Skip to content

Fixing Windows issues #206

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
instantname wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Fixing Windows issues #206

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
e7e3853
Keep Python paths as much as possible in the code
instantname Sep 2, 2017
ea96545
Allow iterating over extensions more than once
instantname Sep 10, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
58 changes: 29 additions & 29 deletions gnupg/_meta.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,8 @@
# -*- coding: utf-8 -*-
#
# This file is part of python-gnupg, a Python interface to GnuPG.
# Copyright © 2013 Isis Lovecruft, <isis@leap.se> 0xA3ADB67A2CDB8B35
# Copyright @ 2017 Nicolas Bruot <bruotn@gmail.com>
# © 2013 Isis Lovecruft, <isis@leap.se> 0xA3ADB67A2CDB8B35
# © 2013 Andrej B.
# © 2013 LEAP Encryption Access Project
# © 2008-2012 Vinay Sajip
Expand Down Expand Up @@ -181,10 +182,8 @@ def __init__(self, binary=None, home=None, keyring=None, secring=None,
self.ignore_homedir_permissions = ignore_homedir_permissions
self.binary = _util._find_binary(binary)
self.homedir = os.path.expanduser(home) if home else _util._conf
pub = _parsers._fix_unsafe(keyring) if keyring else 'pubring.gpg'
sec = _parsers._fix_unsafe(secring) if secring else 'secring.gpg'
self.keyring = os.path.join(self._homedir, pub)
self.secring = os.path.join(self._homedir, sec)
self.keyring = os.path.join(self._homedir, keyring or 'pubring.gpg')
self.secring = os.path.join(self._homedir, secring or 'secring.gpg')
self.options = list(_parsers._sanitise_list(options)) if options else None

#: The version string of our GnuPG binary
Expand Down Expand Up @@ -419,28 +418,27 @@ def _homedir_setter(self, directory):
% _util._conf)
directory = _util._conf

hd = _parsers._fix_unsafe(directory)
Copy link
Owner

@isislovecruft isislovecruft Jul 25, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd strongly prefer to fix unsafe strings as early as possible to prevent potential problems while working with them later. (For example, this is part of what makes this library not vulnerable to SigSpoof.)

log.debug("GPGBase._homedir_setter(): got directory '%s'" % hd)
log.debug("GPGBase._homedir_setter(): got directory '%s'" % directory)

if hd:
log.debug("GPGBase._homedir_setter(): Check existence of '%s'" % hd)
_util._create_if_necessary(hd)
if directory:
log.debug("GPGBase._homedir_setter(): Check existence of '%s'" % directory)
_util._create_if_necessary(directory)

if self.ignore_homedir_permissions:
self._homedir = hd
self._homedir = directory
else:
try:
log.debug("GPGBase._homedir_setter(): checking permissions")
assert _util._has_readwrite(hd), \
"Homedir '%s' needs read/write permissions" % hd
assert _util._has_readwrite(directory), \
"Homedir '%s' needs read/write permissions" % directory
except AssertionError as ae:
msg = ("Unable to set '%s' as GnuPG homedir" % directory)
log.debug("GPGBase.homedir.setter(): %s" % msg)
log.debug(str(ae))
raise RuntimeError(str(ae))
else:
log.info("Setting homedir to '%s'" % hd)
self._homedir = hd
log.info("Setting homedir to '%s'" % directory)
self._homedir = directory

homedir = _util.InheritableProperty(_homedir_getter, _homedir_setter)

Expand Down Expand Up @@ -473,26 +471,25 @@ def _generated_keys_setter(self, directory):
log.debug("GPGBase._generated_keys_setter(): Using '%s'"
% directory)

hd = _parsers._fix_unsafe(directory)
log.debug("GPGBase._generated_keys_setter(): got directory '%s'" % hd)
log.debug("GPGBase._generated_keys_setter(): got directory '%s'" % directory)

if hd:
if directory:
log.debug("GPGBase._generated_keys_setter(): Check exists '%s'"
% hd)
_util._create_if_necessary(hd)
% directory)
_util._create_if_necessary(directory)

try:
log.debug("GPGBase._generated_keys_setter(): check permissions")
assert _util._has_readwrite(hd), \
"Keys dir '%s' needs read/write permissions" % hd
assert _util._has_readwrite(directory), \
"Keys dir '%s' needs read/write permissions" % directory
except AssertionError as ae:
msg = ("Unable to set '%s' as generated keys dir" % directory)
log.debug("GPGBase._generated_keys_setter(): %s" % msg)
log.debug(str(ae))
raise RuntimeError(str(ae))
else:
log.info("Setting homedir to '%s'" % hd)
self.__generated_keys = hd
log.info("Setting homedir to '%s'" % directory)
self.__generated_keys = directory

_generated_keys = _util.InheritableProperty(_generated_keys_getter,
_generated_keys_setter)
Expand Down Expand Up @@ -542,15 +539,18 @@ def _make_args(self, args, passphrase=False):
process.
"""
## see TODO file, tag :io:makeargs:
cmd = [self.binary,
cmd = [_parsers._fix_unsafe(self.binary),
'--no-options --no-emit-version --no-tty --status-fd 2']

if self.homedir: cmd.append('--homedir "%s"' % self.homedir)
if self.homedir:
cmd.append('--homedir %s' % _parsers._fix_unsafe(self.homedir))

if self.keyring:
cmd.append('--no-default-keyring --keyring %s' % self.keyring)
cmd.append('--no-default-keyring --keyring %s' %
_parsers._fix_unsafe(self.keyring))
if self.secring:
cmd.append('--secret-keyring %s' % self.secring)
cmd.append('--secret-keyring %s' %
_parsers._fix_unsafe(self.secring))

if passphrase: cmd.append('--batch --passphrase-fd 0')

Expand Down Expand Up @@ -779,7 +779,7 @@ def _recv_keys(self, keyids, keyserver=None):
if not keyserver:
keyserver = self.keyserver

args = ['--keyserver {0}'.format(keyserver),
args = ['--keyserver {0}'.format(_parsers._fix_unsafe(keyserver)),
'--recv-keys {0}'.format(keyids)]
log.info('Requesting keys from %s: %s' % (keyserver, keyids))

Expand Down
2 changes: 1 addition & 1 deletion gnupg/_util.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -708,7 +708,7 @@ def _can_allow(p):
return True

result = []
exts = filter(None, os.environ.get('PATHEXT', '').split(os.pathsep))
exts = list(filter(None, os.environ.get('PATHEXT', '').split(os.pathsep)))
path = os.environ.get('PATH', None)
if path is None:
return []
Expand Down
4 changes: 2 additions & 2 deletions gnupg/gnupg.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1092,7 +1092,7 @@ def decrypt_file(self, filename, always_trust=False, passphrase=None,
if output: # write the output to a file with the specified name
if os.path.exists(output):
os.remove(output) # to avoid overwrite confirmation message
args.append('--output %s' % output)
args.append('--output %s' % _fix_unsafe(output))
if always_trust:
args.append("--always-trust")
result = self._result_map['crypt'](self)
Expand Down Expand Up @@ -1136,7 +1136,7 @@ def send_keys(self, keyserver, *keyids):
result = self._result_map['list'](self)
log.debug('send_keys: %r', keyids)
data = _util._make_binary_stream("", self._encoding)
args = ['--keyserver', keyserver, '--send-keys']
args = ['--keyserver', _fix_unsafe(keyserver), '--send-keys']
args.extend(keyids)
self._handle_io(args, data, result, binary=True)
log.debug('send_keys result: %r', result.__dict__)
Expand Down
11 changes: 6 additions & 5 deletions gnupg/test/test_gnupg.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,8 @@
# -*- coding: utf-8 -*-
#
# This file is part of python-gnupg, a Python interface to GnuPG.
# Copyright © 2013 Isis Lovecruft, <isis@leap.se> 0xA3ADB67A2CDB8B35
# Copyright @ 2017 Nicolas Bruot <bruotn@gmail.com>
# © 2013 Isis Lovecruft, <isis@leap.se> 0xA3ADB67A2CDB8B35
# © 2013 Andrej B.
# © 2013 LEAP Encryption Access Project
# © 2008-2012 Vinay Sajip
Expand Down Expand Up @@ -366,11 +367,11 @@ def test_make_args_drop_protected_options(self):
self.gpg.options = ['--tyrannosaurus-rex', '--stegosaurus', '--lock-never', '--trust-model always']
gpg_binary_path = _util._find_binary('gpg')
cmd = self.gpg._make_args(None, False)
expected = [gpg_binary_path,
expected = [_parsers._fix_unsafe(gpg_binary_path),
'--no-options --no-emit-version --no-tty --status-fd 2',
'--homedir "%s"' % self.homedir,
'--no-default-keyring --keyring %s' % self.keyring,
'--secret-keyring %s' % self.secring,
'--homedir %s' % _parsers._fix_unsafe(self.homedir),
'--no-default-keyring --keyring %s' % _parsers._fix_unsafe(self.keyring),
'--secret-keyring %s' % _parsers._fix_unsafe(self.secring),
'--no-use-agent',
'--lock-never',
'--trust-model always']
Expand Down