From 9164c8dc8380752dbbcbfec8b95fe70dd7441438 Mon Sep 17 00:00:00 2001 From: Isis Lovecruft Date: Tue, 8 Oct 2013 10:16:10 +0000 Subject: [PATCH] Add a fake status-fd command to create a trustdb.gpg if missing. For some reason, in GnuPG>=2.x, a missing/corrupted trustdb is a fatal error. This means that if the homedir was just changed, and any command which utilizes keys is called (e.g. sign, encrypt, decrypt, etc.) GnuPG dies without executing the command because we can't find a valid trustdb. What's even more is that there is a new command in GnuPG>=2.x: '--fix-trustdb'. You'd think it would, you know, *fix the trustdb*. Hah! Think again! It prints out a series of shell commands (incorrect ones, at that, as they don't respect the relevant env variables such as $GNUPGHOME) in a format which is *not* exec'able (i.e. you can't do something similar to how $ exec `ssh-agent` is used). Software engineering, motherfuckers. #FML. --- gnupg/_meta.py | 4 ++++ gnupg/_parsers.py | 2 ++ 2 files changed, 6 insertions(+) diff --git a/gnupg/_meta.py b/gnupg/_meta.py index f3e3273..3ed7b1e 100644 --- a/gnupg/_meta.py +++ b/gnupg/_meta.py @@ -511,6 +511,10 @@ class GPGBase(object): log.warn("%s" % value) elif keyword.upper().startswith("FATAL"): log.critical("%s" % value) + # Handle the gpg2 error where a missing trustdb.gpg is, + # for some stupid reason, considered fatal: + if value.find("trustdb.gpg") and value.find("No such file"): + result._handle_status('NEED_TRUSTDB', '') else: if self.verbose: log.info("%s" % line) diff --git a/gnupg/_parsers.py b/gnupg/_parsers.py index 9e230c6..e409afc 100644 --- a/gnupg/_parsers.py +++ b/gnupg/_parsers.py @@ -1290,6 +1290,8 @@ class Crypt(Verify): "MISSING_PASSPHRASE", "DECRYPTION_FAILED", "KEY_NOT_CREATED"): self.status = key.replace("_", " ").lower() + elif key == "NEED_TRUSTDB": + self._gpg._create_trustdb() elif key == "NEED_PASSPHRASE_SYM": self.status = 'need symmetric passphrase' elif key == "BEGIN_DECRYPTION":