[Pkg-privacy-maintainers] Bug#988498: Test suite regressions with GnuPG 2.3

Christoph Biedl debian.axhn at manchmal.in-ulm.de
Fri May 14 10:14:03 BST 2021 

Package: src:monkeysphere
Version: 0.43-3.1
Severity: normal

Hello,

it seems monkeysphere cannot cope with the changes introduced in
GnuPG 2.3. Could you please check?

Rebuilding 0.44-1 in experimental, I encountered two test failures:

* In the keytrans test:

    ##################################################
    ### reconvert key, and compare to key in gpg keyring...
    C9BE3D77CDEB32D8F69D60B1BE05F8939487BC93

    ##################################################
    ### setting host key expiration...
    --- /dev/fd/63  2021-05-12 22:36:47.831898400 +0200
    +++ /dev/fd/62  2021-05-12 22:36:47.827898397 +0200
    @@ -14,14 +14,14 @@
     # off=1380 ctb=89 tag=2 hlen=3 plen=464
     :signature packet: algo 1, keyid E43019C436110D74
            version 4, created 1620851805, md5len 0, sigclass 0x13
    -       digest algo 8, begin of digest b5 79
    +       digest algo 8, begin of digest 29 fa
            hashed subpkt 33 len 21 (issuer fpr v4 F49001C32E93EBB53FEA4554E43019C436110D74)
            hashed subpkt 2 len 4 (sig created 2021-05-12)
            hashed subpkt 27 len 1 (key flags: 03)
            hashed subpkt 11 len 5 (pref-sym-algos: 9 8 7 3 2)
            hashed subpkt 21 len 6 (pref-hash-algos: 10 9 8 11 3 2)
            hashed subpkt 22 len 3 (pref-zip-algos: 2 3 1)
    -       hashed subpkt 30 len 1 (features: 05)
    +       hashed subpkt 30 len 1 (features: 01)
            hashed subpkt 23 len 1 (keyserver preferences: 80)
            subpkt 16 len 8 (issuer key ID E43019C436110D74)
    -       data: [3072 bits]
    +       data: [3069 bits]


GnuPG now uses more bit of "features" (0x02 for AEAD, and 0x04 for v5).
I am not sure whether openpgp2ssh/pem2openpgp can or should transport
that information.

* In the basic test:

    ##################################################
    ### testing monkeysphere keys-for-userid ...
    ms: processing: ssh://testhost.example
    ms: key file: -
    ms:  primary key found: BE05F8939487BC93
    ms:   - unacceptable primary key validity (-).
    ms:   - unacceptable user ID validity (-).
    ms:   - unacceptable primary key.
    ms: KEYS_PROCESSED=1
    ms: KEYS_VALID=
    0a1
    > ssh-rsa AAAAB(...)
    FAILED!

To be honest, I didn't investigate further what went wrong here.


The autopkgtest logfile at[1] shows a third issue, but it seems this does
not appear with monkeysphere 0.44.

FWIW, GnuPG 2.3 is in experimental only and certainly *not* going to be
part of Debian bullseye. With the start of the bookworm development
cycle however, I'd like to upload to unstable.

Regards,

    Christoph

[1]  https://ci.debian.net/data/autopkgtest/unstable/amd64/m/monkeysphere/12149735/log.gz

-- System Information:
Debian Release: 11.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-privacy-maintainers/attachments/20210514/773de073/attachment.sig>

More information about the Pkg-privacy-maintainers mailing list