Problems with gpgsm/dirmngr in gnupg-2.1.0-beta751
lechten at wi.uni-muenster.de
Tue Sep 2 16:40:01 CEST 2014
On 2014-08-05, Werner Koch wrote:
> On Thu, 31 Jul 2014 10:26, bernhard at intevation.de said:
>> In our setups we prefer to run dirmnger as a system service,
>> you could try this variant and see if you get further.
> This changed with 2.1. Dirmngr has been changed to be a proper part of
> GnuPG and it is started on demand by gpg or gpgsm.
> The LDAP code of the new dirmngr has not been well tested, though.
The problem still persists with beta783, and is actually in the HTTP
crl_fetch calls http_open_document with NULL as session, which in
turn calls http_open. If I understand correctly, session is only
useful for HTTPS connections, while the attempt to download the CRL
is via HTTP. Thus, session should not be accessed at all.
However, http_open calls http_session_ref, dereferencing the NULL
session. A quick fix is to add a NULL check to http_session_ref.
A better solution might be to use session only for HTTPS
connections. (Actually, no HTTP open should work right now, unless
it is passed a bogus session.)
More information about the Gnupg-devel