TODO

@@ -3,6 +3,7 @@
 
 * Robustness++
   - Don't wait indefinitely for spawned gpg processes. Somehow timeout.
+  - use MooX::StrictConstructor (available in Debian Stretch)
 
 * User feedback
   - custom applet icons

bin/parcimonie

@@ -6,7 +6,7 @@ parcimonie - privacy-friendly helper to refresh a GnuPG keyring
 
 =head1 VERSION
 
-Version 0.10.2
+Version 0.10.3
 
 =head1 SYNOPSIS
 
@@ -31,27 +31,21 @@ models parcimonie attempts to help coping with.
 
 1. Configure GnuPG to be able to use a keyserver.
 
-You can skip this section if you already have configured a keyserver
-in ~/.gnupg/gpg.conf.
+Skip this section if you already have configured a keyserver, or if
+you have gnupg2 2.1.15-9 or newer installed (it comes with a sensible
+default keyserver configuration).
 
-Else, add to your gpg.conf something along these lines:
+If you are using GnuPG v2, add to ~/.gnupg/dirmngr.conf something like:
 
         keyserver hkp://pool.sks-keyservers.net
 
-You obviously can choose your preferred keyserver here; if using
-hkps:// (which would be our second choice behind hkpms://), your GnuPG
-installation should support HKPS; on Debian systems, enabling such
-support is done by installing the gnupg-curl package; see those web
-pages for help with GnuPG hkps:// configuration:
+If are still using GnuPG v1, add to gpg.conf something like:
 
-	http://sks-keyservers.net/overview-of-pools.php#pool_hkps
-        http://keys.indymedia.org/
-
-You may want parcimonie to use a different keyserver than the one your
-usual GnuPG invocations do. This can be achieved by passing to
-parcimonie a command-line option such as:
+        keyserver hkp://pool.sks-keyservers.net
 
-        --gnupg-extra-arg "--keyserver=hkps://hkps.pool.sks-keyservers.net"
+For hkps:// support with GnuPG v1, install the gnupg1-curl or
+gnupg-curl package, whichever is available in your distribution.
+Or switch to GnuPG v2.
 
 2. Run "parcimonie --verbose".
 
@@ -134,7 +128,7 @@ L<http://gaffer.ptitcanardnoir.org/intrigeri/code/parcimonie/>
 use strict;
 use warnings;
 
-our $VERSION = '0.10.2';
+our $VERSION = '0.10.3';
 
 use FindBin;
 use lib "$FindBin::Bin/../lib";

lib/App/Parcimonie.pm

@@ -174,7 +174,13 @@ sub checkGpgHasDefinedKeyserver {
     my $gnupg2        = $arg_ref->{gnupg2};
 
     if ($gnupg2) {
-        my @output = capturex(qw{gpg-connect-agent --dirmngr keyserver /bye});
+        my @homedir_args = defined $gnupg_homedir
+            ? ('--homedir', $gnupg_homedir)
+            : ();
+        my @output = capturex(
+            'gpg-connect-agent', @homedir_args,
+            qw{--dirmngr keyserver /bye}
+        );
         my $res = pop @output;
         $res eq "OK\n" || croak "Agent replied: $res";
         if (@output) {

lib/App/Parcimonie/Daemon.pm

@@ -341,7 +341,9 @@ sub tryRecvKey {
     my $self  = shift;
     my $keyid = shift;
     my $gpg_output;
-    my $gpg_error;
+    my $gpg_error = '';
+    my $filtered_gpg_error = '';
+    my $success;
 
     $self->debug(sprintf("tryRecvKey: trying to fetch %s", $keyid));
     $self->notify({ signal => 'FetchBegin', keyid => $keyid });
@@ -353,19 +355,42 @@ sub tryRecvKey {
             already_torified => $self->gnupg_already_torified,
             gnupg2           => $self->gnupg2,
         );
+        $success = 1;
     } catch {
         $gpg_error = $_;
+        $success = 0;
     };
 
+    if ($success) {
         $gpg_output ||= '';
-    my $success = 0;
-    if (defined $gpg_error) {
-        warn $self->encoding->encode($gpg_error);
+        $gpg_error = '';
+        $self->debug($gpg_output);
     }
     else {
-        $self->debug($gpg_output);
-        $success = 1;
-        $gpg_error = '';
+        if (defined $gpg_error) {
+            $filtered_gpg_error = $gpg_error;
+            # Filter out lines such as:
+            #   gpg: keyserver receive failed: No data
+            #   gpg: key "0123456789ABCDEF0123456789ABCDEF01234567" not found: Not found
+            # ... followed by " at /path/to/App/Parcimonie/Daemon.pm line 350"
+            $filtered_gpg_error =~ s{
+                                        ^gpg:\s+
+                                        (?:
+                                            keyserver\s+receive\s+failed:\s+No\s+data
+                                        |
+                                            key\s+"[^"\n]+"\s+not\s+found:\s+Not\s+found
+                                        )
+                                        $
+                                        (?:
+                                            [\n]
+                                            \s+at\s+[^\n]+\s+line\s+\d+[.]
+                                            $
+                                        )?
+                                        [\n]*
+                                }{}xmsg;
+            warn $self->encoding->encode($filtered_gpg_error)
+                if length($filtered_gpg_error);
+        }
     }
 
     $self->notify({

lib/App/Parcimonie/GnuPG/Interface.pm

@@ -38,10 +38,17 @@ after 'BUILD' => sub {
     my $self = shift;
     if ($self->gnupg2) {
         unless ($self->already_torified) {
-            system(q{echo 'use-tor:0:1' | gpgconf --change-options dirmngr});
+            my $gnupg_homedir = defined $self->options->homedir()
+                ? $self->options->homedir()
+                : '';
+            system(
+                q{echo 'use-tor:0:1' | } .
+                "GNUPGHOME='$gnupg_homedir' gpgconf --change-options dirmngr " .
+                ">/dev/null"
+            );
             # Passing --runtime to the previous command does not work,
             # so we have to:
-            systemx(qw{gpgconf --reload dirmngr});
+            system("GNUPGHOME='$gnupg_homedir' gpgconf --reload dirmngr");
         }
         $self->call('gpg2');
     }