gnupg is broken. news @11

[pwstore] / pws

diff --git a/pws b/pws
index c152db9f149e60522b56dc9c35b76c5b4a2cf626..cccb42c2214b7ce913319a9bcbd9c6eea15bebe9 100755 (executable)
--- a/pws
+++ b/pws
@@ -143,7 +143,7 @@ class GnuPG
   end
   def GnuPG.get_fprs_from_keyids(keyids)
     learn_fingerprints_from_keyids(keyids)
-    return keyids.collect{ |k| get_fpr_from_keyid(k) }
+    return keyids.collect{ |k| get_fpr_from_keyid(k) or "unknown" }
   end
 
   # this is to load the keys we will soon be asking about into
@@ -151,7 +151,10 @@ class GnuPG
   def GnuPG.learn_fingerprints_from_keyids(keyids)
     need_to_learn = keyids.reject{ |k| @@keyid_fpr_mapping.has_key?(k) }
     if need_to_learn.size > 0
-      args = %w{--fast-list-mode --with-colons --with-fingerprint --list-keys}
+      # we can't use --fast-list-mode here because GnuPG is broken
+      # and does not show elmo's fingerprint in a call like
+      # gpg --with-colons --fast-list-mode --with-fingerprint --list-key D7C3F131AB2A91F5
+      args = %w{--with-colons --with-fingerprint --list-keys}
       args.concat need_to_learn
       (outtxt, stderrtxt, statustxt) = GnuPG.gpgcall('', args, true)
 
@@ -388,6 +391,9 @@ class EncryptedFile
   def initialize(filename, new=false)
     @groupconfig = GroupConfig.new
     @new = new
+    if @new
+      @readers = []
+    end
 
     @filename = filename
     unless FileTest.readable?(filename)
@@ -423,14 +429,25 @@ class EncryptedFile
     args.push "--encrypt"
     (outtxt, stderrtxt, statustxt, exitstatus) = GnuPG.gpgcall(content, args)
 
-    if exitstatus != 0
-      proceed = read_input("Warning: gpg returned non-zero exit status #{exitstatus} when encrypting #{@filename}.  Proceed (or try again)?")
-      return false unless proceed
-    elsif outtxt.length == 0
-      tryagain = read_input("Error: #{@filename} decrypted to an empty file.  Edit again (or exit)?")
+    invalid = []
+    statustxt.split("\n").each do |line|
+      m = /^\[GNUPG:\] INV_RECP \S+ ([0-9A-F]+)/.match line
+      next unless m
+      invalid.push m[1]
+    end
+    if invalid.size > 0
+      again = read_input("Warning: the following recipients are invalid: #{invalid.join(", ")}. Try again (or proceed)?")
+      return false if again
+    end
+    if outtxt.length == 0
+      tryagain = read_input("Error: #{@filename} encrypted to an empty file.  Edit again (or exit)?")
       return false if tryagain
       exit(0)
     end
+    if exitstatus != 0
+      proceed = read_input("Warning: gpg returned non-zero exit status #{exitstatus} when encrypting #{@filename}. Said:\n#{stderrtxt}\n#{statustxt}\n\nProceed (or try again)?")
+      return false unless proceed
+    end
 
     return true, outtxt
   end