphrase (two times) for each file I tried to upload. The pr
What's this new passphrase for?
BTW: git-annex version: 3.20130102 same precompiled binary on Arch Linux.
> I've reproduced this with gpg 2.0.19. It is a documented incompatability
> between gpg 1.x and 2.x; the latter needs --batch included in its
> parameters. I've put in a fix. [[done]]

View file

@ -36,3 +36,11 @@ What version of git-annex are you using? On what operating system?
Please provide any additional information below.
> Symmetric encryption is used as described in [[design/encryption]],
> with the symmetric key stored encrypted using your gpg key.
>
> The extra prompting described in the comments in the bug.
>
> I've reproduced this with gpg 2.0.19. It is a documented incompatability
> between gpg 1.x and 2.x; the latter needs --batch included in its
> parameters. I've put in a fix. [[done]]