Currently an EOF error is raised if the keyring isn't accessible (according to
Andre H.).
That is not distinguishable from an empty list of keys, but it should be.
Unfortunately I'm not fluent enough to submit a patch.
Thank you for your work!
Currently an EOF error is raised if the keyring isn't accessible (according to
Andre H.).
That is not distinguishable from an empty list of keys, but it should be.
Unfortunately I'm not fluent enough to submit a patch.
Thank you for your work!
Do you have an idea when you would try to fix this? Within the next weeks or
rather months?
You mean you want something like EACCES instead of an empty listing? I am not
sure whether this is the right thing to do. Can please you describe your use case?
I think it would be the right thing.
I'm developing Schleuder, the OpenPGP-featuring mailing list manager.
If I'm receiving an empty list of public keys from GPGME I currently don't know
if there are no keys, or if the keyring couldn't be read. Thus I can't properly
decide what to do: try to fetch keys? I would run into the same problem when
trying to import them. Return an error message? Which one?
This has led repeatedly to confusion e.g. when people imported a key into a
schleuder-list's keyring in the shell as root, which results in changed
ownership of the keyring-files by gpg. Next Schleuder couldn't read the keyring
anymore and maybe refused operation because it couldn't verify any incoming
email any more — instead of giving a helpful error message that points to the
cause: lacking filesystem permissions.
Currently my only chance is to manually check the permissions of all files that
might be involved in an operation. That is working around a bug, in my eyes.
With the soon to be released gnupg 2.1.16 and gpgme 1.8 this will work.
If a keyring is non-readable (e.g. chmod 000 pubring.bkx), gpgme_op_keylist_next
will return GPG_ERR_OPENKEYRING instead of GPG_ERR_EOF.