Page MenuHome GnuPG
Create Task
Maniphest T6567

Kleopatra: gpg-agent does not restart when trying to access smart card
Testing, NormalPublic
Actions

Description

Noticed when testing T5775:

After "gpgconf --kill all" was executed, hitting F5 on the smart card tab does not work: no card could be accessed.

Expected behavior: all necessary background processes restart, smart card is accessed with a bit of delay.

Debugview showed:

[3680] org.kde.pim.kleopatra: 0x6f45350
[3680] org.kde.pim.kleopatra: ReaderStatusThread[GUI]::ping()
[3680] org.kde.pim.kleopatra: 0x6f45350
[3680] org.kde.pim.kleopatra: ReaderStatusThread[2nd]: new iteration command= "__update__"  ; nullSlot= true
[3680] org.kde.pim.kleopatra: 
[3680] org.kde.pim.kleopatra: update_cardinfo()
[3680] org.kde.pim.kleopatra: 
[3680] org.kde.pim.libkleo: sendCommand "SCD SERIALNO"
[3680] org.kde.pim.kleopatra: 0x6f45350
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 125 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 250 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 500 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: sendCommand "SCD SERIALNO" failed: IPC "connect" Aufruf fehlgeschlagen (code: 259, source: GPGME)
[3680] org.kde.pim.libkleo: Assuan problem, killing context
[3680] org.kde.pim.libkleo: sendStatusLinesCommand "SCD SERIALNO" : t == NULL
[3680] org.kde.pim.kleopatra: Running SCD SERIALNO failed: IPC "connect" Aufruf fehlgeschlagen (code: 259, source: GPGME)
[3680] org.kde.pim.kleopatra: ReaderStatusThread: Card "" with app "" was added
[3680] org.kde.pim.kleopatra: ReaderStatusThread: Card "D2760001240103040006154932980000" with app "openpgp" was removed
[3680] org.kde.pim.kleopatra: ReaderStatusThread[2nd]: waiting for commands
[3680] org.kde.pim.kleopatra: SmartCardWidget::Private::cardAddedOrChanged: App  is not supported

Trying to open the settings of Kleopatra takes unusually long, too:

[3680] org.kde.pim.libkleo: Parsed 2.2.41 as:  2 . 2 . 41 .
[3680] org.kde.pim.kleopatra: Profile settings disabled
[3680] org.kde.pim.libkleo: sendCommand "SCD GETINFO reader_list"
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 125 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 250 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 500 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: sendCommand "SCD GETINFO reader_list" failed: IPC "connect" Aufruf fehlgeschlagen (code: 259, source: GPGME)
[3680] org.kde.pim.libkleo: Assuan problem, killing context
[3680] org.kde.pim.libkleo: sendDataCommand "SCD GETINFO reader_list" : t == NULL
[3680] org.kde.pim.libkleo: Getting available smart card readers failed: IPC "connect" Aufruf fehlgeschlagen (code: 259, source: GPGME)
[3680] org.kde.pim.kleo_ui: entry "gpg/Configuration/compliance" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg/Configuration/default-new-key-algo" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg/Configuration/trust-model" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg/Configuration/completes-needed" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg/Configuration/marginals-needed" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg/Configuration/max-cert-depth" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: No widget implemented for list of type 1
[3680] org.kde.pim.kleo_ui: entry "gpg/Monitor/no-greeting" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg/ImportExport/no-auto-key-import" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg/ImportExport/auto-key-retrieve" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg/ImportExport/no-auto-key-retrieve" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg/ImportExport/no-include-key-block" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg/ImportExport/disable-dirmngr" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg/ImportExport/keyserver" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg/Security/default_pubkey_algo" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg/Security/compliance_de_vs" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpgsm/Security/enable-crl-checks" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpgsm/Security/disable-trusted-cert-crl-check" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpgsm/Security/default_pubkey_algo" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpgsm/Configuration/faked-system-time" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpgsm/Configuration/include-certs" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpgsm/Configuration/compliance" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpgsm/Monitor/no-greeting" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpgsm/ImportExport/disable-dirmngr" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpgsm/Output/keyserver" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg-agent/Security/max-cache-ttl" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg-agent/Security/max-cache-ttl-ssh" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg-agent/Passphrase policy/enforce-passphrase-constraints" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg-agent/Passphrase policy/min-passphrase-nonalpha" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg-agent/Passphrase policy/check-passphrase-pattern" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg-agent/Passphrase policy/check-sym-passphrase-pattern" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg-agent/Passphrase policy/max-passphrase-days" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg-agent/Passphrase policy/enable-passphrase-history" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg-agent/Configuration/ssh-fingerprint-digest" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg-agent/Configuration/enable-extended-key-format" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg-agent/Configuration/faked-system-time" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg-agent/Pinentry/no-allow-loopback-pinentry" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "gpg-agent/Pinentry/grab" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "dirmngr/Configuration/faked-system-time" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "dirmngr/Monitor/no-greeting" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "dirmngr/Network/resolver-timeout" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "dirmngr/Network/nameserver" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.kleo_ui: entry "scdaemon/Configuration/disable-ccid" too advanced or excluded explicitly, skipping
[3680] org.kde.pim.libkleo: sendCommand "SCD GETINFO reader_list"
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 125 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 250 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 500 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
[3680] org.kde.pim.libkleo: sendCommand "SCD GETINFO reader_list" failed: IPC "connect" Aufruf fehlgeschlagen (code: 259, source: GPGME)
[3680] org.kde.pim.libkleo: Assuan problem, killing context
[3680] org.kde.pim.libkleo: sendDataCommand "SCD GETINFO reader_list" : t == NULL
[3680] org.kde.pim.libkleo: Getting available smart card readers failed: IPC "connect" Aufruf fehlgeschlagen (code: 259, source: GPGME)
[3680] org.kde.pim.kleopatra: open_or_raise showing window
[3680] org.kde.pim.kleopatra: Module changed:  true  mod  DirectoryServicesConfigurationPage(0x70144a8)
[3680] org.kde.pim.kleopatra: Client changed:   mod  DirectoryServicesConfigurationPage(0x70144a8)
[3680] org.kde.pim.kleopatra: Using config entry dirmngr / keyserver
[3680] org.kde.pim.kleopatra: Module changed:  true  mod  DirectoryServicesConfigurationPage(0x70144a8)
[3680] org.kde.pim.kleopatra: Module changed:  false  mod  DirectoryServicesConfigurationPage(0x70144a8)
[3680] org.kde.pim.kleopatra: Client changed:   mod  DirectoryServicesConfigurationPage(0x70144a8)

To get the agent to start and reading of the smartcard to succeed, you have to change to the certificate tab, press F5 there and after that F5 on the smart card tab will work again.

Details

Version
3.1.26, Gpg4win-4.2.0-beta357

Revisions and Commits

rLIBKLEO Libkleo
rLIBKLEO967c9ee366bb Start gpgconf detached if we don't have an event loop
rLIBKLEO3ae161fce6c7 Start gpgconf detached if we don't have an event loop
rLIBKLEO29b570fc8eb7 Add updated API docs
rLIBKLEO541725ca3f5a Use synchronous QProcess API to start gpg-agent without event loop
rLIBKLEO2520ae86cddc Use synchronous QProcess API to start gpg-agent without event loop
rLIBKLEO88753704a53b Add context to some connects
rLIBKLEO3e4a6da08909 Use synchronous QProcess API to start gpg-agent without event loop
rLIBKLEOba2b613a4024 Start gpg-agent when sending a command to it fails with connection error
rLIBKLEOacac6a6d593c Skip check for running gpg-agent when restarting it
rLIBKLEOa0dc00ef8851 Add option to skip checking for a running gpg-agent
rLIBKLEOf5577c412524 Make Kleo::launchGpgAgent work for multiple threads
rLIBKLEO65902c2d8398 Skip check for running gpg-agent when restarting it
rLIBKLEO4ac96fa0d49b Start gpg-agent when sending a command to it fails with connection error
rLIBKLEO13e34a20e23f Add option to skip checking for a running gpg-agent
rLIBKLEO969de383b200 Make Kleo::launchGpgAgent work for multiple threads

Related Objects

Event Timeline

ebo created this task.Jun 29 2023, 1:34 PM
ebo mentioned this in T5775: Kleopatra: Add action to restart background processes.Jun 29 2023, 1:38 PM
ebo added a comment.Jun 29 2023, 4:03 PM

just noticed that restarting the background processes with F5 on the certificate list does not work if the list is empty. (checked with Gpg4win-4.2.0-beta357)

ikloecker added a subscriber: ikloecker.Jun 29 2023, 4:42 PM

I think that's a known issue (or a known non-issue). I ran into this some time ago and therefore added the possibility to start gpg-agent explicitly instead of relying on a keylisting to start the agent implicitly. My guess is that gpg doesn't start gpg-agent because if there are no public keys then it makes little sense to ask gpg-agent for private keys.

aheinecke renamed this task from Kleopatra: gpg-agent does not restart when trying to access smart card to Kleopatra: gpg-agent does not restart on empty keylist.Jul 3 2023, 12:03 PM
aheinecke triaged this task as Low priority.
aheinecke added a subscriber: aheinecke.

I changed the title accordingly. I think when we call the option "restart background processes" we should not implicitly rely on a non empty keylist to start the gpg-agent but instead trigger it explicitly

aheinecke added a commit: rWc5617e9f2426: MSI: Kill running processes.Nov 15 2023, 3:09 PM
aheinecke added a commit: rWa232233fc914: MSI: Set REINSTALLMODE if not set to always.
aheinecke added a comment.Nov 15 2023, 4:43 PM

The commits ^ added here accidentally linked the wrong task number.

aheinecke removed a commit: rWc5617e9f2426: MSI: Kill running processes.Nov 15 2023, 4:44 PM
aheinecke removed a commit: rWa232233fc914: MSI: Set REINSTALLMODE if not set to always.
ebo renamed this task from Kleopatra: gpg-agent does not restart on empty keylist to Kleopatra: gpg-agent does not restart when trying to access smart card.Feb 26 2024, 2:29 PM
ebo updated the task description. (Show Details)
ebo added a comment.Feb 26 2024, 2:50 PM

While we see issues with gpg-agent not starting in different circumstances (like with the empty keylist) I would like to keep this task here about the smart card tab.

ebo added a project: vsd33.Feb 26 2024, 3:05 PM
ebo raised the priority of this task from Low to Normal.Feb 26 2024, 3:13 PM
ebo mentioned this in T7021: Kleopatra: restart gpg-agent after stopping it.Feb 27 2024, 4:44 PM
ikloecker claimed this task.Mar 4 2024, 10:38 AM
ikloecker moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.Mar 14 2024, 4:35 PM
ikloecker added a commit: rLIBKLEO13e34a20e23f: Add option to skip checking for a running gpg-agent.Mar 18 2024, 11:44 AM
ikloecker added a commit: rLIBKLEO969de383b200: Make Kleo::launchGpgAgent work for multiple threads.
ikloecker added a commit: rLIBKLEO4ac96fa0d49b: Start gpg-agent when sending a command to it fails with connection error.
ikloecker added a commit: rLIBKLEO65902c2d8398: Skip check for running gpg-agent when restarting it.
ikloecker changed the task status from Open to Testing.Mar 18 2024, 11:47 AM
ikloecker added a commit: rLIBKLEOf5577c412524: Make Kleo::launchGpgAgent work for multiple threads.May 2 2024, 3:30 PM
ikloecker added a commit: rLIBKLEOacac6a6d593c: Skip check for running gpg-agent when restarting it.
ikloecker added a commit: rLIBKLEOa0dc00ef8851: Add option to skip checking for a running gpg-agent.
ikloecker added a commit: rLIBKLEOba2b613a4024: Start gpg-agent when sending a command to it fails with connection error.
ikloecker moved this task from Backlog to WiP on the vsd33 board.May 7 2024, 9:38 AM
ebo moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.Oct 1 2024, 3:55 PM
ebo changed the task status from Testing to Open.Nov 8 2024, 3:40 PM
ebo moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.

Gpg4win-Beta-75: This does not work.

Tested like this, with one Yubikey connected:

  • Open Smartcard view in Kleo
  • gpgconf --kill all
  • F5 -> the display changes from the displayed card to no card view, no background processes are started
4406.646830	2024/11/08 15:24:31.836	2012	kleopatra.exe	org.kde.pim.kleopatra: onUpdateFinished
4495.833027	2024/11/08 15:26:01.030	2012	kleopatra.exe	org.kde.pim.kleopatra: ReaderStatusThread[GUI]::ping()
4495.833485	2024/11/08 15:26:01.030	2012	kleopatra.exe	org.kde.pim.kleopatra: ReaderStatusThread[2nd]: new iteration command= "__update__"  ; nullSlot= true
4495.833770	2024/11/08 15:26:01.030	2012	kleopatra.exe	org.kde.pim.kleopatra: update_cardinfo()
4495.834367	2024/11/08 15:26:01.030	2012	kleopatra.exe	org.kde.pim.kleopatra: onUpdateCardsStarted
4495.835192	2024/11/08 15:26:01.030	2012	kleopatra.exe	org.kde.pim.libkleo: sendCommand "SCD SERIALNO --all"
4495.835384	2024/11/08 15:26:01.030	2012	kleopatra.exe	org.kde.pim.libkleo: launchGpgAgent : gpg-agent is already being launched
4495.835474	2024/11/08 15:26:01.030	2012	kleopatra.exe	org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 125 ms
4495.985762	2024/11/08 15:26:01.186	2012	kleopatra.exe	org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 250 ms
4496.251055	2024/11/08 15:26:01.452	2012	kleopatra.exe	org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 500 ms
4496.762091	2024/11/08 15:26:01.963	2012	kleopatra.exe	org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
4497.784015	2024/11/08 15:26:02.985	2012	kleopatra.exe	org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
4498.791326	2024/11/08 15:26:03.993	2012	kleopatra.exe	org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
4499.794676	2024/11/08 15:26:04.996	2012	kleopatra.exe	org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
4500.798513	2024/11/08 15:26:06.000	2012	kleopatra.exe	org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
4501.804613	2024/11/08 15:26:07.006	2012	kleopatra.exe	org.kde.pim.libkleo: Connecting to the agent failed. Retrying in 1000 ms
4502.812186	2024/11/08 15:26:08.013	2012	kleopatra.exe	org.kde.pim.libkleo: sendCommand "SCD SERIALNO --all" failed: "IPC \"connect\" Aufruf fehlgeschlagen" (code: 259, source: GPGME)
4502.812452	2024/11/08 15:26:08.013	2012	kleopatra.exe	org.kde.pim.libkleo: Assuan problem, killing context
4502.812728	2024/11/08 15:26:08.013	2012	kleopatra.exe	org.kde.pim.libkleo: sendStatusLinesCommand "SCD SERIALNO --all" : t == NULL
4502.813112	2024/11/08 15:26:08.013	2012	kleopatra.exe	org.kde.pim.kleopatra: Running SCD SERIALNO --all failed: "IPC \"connect\" Aufruf fehlgeschlagen" (code: 259, source: GPGME)
ebo moved this task from WiP to Backlog on the vsd33 board.Nov 8 2024, 3:40 PM
ikloecker added a commit: rLIBKLEO3e4a6da08909: Use synchronous QProcess API to start gpg-agent without event loop.Nov 12 2024, 11:27 AM
ikloecker added a commit: rLIBKLEO88753704a53b: Add context to some connects.
ikloecker added a commit: rLIBKLEO2520ae86cddc: Use synchronous QProcess API to start gpg-agent without event loop.Nov 12 2024, 11:38 AM
ikloecker added a commit: rLIBKLEO541725ca3f5a: Use synchronous QProcess API to start gpg-agent without event loop.Nov 12 2024, 11:41 AM
ikloecker changed the task status from Open to Testing.Nov 12 2024, 11:45 AM
ikloecker moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.

Fixed.

ikloecker moved this task from Backlog to WiP on the vsd33 board.Nov 12 2024, 11:45 AM

And backported for VSD 3.3.

ikloecker added a commit: rLIBKLEO29b570fc8eb7: Add updated API docs.Nov 14 2024, 5:20 PM
ikloecker mentioned this in T7323: scdaemon hangs up (when output from scdaemon is not consumed by gpg-agent).Nov 15 2024, 2:41 PM
ikloecker added a commit: rLIBKLEO3ae161fce6c7: Start gpgconf detached if we don't have an event loop.Nov 15 2024, 2:57 PM
ikloecker added a commit: rLIBKLEO967c9ee366bb: Start gpgconf detached if we don't have an event loop.Nov 15 2024, 3:08 PM
ebo moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.Tue, Nov 26, 11:20 AM

Gpg4win-Beta-94: works

ebo moved this task from WiP to QA on the vsd33 board.Mon, Dec 16, 11:19 AM