Bug#1101011: Comparison run & diff, one of the Debian patches is the culprit

Fri, 21 Mar 2025 16:09:20 -0700 

Good version:

$ gpgv --version
gpgv (GnuPG) 2.2.40
libgcrypt 1.10.1
Copyright (C) 2022 g10 Code GmbH
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

$ LC_ALL=C gpgv --debug 9999999 --verbose --keyring ./keyring.gpg 1.asc
gpgv: DBG: armor-filter: control: 1
gpgv: DBG: armor-filter: control: 3
gpgv: armor header: Hash: SHA512
gpgv: DBG: parse_packet(iob=1): type=63 length=19 (new_ctb) (parse.../../g10/mainproc.c.1654) gpgv: DBG: parse_packet(iob=1): type=11 length=0 (new_ctb) (parse.../../g10/mainproc.c.1654) 
gpgv: DBG: armor-filter: control: 3
gpgv: original file name=''
gpgv: DBG: armor-filter: control: 3
gpgv: DBG: parse_packet(iob=1): type=2 length=563 (parse.../../g10/mainproc.c.1654) 
gpgv: DBG: armor-filter: control: 3
gpgv: DBG: armor-filter: control: 2
gpgv: Signature made Fri Mar 21 16:49:21 2025 CET
gpgv:                using RSA key 26F3C34BC64F1ED58095CC58B44F38757CF7C9E7
gpgv: DBG: [not enabled in the source] keydb_new
gpgv: DBG: [not enabled in the source] keydb_search enter
gpgv: DBG: parse_packet(iob=2): type=6 length=525 (search.../../g10/keyring.c.1109) 
gpgv: DBG: [not enabled in the source] keydb_search leave (found)
gpgv: DBG: [not enabled in the source] keydb_get_keybock enter
gpgv: DBG: parse_packet(iob=3): type=6 length=525 (parse.../../g10/keyring.c.415) gpgv: DBG: parse_packet(iob=3): type=13 length=81 (parse.../../g10/keyring.c.415) gpgv: DBG: parse_packet(iob=3): type=2 length=596 (parse.../../g10/keyring.c.415) 
gpgv: DBG: [not enabled in the source] keydb_get_keyblock leave
gpgv: DBG: [not enabled in the source] keydb_new
gpgv: DBG: [not enabled in the source] keydb_search enter
gpgv: DBG: parse_packet(iob=4): type=6 length=525 (search.../../g10/keyring.c.1109) 
gpgv: DBG: [not enabled in the source] keydb_search leave (found)
gpgv: DBG: [not enabled in the source] keydb_get_keybock enter
gpgv: DBG: parse_packet(iob=5): type=6 length=525 (parse.../../g10/keyring.c.415) gpgv: DBG: parse_packet(iob=5): type=13 length=81 (parse.../../g10/keyring.c.415) gpgv: DBG: parse_packet(iob=5): type=2 length=596 (parse.../../g10/keyring.c.415) 
gpgv: DBG: [not enabled in the source] keydb_get_keyblock leave
gpgv: DBG: cache_user_id: already in cache
gpgv: Good signature from "buildd autosigning key rv-manda-03 <buildd_riscv64-rv-manda...@buildd.debian.org>" 
gpgv: textmode signature, digest algorithm SHA512, key algorithm rsa4096

Bad version:

$ gpgv --version
gpgv (GnuPG) 2.2.46
libgcrypt 1.11.0
Copyright (C) 2024 g10 Code GmbH
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

$ LC_ALL=C gpgv --debug 9999999 --verbose --keyring ./keyring.gpg 1.asc
gpgv: DBG: armor-filter: control: 1
gpgv: DBG: armor-filter: control: 3
gpgv: armor header: Hash: SHA512
gpgv: DBG: parse_packet(iob=1): type=63 length=19 (new_ctb) (parse.../../g10/mainproc.c.1676) gpgv: DBG: parse_packet(iob=1): type=11 length=0 (new_ctb) (parse.../../g10/mainproc.c.1676) 
gpgv: DBG: armor-filter: control: 3
gpgv: original file name=''
gpgv: DBG: armor-filter: control: 3
gpgv: DBG: parse_packet(iob=1): type=2 length=563 (parse.../../g10/mainproc.c.1676) 
gpgv: DBG: armor-filter: control: 3
gpgv: DBG: armor-filter: control: 2
gpgv: Signature made Fri Mar 21 16:49:21 2025 CET
gpgv:                using RSA key 26F3C34BC64F1ED58095CC58B44F38757CF7C9E7
gpgv: DBG: [not enabled in the source] keydb_new
gpgv: DBG: [not enabled in the source] keydb_search enter
gpgv: DBG: parse_packet(iob=2): type=6 length=525 (search.../../g10/keyring.c.1109) 
gpgv: DBG: [not enabled in the source] keydb_search leave (found)
gpgv: DBG: [not enabled in the source] keydb_get_keybock enter
gpgv: DBG: parse_packet(iob=3): type=6 length=525 (parse.../../g10/keyring.c.415) gpgv: DBG: parse_packet(iob=3): type=13 length=81 (parse.../../g10/keyring.c.415) gpgv: DBG: parse_packet(iob=3): type=2 length=596 (parse.../../g10/keyring.c.415) 
gpgv: DBG: [not enabled in the source] keydb_get_keyblock leave
gpgv: BAD signature from "buildd autosigning key rv-manda-03 <buildd_riscv64-rv-manda...@buildd.debian.org>" 
gpgv: textmode signature, digest algorithm SHA512, key algorithm rsa4096

$ diff -w good bad
[irrelevant line number changes]
< gpgv: DBG: [not enabled in the source] keydb_new
< gpgv: DBG: [not enabled in the source] keydb_search enter
< gpgv: DBG: parse_packet(iob=4): type=6 length=525 (search.../../g10/keyring.c.1109) 
< gpgv: DBG: [not enabled in the source] keydb_search leave (found)
< gpgv: DBG: [not enabled in the source] keydb_get_keybock enter
< gpgv: DBG: parse_packet(iob=5): type=6 length=525 (parse.../../g10/keyring.c.415) < gpgv: DBG: parse_packet(iob=5): type=13 length=81 (parse.../../g10/keyring.c.415) < gpgv: DBG: parse_packet(iob=5): type=2 length=596 (parse.../../g10/keyring.c.415) 
< gpgv: DBG: [not enabled in the source] keydb_get_keyblock leave
< gpgv: DBG: cache_user_id: already in cache
< gpgv: Good signature from "buildd autosigning key rv-manda-03 <buildd_riscv64-rv-manda...@buildd.debian.org>" 
---
> gpgv: BAD signature from "buildd autosigning key rv-manda-03 <buildd_riscv64-rv-manda...@buildd.debian.org>" 

--> the second round of reading the keyring.gpg file is missing completely

Dropping the non-packaging Debian patches produces a version that works:

$ ./gpgv-static-no-patch --version
gpgv (GnuPG) 2.2.46
libgcrypt 1.11.0
Copyright (C) 2024 g10 Code GmbH
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
$ LC_ALL=C ./gpgv-static-no-patch --debug 9 --verbose --keyring ./keyring.gpg 1.asc 
gpgv: DBG: armor-filter: control: 1
gpgv: DBG: armor-filter: control: 3
gpgv: armor header: Hash: SHA512
gpgv: DBG: parse_packet(iob=1): type=63 length=19 (new_ctb) (parse.../../g10/mainproc.c.1654) gpgv: DBG: parse_packet(iob=1): type=11 length=0 (new_ctb) (parse.../../g10/mainproc.c.1654) 
gpgv: DBG: armor-filter: control: 3
gpgv: original file name=''
gpgv: DBG: armor-filter: control: 3
gpgv: DBG: parse_packet(iob=1): type=2 length=563 (parse.../../g10/mainproc.c.1654) 
gpgv: DBG: armor-filter: control: 3
gpgv: DBG: armor-filter: control: 2
gpgv: Signature made Fri Mar 21 16:49:21 2025 CET
gpgv:                using RSA key 26F3C34BC64F1ED58095CC58B44F38757CF7C9E7
gpgv: DBG: parse_packet(iob=2): type=6 length=525 (search.../../g10/keyring.c.1109) gpgv: DBG: parse_packet(iob=3): type=6 length=525 (parse.../../g10/keyring.c.415) gpgv: DBG: parse_packet(iob=3): type=13 length=81 (parse.../../g10/keyring.c.415) gpgv: DBG: parse_packet(iob=3): type=2 length=596 (parse.../../g10/keyring.c.415) gpgv: DBG: parse_packet(iob=4): type=6 length=525 (search.../../g10/keyring.c.1109) gpgv: DBG: parse_packet(iob=5): type=6 length=525 (parse.../../g10/keyring.c.415) gpgv: DBG: parse_packet(iob=5): type=13 length=81 (parse.../../g10/keyring.c.415) gpgv: DBG: parse_packet(iob=5): type=2 length=596 (parse.../../g10/keyring.c.415) gpgv: Good signature from "buildd autosigning key rv-manda-03 <buildd_riscv64-rv-manda...@buildd.debian.org>" 
gpgv: textmode signature, digest algorithm SHA512, key algorithm rsa4096

@dkg: any idea which of the last patches breaks this code path?
(too late here for brute-force bisecting)

Reply via email to