keyring search regression in master
NIIBE Yutaka
gniibe at fsij.org
Fri Nov 13 05:47:33 CET 2015
On 11/12/2015 04:54 PM, Werner Koch wrote:
> The real problem is that there are several error messages - one is
> sufficient to let gpg exit with a failure and git won't continue. There
> are 2 different kinds of errors:
>
> gpg: Error: the key specification '0xE3FDFF218E45B72B' is ambiguous.
>
> This is the keyid I specified on the command line. Let's check it:
>
> $ ../g10/gpg2 -k 0xE3FDFF218E45B72B
> [...]
> gpg: Error: the key specification '1E42B367' is ambiguous.
> gpg: (check argument of option '--encrypt-to')
> gpg: error reading key block for '1E42B367': Unknown system error.
> gpg: Warning: value '1E42B367' for --default-key should be a long keyid or a fingerprint.
> gpg: Error: the key specification '1E42B367' is ambiguous.
> gpg: (check argument of option '--default-key')
> gpg: error reading key block for '1E42B367': Unknown system error.
> gpg: please do a --check-trustdb
> pub ed25519/E3FDFF218E45B72B 2015-02-18 [expires: 2025-02-15]
> uid [ultimate] Werner Koch (wheatstone commit signing)
>
> (and -k shows the same result).
> What is the ambiguity here?
>
> The other two error messages are identical one for --encrypt-to and one
> for --default-key:
>
> gpg: Error: the key specification '1E42B367' is ambiguous.
>
> Let's check it:
>
> $ ../g10/gpg2 -k 1E42B367
> [...]
> gpg: Error: the key specification '1E42B367' is ambiguous.
> gpg: (check argument of option '--encrypt-to')
> gpg: error reading key block for '1E42B367': Unknown system error.
> gpg: Warning: value '1E42B367' for --default-key should be a long keyid or a fingerprint.
> gpg: Error: the key specification '1E42B367' is ambiguous.
> gpg: (check argument of option '--default-key')
> gpg: error reading key block for '1E42B367': Unknown system error.
> gpg: please do a --check-trustdb
> pub dsa2048/F2AD85AC1E42B367 2007-12-31 [expires: 2018-12-31]
> uid [ unknown] Werner Koch <wk at gnupg.org>
> uid [ unknown] Werner Koch <wk at g10code.com>
> uid [ unknown] Werner Koch <werner at eifzilla.de>
> sub dsa1024/4F0540D577F95F95 2011-11-02
> sub rsa2048/1E0FE11D664D7444 2014-01-02 [expires: 2016-12-31]
>
> Also not ambiguous.
It is not reproducible here. Reading the code, I can't find error
return path from keybox_search (if we assume the condition keybox data
is correct).
Any case, I think that the following would make sense; it should only
proceed on the success of keydb_search. When it's other than success,
it's not ambiguous.
diff --git a/g10/gpg.c b/g10/gpg.c
index 36e6542..46a7fb9 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -2196,8 +2196,7 @@ check_user_ids (strlist_t *sp,
/* Continue the search. */
err = keydb_search (hd, &desc, 1, NULL);
- if (! (gpg_err_code (err) == GPG_ERR_NOT_FOUND
- || gpg_err_code (err) == GPG_ERR_EOF))
+ if (! err)
{
char fingerprint_bin2[MAX_FINGERPRINT_LEN];
size_t fingerprint_bin2_len = sizeof (fingerprint_bin2);
--
More information about the Gnupg-devel
mailing list