[pkg-gnupg-maint] Bug#865824: Bug#865824: gnupg hangs during import of keys (bis)

Daniel Kahn Gillmor dkg at fifthhorseman.net
Sun Jun 25 23:13:38 UTC 2017 

Control: tags 865824 + moreinfo unreproducible

Hi Raphaël--

On Sun 2017-06-25 00:16:22 -0300, Raphaël wrote:
> While trying to convert pubring.gpg into pubring.kbx I did the following
> $ gpg --import-options import-local-sigs --import /tmp/xxx
> # /tmp/xxx being a copy of pubring.gpg
> as advised here https://www.gnupg.org/faq/whats-new-in-2.1.html#keybox
>
> I found that the import worked "once at a time", I mean it imports one
> signature then hang => ^C and rerun.

I'm not sure what to tell you about this.  It looks to me like something
is wrong with your /tmp/xxx but i don't have a copy of it so i can't
reproduce the behavior you describe.

Have you tried the script /usr/bin/migrate-pubring-from-classic-gpg ? it
is intended specifically for the use case here (converting from
pubring.gpg to pubring.kbx).

have you tried to do this import while working from a clean GNUPGHOME?
Does it still misbehave?

If you'd like to send me a copy of your /tmp/xxx (feel free to encrypt
it to 0x0EE5BE979282D80B9F7540F1CCD2ED94D21739E9 and send it to my
private e-mail if you don't want to publish it) i can try to take a look
at duplicating the problem.

> But --import-options import-export successfully export a GPG
> traditional pubring file (not a GPG keybox) containing the 124
> signatures.

gpg's export functionality has never been intended to export anything
but a sequence of OpenPGP packets.  a keybox is *not* a sequence of
OpenPGP packets, so you shouldn't expect it to be produced by gpg
export.

> See also: #841103

This was a bug report about dirmngr hanging, which i think was the same
thing as #840680, and should be resolved.  You seem to be implying that
they're the same thing, but i don't understand why.  I don't think
dirmngr is involved at all in gpg --import.  Do you think dirmngr is
involved here?

         --dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnupg-maint/attachments/20170625/917fd5c2/attachment.sig>

More information about the pkg-gnupg-maint mailing list