p12 import brings up pinentry in a different way (so it does not appear sometimes)
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	bernhard
	Feb 1 2010, 10:26 AM

Description

There seems to be a difference to how gpgsm --decrypt
and gpg-protect-tool call the agent for getting a pin.
In one case it comes up and in the other with the same settings
it goes to some tty that hangs. This hang also propagates to frontends
like Kleopatra on GNU system, if the gpg-agent is started in a certain way.

cat start-gpg-agent
eval gpg-agent --daemon

. start-gpg-agent
Will give the problem.
If I do gpg-agent --daemon and paste the result to the shell
I will get the curses pinentry.
If the agent is started via the X11 session, it all works when accessed
remotely via ssh -X.

Only when accessed via ssh -X and starting the agent manually
via the recommended eval subshell it fails when calling gpgsm --import
on a p12 file.

here are more information:
echo $GPG_TTY

Source: gnupg2
Version: 2.0.13-0kk5

gpgsm -d x.txt.enc

4 - 2010-02-01 10:14:55 gpg-agent[23297]: Handhabungsroutine 0x8099b88 für fd

7 gestartet

4 - 2010-02-01 10:14:55 gpg-agent[23297.7] DBG: -> OK Pleased to meet you
4 - 2010-02-01 10:14:55 gpg-agent[23297.7] DBG: <- RESET
4 - 2010-02-01 10:14:55 gpg-agent[23297.7] DBG: -> OK
4 - 2010-02-01 10:14:55 gpg-agent[23297.7] DBG: <- OPTION ttyname=/dev/pts/7
4 - 2010-02-01 10:14:55 gpg-agent[23297.7] DBG: -> OK
4 - 2010-02-01 10:14:55 gpg-agent[23297.7] DBG: <- OPTION ttytype=xterm
4 - 2010-02-01 10:14:55 gpg-agent[23297.7] DBG: -> OK
4 - 2010-02-01 10:14:55 gpg-agent[23297.7] DBG: <- OPTION

display=localhost:11.0

4 - 2010-02-01 10:14:55 gpg-agent[23297.7] DBG: -> OK
4 - 2010-02-01 10:14:55 gpg-agent[23297.7] DBG: <- OPTION

lc-ctype=de_DE.UTF-8

4 - 2010-02-01 10:14:55 gpg-agent[23297.7] DBG: -> OK
4 - 2010-02-01 10:14:55 gpg-agent[23297.7] DBG: <- OPTION

lc-messages=de_DE.UTF-8

4 - 2010-02-01 10:14:55 gpg-agent[23297.7] DBG: -> OK
4 - 2010-02-01 10:14:55 gpg-agent[23297.7] DBG: <- OPTION

allow-pinentry-notify

4 - 2010-02-01 10:14:55 gpg-agent[23297.7] DBG: -> OK
4 - 2010-02-01 10:14:55 gpg-agent[23297.7] DBG: <- RESET
4 - 2010-02-01 10:14:55 gpg-agent[23297.7] DBG: -> OK
4 - 2010-02-01 10:14:55 gpg-agent[23297.7] DBG: <- SETKEY

0630ABE930CA17B43AC72C884B6C9853F9944042

4 - 2010-02-01 10:14:55 gpg-agent[23297.7] DBG: -> OK
4 - 2010-02-01 10:14:55 gpg-agent[23297.7] DBG: <- SETKEYDESC

Bitte+geben+Sie+die+Passphrase+an,
+um+den+geheimen+Schlüssel+des+X.509+Zertifikats:
%0A%22/CN=Smoke1+Smoketestuser/O=Intevation+GmbH/L=Testlabor/C=de%22%0AS/N+28,
+ID+0x7A59B6BE,%0Agültig+von+2009-08-31+bis+2010-10-25%0Azu+entsperren.%0A

4 - 2010-02-01 10:14:55 gpg-agent[23297.7] DBG: -> OK
4 - 2010-02-01 10:14:55 gpg-agent[23297.7] DBG: <- PKDECRYPT
4 - 2010-02-01 10:14:55 gpg-agent[23297.7] DBG: -> INQUIRE CIPHERTEXT
4 - 2010-02-01 10:14:55 gpg-agent[23297.7] DBG: <- [ 44 20 28 37 3a 65 6e 63

2d 76 61 6c ...(147 bytes skipped) ]

4 - 2010-02-01 10:14:55 gpg-agent[23297.7] DBG: <- END
4 - 2010-02-01 10:14:55 gpg-agent[23297]: DBG: keygrip: 06 30 AB E9 30 CA 17

B4 3A C7 2C 88 4B 6C 98 53 F9 94 40 42

4 - 2010-02-01 10:14:55 gpg-agent[23297]: DBG: cipher:  28 37

[..]

4 - 2010-02-01 10:14:55 gpg-agent[23297]: DBG: agent_get_cache

`0630ABE930CA17B43AC72C884B6C9853F9944042'...

4 - 2010-02-01 10:14:55 gpg-agent[23297]: DBG: ... miss
4 - 2010-02-01 10:14:55 gpg-agent[23297]: starting a new PIN Entry
4 - 2010-02-01 10:14:55 gpg-agent[23297]: DBG: connection to PIN entry

established

4 - 2010-02-01 10:14:55 gpg-agent[23297.7] DBG: -> INQUIRE PINENTRY_LAUNCHED

23305

4 - 2010-02-01 10:14:55 gpg-agent[23297.7] DBG: <- END

[Pinentry-Qt is up now]

pinentry-qt
Version: 0.7.5-2.1

gpgsm -vvv --import smoke1_secret_20081111.p12

4 - 2010-02-01 10:17:12 gpg-agent[23297]: Handhabungsroutine 0x8099b88 für fd

7 gestartet

4 - 2010-02-01 10:17:12 gpg-agent[23297.7] DBG: -> OK Pleased to meet you
4 - 2010-02-01 10:17:12 gpg-agent[23297.7] DBG: <- RESET
4 - 2010-02-01 10:17:12 gpg-agent[23297.7] DBG: -> OK
4 - 2010-02-01 10:17:12 gpg-agent[23297.7] DBG: <- OPTION ttyname=/dev/pts/7
4 - 2010-02-01 10:17:12 gpg-agent[23297.7] DBG: -> OK
4 - 2010-02-01 10:17:12 gpg-agent[23297.7] DBG: <- OPTION ttytype=xterm
4 - 2010-02-01 10:17:12 gpg-agent[23297.7] DBG: -> OK
4 - 2010-02-01 10:17:12 gpg-agent[23297.7] DBG: <- OPTION

display=localhost:11.0

4 - 2010-02-01 10:17:12 gpg-agent[23297.7] DBG: -> OK
4 - 2010-02-01 10:17:12 gpg-agent[23297.7] DBG: <- OPTION

lc-ctype=de_DE.UTF-8

4 - 2010-02-01 10:17:12 gpg-agent[23297.7] DBG: -> OK
4 - 2010-02-01 10:17:12 gpg-agent[23297.7] DBG: <- OPTION

lc-messages=de_DE.UTF-8

4 - 2010-02-01 10:17:12 gpg-agent[23297.7] DBG: -> OK
4 - 2010-02-01 10:17:12 gpg-agent[23297.7] DBG: <- OPTION

allow-pinentry-notify

4 - 2010-02-01 10:17:12 gpg-agent[23297.7] DBG: -> OK
4 - 2010-02-01 10:17:12 gpg-agent[23297.7] DBG: <- NOP
4 - 2010-02-01 10:17:12 gpg-agent[23297.7] DBG: -> OK
4 - 2010-02-01 10:17:12 gpg-agent[23297]: Handhabungsroutine 0x809a3e8 für fd

8 gestartet

4 - 2010-02-01 10:17:12 gpg-agent[23297.8] DBG: -> OK Pleased to meet you
4 - 2010-02-01 10:17:12 gpg-agent[23297.8] DBG: <- RESET
4 - 2010-02-01 10:17:12 gpg-agent[23297.8] DBG: -> OK
4 - 2010-02-01 10:17:12 gpg-agent[23297.8] DBG: <- OPTION

allow-pinentry-notify

4 - 2010-02-01 10:17:12 gpg-agent[23297.8] DBG: -> OK
4 - 2010-02-01 10:17:12 gpg-agent[23297.8] DBG: <- GETINFO cmd_has_option

GET_PASSPHRASE repeat

4 - 2010-02-01 10:17:12 gpg-agent[23297.8] DBG: -> OK
4 - 2010-02-01 10:17:12 gpg-agent[23297.8] DBG: <-

GET_PASSPHRASE --data --repeat=0 -- X X Passphrase:
Bitte+geben+Sie+die+Passphrase+zum+Entsperren+des+PKCS#12+Objekts+ein

4 - 2010-02-01 10:17:12 gpg-agent[23297]: starting a new PIN Entry
4 - 2010-02-01 10:17:12 gpg-agent[23297]: DBG: connection to PIN entry

established

4 - 2010-02-01 10:17:12 gpg-agent[23297.8] DBG: -> INQUIRE PINENTRY_LAUNCHED

23312

4 - 2010-02-01 10:17:12 gpg-agent[23297.8] DBG: <- END

[no pinentry coming up, it hangs probably on the tty.]

/usr/lib/gnupg2/gpg-protect-tool --p12-import smoke1_secret_20081111.p12

4 - 2010-02-01 10:20:27 gpg-agent[23297]: Handhabungsroutine 0x8099b88 für fd

7 gestartet

4 - 2010-02-01 10:20:27 gpg-agent[23297.7] DBG: -> OK Pleased to meet you
4 - 2010-02-01 10:20:27 gpg-agent[23297.7] DBG: <- RESET
4 - 2010-02-01 10:20:27 gpg-agent[23297.7] DBG: -> OK
4 - 2010-02-01 10:20:27 gpg-agent[23297.7] DBG: <- OPTION

allow-pinentry-notify

4 - 2010-02-01 10:20:27 gpg-agent[23297.7] DBG: -> OK
4 - 2010-02-01 10:20:27 gpg-agent[23297.7] DBG: <- GETINFO cmd_has_option

GET_PASSPHRASE repeat

4 - 2010-02-01 10:20:27 gpg-agent[23297.7] DBG: -> OK
4 - 2010-02-01 10:20:27 gpg-agent[23297.7] DBG: <-

GET_PASSPHRASE --data --repeat=0 -- X X Passphrase:
Bitte+geben+Sie+die+Passphrase+zum+Entsperren+des+PKCS#12+Objekts+ein

[no pinentry coming up, it hangs probably on the tty.]

Details

Version: 2.0.13

Related Objects

Mentioned Here: T1203: gpg-agent/pinentry does work on certain ttys (/dev/pts/?)

Event Timeline

bernhard set Version to 2.0.13.Feb 1 2010, 10:26 AM

bernhard added projects: gnupg, Bug Report.

bernhard added subscribers: bernhard, • werner.

Just for completeness doing a

GPG_TTY=$(tty)
export GPG_TTY

before starting gpg-agent and doing all tests does not change the result.

Might be related to T1203 (gpg-agent/pinentry does work on certain ttys
(/dev/pts/?)) so it should be checked if the number of tty has an influence
on the symptoms.

bernhard added a subscriber: thomas.May 21 2010, 10:07 AM

Your logs show /dev/pts/7 and as I wrote in T1203:
other bug reports indicate that any /dev/pts/(single-digit) exposes the problem.

But as both of your logs have pts/7, the problem might be only triggered with
certain operations.

Should probably beretested with Gnupg 2.1(beta or later)
because agent startup might have changed.

bernhard added a subscriber: • gnupg-hackers.Nov 1 2010, 9:37 AM

Please re-open if you still see this problem.

• werner removed a project: Info Needed.Mar 26 2012, 2:45 PM

p12 import brings up pinentry in a different way (so it does not appear sometimes)Closed, ResolvedPublicActions

Description

Details

Related Objects

Event Timeline

p12 import brings up pinentry in a different way (so it does not appear sometimes)
Closed, ResolvedPublic
Actions