[DRE-maint] Bug#914159: gitlab: Problem with GPG Keys

David L er_maqui at darkbolt.net
Tue Nov 20 00:39:36 GMT 2018

Package: gitlab
Version: 11.1.8+dfsg-2
Severity: normal

After install 11.1.8, importing GPG keys isn't working.

This failure isn't present at 10.8 previous version on Testing.

When I try to upload my GPG key, gitlab gives a 500 internal server error. After reloading, key are added but without reading the complete key (I think, beucase gitlab only have detected one of the emails on the key).

Error message on production.log are:

Started POST "/profile/gpg_keys" for x.x.x.x at 2018-11-20 01:30:26 +0100
Processing by Profiles::GpgKeysController#create as HTML
  Parameters: {"utf8"=>"✓", "authenticity_token"=>"[FILTERED]", "gpg_key"=>"[FILTERED]", "commit"=>"Add key"}
Completed 500 Internal Server Error in 82ms (ActiveRecord: 1.6ms)

GPGME::Error (Unsupported protocol):
  lib/gitlab/gpg.rb:15:in `fingerprints_from_key'
  lib/gitlab/gpg.rb:25:in `block in fingerprints_from_key'
  lib/gitlab/gpg.rb:93:in `optimistic_using_tmp_keychain'
  lib/gitlab/gpg.rb:75:in `block in using_tmp_keychain'
  lib/gitlab/gpg.rb:74:in `synchronize'
  lib/gitlab/gpg.rb:74:in `using_tmp_keychain'
  lib/gitlab/gpg.rb:24:in `fingerprints_from_key'
  app/models/gpg_key.rb:111:in `extract_fingerprint'
  app/services/gpg_keys/create_service.rb:4:in `execute'
  app/controllers/profiles/gpg_keys_controller.rb:10:in `create'
  lib/gitlab/i18n.rb:51:in `with_locale'
  lib/gitlab/i18n.rb:57:in `with_user_locale'
  app/controllers/application_controller.rb:362:in `set_locale'
  lib/gitlab/middleware/multipart.rb:97:in `call'
  lib/gitlab/request_profiler/middleware.rb:14:in `call'
  lib/gitlab/middleware/go.rb:17:in `call'
  lib/gitlab/etag_caching/middleware.rb:11:in `call'
  lib/gitlab/middleware/read_only/controller.rb:38:in `call'
  lib/gitlab/middleware/read_only.rb:16:in `call'
  lib/gitlab/request_context.rb:18:in `call'
  lib/gitlab/metrics/requests_rack_middleware.rb:27:in `call'
  lib/gitlab/middleware/release_env.rb:10:in `call'

Started GET "/favicon.ico" for x.x.x.x at 2018-11-20 01:30:26 +0100
Started POST "/profile/gpg_keys" for x.x.x.x at 2018-11-20 01:30:32 +0100
Processing by Profiles::GpgKeysController#create as HTML
  Parameters: {"utf8"=>"✓", "authenticity_token"=>"[FILTERED]", "gpg_key"=>"[FILTERED]", "commit"=>"Add key"}
[ActiveJob] Enqueued ActionMailer::DeliveryJob (Job ID: 10f8706f-4e6c-4218-ac69-db767782315a) to Sidekiq(mailers) with arguments: "Notify", "new_gpg_key_email", "deliver_now", 5
Redirected to https://git.example.com/profile/gpg_keys
Completed 302 Found in 1687ms (ActiveRecord: 184.4ms)

On 10.8 version, if I add my GPG key to my profile, I can see all my emails. Now, on 11.1, I only see one email. I've tested it with the same key always, but now I didn't have a 10.8 debian installation for re-testing and getting information from the logfile.

After searching for this bug on gitlab-ce official repository, I can only find cases with 9.5 version, when gitlab didn't support subkeys. Maybe that's a problem with the packaging.

-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.23-xxxx-grs-ipv6-64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages gitlab depends on:
ii  asciidoctor                      
ii  bc                                         1.07.1-2+b1
ii  bundler                                    1.16.1-3
ii  bzip2                                      1.0.6-9
ii  dbconfig-pgsql                             2.0.10
ii  debconf [debconf-2.0]                      1.5.69
ii  exim4-daemon-light [mail-transport-agent]  4.91-8+b1
ii  gitlab-common                              11.1.8+dfsg-2
ii  gitlab-shell                               7.2.0+dfsg-1
ii  gitlab-workhorse                           5.2.0+debian-2
ii  lsb-base                                   9.20170808
ii  nginx                                      1.14.1-1
ii  nginx-full [nginx]                         1.14.1-1
ii  nodejs                                     8.11.2~dfsg-1
ii  npm                                        5.8.0+ds6-2
ii  openssh-client                             1:7.9p1-4
ii  postgresql-client                          11+194
ii  postgresql-client-10 [postgresql-client]   10.5-1
ii  postgresql-client-11 [postgresql-client]   11.1-1+b1
ii  postgresql-contrib                         11+194
ii  rake                                       12.3.1-3
ii  redis-server                               5:5.0.1-1
ii  ruby                                       1:2.5.1
ii  ruby-ace-rails-ap                          4.1.1-1
ii  ruby-acts-as-taggable-on                   5.0.0-2
ii  ruby-addressable                           2.5.2-1
ii  ruby-akismet                               2.0.0-1
ii  ruby-arel                                  6.0.4-1
ii  ruby-asana                                 0.6.0-1
ii  ruby-asciidoctor-plantuml                  0.0.8-1
ii  ruby-asset-sync                            2.4.0-1
ii  ruby-attr-encrypted                        3.1.0-1
ii  ruby-babosa                                1.0.2-2
ii  ruby-base32                                0.3.2-3
ii  ruby-batch-loader                          1.2.1-1
ii  ruby-bcrypt-pbkdf                          1.0.0-1+b2
ii  ruby-bootstrap-form                        2.7.0-1
ii  ruby-browser                               2.5.3-1
ii  ruby-carrierwave                           1.2.3-1
ii  ruby-charlock-holmes                       0.7.5-1+b2
ii  ruby-chronic                               0.10.2-3
ii  ruby-chronic-duration                      0.10.6-1
ii  ruby-commonmarker                          0.17.9-1
ii  ruby-connection-pool                       2.2.2-1
ii  ruby-creole                                0.5.0-2
ii  ruby-default-value-for                     3.1.0-1
ii  ruby-device-detector                       1.0.1-2
ii  ruby-devise                                4.4.3-1
ii  ruby-devise-two-factor                     3.0.3-1
ii  ruby-diffy                                 3.2.1-1
ii  ruby-doorkeeper                            4.4.2-1
ii  ruby-doorkeeper-openid-connect             1.5.2-1
ii  ruby-dropzonejs-rails                      0.8.2-1
ii  ruby-ed25519                               1.2.4-1
ii  ruby-email-reply-trimmer                   0.1.6-1
ii  ruby-escape-utils                          1.2.1-1+b1
ii  ruby-excon                                 0.60.0-1
ii  ruby-faraday                               0.13.1-2
ii  ruby-fast-blank                            1.0.0-1+b1
ii  ruby-flipper                               0.13.0-3
pn  ruby-flipper-active-record                 <none>
pn  ruby-flipper-active-support-cache-store    <none>
ii  ruby-fog-aliyun                            0.2.0-1
ii  ruby-fog-aws                               2.0.1-1
ii  ruby-fog-core                              1.45.0-2
ii  ruby-fog-google                            1.3.3-2
ii  ruby-fog-local                             0.3.0-1
ii  ruby-fog-openstack                         0.1.6-4
ii  ruby-fog-rackspace                         0.1.1-4
ii  ruby-fogbugz                               0.2.1-3
ii  ruby-font-awesome-rails          
ii  ruby-gemnasium-gitlab-service              0.2.6-2
ii  ruby-gemojione                             3.3.0-1
ii  ruby-gettext-i18n-rails                    1.8.0-1
ii  ruby-gettext-i18n-rails-js                 1.3.0+dfsg-2
ii  ruby-gitaly                                0.105.0+dfsg-2
ii  ruby-github-linguist                       5.3.3-1
ii  ruby-github-markup                         1.6.5-1
ii  ruby-gitlab-flowdock-git-hook              1.0.1-4
ii  ruby-gollum-lib                  
ii  ruby-gollum-rugged-adapter       
ii  ruby-gon                                   6.2.1-1
ii  ruby-google-api-client                     0.19.8-1
ii  ruby-google-protobuf                       3.6.1-4
ii  ruby-gpgme                                 2.0.16-1+b1
ii  ruby-grape                                 1.0.3-1
ii  ruby-grape-entity                          0.7.1-1
ii  ruby-grape-logging                         1.7.0-1
ii  ruby-grape-path-helpers                    1.0.6-1
ii  ruby-graphiql-rails                        1.4.10-1
ii  ruby-graphql                               1.8.4-1
ii  ruby-grpc                                  1.16.0-1
ii  ruby-hamlit                                2.8.8-1
ii  ruby-hashie-forbidden-attributes           0.1.1-1
ii  ruby-health-check                          2.6.0-1
ii  ruby-hipchat                               1.5.2-3
ii  ruby-html-pipeline                         2.8.4-1
ii  ruby-html2text                             0.2.0-1
ii  ruby-httparty                              0.16.2+dfsg1-2
ii  ruby-icalendar                             2.4.1-1
ii  ruby-influxdb                              0.2.3-2
ii  ruby-jira                                  1.5.0-1
ii  ruby-jquery-atwho-rails                    1.3.2-2
ii  ruby-jwt                                   1.5.6-1
ii  ruby-kaminari                              1.0.1-4
ii  ruby-kgio                                  2.11.2-1+b1
ii  ruby-kubeclient                            3.1.2-1
ii  ruby-licensee                              8.9.2-1
ii  ruby-lograge                               0.10.0-1
ii  ruby-loofah                                2.2.2-1
ii  ruby-mail-room                             0.9.1-2
ii  ruby-method-source                         0.9.2-1
ii  ruby-mini-magick                           4.8.0-2
ii  ruby-mousetrap-rails                       1.4.6-6
ii  ruby-net-ldap                              0.16.1-1
ii  ruby-net-ssh                               1:5.0.2-2
ii  ruby-nokogiri                              1.8.4-1
ii  ruby-ntlm                                  0.6.1-2
ii  ruby-oauth2                                1.4.0-3
ii  ruby-octokit                               4.12.0-1
ii  ruby-omniauth                              1.8.1-1
ii  ruby-omniauth-auth0                        2.0.0-1
ii  ruby-omniauth-authentiq                    0.3.3-1
ii  ruby-omniauth-azure-oauth2                 0.0.9-2
ii  ruby-omniauth-cas3                         1.1.4-2
ii  ruby-omniauth-crowd                        2.4.0-1
ii  ruby-omniauth-facebook                     4.0.0-2
ii  ruby-omniauth-github                       1.3.0-1
ii  ruby-omniauth-gitlab                       1.0.2-1
ii  ruby-omniauth-google-oauth2                0.5.3-1
ii  ruby-omniauth-kerberos                     0.3.0-3
ii  ruby-omniauth-ldap                         2.0.4-2
ii  ruby-omniauth-oauth2-generic               0.2.2-1
ii  ruby-omniauth-saml                         1.10.0-1
ii  ruby-omniauth-shibboleth                   1.3.0-1
ii  ruby-omniauth-twitter                      1.4.0-1
ii  ruby-org                                   0.9.12-2
ii  ruby-parser                                3.11.0-1
ii  ruby-peek                                  1.0.1-1
ii  ruby-peek-gc                               0.0.2-1
ii  ruby-peek-pg                               1.3.0-1
ii  ruby-peek-rblineprof                       0.2.0-1
ii  ruby-peek-redis                            1.2.0-1
ii  ruby-peek-sidekiq                          1.0.3-2
ii  ruby-pg                                    0.19.0-2+b1
ii  ruby-posix-spawn                           0.3.13-2+b1
ii  ruby-premailer-rails                       1.9.7-1
ii  ruby-prof                                  0.17.0+dfsg-3+b1
ii  ruby-progressbar                           1.9.0-1
ii  ruby-prometheus-client-mmap                0.9.4-1
ii  ruby-rack-attack                           4.4.1-1
ii  ruby-rack-cors                             1.0.2-1
ii  ruby-rack-oauth2                           1.9.2-1
ii  ruby-rack-proxy                            0.6.1-2
ii  ruby-rack-test                             0.7.0-1
ii  ruby-rails                                 2:4.2.10-1
ii  ruby-rails-deprecated-sanitizer            1.0.3-3
ii  ruby-rails-dom-testing                     1.0.6-2
ii  ruby-rails-i18n                            4.0.9-1
ii  ruby-rainbow                               2.2.2-1
ii  ruby-raindrops                             0.19.0-1+b2
ii  ruby-re2                                   1.1.1-2+b2
ii  ruby-recaptcha                             4.11.1-1
ii  ruby-redcarpet                             3.4.0-4+b1
ii  ruby-redcloth                              4.3.2-3+b1
ii  ruby-redis                                 3.3.5-1
ii  ruby-redis-namespace                       1.6.0-1
ii  ruby-redis-rails                           5.0.2-3
ii  ruby-request-store                         1.3.0-1
ii  ruby-responders                            2.4.0-2
ii  ruby-rouge                                 3.2.1-1
ii  ruby-rqrcode-rails3                        0.1.7-1
ii  ruby-rufus-scheduler                       3.4.2-1
ii  ruby-rugged                                0.27.4+ds-1
ii  ruby-sanitize                              4.6.6-1
ii  ruby-sass-rails                            5.0.6-2
ii  ruby-seed-fu                               2.3.7-1
ii  ruby-select2-rails               
ii  ruby-sentry-raven                          2.7.4-1
ii  ruby-settingslogic                         2.0.9-3
ii  ruby-sidekiq                               5.2.2+dfsg-2
ii  ruby-sidekiq-cron                          0.6.3-5
ii  ruby-sidekiq-limit-fetch                   3.4.0-3
ii  ruby-slack-notifier                        1.5.1-2
ii  ruby-sprockets                             3.7.2-1
ii  ruby-sshkey                                1.9.0-1
ii  ruby-state-machines-activerecord           0.5.1-2
ii  ruby-sys-filesystem                        1.1.7-2
ii  ruby-task-list                             2.0.0-2
ii  ruby-toml-rb                               1.0.0-1
ii  ruby-truncato                              0.7.9-2
ii  ruby-u2f                                   0.2.1-2
ii  ruby-uglifier                              2.7.2+dfsg-2
ii  ruby-unf                                   0.1.4-2
ii  ruby-unf-ext                     
ii  ruby-unicorn-worker-killer                 0.4.4-1
ii  ruby-validates-hostname                    1.0.7-1
ii  ruby-version-sorter                        2.1.0+dfsg-1+b2
ii  ruby-virtus                                1.0.5-3
ii  ruby-vmstat                                2.3.0-2+b1
ii  ruby-webpack-rails                         0.9.11-2
ii  ruby-wikicloth                             0.8.1+dfsg-4
ii  ucf                                        3.0038
ii  unicorn                                    5.4.0-1+b1

Versions of packages gitlab recommends:
ii  certbot  0.28.0-1
ii  gitaly   0.111.4+debian-2

gitlab suggests no packages.

-- debconf information excluded

More information about the Pkg-ruby-extras-maintainers mailing list