Page MenuHome GnuPG
Create Task
Maniphest T7518

`gpg --gpgconf-list` reports some data from the config file or command line, and other data that is about compiled in defaults
Closed, ResolvedPublic
Actions

Description

gpg --gpgconf-list emits several different pieces of information. Some of the information (like default_pubkey_algo or use_keyboxd) will change when set from the command line or a config file. Other data points (like debug_level and compliance) appear to emit static data based on compiled-in defaults, even if the corresponding options are set from the command line or in a config file.

With an entirely empty configuration (no gpg.conf, no common.conf), using gpg 2.4.7, you can see this pattern of inconsistent behavior:

0 dkg@bob:~$ gpg --gpgconf-list
debug-level:16:"none:
compliance:16:"gnupg:
default_pubkey_algo:16:"ed25519/cert,sign+cv25519/encr:
compliance_de_vs:16:0:
use_keyboxd:16:0:
0 dkg@bob:~$ gpg --default-new-key-algo bananas --gpgconf-list
debug-level:16:"none:
compliance:16:"gnupg:
default_pubkey_algo:16:"bananas:
compliance_de_vs:16:0:
use_keyboxd:16:0:
0 dkg@bob:~$ gpg --debug-level guru --default-new-key-algo bananas --gpgconf-list
debug-level:16:"none:
compliance:16:"gnupg:
default_pubkey_algo:16:"bananas:
compliance_de_vs:16:0:
use_keyboxd:16:0:
0 dkg@bob:~$ echo use-keyboxd > $GNUPGHOME/common.conf
0 dkg@bob:~$ gpg --debug-level guru --default-new-key-algo bananas --gpgconf-list
debug-level:16:"none:
compliance:16:"gnupg:
default_pubkey_algo:16:"bananas:
compliance_de_vs:16:0:
use_keyboxd:16:1:
0 dkg@bob:~$

Details

Version
2.4.7

Event Timeline

dkg created this task.Thu, Feb 6, 7:21 PM
dkg added a comment.Thu, Feb 6, 9:48 PM

in combination with this patch it should be easy to modify gpgconf_list() (in g10/gpg,c) to emit compliance from the settings/cli options.

i haven't looked into how to correctly emit debug-level, or compliance_de_vs based on configuration or command-line arguments.

ikloecker added a subscriber: ikloecker.Fri, Feb 7, 9:44 AM
$ man gpg
       --gpgconf-list
              This command is similar to --list-config but in general only internally used by the gpgconf tool.

In general, "only internally used" means: Don't use this yourself or accept what it does.

werner closed this task as Resolved.Fri, Feb 7, 10:09 AM
werner claimed this task.
werner added a project: Not A Bug.
dkg added a comment.Sun, Feb 9, 5:59 AM

If you say so, i won't press this. I will just leave this ticket with an observation that even for someone who reads the source code this is not intelligible. At the top of gpgconf_list in g10/gpg.c, the comment says:

/* List default values for use by gpgconf.  */

And yet, some of the values reflect command-line or configuration file parameters, and others reflect the compiled-in defaults.

If you want other people to be able to offer patches to the project, it would be nice to have a coherent explanation of what the expected API contract actually is between gpg and gpgconf. If there's a clearer explanation of it in the documentation or in the source that i've missed, maybe a pointer to it from this function would be useful.

🤷