bug-gnu-emacs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#67012: 29.1; epa-sign-file pinentry loopback mode does not work with


From: Ulrich Mueller
Subject: bug#67012: 29.1; epa-sign-file pinentry loopback mode does not work with S/MIME
Date: Sun, 19 Nov 2023 12:13:08 +0100
User-agent: Gnus/5.13 (Gnus v5.13)

>>>>> On Sun, 19 Nov 2023, Eli Zaretskii wrote:

>> From: Ulrich Mueller <ulm@gentoo.org>
>> Cc: Eli Zaretskii <eliz@gnu.org>,  Michael Albinus <michael.albinus@gmx.de>
>> Date: Fri, 17 Nov 2023 12:40:05 +0100
>> 
>> Until there's a proper fix (not anytime soon, I suppose?), could we
>> please disable pinentry loopback with gpgsm? See patch below.
>> 
>> That way, the user could still set epg-pinentry-mode to loopback for use
>> with gpg2, and with gpgsm it would fall back to passphrase input through
>> the pinentry program (i.e. in the GUI). This seems to be better than
>> erroring out.
>> 
>> (In fact, I use gpgsm with pinentry.el from Emacs 25.3 as a workaround.
>> Unfortunately, that package has been removed as a fix for bug #27445.)

> I have difficulty making a decision about this, as I don't feel I
> understand the situation well enough.  Can you please help me by
> answering the following questions:

>   . are we talking about a single problem or about several ones? the
>     original report was about invoking gpgsm, but then you started
>     talking about gpg2 as well?

Single problem, and it affects only gpgsm. I've mentioned gpg2 only
for the reason that any fix or workaround shouldn't change existing
behaviour with gpg2. (So, for example, omitting "--pinentry-mode
loopback" should be conditional on the CMS protocol.)

>   . is this a recent regression in Emacs, or did this problem exist in
>     older versions of Emacs as well? or is this due to some recent
>     change in GnuPG?

AFAICS it is an old problem, not related to any recent changes in Emacs
or GnuPG. And IIUC properly fixing it would require major changes for
either EasyPG or gpgsm, because the design of EasyPG relies on the
status messages output by gpg2 with the --status-fd option. gpgsm
doesn't output most of these messages (see the examples in message #32
above).

It looks like bug #59178 is about the same issue (but that report was
somewhat sidetracked). Sorry that I hadn't noticed before filing this
report.





reply via email to

[Prev in Thread] Current Thread [Next in Thread]