Page MenuHome GnuPG
Create Task
Maniphest T4500

Option --use-embedded-filename does not work as expect
Closed, ResolvedPublic
Actions

Description

Using GnuPG 2.2.10 for Windows, with the use case of:

  • unattended file decryption (via scheduled task)
  • passphrase entry on command line
  • use embedded filename for decrypted file
  • log to file

We are seeing the following warning in the log file:

YYYY-MM-DD HH:MM:SS gpg[9096] WARNING: no command supplied.  Trying to guess what you mean ...

The following command line is used:

gpg.exe --log-file logfile.txt --batch --yes --pinentry-mode loopback --passphrase "the passphrase" --use-embedded-filename "encryptedfile.pgp"

From our understanding, this is the command we have to use for this unattended decryption using embedded filename to work. We cannot use --decrypt as the decryption is to file not standard output, and we cannot use "output" as the decrypted file needs to use the embedded filename, which is not known in advance.

If indeed the command line above is correct for our described use case then there should not be a warning produced about no command supplied and the program having to guess at what was meant by the command line.

Details
Version 
2.2.10 (Windows) 
Revisions and Commits
rG GnuPG
rG1702179d91b7 gpg: Fix using --decrypt along with --use-embedded-filename.
rG386bacd97416 gpg: Fix using --decrypt along with --use-embedded-filename.
Related Objects
Search...
Event Timeline
pa_am created this task.May 10 2019, 11:51 PM
 werner triaged this task as Normal priority.May 14 2019, 11:57 AM
 werner added a subscriber:  werner.
There is actually a problem with --use-embedded-filename.  Given that the option his highly dangerous to use we have not tested this for ages.  We will see what you we can about it.



In any case I suggest not to use this option and instead decrypt to a temporay file and then rename it to the embeded file name after checking that this file name is harmless.   When using the --status-fd option gpg tells the filename as part of the PLAINTEXT status message.
 werner renamed this task from GnuPG Producing a Warning in Error(?) to Option --use-embedded-filename does not work as expect.May 14 2019, 11:57 AM
 werner added a commit: rG386bacd97416: gpg: Fix using --decrypt along with --use-embedded-filename..May 17 2019, 1:42 PM
 werner added a parent task: T4509: Release GnuPG 2.2.16.May 17 2019, 1:44 PM
 werner added a commit: rG1702179d91b7: gpg: Fix using --decrypt along with --use-embedded-filename..May 17 2019, 1:44 PM
 werner closed this task as Resolved.May 17 2019, 1:45 PM
 werner claimed this task.
Fix will go into 2.2.16 to be release this month.
 werner mentioned this in T4509: Release GnuPG 2.2.16.May 28 2019, 5:08 PM
dkg mentioned this in T6972: Explicitly deprecate --use-embedded-filename -- it is hazardous.Feb 2 2024, 9:12 PM