Re: [PATCH 1/1] gpg-interface: add minTrustLevel as a configuration option

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Dec 20 2019, SZEDER Gábor wrote:
> On Mon, Dec 16, 2019 at 03:32:04PM +0000, Hans Jerry Illikainen wrote:
>> This patch introduces a new configuration option: gpg.minTrustLevel.  It
>> consolidates trust-level verification to gpg-interface.c and adds a new
>> `trust_level` member to the signature_check structure.
>
> This patch causes several test failures:
>
>   https://travis-ci.org/git/git/jobs/627909430#L2259
>
> I see you've already posted an updated version, so I tried it locally,
> and the same test scripts fail with the updated version as well.

Sorry for that!  I'm preparing a v2 (tested with both gpg1 and gpg2).

> I noticed that only Linux CI jobs failed, while the OSX jobs
> succeeded.  Our Linux CI jobs (and my box) are based on Ubuntu 16.04,
> and thus use GnuPG v1.4, while the OSX jobs use v2.something.  Not
> sure that the version difference is connected to the test failures,
> but I figured it's worth pointing out.

Your observation about the different GPG versions was spot on; thanks!
That explains why all tests pass on my machine as well as on a personal
CI setup for my git contributions (both using gpg2).

The issue was that the search for the end of a trust level to parse
relied on the TRUST_ line being space-separated.  But that is not always
the case for gpg1 (only the lowest-two trust levels contain a space
followed by additional information in gpg1).

-- 
hji



[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]

  Powered by Linux