← Back to team overview

duplicity-team team mailing list archive

  1. duplicity-team team
  2. Mailing list archive
  3. Message #00581

Re: [Merge] lp:~lekensteyn/duplicity/multipass into lp:duplicity

  Thread PreviousDate PreviousThread Next 
Review: Needs Fixing
> On 11.06.2011 18:21, Lekensteyn wrote:
> > Lekensteyn has proposed merging lp:~lekensteyn/duplicity/multipass into
> lp:duplicity.
> >
> > Requested reviews:
> >   duplicity-team (duplicity-team)
> > Related bugs:
> >   Bug #684025 in ProjectStats: "Funktionalität von aus den Games in die
> Tabellen verlagern"
> >   https://bugs.launchpad.net/projectstats/+bug/684025
> >   Bug #793096 in Duplicity: "Allow to pass different passwords for --sign-
> key and --encrypt-key"
> >   https://bugs.launchpad.net/duplicity/+bug/793096
> >
> > For more details, see:
> > https://code.launchpad.net/~lekensteyn/duplicity/multipass/+merge/64307
> >
> > Enables the use of a different passphrase for the GPG signing and encryption
> key. (Closes #793096)
> > Allows to specify a different secret keyring for the GPG encryption key.
> > Updated manual page with the above two changes.
> > Do not keep asking for a passphrase confirmation, but start over on asking
> the passphrase to prevent an infinite loop. (Closes #680425)
> >
> 
> massive such a small change ;) .. one question why did you conditionalize
> 
> 136     - globals.gpg_profile.passphrase = get_passphrase(2, action)
> 137     + if not globals.gpg_profile.sign_key:
> 138     + globals.gpg_profile.passphrase = get_passphrase(2, action)
> 
> what happens if one wants to sign a symmetric encryption? currently this
> worked using the agent or the "same pass" for encryption and signing (not
> suggesting of course) .. with your addition this limitation could be lifted
> easily. did you?
> 
> thanks for the contribution, ede/duply.net

You're right, it should not check for globals.gpg_profile.sign_key but globals.gpg_profile.recipients instead. I'll test all cases as described in https://bugs.launchpad.net/duplicity/+bug/793096/comments/4

I'm setting this branch to work-in-progress so I can consider symmetric + sign.

The current duplicity version in the repository does not sign a package even if --sign-key is given.

Test:
$ duplicity --sign-key B5F0C812 /usr/share/doc/duplicity/ file://target; echo $?
...
0
$ duplicity verify --sign-key B5F0C812 /usr/share/doc/duplicity/ file://target; echo $?
Volume was signed by key None, not B5F0C812
22

In this branch, it signs the archive, but uses the signing key instead of the encryption key.

WIP, check back later

Lekensteyn
-- 
https://code.launchpad.net/~lekensteyn/duplicity/multipass/+merge/64307
Your team duplicity-team is requested to review the proposed merge of lp:~lekensteyn/duplicity/multipass into lp:duplicity.

Follow ups

References

  Thread PreviousDate PreviousThread Next