[pkg-gnupg-maint] Bug#841143: Bug#841143: Suspected race in gpg1 to gpg2 conversion or agent startup

Daniel Kahn Gillmor dkg at fifthhorseman.net
Tue Oct 18 22:59:47 UTC 2016


On Tue 2016-10-18 14:11:21 -0400, Ian Jackson wrote:
> Ian Jackson writes ("Re: [pkg-gnupg-maint] Bug#841143: Suspected race in gpg1 to gpg2	conversion or agent startup"):
>> This makes it somewhat surprising that it should fail occasionally.
>> Each of the individual tests is largely single-threaded.
>
> Also, watching tests by hand shows gpg pausing for a noticeable time
> (~500ms?) even on my extremely fast laptop, perhaps when converting
> the test gpg1 keys etc. to gpg2 keys etc.
>
> If I do this conversion once in the source, will the result be useable
> by gpg1 ?  (Since I want the test suite to still work on earlier
> versions of Debian.)

If you have a test suite that intends to use secret key material, and
you want it to work across different versions of GnuPG, your test suite
should not ship what it thinks is a GNUPGHOME.  GnuPG doesn't guarantee
that one version will necessarily work with the other's.

Instead, if you have public or secret key material that you want any
version of GnuPG to work with, you should ship that material in the
standard OpenPGP transferable formats (e.g. the output of "gpg
--export-keys" and "gpg --export-secret-keys"), and then import it at
the start of the test suite while building the GNUPGHOME for the test
suite to use.

The contents of any particular GNUPGHOME is not a part of the GnuPG API
contract.

      --dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 930 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnupg-maint/attachments/20161018/610d0062/attachment.sig>


More information about the pkg-gnupg-maint mailing list