Page MenuHome GnuPG
Create Task
Maniphest T6567

Kleopatra: gpg-agent does not restart when trying to access smart card
Testing, NormalPublic
Actions

Description

Noticed when testing T5775:

After "gpgconf --kill all" was executed, hitting F5 on the smart card tab does not work: no card could be accessed.

Expected behavior: all necessary background processes restart, smart card is accessed with a bit of delay.

Debugview showed:

[3680] org.kde.pim.kleopatra: 0x6f45350
[3680] org.kde.pim.kleopatra: ReaderStatusThread[GUI]::ping()
[3680] org.kde.pim.kleopatra: 0x6f45350
[3680] org.kde.pim.kleopatra: ReaderStatusThread[2nd]: new iteration command= "__update__"  ; nullSlot= true
[3680] org.kde.pim.kleopatra: 
[3680] org.kde.pim.kleopatra: update_cardinfo()
[3680] org.kde.pim.kleopatra: 
[3680] org.kde.pim.libkleo: sendCommand "SCD SERIALNO"
[3680] org.kde.pim.kleopatra: 0x6f45350
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 125 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 250 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 500 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: sendCommand "SCD SERIALNO" failed: IPC "connect" Aufruf fehlgeschlagen (code: 259, source: GPGME)
[3680] org.kde.pim.libkleo: Assuan problem, killing context
[3680] org.kde.pim.libkleo: sendStatusLinesCommand "SCD SERIALNO" : t == NULL
[3680] org.kde.pim.kleopatra: Running SCD SERIALNO failed: IPC "connect" Aufruf fehlgeschlagen (code: 259, source: GPGME)
[3680] org.kde.pim.kleopatra: ReaderStatusThread: Card "" with app "" was added
[3680] org.kde.pim.kleopatra: ReaderStatusThread: Card "D2760001240103040006154932980000" with app "openpgp" was removed
[3680] org.kde.pim.kleopatra: ReaderStatusThread[2nd]: waiting for commands
[3680] org.kde.pim.kleopatra: SmartCardWidget::Private::cardAddedOrChanged: App  is not supported

Trying to open the settings of Kleopatra takes unusually long, too:

[3680] org.kde.pim.libkleo: Parsed 2.2.41 as:  2 . 2 . 41 .
[3680] org.kde.pim.kleopatra: Profile settings disabled
[3680] org.kde.pim.libkleo: sendCommand "SCD GETINFO reader_list"
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 125 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 250 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 500 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: sendCommand "SCD GETINFO reader_list" failed: IPC "connect" Aufruf fehlgeschlagen (code: 259, source: GPGME)
[3680] org.kde.pim.libkleo: Assuan problem, killing context
[3680] org.kde.pim.libkleo: sendDataCommand "SCD GETINFO reader_list" : t == NULL
[3680] org.kde.pim.libkleo: Getting available smart card readers failed: IPC "connect" Aufruf fehlgeschlagen (code: 259, source: GPGME)
[3680] org.kde.pim.kleo_ui: entry "gpg/Configuration/compliance" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg/Configuration/default-new-key-algo" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg/Configuration/trust-model" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg/Configuration/completes-needed" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg/Configuration/marginals-needed" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg/Configuration/max-cert-depth" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: No widget implemented for list of type 1
[3680] org.kde.pim.kleo_ui: entry "gpg/Monitor/no-greeting" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg/ImportExport/no-auto-key-import" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg/ImportExport/auto-key-retrieve" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg/ImportExport/no-auto-key-retrieve" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg/ImportExport/no-include-key-block" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg/ImportExport/disable-dirmngr" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg/ImportExport/keyserver" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg/Security/default_pubkey_algo" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg/Security/compliance_de_vs" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpgsm/Security/enable-crl-checks" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpgsm/Security/disable-trusted-cert-crl-check" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpgsm/Security/default_pubkey_algo" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpgsm/Configuration/faked-system-time" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpgsm/Configuration/include-certs" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpgsm/Configuration/compliance" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpgsm/Monitor/no-greeting" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpgsm/ImportExport/disable-dirmngr" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpgsm/Output/keyserver" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg-agent/Security/max-cache-ttl" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg-agent/Security/max-cache-ttl-ssh" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg-agent/Passphrase policy/enforce-passphrase-constraints" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg-agent/Passphrase policy/min-passphrase-nonalpha" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg-agent/Passphrase policy/check-passphrase-pattern" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg-agent/Passphrase policy/check-sym-passphrase-pattern" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg-agent/Passphrase policy/max-passphrase-days" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg-agent/Passphrase policy/enable-passphrase-history" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg-agent/Configuration/ssh-fingerprint-digest" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg-agent/Configuration/enable-extended-key-format" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg-agent/Configuration/faked-system-time" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg-agent/Pinentry/no-allow-loopback-pinentry" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg-agent/Pinentry/grab" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "dirmngr/Configuration/faked-system-time" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "dirmngr/Monitor/no-greeting" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "dirmngr/Network/resolver-timeout" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "dirmngr/Network/nameserver" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "scdaemon/Configuration/disable-ccid" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.libkleo: sendCommand "SCD GETINFO reader_list"
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 125 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 250 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 500 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: sendCommand "SCD GETINFO reader_list" failed: IPC "connect" Aufruf fehlgeschlagen (code: 259, source: GPGME)
[3680] org.kde.pim.libkleo: Assuan problem, killing context
[3680] org.kde.pim.libkleo: sendDataCommand "SCD GETINFO reader_list" : t == NULL
[3680] org.kde.pim.libkleo: Getting available smart card readers failed: IPC "connect" Aufruf fehlgeschlagen (code: 259, source: GPGME)
[3680] org.kde.pim.kleopatra: open_or_raise showing window
[3680] org.kde.pim.kleopatra: Module changed:  true  mod  DirectoryServicesConfigurationPage(0x70144a8)
[3680] org.kde.pim.kleopatra: Client changed:   mod  DirectoryServicesConfigurationPage(0x70144a8)
[3680] org.kde.pim.kleopatra: Using config entry dirmngr / keyserver
[3680] org.kde.pim.kleopatra: Module changed:  true  mod  DirectoryServicesConfigurationPage(0x70144a8)
[3680] org.kde.pim.kleopatra: Module changed:  false  mod  DirectoryServicesConfigurationPage(0x70144a8)
[3680] org.kde.pim.kleopatra: Client changed:   mod  DirectoryServicesConfigurationPage(0x70144a8)

To get the agent to start and reading of the smartcard to succeed, you have to change to the certificate tab, press F5 there and after that F5 on the smart card tab will work again.

Details

Version
3.1.26, Gpg4win-4.2.0-beta357

Revisions and Commits

rLIBKLEO Libkleo
rLIBKLEO65902c2d8398 Skip check for running gpg-agent when restarting it
rLIBKLEO4ac96fa0d49b Start gpg-agent when sending a command to it fails with connection error
rLIBKLEO13e34a20e23f Add option to skip checking for a running gpg-agent
rLIBKLEO969de383b200 Make Kleo::launchGpgAgent work for multiple threads

Related Objects

Event Timeline

ebo created this task.Jun 29 2023, 1:34 PM
ebo mentioned this in T5775: Kleopatra: Add action to restart background processes.Jun 29 2023, 1:38 PM
ebo added a comment.Jun 29 2023, 4:03 PM

just noticed that restarting the background processes with F5 on the certificate list does not work if the list is empty. (checked with Gpg4win-4.2.0-beta357)

ikloecker added a subscriber: ikloecker.Jun 29 2023, 4:42 PM

I think that's a known issue (or a known non-issue). I ran into this some time ago and therefore added the possibility to start gpg-agent explicitly instead of relying on a keylisting to start the agent implicitly. My guess is that gpg doesn't start gpg-agent because if there are no public keys then it makes little sense to ask gpg-agent for private keys.

aheinecke renamed this task from Kleopatra: gpg-agent does not restart when trying to access smart card to Kleopatra: gpg-agent does not restart on empty keylist.Jul 3 2023, 12:03 PM
aheinecke triaged this task as Low priority.
aheinecke added a subscriber: aheinecke.

I changed the title accordingly. I think when we call the option "restart background processes" we should not implicitly rely on a non empty keylist to start the gpg-agent but instead trigger it explicitly

aheinecke added a commit: rWc5617e9f2426: MSI: Kill running processes.Nov 15 2023, 3:09 PM
aheinecke added a commit: rWa232233fc914: MSI: Set REINSTALLMODE if not set to always.
aheinecke added a comment.Nov 15 2023, 4:43 PM

The commits ^ added here accidentally linked the wrong task number.

aheinecke removed a commit: rWc5617e9f2426: MSI: Kill running processes.Nov 15 2023, 4:44 PM
aheinecke removed a commit: rWa232233fc914: MSI: Set REINSTALLMODE if not set to always.
ebo renamed this task from Kleopatra: gpg-agent does not restart on empty keylist to Kleopatra: gpg-agent does not restart when trying to access smart card.Feb 26 2024, 2:29 PM
ebo updated the task description. (Show Details)
ebo added a comment.Feb 26 2024, 2:50 PM

While we see issues with gpg-agent not starting in different circumstances (like with the empty keylist) I would like to keep this task here about the smart card tab.

ebo added a project: vsd33.Feb 26 2024, 3:05 PM
ebo raised the priority of this task from Low to Normal.Feb 26 2024, 3:13 PM
ebo mentioned this in T7021: Kleopatra: restart gpg-agent after stopping it.Feb 27 2024, 4:44 PM
ikloecker claimed this task.Mar 4 2024, 10:38 AM
ikloecker moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.Mar 14 2024, 4:35 PM
ikloecker added a commit: rLIBKLEO13e34a20e23f: Add option to skip checking for a running gpg-agent.Mar 18 2024, 11:44 AM
ikloecker added a commit: rLIBKLEO969de383b200: Make Kleo::launchGpgAgent work for multiple threads.
ikloecker added a commit: rLIBKLEO4ac96fa0d49b: Start gpg-agent when sending a command to it fails with connection error.
ikloecker added a commit: rLIBKLEO65902c2d8398: Skip check for running gpg-agent when restarting it.
ikloecker changed the task status from Open to Testing.Mar 18 2024, 11:47 AM