[GPGME] python t-quick-key-manipulation.py fails

Alon Bar-Lev alon.barlev at gmail.com
Tue Apr 11 12:27:49 CEST 2017 

On 11 April 2017 at 13:21, Andre Heinecke <aheinecke at intevation.de> wrote:
> Hi,
>
> On Tuesday 11 April 2017 12:29:51 Alon Bar-Lev wrote:
>> How can it be user fault if gnupg formally supports --disable-tofu?
>> Tests should succeeded or skipped based on enabled features of gnupg.
>> In Gentoo we are trying to support package configuration to allow
>> choice of what features to enable, gnupg is included.
>> Please skip tests and not fail if a valid supported feature is disabled.
>
> Well you can configure all kinds of stuff in GnuPG or worse, just install some
> parts of it (like gpg but no gpg-agent) to create broken setups. So I'm kind
> of wondering if GPGME's testsuite is not supposed to fail in cases where the
> GnuPG system is missing features. If you decide to live with that breakage /
> missing features then you just have to accept that the tests will fail. But
> the information that the features are missing is conveyed at build time
> instead of users facing Problems at runtime.
>
> For this specific point, disabled tofu, I agree that it truly should be
> optional but I'm starting to rethink / question if our approach to make the
> tests work against any GnuPG version is the right one or if it would be better
> for GPGME's test suite to fail and complain if something will not work with
> this GnuPG version. It's more about the problems we had regarding 2.0.x
> support for the test suite so maybe that should be a different thread.
>
> E.g. Kleopatra has a selftest to check some basic GnuPG functionality on
> startup and if that fails it tells the user what's wrong and why it can't work
> with that and bails out. Instead of trying to handle every special
> installation that might be conceivable.

If gpgme must have specific feature set of gnupg then please
explicitly state what configuration is supported. However, I thought
that gpgme should be an API to whatever available in gnupg and it
should not fail unless critical for its operation.

Just to understand the resolution Gentoo has:

 + + bzip2      : Use the bzlib compression library
 - - doc        : Add extra documentation (API, Javadoc, etc). It is
recommended to
                  enable per package instead of globally
 + + gnutls     : Add support for net-libs/gnutls (TLS 1.0 and SSL 3.0 support)
 - - ldap       : Add LDAP support (Lightweight Directory Access Protocol)
 + + nls        : Add Native Language Support (using gettext - GNU
locale utilities)
 + + readline   : Enable support for libreadline, a GNU line-editing
library that
                  almost everyone wants
 + + smartcard  : Build scdaemon software. Enables usage of OpenPGP
cards. For other
                  type of smartcards, try app-crypt/gnupg-pkcs11-scd. Bring in
                  dev-libs/libusb as a dependency; enable scdaemon.
 - - tofu       : Enable support for Trust of First use trust model; requires
                  dev-db/sqlite.
 - - tools      : Install extra tools (including gpgsplit and gpg-zip).
 - - usb        : Build direct CCID access for scdaemon; requires
dev-libs/libusb.
 - - wks-server : Install the wks-server

Thanks,
Alon

More information about the Gnupg-devel mailing list