Page MenuHome GnuPG

gpgtar: General Error is emitted instead of more specific error codes
Closed, ResolvedPublic

Description

When signing an archive via Kleopatra and ignoring the pinentry long enough to run into the timeout, "general error" is displayed but the status information about the timeout seems to be there:

When signing only one file, the timeout error is displayed:

Could be a bit more verbose for the average user but ok.
Please change the behavior for signing of directories accordingly.

aheinecke: Edited and changed the task description: General Error also is reported for bad passphrase, cancel etc.
ikloecker: This also happens when creating signed&encrypted archives and probably also when creating an encrypted-only archive, but in the latter case it's a bit harder to provoke an error.

Event Timeline

aheinecke added a subscriber: aheinecke.

For what its worth, GnuPG keeps the timeout value this way for some reason with server usecases if I remember correctly so that other keys are tried when one times out. In GnuPG VS-Desktop we configured a 10 Minute timeout as a compromise.

But yeah, General Error is never good :)

The same happens when the pinentry is canceled, i.e. General Error is reported although in this case the dialog should simply be closed (because the user canceled the operation).

aheinecke raised the priority of this task from Low to High.Nov 14 2023, 10:04 AM
aheinecke edited projects, added gnupg22, vsd32; removed gnupg24.

The same happens when the pinentry is canceled, i.e. General Error is reported although in this case the dialog should simply be closed (because the user canceled the operation).

Why is this then filed with this priority and not on any of our important workboards?

Ok maybe because of the task description with timeout. But for a Cancel to report "General Error" that is unacceptable.

aheinecke renamed this task from Kleopatra: general error displayed instead of timeout error for directories to gpgtar: General Error instead of proper error codes.Nov 14 2023, 10:08 AM
aheinecke updated the task description. (Show Details)
aheinecke removed Version.

I edited the task description.

aheinecke edited projects, added gpgme; removed gnupg22, kleopatra.
aheinecke added a subscriber: werner.

I tested it some more. Gpgtar reports proper erors like:

gpg: Schlüssel 0FFCF9582810AA0C wurde 153 Sekunden in der Zukunft erzeugt (Zeitreise oder Uhrenproblem)
[GNUPG:] FAILURE sign 33554471
gpg: signing failed: Zeitangaben differieren

But they seem to be lost in GPGME. So @ikloecker it seems that gpgme does not parse the gpg status failure codes. Which is good so this means that you can work on this instead of werner. :)

I reprodcued this with a simple: "gpgtar --status-fd 2 --verbose --create --sign -u foo@bar vimfiles > foo.tar.gpg" on the command line. Which gives me the proper status lines but then ends up in kleo with general error.

You are creating a signed archiv? Why - gpgtar is used for encryption.

werner renamed this task from gpgtar: General Error instead of proper error codes to gpgtar: General Error is emitted instead of more specific error codes when only signing.Nov 14 2023, 10:38 AM
werner lowered the priority of this task from High to Normal.

As discussed in chat has nothing to do with only signing. Only that signing makes it easier to get errors by cancelling pinentry or entering bad passwords.

ikloecker moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.Nov 14 2023, 1:14 PM
ikloecker moved this task from Backlog to WiP on the gpgme board.
ikloecker moved this task from Backlog to WiP on the vsd32 board.
ikloecker renamed this task from gpgtar: General Error is emitted instead of more specific error codes when only signing to gpgtar: General Error is emitted instead of more specific error codes.Nov 14 2023, 1:46 PM
ikloecker updated the task description. (Show Details)
ikloecker changed the task status from Open to Testing.Nov 14 2023, 1:54 PM

works, VS-Desktop-3.1.90.287-Beta

ebo edited projects, added vsd32 (vsd-3.2.0); removed vsd32.

Fixing gpg is easy but there is some bug lingering in gpgme which might be a recent regression. An strace shows

450   +++ exited with 2 +++
438   poll([{fd=6, events=POLLIN}], 1, 0) = 1 ([{fd=6, revents=POLLHUP}])
438   read(6, "", 4096)                 = 0
438   close(6)                          = 0
438   poll([{fd=4, events=POLLIN}, {fd=9, events=POLLOUT}], 2, 1000) = 2 ([{fd=4, revents=POLLHUP}, {fd=9, revents=POLLERR}])
438   poll([{fd=4, events=POLLIN}], 1, 0) = 1 ([{fd=4, revents=POLLHUP}])
438   read(4, "", 1024)                 = 0
438   write(2, "status_cb:  \n", 13)    = 13
438   close(4)                          = 0
438   poll([{fd=9, events=POLLOUT}], 1, 1000) = 1 ([{fd=9, revents=POLLERR}])

and keeps on polling after the gpg process (450) teminated.

Arghh, a GPGME_DEBUG=3 which shows basic I/O preparation does not exhibit the bug.

werner moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.
werner edited projects, added gpgme (gpgme 1.23.x); removed gpgme.