gpg-agent "getinfo cmd_has_option" is frequently wrong
Open, LowPublic

Description

Talking to gpg-agent using gpg-connect-agent i saw the getinfo cmd_has_option.

I thought this might be useful for other testing about the evolution of various options.

however, it's pretty clearly wrong:

> help genkey
# GENKEY [--no-protection] [--preset] [--inq-passwd]
#        [--passwd-nonce=<s>] [<cache_nonce>]
# 
# Generate a new key, store the secret part and return the public
# part.  Here is an example transaction:
# 
#   C: GENKEY
#   S: INQUIRE KEYPARAM
#   C: D (genkey (rsa (nbits 3072)))
#   C: END
#   S: D (public-key
#   S: D   (rsa (n 326487324683264) (e 10001)))
#   S: OK key created
# 
# When the --preset option is used the passphrase for the generated
# key will be added to the cache.  When --inq-passwd is used an inquire
# with the keyword NEWPASSWD is used to request the passphrase for the
# new key.  When a --passwd-nonce is used, the corresponding cached
# passphrase is used to protect the new key.
OK
> getinfo cmd_has_option genkey --preset
ERR 67109120 False <GPG Agent>
>

It seems to be implemented over in agent/command.c:

/* Return true if the command CMD implements the option OPT.  */
static int
command_has_option (const char *cmd, const char *cmdopt)
{
  if (!strcmp (cmd, "GET_PASSPHRASE"))
    {
      if (!strcmp (cmdopt, "repeat"))
          return 1;
    }

  return 0;
}

If it's not trustworthy for general use, why is it exposed? or, is it just buggy?

Details

Version
2.2.17

Related Objects

dkg created this task.Mon, Jul 29, 8:54 PM
gniibe added a subscriber: gniibe.Tue, Jul 30, 8:59 AM

My understanding is: it was introduced by rG370f841a0135: Enhanced last patch. in 2009 to give information to client (for a specific command at that time), possibly in a hope that server side would support the feature for all commands (and client could benefits).

Perhaps, an infrastructure which offers the support of help information for options for each command was in mind (like the support of help information for commands).

But, so far, any such change has not been done yet, and the feature is only for GET_PASSPHRASE command.

werner closed this task as Invalid.Wed, Jul 31, 8:51 AM
werner added a subscriber: werner.

No, it was not in mind. I introduced this only for backward compatibility. It will be extended iff we have a need for it.

dkg reopened this task as Open.Wed, Jul 31, 4:49 PM

Please update the documentation for the function in that case.

Currently it reads:

0 dkg@alice:~$ gpg-connect-agent 'help getinfo' /bye | tail -n3
#   cmd_has_option CMD OPT
#                   - Returns OK if command CMD has option OPT.
OK
0 dkg@alice:~$

This is simply untrue, as stated in the subject line of this bug report. Either the documentation needs fixing, or the implementation needs fixing. What was "in mind" during implementation isn't accessible to users of the software.

werner triaged this task as Low priority.Fri, Aug 2, 9:51 AM
werner edited projects, added Documentation; removed Bug Report.