Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 172971 - Review Request: pgp-tools
Summary: Review Request: pgp-tools
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: Package Review
Version: rawhide
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Dmitry Butskoy
QA Contact: David Lawrence
URL: http://domsch.com/linux/fedora/extras...
Whiteboard:
Depends On:
Blocks: FE-ACCEPT
TreeView+ depends on / blocked
 
Reported: 2005-11-11 18:21 UTC by Matt Domsch
Modified: 2013-09-12 16:36 UTC (History)
2 users (show)

Fixed In Version: 0.4.4-3.20051123svn
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2005-11-29 19:17:31 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)
Suggested changes for the spec-file (deleted)
2005-11-24 13:33 UTC, Dmitry Butskoy
no flags Details | Diff

Description Matt Domsch 2005-11-11 18:21:23 UTC
Spec Name or Url: http://domsch.com/linux/fedora/extras/pgp-tools/pgp-tools.spec
SRPM Name or Url: http://domsch.com/linux/fedora/extras/pgp-tools/pgp-tools-0.4.4-1.src.rpm

Description:
This is a collection of several projects relating to OpenPGP.
* caff: CA - Fire and Forget signs and mails a key
* pgp-clean: removes all non-self signatures from key
* pgp-fixkey: removes broken packets from keys
* gpg-mailkeys: simply mail out a signed key to its owner
* gpg-key2ps: generate PostScript file with fingerprint paper strips
* gpglist: show who signed which of your UIDs
* gpgsigs: annotates list of GnuPG keys with already done signatures
* keylookup: ncurses wrapper around gpg --search

In particular, caff has become the most accepted and simplest way to sign keys following a keysigning party.

Comment 1 Need Real Name 2005-11-11 19:27:29 UTC
Any chance of this making Core?

Comment 2 Dmitry Butskoy 2005-11-24 13:32:10 UTC
Remarks & nitpicks:

- remove leading "A" from Summary.
- IMHO Group should be Applications/System (the same as for gnupg)
- it is better to simplify License field (assume BSD,GPL is enough)
- Source0 is not full URL. If it is impossible to obtain the tarball at some 
Internet location, write a comment how to obtain this tarball by svn ...
- use "/usr/sbin/sendmail" instead of "sendmail" for Requires tag:
/usr/sbin/sendmail is actually needed, and it can be provided by different mail
packages (sendmail, postfix, exim, etc.)
- license file for GPL looks messy (extra text present). May be just use
"keylookup/COPYING" instead?
- use macros instead of hardcoded path (/usr/bin, /usr/share/man)
- %install and pre-%doc-preparing can be made more easily
- only "debian/copyright" seems to be actually useful from the debian/ subdirectory






Comment 3 Dmitry Butskoy 2005-11-24 13:33:08 UTC
Created attachment 121452 [details]
Suggested changes for the spec-file

Comment 4 Matt Domsch 2005-11-28 20:10:35 UTC
Changes applied, updated checkout from subversion, added comment about how to
get source from subversion, and modified name per PackageNamingGuidelines for
post-release packages.

http://domsch.com/linux/fedora/extras/pgp-tools/pgp-tools.spec
http://domsch.com/linux/fedora/extras/pgp-tools/pgp-tools-0.4.4-2.20051123svn.src.rpm


Comment 5 Dmitry Butskoy 2005-11-29 12:59:18 UTC
> modified name per PackageNamingGuidelines
OK

- caff: ??? yet no idea how to check this

- gpg-key2ps: works (it would be useful to have an option to print US Dollars
too :-))

- gpg-mailkeys: works

- gpglist: works

- gpgsigs: ??? yet no idea how to check this

- keylookup: does NOT work. 'gpg --search ...' works, but keylookup does not work :(

- pgp-clean: does NOT work. Produces:
"Can't locate GnuPG/Interface.pm in @INC" ...

- pgp-fixkey: does NOT work. The same as above:
"Can't locate GnuPG/Interface.pm in @INC" ...

Perhaps some "Requires" are needed for pgp-{clean|fixkey}.

Could you any idea how I can easily test "caff" and "gpgsign" ?


Comment 6 Matt Domsch 2005-11-29 13:15:18 UTC
pgp-clean and pgp-fixkey work for me, as I've got the perl-GnuPG-Interface 
package installed, which the pgp-tools package lists as an rpm Requires auto-
generated.  keylookup works for me too, after fixing the permissions on files 
in ~/.gnupg/* so that gpg didn't complain.  These are all on x86_64 FC4.

gpgsigs needs recode, which I missed as a dependency.  I'll fix that.

I'll see about test processes for caff and gpgsigs.

Comment 7 Dmitry Butskoy 2005-11-29 13:33:44 UTC
> which the pgp-tools package lists as an rpm Requires auto-generated.
Oops. Sorry. :)

> keylookup works for me too, after fixing the permissions on files 
> in ~/.gnupg/* so that gpg didn't complain.
Hmmm. My gpg say nothing bad when I do 'gpg --search'.
What is your permissions exactly?

Comment 8 Matt Domsch 2005-11-29 13:38:10 UTC
~/.gnupg 0700
~/.gnupg/* 0600


Comment 9 Matt Domsch 2005-11-29 14:54:33 UTC
to test caff, I generated a new key, and used caff to sign it.  (I didn't push 
the test key to the keyservers, but manually imported it into caff's 
keyring).  This worked as expected.

As for testing gpgsigs, here's what I did, this worked as expected.

$ gpg --list-keys pgp-tools-test > /tmp/to-sign
$  gpgsigs 92F0FC09 /tmp/to-sign /tmp/signed
Running --list-sigs, this will take a while .
Annotating /tmp/to-sign, writing into /tmp/signed
[mdomsch@pws370 ~]$ cat /tmp/signed
pub   1024D/50765F1F 2005-11-29
(S) uid                  Fedora pgp-tools test key <pgp-tools-test>
sub   2048g/457DBB5A 2005-11-29

Legend:
(S) signed with 92F0FC09


Comment 10 Matt Domsch 2005-11-29 15:21:26 UTC
Requires: perl(Locale::Recode) added for gpgsigs.

http://domsch.com/linux/fedora/extras/pgp-tools/pgp-tools.spec
http://domsch.com/linux/fedora/extras/pgp-tools/pgp-tools-0.4.4-
2.20051123svn.src.rpm


Comment 11 Dmitry Butskoy 2005-11-29 15:47:43 UTC
keylookup still is an issue for me:

> ~/.gnupg 0700
> ~/.gnupg/* 0600
the same


[buc@buc buc]$ gpg --keyserver=pgp.mit.edu --search dmitry
gpg: searching for "dmitry" from HKP server pgp.mit.edu
Keys 1-1 of 1 for "dmitry"
(1)     Dmitry Butskoy (buc) <dmitry>
          1024 bit DSA key 4F33DE20, created 2005-08-03
Enter number(s), N)ext, or Q)uit > q
[buc@buc buc]$
[buc@buc buc]$ keylookup --keyserver=pgp.mit.edu dmitry
gpg: searching for "dmitry" from HKP server pgp.mit.edu
GnuPG did not find any keys matching your search string.
[buc@buc buc]$

i.e. gpg works, keylookup not...


pgp-clean: invokes "gpg" which read stdin (according to strace(1) tracing), but
nothing happen...

pgp-fixkey: seems to work

gpgsign: works

caff: seems to work




Comment 12 Matt Domsch 2005-11-29 15:56:06 UTC
For me:
$ keyserver --keyserver=pgp.mit.edu dmitry
(insert pretty ncurses screenshot showing me your key)

local problem?


Comment 13 Matt Domsch 2005-11-29 15:58:28 UTC
$ pgp-clean 92F0FC09 
outputs to stdout my armored key, stripped of sigs.

Comment 14 Dmitry Butskoy 2005-11-29 16:07:34 UTC
> (insert pretty ncurses screenshot showing me your key)
It is from "keylookup" to you, or from you to me? :)

> pgp-clean 92F0FC09 
import your key, invoke "pgp-clean 92F0FC09", the same silence results.

My distro is FC3.

Maybe something is missed in Requires (like for Locale::Recode) ?


Comment 15 Dmitry Butskoy 2005-11-29 16:19:15 UTC
Actually, keylookup invokes "gpg" as this:

gpg --keyserver=pgp.mit.edu --command-fd=0 --batch --no-tty --with-colons
--fixed-list-mode --search dmitry

(and then type Ctrl-D)

For me it outputs:
gpg: searching for "dmitry" from HKP server pgp.mit.edu
Keys 1-1 of 1 for "dmitry"
(1)     Dmitry Butskoy (buc) <dmitry>
          1024 bit DSA key 4F33DE20, created 2005-08-03
Q


What "gpg" outputs exactly with the same cmdline for you?

Comment 16 Matt Domsch 2005-11-29 16:59:20 UTC
$ gpg --keyserver=pgp.mit.edu --command-fd=0 --batch --no-tty --with-colons --
fixed-list-mode --search dmitry
gpg: searching for "dmitry" from hkp server pgp.mit.edu
pub:4F33DE20:17:1024:1123156023::
uid:Dmitry Butskoy (buc) <dmitry>
Q

I think this is because FC3 has gnupg 1.2, and FC4 has gnupg 1.4.  perl-GnuPG-
Interface had to have patch on the FC3 branch to deal with this.  I'm inclined 
not to put pgp-tools on FC3 and ignore this. :-)


Comment 17 Dmitry Butskoy 2005-11-29 17:04:58 UTC
OK

MUST/SHOULD items OK
Works (assume) fine.

APPROVED!



Comment 18 Matt Domsch 2005-11-29 19:17:31 UTC
Builds for FC-4 and devel branches complete.  Closing.

Comment 19 Jochen Schmitt 2013-09-12 16:24:12 UTC
Package Change Request
======================
Package Name: pgp-tools
New Branches: el-5, el-6
Owners: s4504kr

Comment 20 Gwyn Ciesla 2013-09-12 16:36:02 UTC
EL branches already exist.


Note You need to log in before you can comment on or make changes to this bug.