Bug Report
ActivePublic

Members

  • This project does not have any members.

Recent Activity

Today

MaXi32 added a comment to T5076: gpg-agent respawn another process randomly and causes cached passphrase check failed / expired.

Ok let me update what I did next:

Sat, Sep 19, 6:16 AM · gnupg (gpg22), Bug Report

Yesterday

MaXi32 updated the task description for T5076: gpg-agent respawn another process randomly and causes cached passphrase check failed / expired.
Fri, Sep 18, 8:31 PM · gnupg (gpg22), Bug Report
MaXi32 updated the task description for T5076: gpg-agent respawn another process randomly and causes cached passphrase check failed / expired.
Fri, Sep 18, 8:24 PM · gnupg (gpg22), Bug Report
MaXi32 updated the task description for T5076: gpg-agent respawn another process randomly and causes cached passphrase check failed / expired.
Fri, Sep 18, 8:24 PM · gnupg (gpg22), Bug Report
MaXi32 updated the task description for T5076: gpg-agent respawn another process randomly and causes cached passphrase check failed / expired.
Fri, Sep 18, 8:17 PM · gnupg (gpg22), Bug Report
MaXi32 updated the task description for T5076: gpg-agent respawn another process randomly and causes cached passphrase check failed / expired.
Fri, Sep 18, 8:12 PM · gnupg (gpg22), Bug Report
MaXi32 updated the task description for T5076: gpg-agent respawn another process randomly and causes cached passphrase check failed / expired.
Fri, Sep 18, 8:11 PM · gnupg (gpg22), Bug Report
MaXi32 updated the task description for T5076: gpg-agent respawn another process randomly and causes cached passphrase check failed / expired.
Fri, Sep 18, 8:10 PM · gnupg (gpg22), Bug Report
MaXi32 updated the task description for T5076: gpg-agent respawn another process randomly and causes cached passphrase check failed / expired.
Fri, Sep 18, 8:10 PM · gnupg (gpg22), Bug Report
MaXi32 created T5076: gpg-agent respawn another process randomly and causes cached passphrase check failed / expired.
Fri, Sep 18, 8:09 PM · gnupg (gpg22), Bug Report
mathieui created T5075: [python-gpgme] Traceback when running with python -OO.
Fri, Sep 18, 5:11 PM · gpgme, Python, Bug Report
gniibe added a comment to T5062: gpg: error getting version from 'scdaemon': Forbidden.

Here are my test configurations.

Fri, Sep 18, 10:15 AM · Bug Report
despair created T5074: Leaking fd.
Fri, Sep 18, 8:29 AM · gpgme, Bug Report
gniibe added a comment to T5062: gpg: error getting version from 'scdaemon': Forbidden.

I think that there is some misunderstanding how gpg-agent and scdaemon run.
In the normal configuration, those program run when you login to your desktop or it is invoked when used, then, after you logout, it dies.

Fri, Sep 18, 5:01 AM · Bug Report
gniibe added a comment to T5062: gpg: error getting version from 'scdaemon': Forbidden.

For SSH, I don't think forwarding gpg-agent's socket (S.gpg-agent.ssh) is good; It complicates things unnecessarily. Simply use -A option of SSH, if possible.

Fri, Sep 18, 3:58 AM · Bug Report
gniibe closed T5063: Use of some "SCD" command through extra socket, a subtask of T5062: gpg: error getting version from 'scdaemon': Forbidden, as Resolved.
Fri, Sep 18, 3:55 AM · Bug Report
gniibe closed T5063: Use of some "SCD" command through extra socket as Resolved.
Fri, Sep 18, 3:55 AM · Bug Report
gniibe added a comment to T5063: Use of some "SCD" command through extra socket.

Fixed in master.

Fri, Sep 18, 3:52 AM · Bug Report
gniibe added a comment to T5063: Use of some "SCD" command through extra socket.

"SCD GETINFO card_list" is not needed actually. It was my misunderstanding.

Fri, Sep 18, 3:51 AM · Bug Report
gniibe added a commit to T5063: Use of some "SCD" command through extra socket: rG8a84a71f3a58: agent: Fix regression for access through the extra secket..
Fri, Sep 18, 3:36 AM · Bug Report

Thu, Sep 17

GwenDragon added a project to T5073: Date output of GnuPG not in correct language format: gnupg (gpg22).
Thu, Sep 17, 6:00 PM · gnupg (gpg22), Bug Report
GwenDragon created T5073: Date output of GnuPG not in correct language format.
Thu, Sep 17, 5:37 PM · gnupg (gpg22), Bug Report
bernhard closed T3379: Gpg4win windows publisher signature not always correctly displayed in UAC dialogue as Resolved.

Last report more than two years ago.

Thu, Sep 17, 1:50 PM · gpg4win, Bug Report
turkja added a comment to T5065: scdaemon doesn't detect card removal after boot/resume (Identiv SPR332v2).

This is everything lsusb knows about the device:

Thu, Sep 17, 8:28 AM · gnupg (gpg22), scd, Bug Report
gniibe added a comment to T5065: scdaemon doesn't detect card removal after boot/resume (Identiv SPR332v2).

And please report the output of lsusb -d 04e6:e003 for the information of the card reader.

Thu, Sep 17, 8:27 AM · gnupg (gpg22), scd, Bug Report
gniibe added a comment to T5065: scdaemon doesn't detect card removal after boot/resume (Identiv SPR332v2).

@turkja Thanks for your information.
May I ask you one thing?
Please show me the usb VID:PID of your card reader.
Is it 04e6:e003?
You can examine a line of the output by lsusb.

Thu, Sep 17, 8:23 AM · gnupg (gpg22), scd, Bug Report
turkja added a comment to T5065: scdaemon doesn't detect card removal after boot/resume (Identiv SPR332v2).

Just wanted to add to my initial findings:

  • I was not using proprietary drivers (libscmccid.so.5.0.35), because the installer script fails to install on default CentOS 8 pcsc-lite. So the distribution pcsc-lite also doesn't have this issue.
  • Fastest way to test this condition is to just detach/attach the reader device.
  • Proprietary drivers doesn't support secure pin entry!
Thu, Sep 17, 5:59 AM · gnupg (gpg22), scd, Bug Report

Wed, Sep 16

CaveTheCave added a comment to T5069: Concurrent auto-start of gpg-agent by multiple gpg instances..

Please note that:

  • There is a single user accessing the socket dir (which is the same as the homedir).
  • The socketdir (homedir) is not in a local directory. It is in another file system accessed via the SMB protocol, with a command such as:
gpg --homedir "//192.168.32.211/c$/gpghomedir" ...
Wed, Sep 16, 8:33 PM · gnupg (gpg22), Windows, Bug Report
CaveTheCave added a comment to T5069: Concurrent auto-start of gpg-agent by multiple gpg instances..

From the '&ovl' I assume that the lock file has been openned for overlapped IO.
Please see an extract from MSDN for the LockFileEx function:

Wed, Sep 16, 5:03 PM · gnupg (gpg22), Windows, Bug Report
glr created T5071: Doc fix: simple typos.
Wed, Sep 16, 1:19 PM · Documentation, Bug Report
werner added a comment to T5069: Concurrent auto-start of gpg-agent by multiple gpg instances..

We need to figure out why the file locks seem not to work. gpg-agent processes whatch there own socket and terminate if that socket does not belong to them anymore.

Wed, Sep 16, 8:10 AM · gnupg (gpg22), Windows, Bug Report
gniibe claimed T5065: scdaemon doesn't detect card removal after boot/resume (Identiv SPR332v2).
Wed, Sep 16, 8:04 AM · gnupg (gpg22), scd, Bug Report
gniibe added a comment to T5065: scdaemon doesn't detect card removal after boot/resume (Identiv SPR332v2).

Thanks for sending.

Wed, Sep 16, 8:01 AM · gnupg (gpg22), scd, Bug Report
werner added a comment to T5065: scdaemon doesn't detect card removal after boot/resume (Identiv SPR332v2).

I checked two devices and both have the info below but 332 on the case.

Wed, Sep 16, 7:55 AM · gnupg (gpg22), scd, Bug Report
werner added a comment to T5065: scdaemon doesn't detect card removal after boot/resume (Identiv SPR332v2).

Bus 001 Device 123: ID 04e6:e003 SCM Microsystems, Inc. SPR532 PinPad SmartCard Reader

Wed, Sep 16, 7:48 AM · gnupg (gpg22), scd, Bug Report
gniibe added a comment to T5065: scdaemon doesn't detect card removal after boot/resume (Identiv SPR332v2).

Is it an alias of SPR532? Please show me the USB vendor ID and product ID.

Wed, Sep 16, 7:39 AM · gnupg (gpg22), scd, Bug Report
CaveTheCave added a comment to T5069: Concurrent auto-start of gpg-agent by multiple gpg instances..

Yes it is the windows version. It occurs both in Windows 10 and Windows Server 2016.
What I notice is that a gpg-agent is started, then after some time another one is started and the previous ends (presumably because it has lost the socket), etc. At any point in time, I can see only one agent instance running in the task manager, but with different process ids.

Wed, Sep 16, 6:57 AM · gnupg (gpg22), Windows, Bug Report

Tue, Sep 15

werner triaged T5065: scdaemon doesn't detect card removal after boot/resume (Identiv SPR332v2) as High priority.

Okay, I have the same problem at my office and thus I should be able to figure out the reason. I have ignored the problem until now because the wokraround is easy enough and in most cases I authenticate with my token anyway. But yes, this needs to be fixed.

Tue, Sep 15, 9:35 PM · gnupg (gpg22), scd, Bug Report
werner triaged T5069: Concurrent auto-start of gpg-agent by multiple gpg instances. as Normal priority.

I assume this is the Windows version. gpg uses a locking mechanism to avoid creating several gpg-agent processes. In the worst case this may take quite some time until one of the processes can get the lock. There is an exponential backoff scheme in use and I have not yet found a way to replicate the full deadlock you describe. It would be helpful if you could describe in more detail how you run into this case.

Tue, Sep 15, 9:35 PM · gnupg (gpg22), Windows, Bug Report
CaveTheCave created T5069: Concurrent auto-start of gpg-agent by multiple gpg instances..
Tue, Sep 15, 3:17 PM · gnupg (gpg22), Windows, Bug Report

Mon, Sep 14

turkja added a comment to T5065: scdaemon doesn't detect card removal after boot/resume (Identiv SPR332v2).

Thanks for prompt answer!

Mon, Sep 14, 9:45 AM · gnupg (gpg22), scd, Bug Report
werner added projects to T5065: scdaemon doesn't detect card removal after boot/resume (Identiv SPR332v2): scd, gnupg (gpg22).

Thanks for the detailed report. Does the green LED blink fast when it does not work?

Mon, Sep 14, 7:59 AM · gnupg (gpg22), scd, Bug Report
turkja created T5065: scdaemon doesn't detect card removal after boot/resume (Identiv SPR332v2).
Mon, Sep 14, 3:37 AM · gnupg (gpg22), scd, Bug Report

Fri, Sep 11

avemilia added a comment to T5062: gpg: error getting version from 'scdaemon': Forbidden.

Additionally, does your answer imply that when I ssh into remote, no gpg logs on remote should be produced if everything is executed correctly?

Fri, Sep 11, 9:52 AM · Bug Report
avemilia added a comment to T5062: gpg: error getting version from 'scdaemon': Forbidden.

I see. How should I prepare environment instead? With local it is clear, but with remote it isn't. I also use remote as a normal machine with yubikey plugged directly into it most of the time, as it is a desktop at home. Local is a laptop that I use when I'm not at home. So, let's say I have a fresh reboot of remote and use it a bit with yubikey. So, it has gpg-agent started with its own socket there. Now I want to ssh into remote. If I understand correctly, for correct functionality I need to kill gpg-agent on remote first, otherwise agent forwarding will misbehave? Then, after I'm done with ssh and get back to remote (physically), how do I "recover" from ssh and re-launch gpg agent normally again? Since you say that killing it will send instruction to kill it on local machine, what should be done instead?

Fri, Sep 11, 9:49 AM · Bug Report
gniibe added a comment to T5062: gpg: error getting version from 'scdaemon': Forbidden.

You should not do gpgconf --kill all on your remote machine; It kills gpg-agent on your local machine, through forwarded socket. And next invocation of gpg will invoke gpg-agent on your remote machine, which makes things confusing.

Fri, Sep 11, 9:36 AM · Bug Report
avemilia added a comment to T5062: gpg: error getting version from 'scdaemon': Forbidden.

I didn't run gpg-agent or scdaemon on remote manually. If that happened -- it probably happened as a result of ssh'ing into it and spawning a zsh shell, which executed the section that I mark as "Environment (per shell)" above. I do this kind of "preparation" (stop gpg, clean up logs to collect only relevant logs on problem demonstration) to make the problem description as minimal as possible. And I post all relevant produced logs to make the problem description as complete as possible. Sorry if this is confusing, I don't really know what I'm doing but I want to make a bug report that can be acted upon.

Fri, Sep 11, 9:22 AM · Bug Report
gniibe added a comment to T5062: gpg: error getting version from 'scdaemon': Forbidden.

Sorry, my editing error. I wanted write:

Fri, Sep 11, 8:51 AM · Bug Report
avemilia updated the task description for T5064: Forwarded gpg ssh agent doesn't see smartcard ssh key, only (none).
Fri, Sep 11, 8:38 AM · Bug Report
avemilia updated the task description for T5064: Forwarded gpg ssh agent doesn't see smartcard ssh key, only (none).
Fri, Sep 11, 8:33 AM · Bug Report