gpg ignores --passphrase-fd if use-agent is set

Ingo Klöcker kloecker@kde.org
Thu Apr 10 00:13:28 2003 

--Boundary-02=_iTJl+Uu/wwunxDj
Content-Type: text/plain;
  charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Content-Description: signed data
Content-Disposition: inline

Hi,

if KMail is used without crypto-plugins and without gpg-agent, then=20
KMail asks the user for the passphrase and then passes the passphrase=20
to gpg via a passphrase-fd. This works very well unless the use-agent=20
option is set (in gpg.conf). If this option is set then gpg (1.2.1)=20
gives the following error messages when it's called by KMail:
gpg: gpg-agent is not available in this session
gpg: can't query password in batchmode
gpg: Invalid passphrase; please try again ...
gpg: can't query password in batchmode
gpg: Invalid passphrase; please try again ...
gpg: can't query password in batchmode
gpg: Invalid passphrase; please try again ...
gpg: skipped `0xDEADBEEF`: bad passphrase
gpg: [stdin]: clearsign failed: bad passphrase

I would have expected that gpg would have read the passphrase from the=20
given passphrase-fd in case the gpg-agent is not available. If it's=20
called in interactive mode then it falls back to asking the passphrase=20
on the commandline, so why does it ignore --passphrase-fd if it's=20
called in batchmode?

I would explicitely disable the use of the agent when calling gpg from=20
KMail. But there doesn't seem to be a --no-use-agent option. Oh,=20
wait... In g10.c there is a 'no-use-agent' option. But it's not=20
mentioned in the man pages. Anyway, apparently using this option will=20
solve my problem.

However, I'd like to know why gpg ignores --passphrase-fd if use-agent=20
is set and gpg-agent isn't available. Would not ignoring=20
=2D-passphrase-fd be dangerous or was this just on oversight of the=20
developers.

Regards,
Ingo


--Boundary-02=_iTJl+Uu/wwunxDj
Content-Type: application/pgp-signature
Content-Description: signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQA+lJTiGnR+RTDgudgRAnqTAJ9D2ucwsRpykVUUnG3gkA41sbayUACfdzOl
0sfiqb8UsKfJFs67BdPOceU=
=1Rvl
-----END PGP SIGNATURE-----

--Boundary-02=_iTJl+Uu/wwunxDj--