gpg --status-fd problems

Jeffrey Stedfast fejj at
Mon Jun 24 21:51:02 CEST 2002

I've taken a quick look at gnupg-1.0.7/g10/status.c and it seems to me
that that code is flushing the streams as it should.

This leads me to conclude that either:

1. my code is broken
2. gpg doesn't send the NEED_PASSPHRASE message until after gpg has a
passphrase in its hands.

I'm really stuck here because I can't find the problem in my code (maybe
I'm just missing something?) and it seems to me that if I run gpg from
the command-line with --status-fd=1 that I do indeed get a
NEED_PASSPHRASE before I type it in.

However... in my code select() seems to tell me that status-fd is not
ready for reading until after I've sent a passphrase to gpg and closed
the pipe.

here's some pseudocode:

if ((ready = select (maxfd + 1, [ stdout, stderr, status_fd ], [ stdin,
passphrase_fd ], NULL, &timeout)) == 0)
	return 0;

if (ready == -1)
	return -1;

if (status_fd is ready) {
	read a block up to 4k and save it into a buffer;
	if (we've got a line-feed in our buffered data) {
		parse a line;
		if we've got more \n's, just loop in here until we're out of \n's and
then memmove the remaining bytes to the beginning of the buffer;

if (stdout is read) {

if (stderr is ready) {

if (passphrase_fd is ready && NEED_PASSPHRASE has been intercepted) {
	send our passphrase to gpg and then close (passphrase_fd);

if (stdin is ready && have data to write) {

The above code gets run in a loop until we've finished (encounted a
SIG_CREATED .. or an END_DECRYPTION etc and we've written and read
everything we can from the stdin/stdout pipes respectively)

In the actual code, I've got a printf() to dump "we are trying to read
from status_fd\n" or whatever. I do not see a single debug line saying
that we are attempting to read from the status_fd until after I've sent
the passphrase (I had modified the passphrase code to send a passphrase
even if we had not encounted a NEED_PASSPHRASE status message).

Thus my confusion...

Any help would be much appreciated.


On Sat, 2002-06-22 at 16:37, Jeffrey Stedfast wrote:
> I'm trying to write a library that wraps gpg to
> sign/encrypt/decrypt/verify/etc and I'm having some trouble with the
> status-fd.
> It seems that operations requiring a passphrase require me to send the
> passphrase and close the passphrase fd BEFORE gpg will send me a
> USERID_HINT and/or NEED_PASSPHRASE status message over the status-fd
> pipe. Is this the desired behavior? If so, what's the use? I was hoping
> that I'd get USERID_HINT and NEED_PASSPHRASE status messages BEFORE
> having to prompt my users for a passphrase.
> Is gpg perhaps not flushing its streams?
> Jeff
> -- 
> Jeffrey Stedfast
> Evolution Hacker - Ximian, Inc.
> fejj at  -
> _______________________________________________
> Gnupg-devel mailing list
> Gnupg-devel at
Jeffrey Stedfast <fejj at>
Ximian, Inc.

More information about the Gnupg-devel mailing list