Page MenuHome GnuPG

smoser (Scott Moser)
User

Projects

User does not belong to any projects.

User Details

User Since
Mar 27 2017, 4:47 PM (398 w, 6 d)
Availability
Available

Recent Activity

Jun 6 2016

smoser added a comment to T1675: gpg --verify has race conditions when used concurrently.

I'm still able to make this fail, though quite less often.
Example is here.

$ wget https://bugs.gnupg.org/gnupg/file443/show-race.sh -O show-race.sh
$ chmod 755 show-race.sh
$ dpkg-query --show gnupg
$ gnupg --version
gpg (GnuPG) 1.4.20
Copyright (C) 2015 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,

CAMELLIA128, CAMELLIA192, CAMELLIA256

Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

$ sed -i.dist -e 's,precise-updates,precise,' -e
's,20101020ubuntu136.15,current,' show-race.sh
$ diff -u show-race.sh.dist show-race.sh

  • show-race.sh.dist 2016-06-06 16:37:25.845783450 -0400

+++ show-race.sh 2016-06-06 16:37:26.645771713 -0400
@@ -37,7 +37,7 @@

mkdir "$GNUPGHOME" && chmod 700 "$GNUPGHOME"

fi

-url="http://archive.ubuntu.com/ubuntu/dists/precise-updates/main/installer-amd64/20101020ubuntu136.15/images"
+url="http://archive.ubuntu.com/ubuntu/dists/precise/main/installer-amd64/current/images"
kr=/usr/share/keyrings/ubuntu-archive-keyring.gpg
for f in SHA256SUMS SHA256SUMS.gpg; do

   [ -f "$f" ] && continue

$ i=0; while i=$(($i+1)); do rm -Rf out*; echo -n "$i "; ./show-race.sh ||
break; done
1 max=100 cmd=gpg --verify args:
2 max=100 cmd=gpg --verify args:
3 max=100 cmd=gpg --verify args:
4 max=100 cmd=gpg --verify args:
...
67 max=100 cmd=gpg --verify args:
68 max=100 cmd=gpg --verify args:
69 max=100 cmd=gpg --verify args:
3 failed: out.3 [2]

$ cat out.3
gpg: Signature made Mon 23 Apr 2012 03:52:09 PM EDT using DSA key ID 437D05B5
gpg: error opening lockfile `/tmp/xt/out.gnupghome/trustdb.gpg.lock': No such
file or directory
gpg: lockfile disappeared
gpg: 12: read expected rec type 10, got 0
gpg: lookup_hashtable failed: trust database error
gpg: trustdb: searching trust record failed: trust database error
gpg: Error: The trustdb is corrupted.
gpg: You may try to re-create the trustdb using the commands:
gpg: cd /tmp/xt/out.gnupghome
gpg: gpg2 --export-ownertrust > otrust.tmp
gpg: rm trustdb.gpg
gpg: gpg2 --import-ownertrust < otrust.tmp
gpg: If that does not work, please consult the manual

Jun 6 2016, 10:52 PM · gnupg, Bug Report
smoser reopened T1675: gpg --verify has race conditions when used concurrently as "Open".
Jun 6 2016, 10:52 PM · gnupg, Bug Report

May 13 2015

smoser added a comment to T1675: gpg --verify has race conditions when used concurrently.

there is more info in 'gpg-info.txt' inside the tarballs, but for completeness
gpg --version: gpg (GnuPG) 1.4.18
lsb_release -sc: vivid
uname -a: Linux vivid-20150513-125547 3.19.0-16-generic #16-Ubuntu SMP Thu Apr
30 16:09:58 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
filesystem is ext4.

May 13 2015, 3:48 PM · gnupg, Bug Report
smoser added a comment to T1675: gpg --verify has race conditions when used concurrently.

May 13 2015, 3:18 PM · gnupg, Bug Report
smoser added a comment to T1675: gpg --verify has race conditions when used concurrently.

Attaching output of runs.
show-race-output-nostrace.tar.gz
and
show-race-output.tar.gz

both run on fresh 15.04 instance (gpg (GnuPG) 1.4.18).
nostrace version did not use strace. I had to run that in a loop in order to
catch failure. with strace, it fails immediately.

strace version (failed first time):

./show-race.sh

no-strace:
while :; do ../show-race-output/show-race.sh || break; rm -Rf out*; done

May 13 2015, 3:18 PM · gnupg, Bug Report
smoser added a comment to T1675: gpg --verify has race conditions when used concurrently.

May 13 2015, 3:18 PM · gnupg, Bug Report

Jul 30 2014

smoser added a comment to T1675: gpg --verify has race conditions when used concurrently.

Sorry. Version used was reported in the original report at:
https://bugs.launchpad.net/ubuntu/+source/gnupg/+bug/1342807
but i didn't copy that here. I ran this on 14.10 Ubuntu with apt provided gpg.
version is: 1.4.16-1.2ubuntu1

Jul 30 2014, 4:13 PM · gnupg, Bug Report

Jul 28 2014

smoser added a project to T1675: gpg --verify has race conditions when used concurrently: Bug Report.
Jul 28 2014, 9:19 PM · gnupg, Bug Report
smoser added a comment to T1675: gpg --verify has race conditions when used concurrently.

Jul 28 2014, 9:19 PM · gnupg, Bug Report