Page MenuHome GnuPG
Create Task
Maniphest T5701

Mismatch between enums and config table
Closed, ResolvedPublic
Actions

Description

In gpgconf.h, the enum gc_component_id_t has a comment:

/* Component system.  Each component is a set of options that can be
 * configured at the same time.  If you change this, don't forget to
 * update gc_component[] in gpgconf-comp.c.  */

it defines an enum value GC_COMPONENT_TPM2DAEMON (6) and GC_COMPONENT_PINENTRY (8).

In gpgconf-comp.c, the table gc_component looks like this:

} gc_component[GC_COMPONENT_NR] =
  {
   /* Note: The order of the items must match the order given in the
    * gc_component_id_t enumeration.  The order is often used by
    * frontends to display the backend options thus do not change the
    * order without considering the user experience.  */
   { NULL },   /* DUMMY for GC_COMPONENT_ANY */

but the component-data for the TPM2 daemon is included only if BUILD_WITH_TPM2D is defined. So when that define is off, the gc_component table is one shorter than intended. This has two effects:

  • read after the end of the table when looping in gc_component_retrieve_options() .
  • mismatch between IDs and the actual entries; in particular, entry 6 in the table is the one for dirmngr, and entry 7 is now pinentry. Code that loops and checks to skip pinentry (enum value 8) now hits pinentry accidentally, as entry 7 in the table.

This yields downstream bug report https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=259775 -- gpg tries to collect options all components, skipping pinentry; the code skips enum value 8, but reaches pinentry in table entry 7 already.

I applied a simple patch that adds

#else
     { NULL }, /* Another dummy, to keep the enum in sync with this table */
#endif

so there is a null entry in the table at place 6 (where the tpm daemon goes) and the table's length and entries are in-sync with the enum again.

Details

Version
git master

Revisions and Commits

rG GnuPG
rGcaba9df72665 tools:gpgconf: Fix gc_component table.

Related Objects

Event Timeline

adriaandegroot created this task.Nov 22 2021, 10:22 AM
adriaandegroot added a comment.Nov 22 2021, 10:25 AM

Here's a patch against b091a250d1411f9962385d1338c13481da2e0f9e.

fix-5701.patch509 BDownload

adriaandegroot updated the task description. (Show Details)Nov 22 2021, 10:27 AM
werner added a project: gnupg (gpg23).Nov 23 2021, 9:04 AM
adriaandegroot added a comment.Nov 23 2021, 12:21 PM

So that you don't need to chase the downstream bug report, the problem from a user's perspective looks like this:

$ gpgconf --apply-defaults
gpgconf: WARNING: invalid line in option table of '/usr/local/bin/pinentry'

gpgconf: name of config file for /usr/local/bin/pinentry is not known

gpgconf: fatal error (exit status 1)

The Warning line comes from retrieve_options_from_program() in ./tools/gpgconf-comp.c, because pinentry doesn't understand --dump-option-table as a command-line-argument and responds with OK nice to meet you. The relevant loop that goes over the table of components is in gc_component_retrieve_options() in the same file.

werner triaged this task as High priority.Nov 23 2021, 1:29 PM
werner added a subscriber: werner.

Thanks for the well written bug report and the fix.

gniibe added a commit: rGcaba9df72665: tools:gpgconf: Fix gc_component table..Mar 25 2022, 6:30 AM
gniibe claimed this task.Mar 25 2022, 6:31 AM
gniibe added a project: Restricted Project.
gniibe added a subscriber: gniibe.

Thank you. Applied.

werner mentioned this in T5743: Release GnuPG 2.3.5.Apr 21 2022, 5:59 PM
gniibe closed this task as Resolved.Apr 22 2022, 6:44 AM
gniibe removed a project: Restricted Project.