GPGOL causes Outlook 2016 to hang when signing and Kleopatra is not yet open
Closed, ResolvedPublic

Description

GPG4Win 3.0 beta 299, Outlook 2016 32-bit 1705 build 8201.2171 click-to-run as part of O365 ProPlus.

Set GPGOL settings to:
Enable S/MIME
Sign new messages by default
Select crypto settings automatically for reply and forward
Search for OpenPGP keys when encyrpting

With Kleopatra not running, choose "New email", any recipient, and Send.

Kleopatra will be started, and Outlook will hang. Kleopatra does not present "select signing certificate" window. Waited for a few hours, Outlook does not recover.

Kill Outlook in Task Manager, restart. Kleopatra is now already running. Repeat test, signing is successful.

tbehrens created this task.Sep 9 2017, 10:04 AM
patoberli added a subscriber: patoberli.EditedSep 12 2017, 4:36 PM

I'm having the exact same issue, also Outlook 2016 and Beta 299.
[edit]
I want to add, my Outlook also often freezes by just changing the folder. Outlook will try to open a message when chaning the folder, but regardless if it's encrypted or not, Outlook might freeze.
I did not change any GpgOL default settings.

Tested Beta 305 which was more or less fine, today installed Beta 307 and have problems again. The problems today are so far only Oulook hangs, which resolve after around 15-30 seconds. Sadly once it started with the first hangs, it hangs a minute (or so) later again and I can barely change the mail. Those are all plain mails, without any encryption/signature.

Resolved for me with beta 307. Kleopatra gets launched, starts a few GPG services, then the message gets signed. It takes 20-30 seconds, but that's expected. It's much faster after the first time.

I can confirm this behaviour in the production version:
Outlook Professional Plus 2013 (15.0.4953.1001) in a corporate network (32 bit)
Create new message, no automatic selection of PGP key, S/MIME support both enabled/disabled, sometimes it works (after a fresh start of outlook), but after some idle time creating and signing new messages is no longer possible, the key selection dialog opens, but then nothing.

mikeh added a subscriber: mikeh.Oct 21 2017, 1:19 AM

Same here on current stable (3.0.0):

Office 2016 Pro Plus;
Set GpgOL to enable s/mime;

Sometimes I get prompted for passphrase, sometimes not. Happens whether I'm trying to sign or encrypt. System will just hang until I either force Outlook down or it gives up and crashes. On restart the GpgOL add-in is disabled. I can reenable and try again, but it has never worked.

aheinecke triaged this task as High priority.
aheinecke added a project: gpgol.
aheinecke added a subscriber: aheinecke.

Thanks for your reports.
I can finally reproduce this on a new Test VM which I gave little resources. Most of the time it does not work. Sometimes it works. Looks like a timing issue, on my main development VM which is fairly quick it always works. I'll work on it.

I could not reproduce it again on Friday. Did some code staring to find the issue but failed. Everything looks Ok.

As we have fixed some other important bugs in GpgOL I would like to release a new Gpg4win version soonest. So I don't think I can fix this issue for that release.
I'm adding some debug output to the gpgol <> kleopatra communication and startup to close in on this.

If you still encounter this with the next release (3.0.1) Please enable logging and attach your log file here.

Quoting the compendium:

To activate a GpgOL log file, you have to start a "Registry Editor". To do this, enter the command regedit under Start -> Execute or into an input request field.

Now select the following GpgOL key from the tree structure on the left hand side:
HKEY_CURRENT_USER\Software\GNU\GpgOL

On the right hand side you will see a list of entries (so-called character sequences), some of which already have pre-defined values. These entries are created when Outlook is first started with GpgOL.

To activate the GpgOL log file, double-click on the entry enableDebug and set this value to 1.

To set a value for logFile, enter the name of the file into which the log file should be written, for example: C:\TEMP\gpgol.log

Restart Outlook to start the recording process.

Remember that this file can become very large. Set enableDebug to 0 as soon as you no longer require the GpgOL log data recordings.

Also do not forget to delete or move the log file, especially if it has become a very large file. Before starting a new recording, it also makes sense to remove the log file.

rO13950a985228 Works around this problem by launching Kleopatra in the background when Outlook is started.
This should both speed up the first operation and work around this issue. In my opinion it's better to waste some resources in the background if Kleo is not needed then to create a bad user experience if encryption does not work and results in a hang of outlook.

The current problem can still be analyzed if kleopatra is then closed by the user and a new crypto operation is started. That should show the same behavior as described here (mostly works, sometimes not).

Updated this morning and just had a freeze again. Enabled debug mode now. For me the freeze often happens when my pc is locked and I'm not using it for a while, then return to my PC and select another email.

Hi, thanks for the test. This sounds a bit like T3378 if the central component "gpg-agent" hangs everything relying on it may also hang. :-/

werner added a subscriber: werner.Nov 28 2017, 9:47 AM

Can someone please add

disable-check-own-socket

to gpg-agent.conf to test whether this is the cause for the problem.

werner added a comment.Dec 1 2017, 5:57 PM

A new installer with an updated libassuan is now available. To download gnupg-2.2.3_171201.exe please go to https://gnupg.org/download/ . If you had the disable-check-own-socket in your gpg-agent.conf, please remove it so that we can really see whether that version fixes the problem.

I finally had a crash again today, when I tried to close outlook.
I was running the debug log for several days now, until it finally crashed. Using gpg4win 3.0.1.
Here from the debug file:
*removed entries for privacy reasons*
12:28:46/19196/oomhelp.cpp:remove_category: category 'GpgOL: Verschlüsselte Nachricht' not found.
12:28:46/19196/mail.cpp:parsing_done:882: tracepoint
12:28:46/19196/mail.cpp:parsing_done:885: tracepoint
12:28:46/19196/gpgoladdin.cpp:gpgoladdin_invalidate_ui: Invalidating ribbon: 1D363A70
12:28:46/19196/mail.cpp:parsing_done:900: tracepoint
12:28:46/18768/parsecontroller.cpp:~ParseController
12:28:46/18768/mimedataprovider.cpp:~MimeDataProvider
12:28:46/18768/attachment.cpp:~Attachment
12:28:46/18768/mimedataprovider.cpp:~MimeDataProvider
***here I closed Outlook, but Outlook froze. I then killed the process in Windows.
12:34:02/19196/windowmessages.cpp:gpgol_hook: WM_CLOSE windowmessage for explorer. Closing all mails.
12:34:02/19196/mail.cpp:close_all_mails:1084: tracepoint
12:34:02/19196/returned from invoke

@patoberli This looks very much like a crash I also observed on close and fixed with 1d0660fa53d357247ac84545f9259244a1d9400c the crash has nothing to do with the hang but thanks for the feedback anyway.

I'll try to get a new version with the fix (and some other fixes) out asap.

So I tried this on Outlook 2016 MSO (16.0.4639.1000) 32-Bit

With Cleopatra pre-opened Outlook hangs every time on signing and/or encrypting with previous key selection window present. The only way I get it functioning is just signing an eMail without using Outlooks internal S/MIME signing and GPG4WIN's S/MIME support disabled. Every other combination results in hang and crash where on restart of Outlook the Add-In is disabled. I tried every combination of sign and/or encrypt with internal S/MIME signing on/off and GPG4WIN's S/MIME support on/off. When both using sign and encrypt I sometimes get a system error message. In this condition I can use GPG4Win basically only for decryption.

aheinecke closed this task as Resolved.

With Gpg4win 3.1.0 ( https://files.gpg4win.org/Beta/gpg4win-3.1.0-beta-current.exe ) GpgOL no longer uses Kleopatra for signing. So this problem can no longer exist.

If it still does not work for you with 3.1.0 you might be seeing a different problem and please comment / report it.

Thanks!