[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Cvs-dev] Re: [Cvs-test-results] CVS trunk testing results (BSDI BSD/OS)
|
From: |
Derek R. Price |
|
Subject: |
[Cvs-dev] Re: [Cvs-test-results] CVS trunk testing results (BSDI BSD/OS) |
|
Date: |
Sun, 07 May 2006 23:35:10 -0400 |
|
User-agent: |
Thunderbird 1.5.0.2 (Windows/20060308) |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Larry Jones wrote:
> Derek R. Price writes:
>> Have you had a chance to try this patch out?
>
> No, not yet
Hi all,
I noticed that the only test that should fail using gnupg 1.0.3 is
openpgp-5 and tweaked my original patch to set a var and only skip
that test when this is detected.
I don't have a system with gnupg 1.0.3 here, and was about to commit
this and let Larry's nightly testing catch any problems, when the
following occurred to me (based on something Mark Baushke said to me
earlier):
Given the sensitive nature of gnupg, do we really want to cater to a
gnupg that is over 5 years old (it was released 2000-09-20) in the
test suite? I'm inclined to say no. I'm actually very tempted to
make the test suite fail completely when very old versions of gnupg
are discovered, with some sort of warnings about the sensitive nature
of gnupg and the frequency of serious security fixes in gnupg, but
keeping our tests and warnings up-to-date might become a nightmare.
Therefore, I came up with a documentation patch instead. Both the
most recent version of my patch to deal with GPG 1.0.3 and earlier as
well as the documentation patch are attached.
Does anyone have any ideas about how to warn about old GPG's in a more
general way, short of gpg --version and bumping some hard-coded rev
when we notice updates or polling the gpg website for new release
notices? Perhaps a target that only runs with
- --enable-maintainer-mode (better yet, as part of a maintainercheck or
the distcheck target) that polls gnupg.org for the latest release and
warns if the "latest gpg" version number is out of date? Am I going
overboard?
Regards,
Derek
- --
Derek R. Price
CVS Solutions Architect
Get CVS support at Ximbiot <http://ximbiot.com>!
v: +1 248.835.1260
f: +1 248.835.1263
<mailto:address@hidden>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.1 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFEXrxtLD1OTBfyMaQRAmGbAJ9+d2vKItoQsCUUMbyAbXXghOASeACgoqzF
la6AQfhgMMS5+wbnJo6pLew=
=cFJ7
-----END PGP SIGNATURE-----
Index: ChangeLog
===================================================================
RCS file: /cvsroot/cvs/ccvs/ChangeLog,v
retrieving revision 1.1296
diff -u -p -r1.1296 ChangeLog
--- ChangeLog 27 Apr 2006 18:42:25 -0000 1.1296
+++ ChangeLog 8 May 2006 03:15:17 -0000
@@ -1,3 +1,8 @@
+2006-05-07 Derek Price <address@hidden>
+
+ * configure.in: Substitute DEFAULT_SIGN_TEMPLATE and
+ DEFAULT_SIGN_TEXTMODE in addition to #defining.
+
2006-04-27 Derek Price <address@hidden>
* NEWS: Note that GSSAPI builds under HP-UX.
Index: configure.in
===================================================================
RCS file: /cvsroot/cvs/ccvs/configure.in,v
retrieving revision 1.365
diff -u -p -r1.365 configure.in
--- configure.in 25 Apr 2006 20:02:45 -0000 1.365
+++ configure.in 8 May 2006 03:15:18 -0000
@@ -121,18 +121,23 @@ fi
dnl These are defined by configure so that if the above is ever expanded to
dnl look for OpenPGP capable programs other than `gpg', the default templates
dnl can also be detected and substituted here.
+DEFAULT_SIGN_TEMPLATE="$GPG --detach-sign --output - %t %a -- %s"
+AC_SUBST([DEFAULT_SIGN_TEMPLATE])
AC_DEFINE_UNQUOTED([DEFAULT_SIGN_TEMPLATE],
- ["$GPG --detach-sign --output - %t %a -- %s"],
+ ["$DEFAULT_SIGN_TEMPLATE"],
[Define to a command line template that will write an
OpenPGP signature for the file `%s' to its standard out.
`%t' is substituted at run time with an option which flags
files as text files, when necessary, and the empty string,
otherwise. `%a' is substituted with a list of arguments
provided by the user.])
-AC_DEFINE([DEFAULT_SIGN_TEXTMODE], ["--textmode"],
- [Define to the option string that the OpenPGP program used in the
- DEFAULT_SIGN_TEMPLATE would like to see for text files (substituted
- at run time in place of `%t' in the DEFAULT_SIGN_TEMPLATE).])
+DEFAULT_SIGN_TEXTMODE=--textmode
+AC_SUBST([DEFAULT_SIGN_TEXTMODE])
+AC_DEFINE_UNQUOTED([DEFAULT_SIGN_TEXTMODE], ["$DEFAULT_SIGN_TEXTMODE"],
+ [Define to the option string that the OpenPGP program used
+ in the DEFAULT_SIGN_TEMPLATE would like to see for text
+ files (substituted at run time in place of `%t' in the
+ DEFAULT_SIGN_TEMPLATE).])
DEFAULT_VERIFY_TEMPLATE="$GPG --verify %t %a -- %S %s"
AC_SUBST([DEFAULT_VERIFY_TEMPLATE])
AC_DEFINE_UNQUOTED([DEFAULT_VERIFY_TEMPLATE],
Index: src/ChangeLog
===================================================================
RCS file: /cvsroot/cvs/ccvs/src/ChangeLog,v
retrieving revision 1.3400
diff -u -p -r1.3400 ChangeLog
--- src/ChangeLog 5 May 2006 18:34:58 -0000 1.3400
+++ src/ChangeLog 8 May 2006 03:15:20 -0000
@@ -1,3 +1,10 @@
+2006-05-07 Derek Price <address@hidden>
+
+ * sanity.config.sh.in: Add DEFAULT_SIGN_TEMPLATE &
+ DEFAULT_SIGN_TEXTMODE.
+ * sanity.sh: Test verification of concatenated signatures.
+ (openpgp-5): Skip when only first concatenated signature is reported.
+
2006-05-05 Derek Price <address@hidden>
* base.c: SERVER_ACTIVE isn't a macro, but SERVER_SUPPORT is.
Index: src/sanity.config.sh.in
===================================================================
RCS file: /cvsroot/cvs/ccvs/src/sanity.config.sh.in,v
retrieving revision 1.4
diff -u -p -r1.4 sanity.config.sh.in
--- src/sanity.config.sh.in 24 Apr 2006 18:50:27 -0000 1.4
+++ src/sanity.config.sh.in 8 May 2006 03:15:20 -0000
@@ -1,3 +1,17 @@
+# Copyright (C) 2006 The Free Software Foundation, Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2, or (at your option)
+# any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+
RSH_DFLT="@RSH_DFLT@"
GPG="@GPG@"
DEFAULT_VERIFY_TEMPLATE="@DEFAULT_VERIFY_TEMPLATE@"
+DEFAULT_SIGN_TEMPLATE="@DEFAULT_SIGN_TEMPLATE@"
+DEFAULT_SIGN_TEXTMODE="@DEFAULT_SIGN_TEXTMODE@"
Index: src/sanity.sh
===================================================================
RCS file: /cvsroot/cvs/ccvs/src/sanity.sh,v
retrieving revision 1.1136
diff -u -p -r1.1136 sanity.sh
--- src/sanity.sh 1 May 2006 20:38:28 -0000 1.1136
+++ src/sanity.sh 8 May 2006 03:15:24 -0000
@@ -1925,6 +1925,40 @@ if $gpg; then
F1D6D5842814BC3A264BE7068E0C2C7EF133BDE9:6:
EOF
+ # Very old versions of GPG (1.0.3, at least), only report the first signature
+ # when concatenated signatures are discovered. Set a var to skip tests that
+ # care.
+ echo whatever >$TESTDIR/signme
+ sign_cmd=`echo $DEFAULT_SIGN_TEMPLATE \
+ |sed -e "s/%t/$DEFAULT_SIGN_TEXTMODE/" \
+ -e s/%a// \
+ -e "s#%s#$TESTDIR/signme#"`
+ $sign_cmd >$TESTDIR/signme.sig 2>>$LOGFILE
+ $sign_cmd >>$TESTDIR/signme.sig 2>>$LOGFILE
+
+ vrfy_cmd=`echo $DEFAULT_VERIFY_TEMPLATE \
+ |sed -e "s/%t/$DEFAULT_SIGN_TEXTMODE/" \
+ -e s/%a// \
+ -e "s#%S#$TESTDIR/signme.sig#" \
+ -e "s#%s#$TESTDIR/signme#"`
+ $vrfy_cmd >$TESTDIR/gpgtmp 2>&1
+ cat $TESTDIR/gpgtmp >>$LOGFILE 2>&1
+ if expr "`cat $TESTDIR/gpgtmp`" : \
+"$DOTSTAR Good signature from \"CVS Test Script $DOTSTAR
+$DOTSTAR Good signature from \"CVS Test Script $DOTSTAR" >/dev/null 2>&1
+ then
+ gpg_reports_multiple_signatures=:
+ else
+ gpg_reports_multiple_signatures=false
+
+ echo "WARNING: Your OpenPGP implementation ($GPG) is very old. Its" >&2
+ echo "functionality will be tested inasmuch as possible, but, due to" >&2
+ echo "the sensitive nature of OpenPGP implementations, if you intend" >&2
+ echo "to employ OpenPGP commit signatures as a security precaution," >&2
+ echo "we recommend you upgrade to a more recent version." >&2
+ fi
+ rm $TESTDIR/signme* $TESTDIR/gpgtmp
+
# Some tests check the content of the RCS file and whether there is a
# signature phrase or not depends on whether they were being generated.
# The trailing EOL is important.
@@ -32947,9 +32981,13 @@ EOF
dotest openpgp-4 "$testcvs sign file1" \
"$DOTSTAR Good signature from \"CVS Test Script $DOTSTAR"
- dotest openpgp-5 "$testcvs verify file1" \
+ if $gpg_reports_multiple_signatures; then
+ dotest openpgp-5 "$testcvs verify file1" \
"$DOTSTAR Good signature from \"CVS Test Script $DOTSTAR
$DOTSTAR Good signature from \"CVS Test Script $DOTSTAR"
+ else
+ skip openpgp-5 "GPG only reports the first concatenated signature."
+ fi
dotest openpgp-6 "$testcvs sign -d0xF133BDE9 file1"
dotest_fail openpgp-7 "$testcvs verify file1" \
Index: doc/ChangeLog
===================================================================
RCS file: /cvsroot/cvs/ccvs/doc/ChangeLog,v
retrieving revision 1.954
diff -u -p -r1.954 ChangeLog
--- doc/ChangeLog 24 Apr 2006 18:50:24 -0000 1.954
+++ doc/ChangeLog 8 May 2006 03:15:05 -0000
@@ -1,3 +1,8 @@
+2006-05-07 Derek Price <address@hidden>
+
+ * cvs.texinfo (Global options, The connection method): Add warnings
+ about keeping gnupg up-to-date.
+
2006-01-20 Derek Price <address@hidden>
* cvsclient.text (Requests): Document Base-diff response.
Index: doc/cvs.texinfo
===================================================================
RCS file: /cvsroot/cvs/ccvs/doc/cvs.texinfo,v
retrieving revision 1.680
diff -u -p -r1.680 cvs.texinfo
--- doc/cvs.texinfo 24 Apr 2006 18:50:25 -0000 1.680
+++ doc/cvs.texinfo 8 May 2006 03:15:08 -0000
@@ -2334,6 +2334,12 @@ options, CVS will autonegotiate signing,
server supports it. May be overridden by the @samp{--sign} and
@samp{--no-sign}
global options (@pxref{Global options}).
address@hidden: Due to the sensitive nature of OpenPGP implementations, if you
+intend to employ CVS commit signatures as a security precaution, it is
+recommended that you make sure you are using an OpenPGP implementation with all
+the available security fixes. Check with the vendor of your OpenPGP
+implementation for information on its latest version.}
+
@item address@hidden
Use @var{template} as the command line template to generate OpenPGP signatures.
Format strings in this template are substituted before the command is run:
@@ -2356,11 +2362,23 @@ IS overridden by the @samp{--sign-templa
@pxref{Global options} and defaults to
@samp{/usr/bin/gpg --detach-sign --output - %t %a %s}.
address@hidden: Due to the sensitive nature of OpenPGP implementations, if you
+intend to employ CVS commit signatures as a security precaution, it is
+recommended that you make sure you are using an OpenPGP implementation with all
+the available security fixes. Check with the vendor of your OpenPGP
+implementation for information on its latest version.}
+
@item textmode
The value passed to both in place of %t in both the OpenPGP signature
and the OpenPGP verification command line templates. Defaults to
@samp{--textmode}.
address@hidden: Due to the sensitive nature of OpenPGP implementations, if you
+intend to employ CVS commit signatures as a security precaution, it is
+recommended that you make sure you are using an OpenPGP implementation with all
+the available security fixes. Check with the vendor of your OpenPGP
+implementation for information on its latest version.}
+
@item verify
@itemx no-verify
Force OpenPGP signature verification on checkout off, or set the failure mode.
@@ -2371,6 +2389,12 @@ received. If the server does not suppor
of @samp{fatal} will disallow the entire checkout. May be overridden by the
@samp{--verify} and @samp{--no-verify} global options (@pxref{Global options}).
address@hidden: Due to the sensitive nature of OpenPGP implementations, if you
+intend to employ CVS commit signatures as a security precaution, it is
+recommended that you make sure you are using an OpenPGP implementation with all
+the available security fixes. Check with the vendor of your OpenPGP
+implementation for information on its latest version.}
+
@item address@hidden
Use @var{template} as the command line template to verify OpenPGP signatures.
Format strings in this template are substituted before the command is run:
@@ -2396,6 +2420,12 @@ for the signed file and a non-zero exit
overridden by the @samp{--verify-template} global command line option
@pxref{Global options} and defaults to something like
@samp{/usr/bin/gpg --detach-sign --output - %t %a %S %s}.
+
address@hidden: Due to the sensitive nature of OpenPGP implementations, if you
+intend to employ CVS commit signatures as a security precaution, it is
+recommended that you make sure you are using an OpenPGP implementation with all
+the available security fixes. Check with the vendor of your OpenPGP
+implementation for information on its latest version.}
@end table
As a further example, to combine both the @code{CVS_RSH} and @code{CVS_SERVER}
@@ -8608,6 +8638,12 @@ of these options, CVS will autonegotiate
when the server supports it. Overrides the @samp{sign} and @samp{no-sign}
method options.
address@hidden: Due to the sensitive nature of OpenPGP implementations, if you
+intend to employ CVS commit signatures as a security precaution, it is
+recommended that you make sure you are using an OpenPGP implementation with all
+the available security fixes. Check with the vendor of your OpenPGP
+implementation for information on its latest version.}
+
@item --sign-template @var{template}
Use @var{template} as the command line template to generate OpenPGP signatures.
Format strings in this template are substituted before the commit is run:
@@ -8629,11 +8665,23 @@ This template should send the generated
Overrides the @samp{sign-template} method option and defaults to something like
@samp{/usr/bin/gpg --detach-sign --output - %t %a %s}.
address@hidden: Due to the sensitive nature of OpenPGP implementations, if you
+intend to employ CVS commit signatures as a security precaution, it is
+recommended that you make sure you are using an OpenPGP implementation with all
+the available security fixes. Check with the vendor of your OpenPGP
+implementation for information on its latest version.}
+
@item --textmode
The value passed to both in place of %t in both the OpenPGP signature
and the OpenPGP verification command line templates. Defaults to
@samp{--textmode}.
address@hidden: Due to the sensitive nature of OpenPGP implementations, if you
+intend to employ CVS commit signatures as a security precaution, it is
+recommended that you make sure you are using an OpenPGP implementation with all
+the available security fixes. Check with the vendor of your OpenPGP
+implementation for information on its latest version.}
+
@item --verify
@itemx --no-verify
Force OpenPGP signature verification on checkout off, or set the failure mode.
@@ -8644,6 +8692,12 @@ received. If the server does not suppor
of @samp{fatal} will disallow the entire checkout. Overrides the @samp{verify}
and @samp{no-verify} method options (@pxref{The connection method}).
address@hidden: Due to the sensitive nature of OpenPGP implementations, if you
+intend to employ CVS commit signatures as a security precaution, it is
+recommended that you make sure you are using an OpenPGP implementation with all
+the available security fixes. Check with the vendor of your OpenPGP
+implementation for information on its latest version.}
+
@item address@hidden
Use @var{template} as the command line template to verify OpenPGP signatures.
Format strings in this template are substituted before the command is run:
@@ -8669,6 +8723,12 @@ for the signed file and a non-zero exit
@samp{verify-template} method option @pxref{The connection method} and
defaults to something like
@samp{/usr/bin/gpg --detach-sign --output - %t %a %S %s}.
+
address@hidden: Due to the sensitive nature of OpenPGP implementations, if you
+intend to employ CVS commit signatures as a security precaution, it is
+recommended that you make sure you are using an OpenPGP implementation with all
+the available security fixes. Check with the vendor of your OpenPGP
+implementation for information on its latest version.}
@end table
@c - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- [Cvs-dev] Re: [Cvs-test-results] CVS trunk testing results (BSDI BSD/OS),
Derek R. Price <=
Re: [Cvs-dev] Re: [Cvs-test-results] CVS trunk testing results (BSDI BSD/OS), Mark D. Baushke, 2006/05/08