|
33 | 33 | # - remove url_encode, test for invalid chars n throw error instead |
34 | 34 | # |
35 | 35 | # CHANGELOG: |
| 36 | +# 2.5.3 (10.7.2024) |
| 37 | +# - bugfix #140,141: "GPG_OPTS broken" |
| 38 | +# see also https://duplicity.us/stable/duplicity.1.html#argparse-problem |
| 39 | +# - detect gpg version and add '--pinentry-mode loopback' as duplicity does |
| 40 | +# no need to it manually in GPG_OPTS anymore |
| 41 | +# |
36 | 42 | # 2.5.2 (30.11.2023) |
37 | | -# - bug #139: "ampersand (&) in gpg passphrase breaks gpg tests" |
| 43 | +# - bugfix #139: "ampersand (&) in gpg passphrase breaks gpg tests" |
38 | 44 | # |
39 | 45 | # 2.5.1 (4.10.2023) |
40 | 46 | # - quotewrap only strings with quotes ('") or spaces from now on |
@@ -556,7 +562,7 @@ function lookup { |
556 | 562 | ME_LONG="$0" |
557 | 563 | ME="$(basename $0)" |
558 | 564 | ME_NAME="${ME%%.*}" |
559 | | -ME_VERSION="2.5.2" |
| 565 | +ME_VERSION="2.5.3" |
560 | 566 | ME_WEBSITE="https://duply.net" |
561 | 567 |
|
562 | 568 | # default config values |
@@ -637,9 +643,9 @@ function using_info { |
637 | 643 | # openbsd awk (-V, exitcode 0 when any program string is given regardless .e.g. "-W version", so place it last) |
638 | 644 | # some awks wait for input if they misinterpret/don't know the options, pipe '' as a precaution |
639 | 645 | AWK_VERSION=$( lookup awk && ( |
640 | | - echo | awk --version ||\ |
641 | | - echo | awk -V ||\ |
642 | | - echo | awk -W version ) 2>/dev/null | awk 'NR<=2&&tolower($0)~/(busybox|awk)/{success=1;print;exit} END{if(success<1) print "unknown"}' || echo "$NOTFOUND" ) |
| 646 | + echo | awk --version ||\ |
| 647 | + echo | awk -V ||\ |
| 648 | + echo | awk -W version ) 2>/dev/null | awk 'NR<=2&&tolower($0)~/(busybox|awk)/{success=1;print;exit} END{if(success<1) print "unknown"}' || echo "$NOTFOUND" ) |
643 | 649 | GREP_VERSION=$( lookup grep && grep --version 2>&1 | awk 'NR<=2&&tolower($0)~/(busybox|grep.*[0-9]+\.[0-9]+)/{success=1;print;exit} END{if(success<1) print "unknown"}' || echo "$NOTFOUND" ) |
644 | 650 |
|
645 | 651 | if [ -n "$PYTHON" ]; then |
@@ -915,8 +921,6 @@ GPG_PW='${DEFAULT_GPG_PW}' |
915 | 921 | # or "--compress-algo=bzip2 --bzip2-compress-level=9" |
916 | 922 | # or "--personal-cipher-preferences AES256,AES192,AES..." |
917 | 923 | # or "--homedir ~/.duply" - keep keyring and gpg settings duply specific |
918 | | -# or "--pinentry-mode loopback" - needed for GPG 2.1+ _and_ |
919 | | -# also enable allow-loopback-pinentry in your .gnupg/gpg-agent.conf |
920 | 924 | #GPG_OPTS='' |
921 | 925 |
|
922 | 926 | # disable preliminary tests with the following setting |
@@ -1348,6 +1352,7 @@ function duplicity_params_global { |
1348 | 1352 | var_isset 'GPG_PW_SIGN' && DUPL_ARG_ENC="${DUPL_ARG_ENC} SIGN_PASSPHRASE=$(qw "${GPG_PW_SIGN}")" |
1349 | 1353 | fi |
1350 | 1354 |
|
| 1355 | + # workaround python argparse issue https://duplicity.us/stable/duplicity.1.html#argparse-problem |
1351 | 1356 | local GPG_OPTS=${GPG_OPTS:+"--gpg-options=$(qw "${GPG_OPTS}")"} |
1352 | 1357 |
|
1353 | 1358 | # set name for dupl archive folder, since 0.6.0 |
@@ -1898,6 +1903,44 @@ function gpg_agent_avail { |
1898 | 1903 | return $ERR |
1899 | 1904 | } |
1900 | 1905 |
|
| 1906 | +# compare arg1 with "gpg --version" output, possible arg1 formats e.g. |
| 1907 | +# 2.5+ (greater equals), 1.3- (less or equals) or plain 2.2 (equals) |
| 1908 | +# returns 0 on success, 1 on failure or 255 on error |
| 1909 | +function gpg_version_compare { |
| 1910 | + [ -n "$GPGVERSION_ERROR" ] && return 255 |
| 1911 | + |
| 1912 | + GPGVERSION=$(gpg --version|awk '/^gpg \(GnuPG\) [0-9\.]+$/{print $NF;exit}') || echo warning |
| 1913 | + |
| 1914 | + ! awk '!/^[0-9\.]+$/{exit 1}' <<< "$GPGVERSION" && { |
| 1915 | + # silently ignore, currently only used for gpg tests anyway |
| 1916 | + GPGVERSION_ERROR=1 |
| 1917 | + return 255 |
| 1918 | + } |
| 1919 | + GPGVERSION=( ${GPGVERSION//./ } ) |
| 1920 | + |
| 1921 | + CMPIN=$( awk '{sub(/[+\-]*$/,"");print}' <<< "$1" ) |
| 1922 | + CMPMODE=$( awk '{mode="-eq"}/-$/{mode="-le"}/+$/{mode="-ge"}{print mode;exit}' <<< "$1") |
| 1923 | + CMPVERSION=( ${CMPIN//./ } ) |
| 1924 | + |
| 1925 | + #echo ${GPGVERSION[@]} "/" ${CMPVERSION[@]} "/" $CMPMODE |
| 1926 | + |
| 1927 | + local max=$( [ ${#GPGVERSION[@]} -gt ${#CMPVERSION[@]} ] && echo ${#GPGVERSION[@]} || echo ${#CMPVERSION[@]} ) |
| 1928 | + |
| 1929 | + #limit=$( [ $max -gt 0 ] && echo (($max-1)) || echo 0 ) |
| 1930 | + local i gpg cmp |
| 1931 | + for ((i=0; i<$max; i++)); do |
| 1932 | + gpg=${GPGVERSION[$i]} |
| 1933 | + [ -z "$gpg" ] && gpg=0 |
| 1934 | + cmp=${CMPVERSION[$i]} |
| 1935 | + [ -z "$cmp" ] && cmp=0 |
| 1936 | + #echo $gpg $CMPMODE $cmp |
| 1937 | + # compare n fail early |
| 1938 | + ! [ $gpg $CMPMODE $cmp ] && { return 1; } |
| 1939 | + done |
| 1940 | + |
| 1941 | + return 0 |
| 1942 | +} |
| 1943 | + |
1901 | 1944 | function gpg_custom_binary { |
1902 | 1945 | var_isset GPG && [ "$GPG" != "$DEFAULT_GPG" ] &&\ |
1903 | 1946 | echo "--gpg-binary $(qw "$GPG")" |
@@ -2346,6 +2389,25 @@ function cleanup_gpgtest { |
2346 | 2389 | rm "${GPG_TEST_PREFIX}"_* 2>/dev/null && echo "(OK)" || echo "(FAILED)" |
2347 | 2390 | } |
2348 | 2391 |
|
| 2392 | +# add pinentry mode for gpg2.1+ and --use-agent not enabled, like duplicity does in gpg.py |
| 2393 | +GPG_PINENTRY='--pinentry-mode=loopback' |
| 2394 | +for p in $GPG_OPTS; do |
| 2395 | + # we respect already set --pinentry-mode though |
| 2396 | + $( awk '/^--pinentry-mode/{exit 0}{exit 1}' <<< "$p" ) && { |
| 2397 | + unset GPG_PINENTRY |
| 2398 | + break |
| 2399 | + } |
| 2400 | +done |
| 2401 | +for p in $GPG_USEAGENT "${dupl_opts[@]}" $DUPL_PARAMS; do |
| 2402 | + $( awk '/^--use-agent/{exit 0}{exit 1}' <<< "$p" ) && { |
| 2403 | + unset GPG_PINENTRY |
| 2404 | + break |
| 2405 | + } |
| 2406 | +done |
| 2407 | +gpg_version_compare "2.1+" && var_isset GPG_PINENTRY && { |
| 2408 | + GPG_OPTS="$GPG_OPTS $GPG_PINENTRY" |
| 2409 | +} |
| 2410 | + |
2349 | 2411 | # signing enabled? |
2350 | 2412 | if gpg_signing; then |
2351 | 2413 | CMD_PARAM_SIGN="--sign --default-key $(qw ${GPG_KEY_SIGN})" |
|
0 commit comments