Compatibility with GnuPG 1.x and 2.x, auto-detect GnuPG version

* aptly can sign and verify without issues with GnuPG 1.x and 2.x * aptly auto-detects GnuPG version and adapts accordingly * aptly automatically finds suitable GnuPG version Majority of the work was to get unit-tests which can work with GnuPG 1.x & 2.x. Locally I've verified that aptly supports GnuPG 1.4.x & 2.2.x. Travis CI environment is based on trusty, so it runs gpg2 tests with GnuPG 2.0.x. Configuration parameter gpgProvider now supports three values for GnuPG: * gpg (same as before, default): use GnuPG 1.x if available (checks gpg, gpg1), otherwise uses GnuPG 2.x; for aptly users who already have GnuPG 1.x environment (as it was the only supported version) nothing should change; new users might start with GnuPG 2.x if that's their installed version * gpg1 looks for GnuPG 1.x only, fails otherwise * gpg2 looks for GnuPG 2.x only, fails otherwise
2026-01-12 03:21:33 +00:00 · 2018-07-14 00:00:43 +03:00
parent 702c1ff217
commit 1b2fccb615
25 changed files with 559 additions and 93 deletions
--- a/context/context.go
+++ b/context/context.go
@@ -387,23 +387,42 @@ func (context *AptlyContext) pgpProvider() string {
 		provider = context.config().GpgProvider
 	}

-	if !(provider == "gpg" || provider == "internal") { // nolint: goconst
+	switch provider {
+	case "gpg": // nolint: goconst
+	case "gpg1": // nolint: goconst
+	case "gpg2": // nolint: goconst
+	case "internal": // nolint: goconst
+	default:
 		Fatal(fmt.Errorf("unknown gpg provider: %v", provider))
 	}

 	return provider
 }

+func (context *AptlyContext) getGPGFinder(provider string) pgp.GPGFinder {
+	switch context.pgpProvider() {
+	case "gpg1":
+		return pgp.GPG1Finder()
+	case "gpg2":
+		return pgp.GPG2Finder()
+	case "gpg":
+		return pgp.GPGDefaultFinder()
+	}
+
+	panic("uknown GPG provider type")
+}
+
 // GetSigner returns Signer with respect to provider
 func (context *AptlyContext) GetSigner() pgp.Signer {
 	context.Lock()
 	defer context.Unlock()

-	if context.pgpProvider() == "gpg" { // nolint: goconst
-		return pgp.NewGpgSigner()
+	provider := context.pgpProvider()
+	if provider == "internal" { // nolint: goconst
+		return &pgp.GoSigner{}
 	}

-	return &pgp.GoSigner{}
+	return pgp.NewGpgSigner(context.getGPGFinder(provider))
 }

 // GetVerifier returns Verifier with respect to provider
@@ -411,11 +430,12 @@ func (context *AptlyContext) GetVerifier() pgp.Verifier {
 	context.Lock()
 	defer context.Unlock()

-	if context.pgpProvider() == "gpg" { // nolint: goconst
-		return pgp.NewGpgVerifier()
+	provider := context.pgpProvider()
+	if provider == "internal" { // nolint: goconst
+		return &pgp.GoVerifier{}
 	}

-	return &pgp.GoVerifier{}
+	return pgp.NewGpgVerifier(context.getGPGFinder(provider))
 }

 // UpdateFlags sets internal copy of flags in the context