GnuPG 1.9.92 -- first findings

Patrick Brunschwig patrick at mozilla-enigmail.org
Mon Oct 16 20:07:15 CEST 2006 

Werner Koch wrote:
> On Mon, 16 Oct 2006 09:18, Patrick Brunschwig said:
> 
>> * gpg2 reproducibly destroyed my keyring with the following sequence of
>> commands:
>> # gpg2 --charset utf8  --no-tty --status-fd 1 --logger-fd  1 \
>> --command-fd  0 --ask-cert-level --edit-key <0xKeyid> trust
>>
>> # gpg2 --charset utf8  --batch --no-tty --status-fd 2 \
>> --with-fingerprint --fixed-list-mode --with-colons --list-keys
> 
> I tried that suing a copy of my own key and answering 4, save.  No
> signs of a currupted keyring.  Did you used that on the command line
> or are these the invoctions from enigmail.  It would be good to see an
> lsof output then. 

I could reproduce it on the command line without Enigmail. I believe
it's related to my keyring; using just a subset of the keyring,
everything works fine. On the other hand I don't have the same issue
with gpg 1.4.5.

>> * gpg2 always uses pinentry instead of the passphrase-fd in the
>> following example:
>> # gpg2 --charset utf8  --passphrase-fd 0 --no-use-agent --no-tty \
>> --status-fd 1 --logger-fd 1 --command-fd 0 -u 0xD8A807C7CCEC227B \
>> --ask-cert-level --edit-key 9CD4D060D74A14F3 lsign
> 
> I can't replicate this. --use-agent and --no-use-agent have no effect
> as the agent is always used unless --passphrase-fd is given.
> 
> BTW, using passphrase-fd along with --command-fd is questionable
> because --passphrase-fd reads the passphrase once and right at startup
> whereas --command-fd ask for the passphrase as needed.

Indeed, I'll have to change it.

> 
>> gpg2 --debug-all --recv-keys 0x810271D5
> 
> Well, I can't find this key at all.  Using
> 
>   gpg2 --keyserver hkp://minsky.surfnet.nl --recv-keys \
>     --no-permission-warning 0x5b0358a2
> 
> works just fine.  (--no-permission-warnig is needed only in my test setup.)
> 
>> gpg: no handler for keyserver scheme `hkp'
> 
> What options did you set in your gpg.conf?  Also check that there is
> no gpg.conf-1.9*.  Build options?  Can you send me the config.log by
> PM?

Sure -- done.

Patrick

More information about the Gnupg-devel mailing list