Reported by: Luca Capello <luca <at> pca.it>
Date: Thu, 6 Jan 2011 23:24:02 UTC
Severity: normal
Found in version 24.0.50
Done: Chong Yidong <cyd <at> stupidchicken.com>
Bug is archived. No further changes may be made.
View this message in rfc822 format
From: help-debbugs <at> gnu.org (GNU bug Tracking System) To: Daiki Ueno <ueno <at> unixuser.org> Cc: tracker <at> debbugs.gnu.org Subject: bug#7797: closed (24.0.50; [EasyPG/Gnus] always pick up the first key from `gpg --list-key $SENDER`) Date: Fri, 07 Jan 2011 09:28:02 +0000
[Message part 1 (text/plain, inline)]
Your message dated Fri, 07 Jan 2011 18:34:59 +0900 with message-id <m3r5cp3vlo.fsf-ueno <at> unixuser.org> and subject line Re: bug#7797: 24.0.50; [EasyPG/Gnus] always pick up the first key from `gpg --list-key $SENDER` has caused the GNU bug report #7797, regarding 24.0.50; [EasyPG/Gnus] always pick up the first key from `gpg --list-key $SENDER` to be marked as done. (If you believe you have received this mail in error, please contact help-debbugs <at> gnu.org.) -- 7797: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=7797 GNU Bug Tracking System Contact help-debbugs <at> gnu.org with problems
[Message part 2 (message/rfc822, inline)]
From: Luca Capello <luca <at> pca.it> To: bug-gnu-emacs <at> gnu.org Subject: 24.0.50; [EasyPG/Gnus] always pick up the first key from `gpg --list-key $SENDER` Date: Fri, 07 Jan 2011 00:30:18 +0100[Message part 3 (text/plain, inline)]Hi there! Since more than a month, now, actually since the upgrade from the Debian package emacs-snapshot 1:20101116-1 to 1:20101120-1 (which I did on 2010-11-23 at 14:50 +0100), EasyPG is not working anymore with Gnus. I am sorry for the delay in this bug report, but I did not find the time before to debug it and switched back to PGG instead. BTW, now that the emacs-snapshot package is no more updated, I will go back to the Debian emacs23 package. If you need me to test something, please say so and I could even compile a Git snapshot, if needed. This bug can be reproduced with the following minimal ~/.emacs: --8<---------------cut here---------------start------------->8--- (setq debug-on-error t) (setq epg-debug t) (add-hook 'gnus-message-setup-hook 'epa-mail-mode) (add-hook 'gnus-message-setup-hook 'mml-secure-message-sign-pgpmime) (setq gnus-select-method '(nnnil)) --8<---------------cut here---------------end--------------->8--- Here the debug error, which unfortunately is useless: ===== Debugger entered--Lisp error: (error "Sign failed: ((exit))") signal(error ("Sign failed: ((exit))")) byte-code("[...]" [mml2015-epg-secret-key-id-list error password-cache-remove signal] 4) mml2015-epg-sign((part (sign . "pgpmime") (tag-location . 271) (contents . "test\n"))) mml2015-sign((part (sign . "pgpmime") (tag-location . 271) (contents . "test\n"))) mml-pgpmime-sign-buffer((part (sign . "pgpmime") (tag-location . 271) (contents . "test\n"))) mml-generate-mime-1((part (sign . "pgpmime") (tag-location . 271) (contents . "test\n"))) mml-generate-mime() message-encode-message-body() message-send-mail(nil) message-send-via-mail(nil) message-send(nil) message-send-and-exit(nil) call-interactively(message-send-and-exit nil nil) ===== Thanks to the ` *epg-debug*' buffer, the problem is clear: ===== /usr/bin/gpg --no-tty --status-fd 1 --yes --command-fd 0 --armor \ --textmode --output /tmp/epg-output5441TZj --detach-sign \ -u 8D3867D89DDB992B gpg: skipped "8D3867D89DDB992B": unusable secret key gpg: signing failed: unusable secret key ===== What the hell? Why EasyPG is specyfing a key and not relying on my ~/.gnupg/gpg.conf, which is *correct*? ===== luca <at> gismo:~$ gpg --version gpg (GnuPG) 1.4.10 Copyright (C) 2008 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Home: ~/.gnupg Supported algorithms: Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128, CAMELLIA192, CAMELLIA256 Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224 Compression: Uncompressed, ZIP, ZLIB, BZIP2 luca <at> gismo:~$ gpg --list-key luca <at> pca.it pub 1024D/9DDB992B 2007-06-08 [revoked: 2010-01-01] uid Luca Capello <luca <at> pca.it> uid Luca Capello <gismo <at> debian.org> pub 1024D/6D742669 2003-11-09 [revoked: 2005-07-22] uid Luca Capello <luca <at> pca.it> uid Luca Capello <gismo <at> member.fsf.org> uid Luca Capello <luca.capello <at> gmail.com> uid Luca Capello <luca.capello <at> zoo.unige.ch> uid Luca Capello <lucacapello <at> users.sourceforge.net> uid Luca Capello <luca.capello <at> frontiers-in-genetics.org> uid Luca Capello <gismo <at> innerloop.it> uid Luca Capello <lcapello <at> common-lisp.net> uid Luca Capello <gismo <at> debian.org> pub 4096R/E397832F 2009-07-01 uid Luca Capello <luca <at> pca.it> uid Luca Capello <gismo <at> debian.org> sub 4096R/3BE9F36D 2009-07-01 sub 4096R/2BB95F4B 2009-07-01 luca <at> gismo:~$ cat ~/.gnupg/gpg.conf personal-digest-preferences SHA512 cert-digest-algo SHA512 default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed hidden-encrypt-to 3BE9F36D! hidden-encrypt-to 2BB95F4B! default-recipient 3BE9F36D! default-recipient 2BB95F4B! default-key E397832F list-options show-sig-expire display-charset UTF-8 trust-model auto keyserver hkps://keys.indymedia.org keyserver-options ca-cert-file=/etc/ssl/certs/cacert.org.pem luca <at> gismo:~$ ===== FYI, I do not know why the order of the --list-key option is that one (the three secret keys are there as well), but it is still the same with GnuPG-2. I looked into the Git repository and I found the faulty commit: commit 9515b7dbfaa1e68fb72c323a45120f77362c7324 Author: Daniel Dehennin <daniel.dehennin <at> baby-gnu.org> Date: Tue Nov 16 23:05:02 2010 +0000 mml2015-epg-sign: Use From header. mml2015.el (mml2015-epg-sign): New variable 'sender' is (message-options-get 'message-sender) and append it to mml2015-signers. If mm-sign-option is not 'guided, mml2015-signers and sender sign the mail. What is the reason of this change? If I want to sign with another key, independent of the From header, I should be able to do so, *automatically*, thus without any extra choice when sending the email. My ~/.gnupg/gpg.conf allows that, EasyPG/Gnus does not. Obviously, even setting `mml2015-signers' does not solve the problem: because now EasyPG tries to sign with two keys. The debug error is the same as above (useless), again the ` *epg-debug*' buffer contains the answer: ===== /usr/bin/gpg --no-tty --status-fd 1 --yes --command-fd 0 --armor \ --textmode --output /tmp/epg-output5441Qsz --detach-sign \ -u 8D3867D89DDB992B -u 06EAA066E397832F [GNUPG:] USERID_HINT D91D57A03BE9F36D Luca Capello <luca <at> pca.it> [GNUPG:] NEED_PASSPHRASE D91D57A03BE9F36D 06EAA066E397832F 1 0 [GNUPG:] GET_HIDDEN passphrase.enter [GNUPG:] GOT_IT [GNUPG:] GOOD_PASSPHRASE gpg: skipped "8D3867D89DDB992B": unusable secret key gpg: signing failed: unusable secret key ===== FTR, if I go back to the `mml2015-sign' version before the commit above, everything is fine. Please note, however, the output in the ` *epg-debug*' buffer: ===== /usr/bin/gpg --no-tty --status-fd 1 --yes --command-fd 0 --armor \ --textmode --output /tmp/epg-output5441cKP --detach-sign [GNUPG:] USERID_HINT D91D57A03BE9F36D Luca Capello <luca <at> pca.it> [GNUPG:] NEED_PASSPHRASE D91D57A03BE9F36D 06EAA066E397832F 1 0 [GNUPG:] GET_HIDDEN passphrase.enter [GNUPG:] GOT_IT [GNUPG:] GOOD_PASSPHRASE [GNUPG:] BEGIN_SIGNING [GNUPG:] SIG_CREATED D 1 10 01 1294352394 139121880F512EC2E6A464D3D91D57A03BE9F36D /usr/bin/gpg --no-tty --status-fd 1 --yes --command-fd 0 --armor \ --textmode --output /tmp/epg-output5441pUV --detach-sign [GNUPG:] USERID_HINT D91D57A03BE9F36D Luca Capello <luca <at> pca.it> [GNUPG:] NEED_PASSPHRASE D91D57A03BE9F36D 06EAA066E397832F 1 0 [GNUPG:] GET_HIDDEN passphrase.enter [GNUPG:] GOT_IT [GNUPG:] GOOD_PASSPHRASE [GNUPG:] BEGIN_SIGNING [GNUPG:] SIG_CREATED D 1 10 01 1294352397 139121880F512EC2E6A464D3D91D57A03BE9F36D ===== The GnuPG invocation will respect my ~/.gnupg/gpg.conf (which is, again, the expected behavior), given that there is no -u option specified. Thx, bye, Gismo / Luca If Emacs crashed, and you have the Emacs process in the gdb debugger, please include the output from the following gdb commands: `bt full' and `xbacktrace'. For information about debugging Emacs, please read the file /usr/share/emacs/24.0.50/etc/DEBUG. In GNU Emacs 24.0.50.1 (x86_64-pc-linux-gnu, GTK+ Version 2.20.1) of 2010-12-13 on elegiac, modified by Debian (emacs-snapshot package, version 1:20101212-2) configured using `configure '--build' 'x86_64-linux-gnu' '--host' \ 'x86_64-linux-gnu' '--prefix=/usr' '--sharedstatedir=/var/lib' \ '--libexecdir=/usr/lib' '--localstatedir=/var' '--infodir=/usr/share/info' \ '--mandir=/usr/share/man' '--with-pop=yes' \ '--enable-locallisppath=/etc/emacs-snapshot:/etc/emacs:\ /usr/local/share/emacs/24.0.50/site-lisp:/usr/local/share/emacs/site-lisp: \ /usr/share/emacs/24.0.50/site-lisp:/usr/share/emacs/site-lisp' \ '--without-compress-info' '--with-x=yes' '--with-x-toolkit=gtk' \ '--with-imagemagick=yes' 'build_alias=x86_64-linux-gnu' \ 'host_alias=x86_64-linux-gnu' 'CFLAGS=-DDEBIAN -DSITELOAD_PURESIZE_EXTRA=5000 \ -g -O2' 'LDFLAGS=-g -Wl,--as-needed' 'CPPFLAGS='' Important settings: value of $LC_ALL: nil value of $LC_COLLATE: nil value of $LC_CTYPE: nil value of $LC_MESSAGES: nil value of $LC_MONETARY: nil value of $LC_NUMERIC: nil value of $LC_TIME: nil value of $LANG: en_US.UTF-8 value of $XMODIFIERS: nil locale-coding-system: utf-8-unix default enable-multibyte-characters: t Major mode: Message Minor modes in effect: epa-mail-mode: t gnus-message-citation-mode: t mml-mode: t gpm-mouse-mode: t tooltip-mode: t mouse-wheel-mode: t tool-bar-mode: t menu-bar-mode: t file-name-shadow-mode: t global-font-lock-mode: t font-lock-mode: t auto-composition-mode: t auto-encryption-mode: t auto-compression-mode: t line-number-mode: t transient-mark-mode: t abbrev-mode: t Recent input: ESC x g n u s RET m l u c a @ l o c a l h o s t C-n t e s t C-n C-n C-n C-n C-n t e s t RET C-c C-c y q ESC x r e p o r t - e m TAB RET Recent messages: Opening nnfolder server on archive...done Reading active file from archive via nnfolder...done No new newsgroups Checking new news...done Setting up drafts group Warning: Setting up drafts group Address `luca <at> localhost' might be bogus. Continue? (y or n) y Sending... Entering debugger... Back to top level. Load-path shadows: /usr/share/emacs/24.0.50/site-lisp/auctex/tex-fold hides /usr/share/emacs/site-lisp/auctex/tex-fold /usr/share/emacs/24.0.50/site-lisp/auctex/tex-jp hides /usr/share/emacs/site-lisp/auctex/tex-jp /usr/share/emacs/24.0.50/site-lisp/auctex/tex-font hides /usr/share/emacs/site-lisp/auctex/tex-font /usr/share/emacs/24.0.50/site-lisp/auctex/texmathp hides /usr/share/emacs/site-lisp/auctex/texmathp /usr/share/emacs/24.0.50/site-lisp/auctex/toolbar-x hides /usr/share/emacs/site-lisp/auctex/toolbar-x /usr/share/emacs/24.0.50/site-lisp/auctex/tex-buf hides /usr/share/emacs/site-lisp/auctex/tex-buf /usr/share/emacs/24.0.50/site-lisp/auctex/tex-info hides /usr/share/emacs/site-lisp/auctex/tex-info /usr/share/emacs/24.0.50/site-lisp/auctex/tex-mik hides /usr/share/emacs/site-lisp/auctex/tex-mik /usr/share/emacs/24.0.50/site-lisp/auctex/context-nl hides /usr/share/emacs/site-lisp/auctex/context-nl /usr/share/emacs/24.0.50/site-lisp/auctex/tex-fptex hides /usr/share/emacs/site-lisp/auctex/tex-fptex /usr/share/emacs/24.0.50/site-lisp/auctex/multi-prompt hides /usr/share/emacs/site-lisp/auctex/multi-prompt /usr/share/emacs/24.0.50/site-lisp/auctex/tex-style hides /usr/share/emacs/site-lisp/auctex/tex-style /usr/share/emacs/24.0.50/site-lisp/auctex/font-latex hides /usr/share/emacs/site-lisp/auctex/font-latex /usr/share/emacs/24.0.50/site-lisp/auctex/bib-cite hides /usr/share/emacs/site-lisp/auctex/bib-cite /usr/share/emacs/24.0.50/site-lisp/auctex/tex hides /usr/share/emacs/site-lisp/auctex/tex /usr/share/emacs/24.0.50/site-lisp/auctex/context hides /usr/share/emacs/site-lisp/auctex/context /usr/share/emacs/24.0.50/site-lisp/auctex/tex-bar hides /usr/share/emacs/site-lisp/auctex/tex-bar /usr/share/emacs/24.0.50/site-lisp/auctex/latex hides /usr/share/emacs/site-lisp/auctex/latex /usr/share/emacs/24.0.50/site-lisp/auctex/context-en hides /usr/share/emacs/site-lisp/auctex/context-en /usr/share/emacs-snapshot/site-lisp/psgml/psgml hides /usr/share/emacs/site-lisp/psgml/psgml /usr/share/emacs-snapshot/site-lisp/psgml/psgml-other hides /usr/share/emacs/site-lisp/psgml/psgml-other /usr/share/emacs-snapshot/site-lisp/psgml/psgml-init hides /usr/share/emacs/site-lisp/psgml/psgml-init /usr/share/emacs-snapshot/site-lisp/psgml/psgml-sysdep hides /usr/share/emacs/site-lisp/psgml/psgml-sysdep /usr/share/emacs-snapshot/site-lisp/psgml/psgml-html hides /usr/share/emacs/site-lisp/psgml/psgml-html /usr/share/emacs/24.0.50/site-lisp/debian-startup hides /usr/share/emacs/site-lisp/debian-startup /usr/local/share/emacs/site-lisp/fortune hides /usr/share/emacs/24.0.50/lisp/play/fortune /usr/share/emacs-snapshot/site-lisp/emms/tq hides /usr/share/emacs/24.0.50/lisp/emacs-lisp/tq Features: (shadow emacsbug help-mode view debug mail-extr sort epa-mail epa derived epg gnus-cite nnfolder nndraft nnmh nnnil gnus-agent gnus-srvr gnus-score score-mode nnvirtual gnus-msg gnus-art mm-uu mml2015 epg-config mm-view smime password-cache dig mailcap nntp proto-stream starttls tls gnus-cache nnir gnus-sum macroexp nnoo gnus-group time-date gnus-undo nnmail mail-source format-spec gnus-start gnus-spec gnus-int gnus-range message sendmail regexp-opt rfc822 mml easymenu mml-sec mm-decode mm-bodies mm-encode mail-parse rfc2231 rfc2047 rfc2045 ietf-drums mailabbrev gmm-utils mailheader gnus-win gnus gnus-ems nnheader gnus-util mail-utils mm-util mail-prsvr wid-edit t-mouse planner-autoloads debian-el debian-el-loaddefs w3m-load psgml-init muse-autoloads emms-auto emacs-goodies-el emacs-goodies-custom emacs-goodies-loaddefs easy-mmode dpkg-dev-el dpkg-dev-el-loaddefs bbdb-autoloads preview-latex tex-site auto-loads tooltip ediff-hook vc-hooks lisp-float-type mwheel x-win x-dnd tool-bar dnd fontset image fringe lisp-mode register page menu-bar rfn-eshadow timer select scroll-bar mouse jit-lock font-lock syntax facemenu font-core frame cham georgian utf-8-lang misc-lang vietnamese tibetan thai tai-viet lao korean japanese hebrew greek romanian slovak czech european ethiopic indian cyrillic chinese case-table epa-hook jka-cmpr-hook help simple abbrev loaddefs button minibuffer faces cus-face files text-properties overlay md5 base64 format env code-pages mule custom widget hashtable-print-readable backquote make-network-process dbusbind dynamic-setting font-render-setting move-toolbar gtk x-toolkit x multi-tty emacs)[Message part 4 (application/pgp-signature, inline)]
[Message part 5 (message/rfc822, inline)]
From: Daiki Ueno <ueno <at> unixuser.org> To: Luca Capello <luca <at> pca.it> Cc: rfrancoise <at> debian.org, 7797-done <at> debbugs.gnu.org Subject: Re: bug#7797: 24.0.50; [EasyPG/Gnus] always pick up the first key from `gpg --list-key $SENDER` Date: Fri, 07 Jan 2011 18:34:59 +0900Daiki Ueno <ueno <at> unixuser.org> writes: > Luca Capello <luca <at> pca.it> writes: > >> gpg: skipped "8D3867D89DDB992B": unusable secret key >> gpg: signing failed: unusable secret key > > You may want to try the patch I posted last month: > http://lists.gnu.org/archive/html/emacs-devel/2010-12/msg00624.html > > Although this patch is a workaround, I'm going to push it for the time > being. OK, I fixed this in a better way (r102771). My test case is: $ mv .gnupg .gnupg.bak $ gpg --gen-key # create a key foo <at> example.com $ gpg --gen-key # create a key bar <at> example.com $ gpg --gen-key # create a key baz <at> example.com $ gpg --edit-key foo <at> example.com # revoke foo <at> example.com $ gpg --delete-secret-key bar <at> example.com (mml2015-epg-find-usable-secret-key (epg-make-context 'OpenPGP) "foo <at> example.com" 'sign) => nil (mml2015-epg-find-usable-secret-key (epg-make-context 'OpenPGP) "bar <at> example.com" 'sign) => nil (mml2015-epg-find-usable-secret-key (epg-make-context 'OpenPGP) "baz <at> example.com" 'sign) => (epg-key . ...) Regards, -- Daiki Ueno
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.