Bug 219400

Summary: security/gnupg 2.1.21 broke gpg exit code behavior when not using a smart card
Product: Ports & Packages Reporter: FiLiS <freebsdbugs>
Component: Individual Port(s)Assignee: Adam Weinberger <adamw>
Status: Closed FIXED    
Severity: Affects Only Me Flags: bugzilla: maintainer-feedback? (adamw)
Priority: ---    
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
patch to fix bug introduced in 2.1.21 none

Description FiLiS 2017-05-19 09:35:38 UTC 
Created attachment 182737 [details]
patch to fix bug introduced in 2.1.21

The 2.1.21 release introduced a bug that causes the gpg binary to exit 2 on successful encryption/signing operations when no smart card is used:

https://dev.gnupg.org/rGa8dd96826f8484c0ae93c954035b95c2a75c80f2

I posted it on the gnupg mailing list

https://lists.gnupg.org/pipermail/gnupg-users/2017-May/058233.html

and tested the above patch, which fixes the bug.

The attached patch fixes the port until there is a 2.1.22 release.
Comment 1 commit-hook freebsd_committer freebsd_triage 2017-05-19 17:06:59 UTC 
A commit references this bug:

Author: adamw
Date: Fri May 19 17:05:57 UTC 2017
New revision: 441252
URL: https://svnweb.freebsd.org/changeset/ports/441252

Log:
  Ignore errors about missing smartcard daemon.

  It's an OPTION on FreeBSD, but 2.1.21 treated missing scdaemon as an
  error.

  PR:		219400
  Submitted by:	Philip Jocks
  Obtained from:	https://dev.gnupg.org/rGa8dd96826f8484c0ae93c954035b95c2a75c80f2
  See also:	https://lists.gnupg.org/pipermail/gnupg-users/2017-May/058233.html
  MFH:		2017Q2

Changes:
  head/security/gnupg/Makefile
  head/security/gnupg/files/patch-scdaemon
Comment 2 Adam Weinberger freebsd_committer freebsd_triage 2017-05-19 17:09:29 UTC 
Committed. Thanks, Philip.

I've requested to merge this to the quarterly branch. I'll keep the PR open until I hear back from ports-secteam.
Comment 3 FiLiS 2017-05-19 17:55:26 UTC 
no, the error also occurred when I built _with_ the SCDAEMON option, it just spewed less error messages. :)
The actual problem we faced was that gpg exited non-zero on a successful operation, though one of the GnuPG devs already mentioned something to me that it should no longer be an option to package gpg without scdaemon in the future, but since it doesn't pull in more dependencies, I'd also be fine with always building GnuPG with SCDAEMON.
Comment 4 commit-hook freebsd_committer freebsd_triage 2017-05-21 14:46:10 UTC 
A commit references this bug:

Author: adamw
Date: Sun May 21 14:45:03 UTC 2017
New revision: 441398
URL: https://svnweb.freebsd.org/changeset/ports/441398

Log:
  MFH: r441252

  Add an upstream patch to prevent erroneous failures involving the
  smartcard daemon.

  PR:		219400
  Submitted by:	Philip Jocks
  Obtained from:	https://dev.gnupg.org/rGa8dd96826f8484c0ae93c954035b95c2a75c80f2
  See also:	https://lists.gnupg.org/pipermail/gnupg-users/2017-May/058233.html

  Approved by:	ports-secteam (miwi)

Changes:
_U  branches/2017Q2/
  branches/2017Q2/security/gnupg/Makefile
  branches/2017Q2/security/gnupg/files/patch-scdaemon
Comment 5 Adam Weinberger freebsd_committer freebsd_triage 2017-05-21 14:48:21 UTC 
Merged to quarterly. Thanks, Philip.