From: Sascha Silbe <sascha-pgp@silbe.org>
To: sup-devel <sup-devel@rubyforge.org>
Subject: [sup-devel] [PATCH] fix GPG "hang" on malformed PGP message (detached signature)
Date: Tue, 5 Oct 2010 13:25:33 +0200 [thread overview]
Message-ID: <1286277933-4686-1-git-send-email-sascha-pgp@silbe.org> (raw)
A PGP message chunk (bounded by "-----BEGIN PGP MESSAGE-----" and
"-----END PGP MESSAGE-----") can contain a detached signature. By default GPG
will wait for the payload to be supplied on stdin if it gets passed a lone
detached signature. To the user it will appear as GPG (or sup, since they
don't see any output from GPG) hanging.
The best way to solve this would be enabling batch mode, but then passphrase
querying without gpg-agent wouldn't work anymore. So we resort to passing
--multifile which has the side effect of not allowing detached signatures.
Encountered and tested with message
<AANLkTin1Ysn7Fp32Eoyjo3jjhHwVrc=hMuq+okgKNfmr@mail.gmail.com> [1] on the git
mailing list.
[1] http://marc.info/?l=git&m=128623349711269&q=raw
Signed-off-by: Sascha Silbe <sascha-pgp@silbe.org>
---
lib/sup/crypto.rb | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/lib/sup/crypto.rb b/lib/sup/crypto.rb
index 289fb0e..68a57c8 100644
--- a/lib/sup/crypto.rb
+++ b/lib/sup/crypto.rb
@@ -144,7 +144,7 @@ def decrypt payload, armor=false # a RubyMail::Message object
output_fn = Tempfile.new "redwood.output"
output_fn.close
- message = run_gpg "--output #{output_fn.path} --skip-verify --yes --decrypt #{payload_fn.path}", :interactive => true
+ message = run_gpg "--output #{output_fn.path} --multifile --skip-verify --yes --decrypt #{payload_fn.path}", :interactive => true
unless $?.success?
info "Error while running gpg: #{message}"
--
1.7.1
_______________________________________________
Sup-devel mailing list
Sup-devel@rubyforge.org
http://rubyforge.org/mailman/listinfo/sup-devel
next reply other threads:[~2010-10-05 11:27 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-10-05 11:25 Sascha Silbe [this message]
2010-10-08 4:20 ` Rich Lane
2010-10-08 12:53 ` Michael Hamann
2010-10-08 14:36 ` Christopher Bertels
2010-10-08 20:09 ` Rich Lane
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1286277933-4686-1-git-send-email-sascha-pgp@silbe.org \
--to=sascha-pgp@silbe.org \
--cc=sascha-ml-reply-to-2010-3@silbe.org \
--cc=sup-devel@rubyforge.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox