Two Bugs Affecting passwordstore.org with GnuPG 2.1.1

Jason A. Donenfeld Jason at zx2c4.com
Wed Jan 28 15:39:20 CET 2015


Hello Werner,

We're running into two bugs with our test harness on GnuPG 2.1.1. I'm
attaching gnupg-home.tar.xz, containing a gnupg/ folder for use as:
    export GNUPGHOME="/path/to/gnupg/"

== Bug 1: --with-colons output is garbled ==

$ gpg --list-config --with-colons
39E5020CE4691410EB7D54A8D774A374CF90C77BE4691410D774A374E4691410cfg:group:big
group:;;;;
cfg:group:group2:
cfg:group:group1:;
cfg:version:2.1.1
[snipped]

As you can see, the key IDs that are supposed to be part of the
cfg:group keys are printed first. I believe this is due to some
buffering issues inside GnuPG. Remember to call flush at the right
moments!

== Bug 2: gpg-agent/pinentry called when it shouldn't be ==

The keys in the attached GnuPG home folder do not have passphrases
(they're used in a test harness). On GnuPG 2.0, the following
succeeds. On GnuPG 2.1, the following fails.

$ unset DISPLAY
$ echo hello > signme
$ gpg -s signme </dev/null
gpg: signing failed: Operation cancelled
gpg: signing failed: Operation cancelled

GnuPG should *not* prompt for a passphrase when keys are not protected
with passphrases.

Looking forward to seeing these fixed in 2.1.2.

Thanks,
Jason Donenfeld
-------------- next part --------------
A non-text attachment was scrubbed...
Name: gnupg-home.tar.xz
Type: application/x-xz
Size: 12720 bytes
Desc: not available
URL: </pipermail/attachments/20150128/ebb3d2ed/attachment.bin>


More information about the Gnupg-devel mailing list