Page MenuHome GnuPG

GnuPG: No change is not set for all [force] option entries
Closed, ResolvedPublic

Description

I would think this is intentional but for some options like "verbose" the flag is set and for others it is not.

For example in our default GnuPG VS-Desktop gpg.conf we have forced the compliance mode but it is reported as.

compliance:16:2::1:1::"gnupg::"de-vs

For read only it would need to be > 128

Keyserver is somehow reported as no change if forced but then with a wrong value.

keyserver:128:0::1:1::::1

for an entry with an URL.

This was tested with 2.2.34-beta22 and latest libgpg-error on linux.

Related Objects

Event Timeline

aheinecke renamed this task from GnuPG: Read only is not set for all [force] option entries to GnuPG: No change is not set for all [force] option entries.Jan 25 2022, 2:36 PM
aheinecke triaged this task as High priority.
aheinecke created this task.
aheinecke updated the task description. (Show Details)

Tip: Use -v to get a human readable list of flags.

I think the no change flag is wrong for all options that have arguments.

Example which sets all options of gpg-agent 2.3 available via gpgconf to a non-default value and flags them as forced:

$ cat /etc/gnupg/gpg-agent.conf 
[force]
#Monitor:1:0:Options controlling the diagnostic output:0:0::::
verbose
quiet
debug-level basic
log-file /home/ingo/.cache/gpg-agent.log

#Configuration:1:0:Options controlling the configuration:0:0::::
disable-scdaemon
enable-ssh-support
ssh-fingerprint-digest sha512
enable-putty-support
enable-extended-key-format
faked-system-time 1645564942

#Security:1:0:Options controlling the security:0:0::::
default-cache-ttl 601
default-cache-ttl-ssh 1801
max-cache-ttl 7201
max-cache-ttl-ssh 7201
ignore-cache-for-signing
no-allow-external-cache
no-allow-mark-trusted

#Passphrase policy:1:0:Options enforcing a passphrase policy:0:0::::
enforce-passphrase-constraints
min-passphrase-len 9
min-passphrase-nonalpha 2
check-passphrase-pattern /home/ingo/dev/g10/.gnupghomes/t5732-global-conf-2.3/bad-passphrase-patterns.txt
check-sym-passphrase-pattern /home/ingo/dev/g10/.gnupghomes/t5732-global-conf-2.3/bad-sym-passphrase-patterns.txt
max-passphrase-days 1
enable-passphrase-history

#Pinentry:1:0:Options controlling the PIN-Entry:0:0::::
no-allow-loopback-pinentry
grab
pinentry-timeout 1
allow-emacs-pinentry
[-force]

Output of gpgconf (with no user gpg-agent.conf):

$ gpgconf --list-options gpg-agent
Monitor:1:0:Options controlling the diagnostic output:0:0::::
verbose:140:0:verbose:0:0::::1
quiet:136:0:be somewhat more quiet:0:0::::1
debug-level:24:1::1:1::"none::"basic
log-file:8:1:write server mode logs to FILE:32:1:FILE:::"/home/ingo/.cache/gpg-agent.log
Configuration:1:0:Options controlling the configuration:0:0::::
disable-scdaemon:128:1:do not use the SCdaemon:0:0::::1
enable-ssh-support:128:0:enable ssh support:0:0::::1
ssh-fingerprint-digest:24:2:use ALGO to show ssh fingerprints:1:1:ALGO:"sha256::"sha512
enable-putty-support:128:0::0:0::::1
enable-extended-key-format:136:3::0:0::::1
faked-system-time:0:3::1:1::::"1645564942
Security:1:0:Options controlling the security:0:0::::
default-cache-ttl:24:0:expire cached PINs after N seconds:3:3:N:600::601
default-cache-ttl-ssh:24:1:expire SSH keys after N seconds:3:3:N:1800::1801
max-cache-ttl:24:2:set maximum PIN cache lifetime to N seconds:3:3:N:7200::7201
max-cache-ttl-ssh:24:2:set maximum SSH key lifetime to N seconds:3:3:N:7200::7201
ignore-cache-for-signing:136:0:do not use the PIN cache when signing:0:0::::1
no-allow-external-cache:136:0:disallow the use of an external password cache:0:0::::1
no-allow-mark-trusted:136:1:disallow clients to mark keys as "trusted":0:0::::1
Passphrase policy:1:1:Options enforcing a passphrase policy:0:0::::
enforce-passphrase-constraints:136:2:do not allow bypassing the passphrase policy:0:0::::1
min-passphrase-len:24:1:set minimal required length for new passphrases to N:3:3:N:8::9
min-passphrase-nonalpha:24:2:require at least N non-alpha characters for a new passphrase:3:3:N:1::2
check-passphrase-pattern:24:2:check new passphrases against pattern in FILE:32:1:FILE:::"/home/ingo/dev/g10/.gnupghomes/t5732-global-conf-2.3/bad-passphrase-patterns.txt
check-sym-passphrase-pattern:24:2::32:1::::"/home/ingo/dev/g10/.gnupghomes/t5732-global-conf-2.3/bad-sym-passphrase-patterns.txt
max-passphrase-days:24:2:expire the passphrase after N days:3:3:N:0::1
enable-passphrase-history:136:2:do not allow the reuse of old passphrases:0:0::::1
Pinentry:1:1:Options controlling the PIN-Entry:0:0::::
no-allow-loopback-pinentry:136:2:disallow caller to override the pinentry:0:0::::1
grab:136:2:let PIN-Entry grab keyboard and mouse:0:0::::1
pinentry-timeout:8:1:set the Pinentry timeout to N seconds:3:3:N:::1
allow-emacs-pinentry:136:1:allow passphrase to be prompted through Emacs:0:0::::1

For some options the no change flag (128) is set. For others it isn't. As far as I can see, the flag is set for options without arguments like verbose or quiet, but it isn't set for options with arguments like debug-level or log-file.

I think in the block below

else if (state == Acopyarg)

there is a prepare_arg_return missing.

The following experimental patch (which may be complete non-sense and/or may have undesired side effects) seems to fix it

diff --git a/src/argparse.c b/src/argparse.c
index a144881..7cd8ba7 100644
--- a/src/argparse.c
+++ b/src/argparse.c
@@ -1874,6 +1874,7 @@ _gpgrt_argparse (estream_t fp, gpgrt_argparse_t *arg, gpgrt_opt_t *opts_orig)
                         xfree (buffer);
                       else
                         gpgrt_annotate_leaked_object (buffer);
+                      prepare_arg_return (arg, opts, idx, 0, 1);
                     }
                 }
               goto leave;

Without the above patch the ARGPARSE_ATTR_IGNORE, ARGPARSE_ATTR_FORCE, and ARGPARSE_OPT_IGNORE flags in arg->r_type are never set for a not-ignored option with argument.

Thanks for debugging. Unfortunately I doubled your effort 'cause I didn't looked into the report anymore. (System test done with GPA ;-)