[Pkg-utopia-maintainers] Bug#1098951: Bug#1098995: notmuch: test suite regressions with fixed GnuPG

Daniel Kahn Gillmor dkg at fifthhorseman.net
Fri Feb 28 19:51:02 GMT 2025 

Control: clone 1098951 -1
Control: reassign -1 gpg
Control: found -1 2.2.46-2
Control: found -1 2.4,7-5
Control: notfound -1 2.2.46-1
Control: notfound -1 2.4.7-4
Control: retitle -1 GnuPG: Defense against DoS breaks verification of signatures from expired or revoked keys
Control: forwarded -1 https://dev.gnupg.org/T7547
Control: affects -1 + aptly notmuch ostree libmail-gnupg-perl

Hi Simon--

On Fri 2025-02-28 18:50:40 +0000, Simon McVittie wrote:
> On Thu, 27 Feb 2025 at 12:59:44 -0500, Daniel Kahn Gillmor wrote:
>>So this is definitely a change in GnuPG behavior, as reported upstream
>>at https://dev.gnupg.org/T7547
>
> The same behaviour change also caused a build-time test failure in
> src:ostree, https://bugs.debian.org/1098951 /
> https://github.com/ostreedev/ostree/issues/3386.

Thanks for the triage, i agree that this looks like the same thing.

I think the remaining piece within debian that seems to have a
comparable issue with this DoS prevention is aptly, but i haven't gotten
a chance to diagnose it properly.

> libostree is designed to be able to receive signature validation
> errors (from either gnupg, its own ED25519-based signing scheme,
> or possible future signature backends, depending on build-time and
> runtime configuration) and report them to library users as a structured
> error code indicating what went wrong, at a level of granularity
> where it can distinguish between an expired key and a revoked key,
> for example. libostree's test suite asserts that it can provide this
> functionality, and I think I would tend to characterize this as "something
> that was previously possible no longer works, and the tests correctly
> caught this" rather than merely "the test-suite is brittle". Would you
> mind reassigning or cloning one of these bugs to gnupg to represent that,
> forwarded to T7547 upstream, while it's investigated?

I think your analysis is correct, and i've been hoping that upstream
will weigh in on the situation.  I've taken the steps you suggested
within the debian BTS with this message.

For notmuch, i think the slightly more slack test suite is OK -- it's
not like a signature from a revoked key is particularly meaningfully
different than an otherwise invalid signature for the end user.  And the
notmuch test suite doesn't currently distinguish between signatures from
expired certs compared with non-expired certs.

But i can understand why ostree would be reluctant to weaken a more
sophisticated test suite.

> I think if libostree and notmuch are both showing test-suite regressions
> after this change, that does seem more likely to be a behaviour change in
> gnupg (and potentially an unintended one?) rather than simply libostree
> holding it wrong.

Agreed.

> If it's intentional that it is no longer possible to distinguish between
> different reasons why a signature does not validate, or if that's
> necessary collateral damage to avoid the DoS, then libostree will likely
> have to stop offering this feature, and instead report all GnuPG signature
> validation errors as "some unspecified thing is wrong with the signature"
> - but I don't think its upstream will want to do that without knowing
> that it's wontfix from GnuPG's perspective, and similarly I'm reluctant to
> apply downstream patches to weaken test coverage of a security-sensitive
> integrity check until we know they're necessary.

I've pointed GnuPG upstream to the ostree reports as well, so that
they're aware of the collateral damage.  If anyone from ostree wants to
weigh in further on that bug report, please feel free.  If you don't
have (or want to have) an account on https://dev.gnupg.org/ but do you
want some specific information relayed there, feel free to nudge me
about it and i can add to the upstream discussion directly.

Regards,

   --dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-utopia-maintainers/attachments/20250228/36b94ba8/attachment-0001.sig>

More information about the Pkg-utopia-maintainers mailing list