python: Fix teardown of ephemeral contexts.

* lang/python/tests/support.py (EphemeralContext): New function.
* lang/python/tests/t-quick-key-creation.py: Use the new function to
manage ephemeral contexts.
* lang/python/tests/t-quick-key-manipulation.py: Likewise.
* lang/python/tests/t-quick-subkey-creation.py: Likewise.
--

Previously, there was a problem with cleaning up ephemeral home
directories.  shutil.rmtree deleted the agents main socket, gpg-agent
detected that, and deleted the other sockets as well, racing
shutil.rmtree which did not cope will with that.

Fix this by asking the agent nicely to shut down.

Signed-off-by: Justus Winter <[email protected]>

1 files changed, 94 insertions, 106 deletions

diff --git a/lang/python/tests/t-quick-key-creation.py b/lang/python/tests/t-quick-key-creation.py
index ea63dc3f..c642c5b4 100755
--- a/lang/python/tests/t-quick-key-creation.py
+++ b/lang/python/tests/t-quick-key-creation.py
@@ -22,42 +22,33 @@ del absolute_import, print_function, unicode_literals
 
 import gpg
 import itertools
-import os
-import shutil
 import time
 
 import support
 
 alpha = "Alpha <[email protected]>"
 
-def copy_configuration(destination):
-    home = os.environ['GNUPGHOME']
-    shutil.copy(os.path.join(home, "gpg.conf"), destination)
-    shutil.copy(os.path.join(home, "gpg-agent.conf"), destination)
+with support.EphemeralContext() as ctx:
+    res = ctx.create_key(alpha)
 
-with support.TemporaryDirectory() as tmp:
-    copy_configuration(tmp)
-    with gpg.Context(home_dir=tmp) as ctx:
-        res = ctx.create_key(alpha)
+    keys = list(ctx.keylist())
+    assert len(keys) == 1, "Weird number of keys created"
 
-        keys = list(ctx.keylist())
-        assert len(keys) == 1, "Weird number of keys created"
+    key = keys[0]
+    assert key.fpr == res.fpr
+    assert len(key.subkeys) == 2, "Expected one primary key and one subkey"
+    assert key.subkeys[0].expires > 0, "Expected primary key to expire"
 
-        key = keys[0]
-        assert key.fpr == res.fpr
-        assert len(key.subkeys) == 2, "Expected one primary key and one subkey"
-        assert key.subkeys[0].expires > 0, "Expected primary key to expire"
-
-        # Try to create a key with the same UID
-        try:
-            ctx.create_key(alpha)
-            assert False, "Expected an error but got none"
-        except gpg.errors.GpgError as e:
-            pass
+    # Try to create a key with the same UID
+    try:
+        ctx.create_key(alpha)
+        assert False, "Expected an error but got none"
+    except gpg.errors.GpgError as e:
+        pass
 
-        # Try to create a key with the same UID, now with force!
-        res2 = ctx.create_key(alpha, force=True)
-        assert res.fpr != res2.fpr
+    # Try to create a key with the same UID, now with force!
+    res2 = ctx.create_key(alpha, force=True)
+    assert res.fpr != res2.fpr
 
 
 # From here on, we use one context, and create unique UIDs
@@ -67,85 +58,82 @@ def make_uid():
     uid_counter += 1
     return "user{0}@invalid.example.org".format(uid_counter)
 
-with support.TemporaryDirectory() as tmp:
-    copy_configuration(tmp)
-    with gpg.Context(home_dir=tmp) as ctx:
-
-        # Check gpg.constants.create.NOEXPIRE...
-        res = ctx.create_key(make_uid(), expires=False)
-        key = ctx.get_key(res.fpr, secret=True)
-        assert key.fpr == res.fpr
-        assert len(key.subkeys) == 2, "Expected one primary key and one subkey"
-        assert key.subkeys[0].expires == 0, "Expected primary key not to expire"
-
-        t = 2 * 24 * 60 * 60
-        slack = 5 * 60
-        res = ctx.create_key(make_uid(), expires_in=t)
-        key = ctx.get_key(res.fpr, secret=True)
-        assert key.fpr == res.fpr
-        assert len(key.subkeys) == 2, "Expected one primary key and one subkey"
-        assert abs(time.time() + t - key.subkeys[0].expires) < slack, \
-            "Primary keys expiration time is off"
-
-        # Check capabilities
-        for sign, encrypt, certify, authenticate in itertools.product([False, True],
-                                                                      [False, True],
-                                                                      [False, True],
-                                                                      [False, True]):
-            # Filter some out
-            if not (sign or encrypt or certify or authenticate):
-                # This triggers the default capabilities tested before.
-                continue
-            if (sign or encrypt or authenticate) and not certify:
-                # The primary key always certifies.
-                continue
-
-            res = ctx.create_key(make_uid(), algorithm="rsa",
-                                 sign=sign, encrypt=encrypt, certify=certify,
-                                 authenticate=authenticate)
-            key = ctx.get_key(res.fpr, secret=True)
-            assert key.fpr == res.fpr
-            assert len(key.subkeys) == 1, \
-                "Expected no subkey for non-default capabilities"
-
-            p = key.subkeys[0]
-            assert sign == p.can_sign
-            assert encrypt == p.can_encrypt
-            assert certify == p.can_certify
-            assert authenticate == p.can_authenticate
-
-        # Check algorithm
-        res = ctx.create_key(make_uid(), algorithm="rsa")
-        key = ctx.get_key(res.fpr, secret=True)
-        assert key.fpr == res.fpr
-        for k in key.subkeys:
-            assert k.pubkey_algo == 1
-
-        # Check algorithm with size
-        res = ctx.create_key(make_uid(), algorithm="rsa1024")
+with support.EphemeralContext() as ctx:
+    # Check gpg.constants.create.NOEXPIRE...
+    res = ctx.create_key(make_uid(), expires=False)
+    key = ctx.get_key(res.fpr, secret=True)
+    assert key.fpr == res.fpr
+    assert len(key.subkeys) == 2, "Expected one primary key and one subkey"
+    assert key.subkeys[0].expires == 0, "Expected primary key not to expire"
+
+    t = 2 * 24 * 60 * 60
+    slack = 5 * 60
+    res = ctx.create_key(make_uid(), expires_in=t)
+    key = ctx.get_key(res.fpr, secret=True)
+    assert key.fpr == res.fpr
+    assert len(key.subkeys) == 2, "Expected one primary key and one subkey"
+    assert abs(time.time() + t - key.subkeys[0].expires) < slack, \
+        "Primary keys expiration time is off"
+
+    # Check capabilities
+    for sign, encrypt, certify, authenticate in itertools.product([False, True],
+                                                                  [False, True],
+                                                                  [False, True],
+                                                                  [False, True]):
+        # Filter some out
+        if not (sign or encrypt or certify or authenticate):
+            # This triggers the default capabilities tested before.
+            continue
+        if (sign or encrypt or authenticate) and not certify:
+            # The primary key always certifies.
+            continue
+
+        res = ctx.create_key(make_uid(), algorithm="rsa",
+                             sign=sign, encrypt=encrypt, certify=certify,
+                             authenticate=authenticate)
         key = ctx.get_key(res.fpr, secret=True)
         assert key.fpr == res.fpr
-        for k in key.subkeys:
-            assert k.pubkey_algo == 1
-            assert k.length == 1024
-
-        # Check algorithm future-default
-        ctx.create_key(make_uid(), algorithm="future-default")
-
-        # Check passphrase protection
-        recipient = make_uid()
-        passphrase = "streng geheim"
-        res = ctx.create_key(recipient, passphrase=passphrase)
-        ciphertext, _, _ = ctx.encrypt(b"hello there", recipients=[ctx.get_key(res.fpr)])
-
-        cb_called = False
-        def cb(*args):
-            global cb_called
-            cb_called = True
-            return passphrase
-        ctx.pinentry_mode = gpg.constants.PINENTRY_MODE_LOOPBACK
-        ctx.set_passphrase_cb(cb)
-
-        plaintext, _, _ = ctx.decrypt(ciphertext)
-        assert plaintext == b"hello there"
-        assert cb_called
+        assert len(key.subkeys) == 1, \
+            "Expected no subkey for non-default capabilities"
+
+        p = key.subkeys[0]
+        assert sign == p.can_sign
+        assert encrypt == p.can_encrypt
+        assert certify == p.can_certify
+        assert authenticate == p.can_authenticate
+
+    # Check algorithm
+    res = ctx.create_key(make_uid(), algorithm="rsa")
+    key = ctx.get_key(res.fpr, secret=True)
+    assert key.fpr == res.fpr
+    for k in key.subkeys:
+        assert k.pubkey_algo == 1
+
+    # Check algorithm with size
+    res = ctx.create_key(make_uid(), algorithm="rsa1024")
+    key = ctx.get_key(res.fpr, secret=True)
+    assert key.fpr == res.fpr
+    for k in key.subkeys:
+        assert k.pubkey_algo == 1
+        assert k.length == 1024
+
+    # Check algorithm future-default
+    ctx.create_key(make_uid(), algorithm="future-default")
+
+    # Check passphrase protection
+    recipient = make_uid()
+    passphrase = "streng geheim"
+    res = ctx.create_key(recipient, passphrase=passphrase)
+    ciphertext, _, _ = ctx.encrypt(b"hello there", recipients=[ctx.get_key(res.fpr)])
+
+    cb_called = False
+    def cb(*args):
+        global cb_called
+        cb_called = True
+        return passphrase
+    ctx.pinentry_mode = gpg.constants.PINENTRY_MODE_LOOPBACK
+    ctx.set_passphrase_cb(cb)
+
+    plaintext, _, _ = ctx.decrypt(ciphertext)
+    assert plaintext == b"hello there"
+    assert cb_called