A PGP message chunk (bounded by "-----BEGIN PGP MESSAGE-----" and "-----END PGP MESSAGE-----") can contain a detached signature. By default GPG will wait for the payload to be supplied on stdin if it gets passed a lone detached signature. To the user it will appear as GPG (or sup, since they don't see any output from GPG) hanging.
The best way to solve this would be enabling batch mode, but then passphrase querying without gpg-agent wouldn't work anymore. So we resort to passing --multifile which has the side effect of not allowing detached signatures. Encountered and tested with message <aanlktin1ysn7fp32eoyjo3jjhhwvrc=hmuq+okgkn...@mail.gmail.com> [1] on the git mailing list. [1] http://marc.info/?l=git&m=128623349711269&q=raw Signed-off-by: Sascha Silbe <sascha-...@silbe.org> --- lib/sup/crypto.rb | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/lib/sup/crypto.rb b/lib/sup/crypto.rb index 289fb0e..68a57c8 100644 --- a/lib/sup/crypto.rb +++ b/lib/sup/crypto.rb @@ -144,7 +144,7 @@ def decrypt payload, armor=false # a RubyMail::Message object output_fn = Tempfile.new "redwood.output" output_fn.close - message = run_gpg "--output #{output_fn.path} --skip-verify --yes --decrypt #{payload_fn.path}", :interactive => true + message = run_gpg "--output #{output_fn.path} --multifile --skip-verify --yes --decrypt #{payload_fn.path}", :interactive => true unless $?.success? info "Error while running gpg: #{message}" -- 1.7.1 _______________________________________________ Sup-devel mailing list Sup-devel@rubyforge.org http://rubyforge.org/mailman/listinfo/sup-devel
