Hi folks-- On Sun 2020-06-28 08:33:42 -0300, David Bremner wrote: > I dug a bit further down, and this is what is returned from gpgme > (line 345 in g_mime_gpgme_get_signatures) > > sig = {next = 0x0, > summary = GPGME_SIGSUM_KEY_MISSING, > fpr = 0x4ac480 "5AEAB11F5E33DCE875DDB75B6D92612D94E46381", status = 9, > notations = 0x0, timestamp = 1559167762, exp_timestamp = 0, > wrong_key_usage = 0, > pka_trust = 0, chain_model = 0, is_de_vs = 0, _unused = 0, > validity = GPGME_VALIDITY_UNKNOWN, validity_reason = 0, > pubkey_algo = GPGME_PK_RSA, hash_algo = GPGME_MD_SHA256, pka_address = > 0x0, > key = 0x0} > > At this point I'm leaning towards declaring it a gpgme problem in > fedora32, and suggesting that relevant distros mark the test broken. I > am of course open to more informed opinions.
The problem does indeed appear to be with gpgme, in versions 1.13.0 and 1.13.1. In particular, it is a problem with the resolution of https://dev.gnupg.org/T3464, which is ultimately fixed upstream, but is not yet fixed in a released version of gpgme. The upstream commit, which should be patched into gpgme on Fedora and OpenSUSE (and anywhere else that depends on gpgme) is: https://dev.gnupg.org/rMae4d7761a15b82eb98b0bcc72af2ae2e8973e1f9 (patch attached here as well) We don't see this on Debian because gpgme in debian has carried this patch for over a year now. In gpgme 1.12.0 and earlier, this bug did not exist. But gpgme 1.13.0 introduced the bug in an attempt to avoid error diagnostics when *not* trying to verify a signature while using a session key. The fix in 1.13.0 inadvertently introduced an error when the caller does actually try to verify a signature, which is what we see here. --dkg
From ae4d7761a15b82eb98b0bcc72af2ae2e8973e1f9 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor <d...@fifthhorseman.net> Date: Wed, 29 May 2019 17:56:01 -0400 Subject: [GPGME PATCH] gpg: Avoid error diagnostics with --override-session-key when verifying * src/engine-gpg.c (gpg_decrypt): only send --no-keyring when we are not verifying. -- Without this change, the signature verification would fail. This problem was introduced in bded8ebc59c7fdad2617f4c9232a58047656834c in an attempt to avoid an error when *not* verifying. Clearly more test suite coverage is needed to avoid introducing this sort of problem in the future. GnuPG-bug-id: 3464 Signed-off-by: Daniel Kahn Gillmor <d...@fifthhorseman.net> --- src/engine-gpg.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/src/engine-gpg.c b/src/engine-gpg.c index 5c335cb2..223404ed 100644 --- a/src/engine-gpg.c +++ b/src/engine-gpg.c @@ -1717,12 +1717,15 @@ gpg_decrypt (void *engine, strlen (override_session_key), 1); if (!err) { - /* We add --no-keyring because a keyring is not required - * when we are overriding the session key. It would + /* When we are not trying to verify signatures as well, + * we add --no-keyring because a keyring is not required + * for decryption when overriding the session key. It would * work without that option but --no-keyring avoids that * gpg return a failure due to a missing key log_error() * diagnostic. --no-keyring is supported since 2.1.14. */ - err = add_arg (gpg, "--no-keyring"); + + if (!(flags & GPGME_DECRYPT_VERIFY)) + err = add_arg (gpg, "--no-keyring"); if (!err) err = add_arg (gpg, "--override-session-key-fd"); if (!err) -- 2.27.0
signature.asc
Description: PGP signature
_______________________________________________ notmuch mailing list -- notmuch@notmuchmail.org To unsubscribe send an email to notmuch-le...@notmuchmail.org