Re: [PATCH] Unbreak interactive GPG prompt upon signing

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Michael,

On Tue, 6 Sep 2016, Michael J Gruber wrote:

> Johannes Schindelin venit, vidit, dixit 06.09.2016 10:01:
> > With the recent update in efee955 (gpg-interface: check gpg signature
> > creation status, 2016-06-17), we ask GPG to send all status updates to
> > stderr, and then catch the stderr in an strbuf.
> > 
> > But GPG might fail, and send error messages to stderr. And we simply
> > do not show them to the user.
> > 
> > Even worse: this swallows any interactive prompt for a passphrase. And
> > detaches stderr from the tty so that the passphrase cannot be read.
> > 
> > So while the first problem could be fixed (by printing the captured
> > stderr upon error), the second problem cannot be easily fixed, and
> > presents a major regression.
> 
> My Git has that commit and does ask me for the passphrase on the tty.
> Also, I do get error messages:
> 
> git tag -u pebcak -s testt -m m
> error: gpg failed to sign the data
> error: unable to sign the tag

That is not GPG's error message. It just leaves users puzzled, is what it
does.

> which we could (maybe should) amend by gpg's stderr.

Right. But then we still do not solve the problem. The problem being that
some platforms cannot use getpass(prompt): it simply does not exist.

On Windows, we do not even have a /dev/tty (technically, GPG, being an
MSYS2 program, knows about /dev/tty, but we spawn it from a non-MSYS2
program, so there is a disconnect).

> > So let's just revert commit efee9553a4f97b2ecd8f49be19606dd4cf7d9c28.
> 
> That "just" reintroduces the problem that the orignal patch solves.

Right. Which is: when some user misconfigures gpg, causing Git to run
something different that simply succeeds, there is no signature.

This is a minor issue, as it requires a user to configure gpg, and do a
bad job at it.

Not being able to input the passphrase on Windows is a major issue, as the
user has done nothing wrong.

> The passphrase/tty issue must be Windows specific - or the non-issue
> Linux-specific, if you prefer.

Sure. Let's talk about semantics. Oh wait, maybe we should work on
resolving the issue instead.

> > This fixes https://github.com/git-for-windows/git/issues/871

To reiterate: this is the problem I need to see solved.

Ciao,
Dscho
[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]