search

BlockchainCommons / GordianServer-macOS

Tor-protected full-node GordianServer for macOS
Other
63 stars 8 forks source link

BUG: Verify not using installed GPG (& Why install full GPG Suite?) #146

Closed ChristopherA closed 2 years ago

ChristopherA commented 2 years ago

I have brew install gpg pinentry-mac on my machine, which means I have /opt/homebrew/bin/gpg already on my computer, and it properly set up so that I can sign git commits. But when I click on Verify button:

image

Why do have I have to install GPG Suite to validate? In particular as gpg-suite is somewhat outdated unsupported.

Fonta1n3 commented 2 years ago

Because that's what I had installed.

Do you know of any other common gpg paths? I seem to have at least 5 locations for gpg on my machine... Not sure what is the most common. We should probably add the ability for the user to specify paths for dependencies just in case something is broken by customization of alternative installs.

Im amending the script to search a few paths to see what exists:

GPG_PATH=""

if [[ $(command -v /opt/homebrew/bin/gpg) != "" ]]; then
    GPG_PATH="/opt/homebrew/bin/gpg"
elif [[ $(command -v /usr/local/bin/gpg) != "" ]]; then
    GPG_PATH="/usr/local/bin/gpg"
elif [[ $(command -v /usr/local/bin/brew/gpg) != "" ]]; then
    GPG_PATH="/usr/local/bin/brew/gpg"
elif [[ $(command -v /usr/local/MacGPG2/bin/gpg) != "" ]]; then
    GPG_PATH="/usr/local/MacGPG2/bin/gpg"
else
    echo "GPG NOT INSTALLED, UNABLE TO VERIFY SIGNATURES!"
    echo "Click the Supported Apps menu item and GPG Suite to install GPG. Or install homebrew and run `brew install gnupg`."
fi

https://github.com/Fonta1n3/GordianServer-macOS/commit/961958c34e6640200d9059bc90b3c4814217df03 should fix this.

shannona commented 2 years ago

paths added in #147, checked that Verify continues to work as expected.

ChristopherA commented 2 years ago

Still not working in #147 with brew installed GPG:

% which gpg
/opt/homebrew/bin/gpg
image
Fonta1n3 commented 2 years ago

Yea the brew gpg path works fine for me. Please delete ~/.gordian/BitcoinCore and try again with the latest PR. This is still an issue for you bc you had not tested the PR from a fresh install.

GPG_PATH: /opt/homebrew/bin/gpg

Verifying Bitcoin Core SHA256SUMS...
SHASIG: gpg: Good signature from ".0xB10C <0xb10c@gmail.com>" [unknown]
gpg: Good signature from "Andrew Chow (Official New Key) <achow101@gmail.com>" [unknown]
gpg: Good signature from "Ben Carman <benthecarman@live.com>" [unknown]
gpg: Good signature from "Antoine Poinsot <darosior@protonmail.com>" [unknown]
gpg: Good signature from "Duncan Dean <duncangleeddean@gmail.com>" [unknown]
gpg: Good signature from "Stephan Oeste (it) <it@oeste.de>" [unknown]
gpg: Good signature from "Michael Ford (bitcoin-otc) <fanquake@gmail.com>" [unknown]
gpg: Good signature from "Oliver Gugger <gugger@gmail.com>" [unknown]
gpg: Good signature from "Hennadii Stepanov (hebasto) <hebasto@gmail.com>" [unknown]
gpg: Good signature from "Jon Atack <jon@atack.com>" [unknown]
gpg: Good signature from "Wladimir J. van der Laan <laanwj@visucore.com>" [unknown]
gpg: Good signature from "Will Clark <will8clark@gmail.com>" [unknown]
SIG VERIFICATION SUCCESS:       12 GOOD SIGNATURES FOUND.
shannona commented 2 years ago

This was apparently a permissions issue. Have verified with Christopher that it's fixed in the newest rc, which checks those perms.