Ticket #9060: 9060-avoid-reading-gpgconf.patch

File 9060-avoid-reading-gpgconf.patch, 3.2 KB (added by isis, 6 years ago)

output of git commit --patch-with-stat HEAD~1..

  • components/torbirdy.js

    commit ce067274fc38d9a26247ca5b4fecdefc1cd2e1a2 (HEAD, develop)
    Author:     Isis Lovecruft <isis@torproject.org>
    AuthorDate: Fri Jun 14 10:41:55 2013 +0000
    Commit:     Isis Lovecruft <isis@torproject.org>
    CommitDate: Fri Jun 14 11:09:54 2013 +0000
    
        Avoid reading the user's gpg.conf.
    ---
     components/torbirdy.js |   32 ++++++++++++++++++++++++++++++++
     1 file changed, 32 insertions(+)
    
    diff --git a/components/torbirdy.js b/components/torbirdy.js
    index 0d9e6e3..0d43684 100644
    a b const PREF_BRANCH = "extensions.torbirdy.custom."; 
    1313const RESTORE_BRANCH  = "extensions.torbirdy.restore.";
    1414const TORBIRDY_BRANCH = "extensions.torbirdy.";
    1515
     16var env = Cc["@mozilla.org/process/environment;1"].getService(Components.interfaces.nsIEnvironment);
     17var GPG_DIR = null;
     18// We need the directory where GnuPG stores it's keys, if we are to use
     19// the --no-options GnuPG option for enigmail.
     20//
     21// see https://developer.mozilla.org/en-US/docs/XPCOM_Interface_Reference/nsIEnvironment
     22//
     23// nearly any OS may have the first two environment varables:
     24if (env.exists("GNUPGHOME")) {
     25  GPG_DIR = env.get("GNUPGHOME").toString();
     26}
     27else if (env.exists("HOME")) {
     28  GPG_DIR = env.get("HOME").toString() + "/.gnupg";
     29}
     30// and this one is specific to GPG4Win:
     31//
     32// see http://lists.gnupg.org/pipermail/gnupg-users/2005-March/025202.html
     33//
     34// Though the directory *could* also be stored in HKCU\Software\GNU\GnuPG:HomeDir
     35// registry entry, to get this we would likely want to use this interface:
     36// https://developer.mozilla.org/en-US/docs/Accessing_the_Windows_Registry_Using_XPCOM
     37else if (env.exists("APPDATA")) {
     38  GPG_DIR = env.get("APPDATA").toString() + "\GnuPG";
     39}
     40
    1641// Default preference values for TorBirdy.
    1742// These preferences values will be "enforced": even if the user decides to
    1843// change the preferences listed below, they will be reset to the TorBirdy
    const TORBIRDYPREFS = { 
    199224                                              "--no-emit-version " +
    200225                                              // Don't add additional comments (may leak language, etc)
    201226                                              "--no-comments " +
     227                                              // Disable use of ~/.gnupg/gpg.conf options file (this will also disable default
     228                                              // keyring, default key, and all settings)
     229                                              "--no-options " +
     230                                              // And therefore we have to set the keyrings to use (doing this is the only way
     231                                              // to set the default keyring according to the GnuPG manual):
     232                                              "--no-default-keyring --keyring " + GPG_DIR + " pubring.gpg " +
     233                                              "--secring " + GPG_DIR + " secring.gpg " +
    202234                                              // Don't include keyids that may disclose the sender or any other non-obvious keyids
    203235                                              "--throw-keyids " +
    204236                                              // We want to force UTF-8 everywhere