On 31.05.2017 04:12, NIIBE Yutaka wrote:
"Yuriy M. Kaminskiy" <yum...@gmail.com> wrote:
When I tried to rebuild gnupg2 2.1.21-2 debian package from
experimental in pbuilder, I got a number of sigsegv's from scdaemon
while running tests:
[...]
Annoyingly, test-suite does not catch this as error, it has not left any
core, and name of executable was masked, so after twiddling here and
there, I got core and discovered that scdaemon dies when it tries to use
libusb after libusb intiialization failed:
There are two things here. The selection of default key by gpg frontend
was not good. It was fixed in:
fbb2259d22e6c6eadc2af722bdc52922da348677
g10: Fix default-key selection for signing, possibly by card.
FTR, gnupg2 2.1.21-2 already contained backported patch
a8dd96826f8484c0ae93c954035b95c2a75c80f2.
I also cherry-picked fbb2259d22e6c6eadc2af722bdc52922da348677 on top of it.
And by your report, scdaemon core dump is fixed in:
5c33649782bf255af5a55f16eac5e85f059b00bf
scd: Handle a failure of libusb_init.
8defb21d34410d000c8b776e0e3a1edd04762638
scd: Fix error code on failure at usb_init.
... and I added those 2 commits; but as a result, package build freezes
at executing test-suite.
Last lines at logs are:
=== cut ===
Checking signing with the default hash algorithm
> plain-1 Executing: '/build/gnupg2-2.1.21/build/g10/gpg'
'--no-permission-warning' '--always-trust' '--output'
'/tmp/gpgscm-20170603T111800-sigs-Dzwfcp/a' '--yes' '--sign' 'plain-1'
Child 17700 returned: ((command ("/build/gnupg2-2.1.21/build/g10/gpg"
--no-permission-warning --always-trust --output
"/tmp/gpgscm-20170603T111800-sigs-Dzwfcp/a" --yes --sign "plain-1"))
(status 0) (stdout ) (stderr ))
Executing: '/build/gnupg2-2.1.21/build/g10/gpg'
'--no-permission-warning' '--always-trust' '--output'
'/tmp/gpgscm-20170603T111801-sigs-OXvubo/a' '--yes' '--decrypt'
'/tmp/gpgscm-20170603T111800-sigs-Dzwfcp/a'
Child 17704 returned: ((command ("/build/gnupg2-2.1.21/build/g10/gpg"
--no-permission-warning --always-trust --output
"/tmp/gpgscm-20170603T111801-sigs-OXvubo/a" --yes --decrypt
"/tmp/gpgscm-20170603T111800-sigs-Dzwfcp/a")) (status 0) (stdout )
(stderr gpg: Signature made Sat Jun 3 11:18:01 2017 UTC
gpg: using DSA key A0FF4590BB6122EDEF6E3C542D727CC768697734
gpg: Good signature from "Alfa Test (demo key) <a...@example.net>" [unknown]
gpg: aka "Alpha Test (demo key) <al...@example.net>"
[unknown]
gpg: aka "Alice (demo key)" [unknown]
gpg: WARNING: Using untrusted key!
))
plain-2 Executing: '/build/gnupg2-2.1.21/build/g10/gpg'
'--no-permission-warning' '--always-trust' '--output'
'/tmp/gpgscm-20170603T111801-sigs-buAUIY/a' '--yes' '--sign' 'plain-2'
=== cut ===
gdb attach to gpg:
(gpg --no-permission-warning --always-trust --output
/tmp/gpgscm-20170603T111801-sigs-buAUIY/a --yes --sign plain-2)
(gdb) bt
#0 0xf74b182e in __read_nocancel () at
../sysdeps/unix/syscall-template.S:81
#1 0xf757ff00 in __assuan_read ()
from
/var/cache/pbuilder/jessie-i386/build/16354/cow.5/usr/lib/i386-linux-gnu/libassuan.so.0
#2 0xf7577767 in ?? ()
from
/var/cache/pbuilder/jessie-i386/build/16354/cow.5/usr/lib/i386-linux-gnu/libassuan.so.0
#3 0xf75806f7 in ?? ()
from
/var/cache/pbuilder/jessie-i386/build/16354/cow.5/usr/lib/i386-linux-gnu/libassuan.so.0
#4 0xf7578c61 in ?? ()
from
/var/cache/pbuilder/jessie-i386/build/16354/cow.5/usr/lib/i386-linux-gnu/libassuan.so.0
#5 0xf7578e1f in ?? ()
from
/var/cache/pbuilder/jessie-i386/build/16354/cow.5/usr/lib/i386-linux-gnu/libassuan.so.0
#6 0xf7578399 in assuan_client_read_response ()
from
/var/cache/pbuilder/jessie-i386/build/16354/cow.5/usr/lib/i386-linux-gnu/libassuan.so.0
#7 0xf757874d in ?? ()
from
/var/cache/pbuilder/jessie-i386/build/16354/cow.5/usr/lib/i386-linux-gnu/libassuan.so.0
#8 0xf7578885 in assuan_transact ()
from
/var/cache/pbuilder/jessie-i386/build/16354/cow.5/usr/lib/i386-linux-gnu/libassuan.so.0
#9 0x5668fe2a in start_agent (flag_for_card=2, ctrl=<optimized out>)
at ../../g10/call-agent.c:295
#10 0x56690c10 in agent_scd_serialno (r_serialno=0xffd6e584, demand=0x0)
at ../../g10/call-agent.c:1029
#11 0x5666785b in build_sk_list (ctrl=0x56ea1458, locusr=0x0,
ret_sk_list=0xffd6e708, use=1) at ../../g10/skclist.c:141
#12 0x5666eac7 in sign_file (ctrl=0x56ea1458, filenames=0x56ea1488,
detached=0, locusr=0x0, encryptflag=0, remusr=0x0, outfile=0x0)
at ../../g10/sign.c:814
#13 0x56621428 in main (argc=1, argv=0xffd6ec24) at ../../g10/gpg.c:4115
gdb attach to gpg-agent:
(gpg-agent --homedir /tmp/gpgscm-XXX-run-tests-YYY
--use-standard-socket --debug-quick-random --daemon)
#0 __call_pselect6 () at ../sysdeps/unix/sysv/linux/i386/call_pselect6.S:49
#1 0xf75bbda3 in __pselect (nfds=8, readfds=0xff98bf5c, writefds=0x0,
exceptfds=0x0, timeout=0xff98bd30, sigmask=0xf767e200)
at ../sysdeps/unix/sysv/linux/i386/../pselect.c:77
#2 0xf767be15 in npth_pselect ()
from
/var/cache/pbuilder/jessie-i386/build/16354/cow.5/usr/lib/i386-linux-gnu/libnpth.so.0
#3 0x565babf7 in handle_connections (listen_fd=-6767128,
listen_fd_extra=0,
listen_fd_browser=5, listen_fd_ssh=6) at ../../agent/gpg-agent.c:2961
#4 0x565b7407 in main (argc=0, argv=0xff98c284)
at ../../agent/gpg-agent.c:1730
gdb attach to scdaemon (which was launched by gpg-agent):
scdaemon --multi-server --homedir /tmp/gpgscm-XXX-run-tests-YYY
#0 __call_pselect6 () at ../sysdeps/unix/sysv/linux/i386/call_pselect6.S:49
#1 0xf7503da3 in __pselect (nfds=4, readfds=0xffa51b58, writefds=0x0,
exceptfds=0x0, timeout=0x0, sigmask=0xf75e6200)
at ../sysdeps/unix/sysv/linux/i386/../pselect.c:77
#2 0xf75e3e15 in npth_pselect ()
from
/var/cache/pbuilder/jessie-i386/build/16354/cow.5/usr/lib/i386-linux-gnu/libnpth.so.0
#3 0x566521e8 in handle_connections (listen_fd=-514)
at ../../scd/scdaemon.c:1318
#4 0x5665143a in main (argc=0, argv=0xffa51e44) at ../../scd/scdaemon.c:787
Removing
fbb2259d22e6c6eadc2af722bdc52922da348677
and
a8dd96826f8484c0ae93c954035b95c2a75c80f2
changed nothing (test-suite freezes).
And, finally, (likely) culprit: after I backed out
skip-missing-signing-keys/0013-g10-Skip-signing-keys-where-no-secret-key-is-availab.patch
=== cut ===
From: Simon Arlott <si...@arlott.org>
Date: Sun, 5 Feb 2017 16:31:35 -0500
Subject: g10: Skip signing keys where no secret key is available.
* g10/getkey.c (finish_lookup): When requiring PUBKEY_USAGE_SIG, skip
over keys where no signing key is available.
[...]
GnuPG-bug-id: 1967
Debian-bug-id: 834922
Signed-off-by: Daniel Kahn Gillmor <d...@fifthhorseman.net>
=== cut ===
test-suite passed without problems. So, this debian-specific patch
apparently conflicts with some changes in 2.1.21 (and it was not
noticed, as it was masked by scdaemon silent crashes).
YMMV.
Environment: debian jessie/i386
[linux-image-3.16.0-4-amd64_3.16.43-2:amd64],
cowbuilder(->pbuilder(->chroot)), with also jessie/i386.
Libraries used for build:
1) libassuan-dev [2.4.3-2~bpo8+1 (jessie-backports)]
2) libassuan0 [2.4.3-2~bpo8+1 (jessie-backports)]
3) libgcrypt20-dev [1.7.6-1~bpo8+1 (jessie-backports)]
4) libgpg-error-dev [1.26-2~bpo8+1 (jessie-backports)]
5) libksba-dev [1.3.5-2~bpo8+1 (jessie-backports)]
6) libksba8 [1.3.5-2~bpo8+1 (jessie-backports)]
7) libnpth0 [1.3-1~bpo8+1.1~local1 (jessie-local)]
8) libnpth0-dev [1.3-1~bpo8+1.1~local1 (jessie-local)]
With patch below, it just freezes at
=== cut ===
...
PASS: tests/openpgp/decrypt-unwrap-verify.scm
Checking signing with the default hash algorithm
> plain-1 plain-2 <<< [here]
=== cut ===
Have no idea why.
I don't know what's going here. Let's see...
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
