Page MenuHome GnuPG

memory fault in gpg --gen-key on AIX 6.1
Closed, ResolvedPublic

Description

Same issue with memory fault on AIX6.1: T1659

After compiling gnupg-2.0.26 with libassuan-2.1.2 the "gpg2 --gen-key" command
stops asking for passphrase. I interrupted the program issuing ctrl-z:

gdb --args /usr/local/bin/gpg2 --gen-key
GNU gdb (GDB) 7.5
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "powerpc64-ibm-aix6.1.2.0".
For bug reporting instructions, please see:
http://www.gnu.org/software/gdb/bugs/...
Reading symbols from /usr/local/bin/gpg2...done.
(gdb) run
Starting program: /usr/local/bin/gpg2 --gen-key
gpg (GnuPG) 2.0.26; Copyright (C) 2013 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Please select what kind of key you want:

(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)

Your selection? 1
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 2048
Requested keysize is 2048 bits
Please specify how long the key should be valid.

   0 = key does not expire
<n>  = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years

Key is valid for? (0) 0
Key does not expire at all
Is this correct? (y/N) y

GnuPG needs to construct a user ID to identify your key.

Real name: catkey01
Email address: catalin.mocanu@ing.ro
Comment: sample key
You selected this USER-ID:

    "catkey01 (sample key) <catalin.mocanu@ing.ro>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.

aas;dklfjsad;fkjasdf
as;dflkj

Program received signal SIGTSTP, Stopped (user).
0xd022da40 in waitpid () from /usr/lib/libc.a(shr.o)
(gdb) bt
#0 0xd022da40 in waitpid () from /usr/lib/libc.a(shr.o)
#1 0x10068888 in gnupg_wait_process (pgmname=0x2000c1e8
"/usr/local/bin/gpg-agent", pid=30015658, exitcode=0x2ff222a0) at exechelp.c:859
#2 0x10066fdc in start_new_gpg_agent (r_ctx=0x20004748,
errsource=GPG_ERR_SOURCE_GPG, homedir=0x100b2c40 <__dbsubn+15780> "~/.gnupg",
agent_program=0x2000c1e8 "/usr/local/bin/gpg-agent", opt_lc_ctype=0x0,

opt_lc_messages=0x0, session_env=0x20005898, verbose=0, debug=0,

status_cb=0x0, status_cb_arg=0x0) at asshelp.c:318
#3 0x100631b0 in start_agent (for_card=0) at call-agent.c:216
#4 0x10065080 in agent_get_s2k_count (r_count=0x2ff225c8) at call-agent.c:1408
#5 0x10061df0 in encode_s2k_iterations (iterations=-1) at passphrase.c:70
#6 0x1006283c in passphrase_to_dek_ext (keyid=0x0, pubkey_algo=0,
cipher_algo=3, s2k=0x30000558, mode=2, tryagain_text=0x0, custdesc=0x0,
custprompt=0x0, canceled=0x2ff227f0) at passphrase.c:34
#7 0x10076440 in do_ask_passphrase (ret_s2k=0x2ff227e8, mode=0,
r_canceled=0x2ff227f0) at keygen.c:2291
#8 0x1007cf54 in generate_keypair (fname=0x20008af8 " ", card_serialno=0x0,
backup_encryption_dir=0x800 "`") at keygen.c:172
#9 0x100089b4 in main (argc=0, argv=0x2ff22cec) at gpg.c:1828

Event Timeline

You shell has no session management, right?

Why do you think this is a memory fault? gpg is waiting for gpg-agent to get
ready. gpg-agent is started on the fly. After a minute or so it should
actually give up and return an error if gpg-agent could not be started.

The user shell is ksh.

The gunpg2 memory fault error apears when i'm using libassuan version 2.1.1
(installed from perlz.org link)

I compiled gnupg-2.0.26 with libassuan-2.1.2 and the gnupg2 does not crash but
instead is just blocked waiting for something no matter what the gpg-agent is on
or off.

/opt/freeware/bin/gpg-agent &

[1] 31654070

jobs

[1] + Running /opt/freeware/bin/gpg-agent &

/opt/freeware/bin/gpg2 --gen-key

gpg (GnuPG) 2.0.26; Copyright (C) 2013 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Warning: using insecure memory!
Please select what kind of key you want:

(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)

Your selection?
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048)
Requested keysize is 2048 bits
Please specify how long the key should be valid.

   0 = key does not expire
<n>  = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years

Key is valid for? (0)
Key does not expire at all
Is this correct? (y/N) y

GnuPG needs to construct a user ID to identify your key.

Real name: keytest01
Email address: catalin.mocanu@ing.ro
Comment: keytest with gpg-agent up
You selected this USER-ID:

    "keytest01 (keytest with gpg-agent up) <catalin.mocanu@ing.ro>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.

[Comment: Here I'm waiting 4-5 minute and nothing is happening]

[2] + Stopped (SIGTSTP) /opt/freeware/bin/gpg2 --gen-key

jobs

[2] + Stopped (SIGTSTP) /opt/freeware/bin/gpg2 --gen-key
[1] - Running /opt/freeware/bin/gpg-agent &

Any hints?

Please show us the version of your gpg-agent and its configuration
(~/.gnupg/gpg-agent.conf).
The version of gpg-agent is usually expected to be same one of gnupg, and the
invocation is:

/opt/freeware/bin/gpg-agent --daemon /bin/<SOMESHELL> # to invoke subshell
or
/opt/freeware/bin/gpg-agent --daemon # to be background

GnuPG invokes gpg-agent with --use-standard-socket-p to check if gpg-agent exists,
but it seems your GnuPG failed here waiting finish of gpg-agent.

Can you please downgrade to libgpg-error version 1.12 and try again?
I assume that there is a conflict between Pth and the Pthread mutexes from
libgpg-error > 1.12.

You may also consider to update to GnuPG 2.1.3 which does not use Pth anymore.

werner claimed this task.
werner added a project: Info Needed.