Skip Menu |

This queue is for tickets about the Mail-GnuPG CPAN distribution.

Report information
The Basics
Id: 102719
Status: open
Priority: 0/
Queue: Mail-GnuPG
People
Owner: Nobody in particular
Requestors: ppisar [...] redhat.com
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: 0.21
Fixed in: (no value)

History Show all quoted text
  Thu Mar 12 09:15:42 2015 ppisar [...] redhat.com - Ticket created
Subject: agent.t tests fails with since GnuPG 2.1
Running t/agent.t with GPG_PRESET_PASSPHRASE environment variable pointing to gpg-agent from GnuPG 2 worked until upgrading gnupg from 2.0.25 to 2.1.1: $ GPG_PRESET_PASSPHRASE=/usr/libexec/gpg-preset-passphrase prove -b -v t/agent.t t/agent.t .. gpg: keyring `mgtS0WvS/secring.gpg' created gpg: keyring `mgtS0WvS/pubring.gpg' created gpg: key EFEA4EAD: secret key imported gpg: mgtS0WvS/trustdb.gpg: trustdb created gpg: key EFEA4EAD marked as ultimately trusted gpg: key EFEA4EAD: public key "Mail::GnuPG Test Key <mail@gnupg.dom>" imported gpg: key EFEA4EAD: "Mail::GnuPG Test Key <mail@gnupg.dom>" 1 new signature gpg: Total number processed: 2 gpg: imported: 1 gpg: new signatures: 1 gpg: secret keys read: 1 gpg: secret keys imported: 1 gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u gpg-agent: a gpg-agent is already running - not starting a new one 1..20 ok 1 - An object of class 'Mail::GnuPG' isa 'Mail::GnuPG' not ok 2 # Failed test at t/agent.t line 78. # got: '2' # expected: '0' not ok 3 # Failed test at t/agent.t line 81. # got: '2' # expected: '0' not ok 4 # Failed test at t/agent.t line 82. # got: undef # expected: 'EFEA4EAD' not ok 5 # Failed test at t/agent.t line 83. # got: undef # expected: 'Mail::GnuPG Test Key <mail@gnupg.dom>' ok 6 ok 7 not ok 8 # Failed test at t/agent.t line 92. # got: '2' # expected: '0' Unknown Content-Type or no PGP message in body at /home/test/fedora/perl-Mail-GnuPG/Mail-GnuPG-0.21/blib/lib/Mail/GnuPG.pm line 402. # Looks like you planned 20 tests but ran 8. # Looks like you failed 5 tests of 8 run. # Looks like your test exited with 2 just after 8. Dubious, test returned 2 (wstat 512, 0x200) Failed 17/20 subtests Test Summary Report ------------------- t/agent.t (Wstat: 512 Tests: 8 Failed: 5) Failed tests: 2-5, 8 Non-zero exit status: 2 Parse errors: Bad plan. You planned 20 tests but ran 8. Files=1, Tests=8, 0 wallclock secs ( 0.04 usr 0.01 sys + 0.66 cusr 0.18 csys = 0.89 CPU) Result: FAIL
  Sun Mar 15 19:09:07 2015 jesse [...] fsck.com - Correspondence added
Subject: Re: [rt.cpan.org #102719] agent.t tests fails with since GnuPG 2.1
Date: Sun, 15 Mar 2015 16:08:57 -0700
To: Petr Pisar via RT <bug-Mail-GnuPG [...] rt.cpan.org>
From: Jesse Vincent <jesse [...] fsck.com>
Would you happen to know what the right change to fix this for the new GnuPg is? Thanks! On Thu, Mar 12, 2015 at 09:15:43AM -0400, Petr Pisar via RT wrote: Show quoted text
> Thu Mar 12 09:15:42 2015: Request 102719 was acted upon. > Transaction: Ticket created by ppisar > Queue: Mail-GnuPG > Subject: agent.t tests fails with since GnuPG 2.1 > Broken in: 0.21 > Severity: (no value) > Owner: Nobody > Requestors: ppisar@redhat.com > Status: new > Ticket <URL: https://rt.cpan.org/Ticket/Display.html?id=102719 > > > > Running t/agent.t with GPG_PRESET_PASSPHRASE environment variable pointing to gpg-agent from GnuPG 2 worked until upgrading gnupg from 2.0.25 to 2.1.1: > > $ GPG_PRESET_PASSPHRASE=/usr/libexec/gpg-preset-passphrase prove -b -v t/agent.t > t/agent.t .. > gpg: keyring `mgtS0WvS/secring.gpg' created > gpg: keyring `mgtS0WvS/pubring.gpg' created > gpg: key EFEA4EAD: secret key imported > gpg: mgtS0WvS/trustdb.gpg: trustdb created > gpg: key EFEA4EAD marked as ultimately trusted > gpg: key EFEA4EAD: public key "Mail::GnuPG Test Key <mail@gnupg.dom>" imported > gpg: key EFEA4EAD: "Mail::GnuPG Test Key <mail@gnupg.dom>" 1 new signature > gpg: Total number processed: 2 > gpg: imported: 1 > gpg: new signatures: 1 > gpg: secret keys read: 1 > gpg: secret keys imported: 1 > gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model > gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u > gpg-agent: a gpg-agent is already running - not starting a new one > > 1..20 > ok 1 - An object of class 'Mail::GnuPG' isa 'Mail::GnuPG' > not ok 2 > > # Failed test at t/agent.t line 78. > # got: '2' > # expected: '0' > not ok 3 > > # Failed test at t/agent.t line 81. > # got: '2' > # expected: '0' > not ok 4 > > # Failed test at t/agent.t line 82. > # got: undef > # expected: 'EFEA4EAD' > not ok 5 > > # Failed test at t/agent.t line 83. > # got: undef > # expected: 'Mail::GnuPG Test Key <mail@gnupg.dom>' > ok 6 > ok 7 > not ok 8 > > # Failed test at t/agent.t line 92. > # got: '2' > # expected: '0' > Unknown Content-Type or no PGP message in body at /home/test/fedora/perl-Mail-GnuPG/Mail-GnuPG-0.21/blib/lib/Mail/GnuPG.pm line 402. > # Looks like you planned 20 tests but ran 8. > # Looks like you failed 5 tests of 8 run. > # Looks like your test exited with 2 just after 8. > Dubious, test returned 2 (wstat 512, 0x200) > Failed 17/20 subtests > > Test Summary Report > ------------------- > t/agent.t (Wstat: 512 Tests: 8 Failed: 5) > Failed tests: 2-5, 8 > Non-zero exit status: 2 > Parse errors: Bad plan. You planned 20 tests but ran 8. > Files=1, Tests=8, 0 wallclock secs ( 0.04 usr 0.01 sys + 0.66 cusr 0.18 csys = 0.89 CPU) > Result: FAIL >
--
  Sun Mar 15 19:09:08 2015 The RT System itself - Status changed from 'new' to 'open'
  Wed May 13 10:02:57 2015 ppisar [...] redhat.com - Correspondence added
From: ppisar [...] redhat.com
Dne Ne 15.bře.2015 19:09:07, jesse@fsck.com napsal(a): Show quoted text
> Would you happen to know what the right change to fix this for the new > GnuPg is? >
I don't know. I think the issue is that GnuPG-2.1 stopped supporting GPG_AGENT_INFO environment variable, that each tool spawns it's own instance of gpg-agent if it cannot connect to already running agent and that the gpg-agent now handles private keys in addition to passphrases. See <https://www.gnupg.org/faq/whats-new-in-2.1.html>. I added some debugging output to the agent.t and I can see that gpg-agent does not print GPG_AGENT_INFO anymore (thus it is not killed at the end of the test) and the last_error after failing mime_sign() start with: gpg: gpg-agent is not available in this session I tried to reproduce the failure with executing the gpg (version 1.4.19) manually with the same result. Reading gpg-1 sources I think it requires --gpg-agent-info argument or GPG_AGENT_INFO environment variable. And because none of them are supplied, the gpg program fails.
  Wed May 13 12:05:55 2015 ppisar [...] redhat.com - Correspondence added
From: ppisar [...] redhat.com
Dne St 13.Květen.2015 10:02:57, ppisar napsal(a): Show quoted text
> I don't know. I think the issue is that GnuPG-2.1 stopped supporting > GPG_AGENT_INFO environment variable,
[...] Show quoted text
> Reading gpg-1 sources I think > it requires --gpg-agent-info argument or GPG_AGENT_INFO environment > variable. And because none of them are supplied, the gpg program > fails.
Here is patch that fixes the test for me. I does not touch the module code except documentation. I think the most proper solution would be on gpg-1 site, but I don't believe that anybody would touch it. Especially if the breakage was intentional. -- Petr
Subject: Mail-GnuPG-0.21-Adapt-to-gpg-agent-2.1.patch
From ca62a09a4a2973471593dc79b14741a18ad6027c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com> Date: Wed, 13 May 2015 17:31:53 +0200 Subject: [PATCH] Adapt to gpg-agent-2.1 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Since gnupg2 2.1, gpg-agent does not export GPG_AGENT_INFO which is needed for gpg from gnupg-1. CPAN RT#102719 Signed-off-by: Petr Písař <ppisar@redhat.com> --- Build.PL | 1 + lib/Mail/GnuPG.pm | 2 ++ t/agent.t | 35 +++++++++++++++++++++++++++++------ 3 files changed, 32 insertions(+), 6 deletions(-) diff --git a/Build.PL b/Build.PL index b8ac716..07f4f13 100644 --- a/Build.PL +++ b/Build.PL @@ -10,6 +10,7 @@ my $build = Module::Build->new 'David Bremner <ddb@cpan.org>'], (sign => 1), requires => { + 'Cwd' => 0, 'File::Spec' => 0, 'File::Temp' => 0, 'GnuPG::Interface' => 0, diff --git a/lib/Mail/GnuPG.pm b/lib/Mail/GnuPG.pm index 23ddb20..703ec60 100644 --- a/lib/Mail/GnuPG.pm +++ b/lib/Mail/GnuPG.pm @@ -48,6 +48,8 @@ use Errno qw(EPIPE); always_trust => always trust a public key # FIXME: we need more things here, maybe primary key id. + If you use gpg-agent from GnuPG-2.1 with gpg from GnuPG-1, you have + to set GPG_AGENT_INFO environment variable manually. =cut diff --git a/t/agent.t b/t/agent.t index 4e85b13..ac52c1e 100644 --- a/t/agent.t +++ b/t/agent.t @@ -4,6 +4,7 @@ use Test::More; use File::Temp qw(tempdir); use Mail::GnuPG; use MIME::Entity; +use Cwd; use strict; no warnings 'redefine'; # fix this later @@ -24,8 +25,10 @@ unless (0 == system("$preset --version 2>&1 >/dev/null")) { } my $tmpdir = tempdir( "mgtXXXXX", CLEANUP => 1); +# Change HOME because gpg-preset-passphrase does not understand to --homedir. +$ENV{HOME} = $tmpdir; -unless ( 0 == system("gpg --homedir $tmpdir --trusted-key 0x49539D60EFEA4EAD --import t/test-key.pgp 2>&1 >/dev/null")) { +unless ( 0 == system("gpg --trusted-key 0x49539D60EFEA4EAD --import t/test-key.pgp 2>&1 >/dev/null")) { plan skip_all => "unable to import testing keys"; goto end; } @@ -35,15 +38,35 @@ unless (open AGENT, "gpg-agent --disable-scdaemon --allow-preset --daemon|") { goto end; } +# GPG-1 agent my ($agent_pid,$agent_info); while (<AGENT>){ if (m/GPG_AGENT_INFO=([^;]*);/){ $agent_info=$1; - $ENV{'GPG_AGENT_INFO'}=$agent_info; - my @parts=split(':',$agent_info); - $agent_pid=$parts[1]; } } +# GPG-2.1 agent +if (!defined $agent_info) { + unless (open(CLIENT, q{printf '/serverpid\n/subst\n/echo ${get homedir}/S.gpg-agent:${get serverpid}:1\n' | gpg-connect-agent|})) { + plan skip_all => "unable to obtain GPG_AGENT_INFO"; + goto end; + } + { + local $/=''; + $agent_info=<CLIENT>; + } + close(CLIENT); + chomp $agent_info; +} +# The returned socket path can be relative to $HOME, but relative paths are +# not acceptable by gpg-1. (Seen with GPG-2.0 agent.) Make it absolute now. +if ($agent_info =~ /([^:]+)(:.*)/) { + $agent_info = Cwd::abs_path($1) . $2; +} +diag("GPG_AGENT_INFO: $agent_info"); +$ENV{'GPG_AGENT_INFO'}=$agent_info; +my @parts=split(':',$agent_info); +$agent_pid=$parts[1]; # gpg-preset-passphrase uses the fingerprint of the subkey, rather than the id. unless ( 0 == system ("$preset --preset -P passphrase " . @@ -58,7 +81,6 @@ plan tests => 20; my $mg = new Mail::GnuPG( key => '49539D60EFEA4EAD', - keydir => $tmpdir, use_agent => 1); isa_ok($mg,"Mail::GnuPG"); @@ -75,7 +97,8 @@ my $me = MIME::Entity->build(From => 'me@myhost.com', $copy = $me->dup; -is( $mg->mime_sign( $copy ), 0 ); +is( $mg->mime_sign( $copy ), 0, 'signing' ) or + diag(@{$mg->{last_message}}); my ($verify,$key,$who) = $mg->verify($copy); is( $verify, 0 ); -- 2.1.0
  Mon Jan 09 03:27:19 2017 ppisar [...] redhat.com - Correspondence added
From: ppisar [...] redhat.com
Dne St 13.Květen.2015 12:05:55, ppisar napsal(a): Show quoted text
> Here is patch that fixes the test for me. I does not touch the module > code except documentation. I think the most proper solution would be > on gpg-1 site, but I don't believe that anybody would touch it. > Especially if the breakage was intentional. >
GPG maintainer does not want to change gpg-1 and recommends exporting GPG_AGENT_INFO environment variable this way <https://bugs.gnupg.org/gnupg/issue1986>: gpgconf --launch gpg-agent GPG_AGENT_INFO="$(gpgconf --list-dirs agent-socket):-1:1" export GPG_AGENT_INFO