Page MenuHome GnuPG

gpgsm <-> dirmngr communication deadlocks with debug-allow-core-dump
Closed, ResolvedPublic

Description

The communication between gpgsm and a dirmngr started by gpgsm deadlocks
in some situations. It happens for me in the following scenario:

gpgsm.conf contains theses lines:

debug-allow-core-dump
debug-level none
log-file socket:///home/user/.gnupg/log-socket

/home/user/ is, of course the real home directory, but no process is
actually listening on the socket! This can happen if one had used
KWatchGnuPG previously but not in the current session.

dirmngr.conf contains only:

debug-level none

Now verify an S/MIME mail with Kontact. The Kontact process freezes.
Closer analysis shows that gpgsm and dirmngr have been started and both
block on IO calls (gpgsm on read and dirmngr on select). It looks like
a deadlock.

If I now kill dirmngr, the signature verification continues and is
completed successfully. However, the Kontact window shows the following
lines at the bottom of the signed text as if they were part of the
signed text:

dirmngr[25338]: dauerhaft geladene Zertifikate: 0
dirmngr[25338]: zur Laufzeit zwischengespeicherte Zertifikate: 0

Variations of the test:

  1. As above, but the log-file setting is commented out in gpsm.conf. Now the signature verification doesn't block and no extra text appears in the signed text.
  1. As above, but the debug-allow-core-dump setting is commented out. Again, the signature verification doesn't block and no extra text appears in the signed text.

Versions:

gpgsm (GnuPG) 2.0.7
dirmngr 1.0.1
gpgme 1.1.5
Kontact: 1.0 (proko2 branch 2.1.11)

This issue might be related to Issue787

Event Timeline

May I ask you to update gnupg to the latest SVN revision (4634) and test this again?

Also, what version of libassuan are you using? (gnupg > 2.0.7 shows this --version).

Is that the system dirmngr or a locally started one?