From mboxrd@z Thu Jan  1 00:00:00 1970
Received: by 10.42.180.131 with SMTP id bu3cs98574icb;
        Thu, 11 Nov 2010 01:11:01 -0800 (PST)
Received: by 10.231.35.138 with SMTP id p10mr339808ibd.33.1289466661196;
        Thu, 11 Nov 2010 01:11:01 -0800 (PST)
Return-Path: <sup-devel-bounces@rubyforge.org>
Received: from rubyforge.org (rubyforge.org [205.234.109.19])
        by mx.google.com with ESMTP id z7si4165950yhz.19.2010.11.11.01.11.00;
        Thu, 11 Nov 2010 01:11:00 -0800 (PST)
Received-SPF: pass (google.com: domain of sup-devel-bounces@rubyforge.org designates 205.234.109.19 as permitted sender) client-ip=205.234.109.19;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of sup-devel-bounces@rubyforge.org designates 205.234.109.19 as permitted sender) smtp.mail=sup-devel-bounces@rubyforge.org
Received: from rubyforge.org (rubyforge.org [127.0.0.1])
	by rubyforge.org (Postfix) with ESMTP id 690521858376
	for <eg@gaute.vetsj.com>; Thu, 11 Nov 2010 04:11:00 -0500 (EST)
Received: from ping.pong.ch (ping.pong.ch [77.109.141.101])
	by rubyforge.org (Postfix) with ESMTP id E34EE18582E2
	for <sup-devel@rubyforge.org>; Thu, 11 Nov 2010 04:09:23 -0500 (EST)
Received: from localhost (localhost [127.0.0.1])
	by ping.pong.ch (Postfix) with ESMTP id 5906640CAFA9
	for <sup-devel@rubyforge.org>; Thu, 11 Nov 2010 10:09:18 +0100 (CET)
Received: from ping.pong.ch ([127.0.0.1])
	by localhost (ping.pong.ch [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id HjrDaSVULqqo for <sup-devel@rubyforge.org>;
	Thu, 11 Nov 2010 10:09:17 +0100 (CET)
Received: from auth sender gaudenz@ping.pong.ch by ping.pong.ch (Postfix) with
	ESMTPSA id 0C5A840CB4DE
	for <sup-devel@rubyforge.org>; Thu, 11 Nov 2010 10:09:17 +0100 (CET)
Received: by meteor.durcheinandertal.local (Postfix, from userid 1000)
	id 8C48DDFD7; Thu, 11 Nov 2010 10:09:18 +0100 (CET)
From: Gaudenz Steinlin <gaudenz@soziologie.ch>
To: sup-devel <sup-devel@rubyforge.org>
In-reply-to: <AANLkTi=7yasVvAW4P85v3GJxf+quJrE3-1XruDgUZq+D@mail.gmail.com>
References: <AANLkTinrSAheJb2F4Xw9AmgXcGLxeQh0_MEnuTSATye_@mail.gmail.com>
	<AANLkTinXwKiJqgKyFrrcVV21a8j8hV=fw4QcvDLhtM8E@mail.gmail.com>
	<AANLkTi=7yasVvAW4P85v3GJxf+quJrE3-1XruDgUZq+D@mail.gmail.com>
Date: Thu, 11 Nov 2010 10:09:18 +0100
Message-Id: <1289466286-sup-7540@meteor.durcheinandertal.local>
User-Agent: Sup/git
MIME-Version: 1.0
Subject: Re: [sup-devel] [PATCH] Converted crypto to use the gpgme gem
X-BeenThere: sup-devel@rubyforge.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: Sup developer discussion <sup-devel@rubyforge.org>
List-Id: Sup developer discussion <sup-devel.rubyforge.org>
List-Unsubscribe: <http://rubyforge.org/mailman/options/sup-devel>,
	<mailto:sup-devel-request@rubyforge.org?subject=unsubscribe>
List-Archive: <http://rubyforge.org/pipermail/sup-devel>
List-Post: <mailto:sup-devel@rubyforge.org>
List-Help: <mailto:sup-devel-request@rubyforge.org?subject=help>
List-Subscribe: <http://rubyforge.org/mailman/listinfo/sup-devel>,
	<mailto:sup-devel-request@rubyforge.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============0542796441=="
Sender: sup-devel-bounces@rubyforge.org
Errors-To: sup-devel-bounces@rubyforge.org


--===============0542796441==
Content-Transfer-Encoding: 8bit
Content-Type: multipart/signed; boundary="=-1289466558-539293-338-5569-1-=";
	protocol="application/pgp-signature"


--=-1289466558-539293-338-5569-1-=
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

Hi

Excerpts from Hamish D's message of Mon Nov 08 23:32:15 +0100 2010:
> OK, the second patch fixes the problem with the first patch.

I tried your patches and the problem with crash on missing keys seems
to be solved. However I have some more comments:

- With this patch the output of the gpg run is no longer available.
  Like this the plus sign in front of the message does not make sense.
  Is there a way to get at the gpg output with your approach?
- Signatures made by keys that are available in my keyring but aren't
  trusted are shown as valid. They should be specially marked!
  This is not a new problem. It also exists with the current code, but
  there you can access the gpg output which shows you that the
  signature is valid but not trusted.

Gaudenz

> =

> Hamish Downer
> =

> On 8 November 2010 11:21, Hamish D <dmishd@gmail.com> wrote:
> > Best hang fire on this patch. It appears to crash when verifying a si=
gnature
> > when the public key is not available. I'm investigating the problem a=
nd how
> > to fix it cleanly and I'll resubmit once I've done that.
> >
> > Hamish
> >
> > On Nov 6, 2010 8:08 PM, "Hamish D" <dmishd@gmail.com> wrote:
> >
> > I often find that loading long threads of encrypted messages (I have
> > several of over 10 messages and one of nearly 40) leads to lots of
> > flickering as the console replaces sup, sup comes back, the console
> > comes back again ... It is also very slow, and involves writing
> > decrypted messages to disk (if only temporarily) which could be a
> > security hole. So I've looked about and found the gpgme gem which
> > provides an API to use, and allows decryption entirely in memory.
> >
> > So I've rewritten lib/sup/crypto.rb to use gpgme. The functionality i=
s
> > pretty much the same. Things I'm aware of that are different:
> >
> > * we can't set the signature algorithm, so we have to use whatever is=

> > set in the user's preferences
> > * the gpg-args hook has been replaced by the gpg-options hook
> >
> > Other than that I think it is the same, although it took some work to=

> > get the signature output to be the same. The other main difference is=

> > that it's much faster and nicer now :)
> >
> > It could do with some testing - I don't have much in the way of
> > messages that cause gpg to complain, so if you do, please try opening=

> > those messages with this code and see if the behaviour is reasonable =
-
> > no crashes, given messages about why your message was bad etc.
> >
> > Also I guess I should ask if people are happy to use this gem. Is it
> > hard to use on Macs? I guess I could rewrite this patch so it falls
> > back to the gpg binary if gpgme is not available ...
> >
> > To install this patch on Debian/Ubuntu you can either
> >
> > * apt-get install libgpgme-ruby
> > * apt-get install libgpgme11-dev; gem install gpgme
> >
> > Hamish Downer
> >
--
Ever tried. Ever failed. No matter.
Try again. Fail again. Fail better.
~ Samuel Beckett ~

--=-1289466558-539293-338-5569-1-=
Content-Disposition: attachment; filename="signature.asc"
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEVAwUBTNuyvk0yN7tZsYcyAQh54Qf8CBBB3fp4dLh0d+WmFUu2s2n3nEkWv9gO
U3DIAfkeE7X5ytumyq2VRfIxGUDdiQXVh9PHaAtu/fOd+NHyc0zMu58l7leYxWd1
JCpaW+y0pY3aQgZbKHa2M3/Y2aC9KFLANM0ipINcnAbrsxOWrNhYCgOgAmM6W4Vb
JA9K2mELWereEdniKZayZTyYrCspCGIakRV5LJxYxvve9X42afI95MYwziTOMAYr
f4F9k3Imi/uQnWFnMJKObTmXD1Pxly1aJPbuG+LVHQ2Dp7XFceMulFI4zwnBWqUV
3dzZPYBULMszQpBnQsX8El9gcui2sj5Xm3293eqAAksKU/YG12wFgw==
=kelP
-----END PGP SIGNATURE-----

--=-1289466558-539293-338-5569-1-=--

--===============0542796441==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
Sup-devel mailing list
Sup-devel@rubyforge.org
http://rubyforge.org/mailman/listinfo/sup-devel

--===============0542796441==--