bzr verify-signature fails when acceptable_keys is defined

Bug #1249732 reported by Haw Loeung on 2013-11-10
14
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Bazaar
High
Vincent Ladeuil
bzr (Ubuntu)
High
Dimitri John Ledkov
Saucy
High
Unassigned
Trusty
High
Dimitri John Ledkov

Bug Description

Please keep this description header, needed for Ubuntu SRU to Trusty.
Please see https://wiki.ubuntu.com/StableReleaseUpdates#SRU_Bug_Template

 Impact:

 Bzr crashes when verifying non-ascii characters in signatures, in
 verbose mode.

 Testcase:

 bzr branch lp:~xnox/+junk/test-signatures
 cd test-signatures
 gpg --import key.asc
 bzr config "acceptable_keys=*@example.net"
 bzr verify-signatures

Original Report:
Hi,

I updated my ~/.bazaar/bazaar.conf file adding the following:

acceptable_keys = *@canonical.com

It seems that the option causes 'bzr verify-signatures' to now fail as follows:

$ bzr verify-signatures -v
bzr: ERROR: exceptions.AttributeError: 'list' object has no attribute 'split'

Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/bzrlib/commands.py", line 930, in exception_to_return_code
    return the_callable(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/bzrlib/commands.py", line 1121, in run_bzr
    ret = run(*run_argv)
  File "/usr/lib/python2.7/dist-packages/bzrlib/commands.py", line 673, in run_argv_aliases
    return self.run(**all_cmd_args)
  File "/usr/lib/python2.7/dist-packages/bzrlib/commands.py", line 697, in run
    return self._operation.run_simple(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/bzrlib/cleanup.py", line 136, in run_simple
    self.cleanups, self.func, *args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/bzrlib/cleanup.py", line 166, in _do_with_cleanups
    result = func(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/bzrlib/commit_signature_commands.py", line 127, in run
    gpg_strategy.set_acceptable_keys(acceptable_keys)
  File "/usr/lib/python2.7/dist-packages/bzrlib/gpg.py", line 354, in set_acceptable_keys
    patterns = key_patterns.split(",")
AttributeError: 'list' object has no attribute 'split'

bzr 2.6.0 on python 2.7.5 (Linux-3.11.0-13-generic-x86_64-with-
    Ubuntu-13.10-saucy)
arguments: ['/usr/bin/bzr', 'verify-signatures', '-v']
plugins: bash_completion[2.6.0], bzrtools[2.5.0], changelog_merge[2.6.0],
    grep[2.6.0], launchpad[2.6.0], netrc_credential_store[2.6.0],
    news_merge[2.6.0], po_merge[2.6.0], stats[0.2.0dev], weave_fmt[2.6.0]
encoding: 'utf-8', fsenc: 'UTF-8', lang: 'en_AU.UTF-8'

*** Bazaar has encountered an internal error. This probably indicates a
    bug in Bazaar. You can help us fix it by filing a bug report at
        https://bugs.launchpad.net/bzr/+filebug
    including this traceback and a description of the problem.

$ apt-cache policy bzr
bzr:
  Installed: 2.6.0-3ubuntu1
  Candidate: 2.6.0-3ubuntu1
  Version table:
 *** 2.6.0-3ubuntu1 0
        500 http://archive.ubuntu.com/ubuntu/ saucy/main amd64 Packages
        100 /var/lib/dpkg/status

Regards,

Haw

ProblemType: Bug
DistroRelease: Ubuntu 13.10
Package: bzr 2.6.0-3ubuntu1
ProcVersionSignature: Ubuntu 3.11.0-13.20-generic 3.11.6
Uname: Linux 3.11.0-13-generic x86_64
ApportVersion: 2.12.5-0ubuntu2.1
Architecture: amd64
Date: Sun Nov 10 17:53:03 2013
MarkForUpload: True
PackageArchitecture: all
SourcePackage: bzr
UpgradeStatus: No upgrade log present (probably fresh install)

Related branches

Haw Loeung (hloeung) wrote :
Vincent Ladeuil (vila) wrote :

Reproduced.

It seems that setting 'acceptable_keys' in bazaar.conf is not supported. At least the simple test I'm adding confirms this.

So the workaround is to not set it in bazaar.conf but use the command-line option :-/

Changed in bzr:
status: New → Confirmed
importance: Undecided → High
assignee: nobody → Vincent Ladeuil (vila)
Haw Loeung (hloeung) wrote :

Seems to be to do with the following in set_acceptable_keys():

        try:
            if isinstance(acceptable_keys_config, unicode):
                acceptable_keys_config = str(acceptable_keys_config)
        except UnicodeEncodeError:
            # gpg Context.keylist(pattern) does not like unicode
            raise errors.BzrCommandError(
                gettext('Only ASCII permitted in option names'))

The acceptable_keys config is read in as a list, and that bit of code in try doesn't seem to be running to convert it to a string.

Vincent Ladeuil (vila) wrote :

In addition, given the way it's implemented, 'acceptable_keys' can be specified in any of branch.conf, locations.conf and bazaar.conf. Same bug and same workaround,

I have a fix in progress.

Changed in bzr:
status: Confirmed → In Progress
Brian Murray (brian-murray) wrote :

That fix hasn't made it into to trusty yet, I'm setting a milestone for trusty-updates.

Changed in bzr (Ubuntu Trusty):
milestone: none → trusty-updates
status: New → Triaged
Changed in bzr (Ubuntu Saucy):
status: New → Triaged
Changed in bzr (Ubuntu Trusty):
importance: Undecided → High
Changed in bzr (Ubuntu Saucy):
importance: Undecided → High
Vincent Ladeuil (vila) on 2014-04-16
Changed in bzr:
milestone: none → 2.7b1
status: In Progress → Fix Released
Changed in bzr (Ubuntu Saucy):
status: Triaged → Won't Fix
Changed in bzr (Ubuntu):
assignee: nobody → Dimitri John Ledkov (xnox)
Changed in bzr (Ubuntu Trusty):
assignee: nobody → Dimitri John Ledkov (xnox)
description: updated
Vincent Ladeuil (vila) on 2014-05-05
description: updated
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package bzr - 2.6.0+bzr6595-1ubuntu1

---------------
bzr (2.6.0+bzr6595-1ubuntu1) utopic; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Drop non-main build dependencies on python-{meliae,lzma,medusa}

bzr (2.6.0+bzr6595-1) unstable; urgency=medium

  [ Jelmer Vernooij ]
  * Re-add myself to uploaders.
  * Don't pass blob to file.writelines(), but rather to file.write().
    Closes: #722091

  [ Dimitri John Ledkov ]
  * New upstream snapshot:
    - verify-signature crashes on non ascii characters (LP: #1123460)
    - verify-signature crashes when acceptable_keys is defined (LP:
    #1249732)
 -- Dimitri John Ledkov <email address hidden> Fri, 02 May 2014 14:18:01 +0100

Changed in bzr (Ubuntu):
status: Triaged → Fix Released
description: updated
Changed in bzr (Ubuntu Trusty):
status: Triaged → In Progress

Hello Haw, or anyone else affected,

Accepted bzr into trusty-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/bzr/2.6.0+bzr6593-1ubuntu1.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in bzr (Ubuntu Trusty):
status: In Progress → Fix Committed
tags: added: verification-needed
Haw Loeung (hloeung) wrote :

Hi,

I've upgraded to the latest in trusty-proposed and have verified that this is indeed fixed.

hloeung@ragnar:~/Downloads$ apt-cache policy bzr
bzr:
  Installed: 2.6.0+bzr6593-1ubuntu1.1
  Candidate: 2.6.0+bzr6593-1ubuntu1.1
  Version table:
 *** 2.6.0+bzr6593-1ubuntu1.1 0
        100 /var/lib/dpkg/status
     2.6.0+bzr6593-1ubuntu1 0
        500 http://archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages

hloeung@ragnar:~/Downloads$ apt-cache policy python-bzrlib
python-bzrlib:
  Installed: 2.6.0+bzr6593-1ubuntu1.1
  Candidate: 2.6.0+bzr6593-1ubuntu1.1
  Version table:
 *** 2.6.0+bzr6593-1ubuntu1.1 0
        100 /var/lib/dpkg/status
     2.6.0+bzr6593-1ubuntu1 0
        500 http://archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages

hloeung@ragnar:~/test$ bzr verify-signatures
1 commits with valid signatures
0 commits with key now expired
0 commits with unknown keys
0 commits not valid
1 commit not signed

tags: added: verification-done
removed: verification-needed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package bzr - 2.6.0+bzr6593-1ubuntu1.1

---------------
bzr (2.6.0+bzr6593-1ubuntu1.1) trusty; urgency=medium

  * Fix verify-signature command crashing:
    - on non ascii characters (LP: #1123460)
    - when acceptable_keys configuration option is specified (LP: #1249732)
 -- Dimitri John Ledkov <email address hidden> Fri, 09 May 2014 03:48:24 +0100

Changed in bzr (Ubuntu Trusty):
status: Fix Committed → Fix Released

The verification of the Stable Release Update for bzr has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regresssions.

Changed in bzr (Ubuntu):
milestone: trusty-updates → none
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers