Bug 205246 - security/gnupg: pinentry-tty dumps core because of missing privelege
Summary: security/gnupg: pinentry-tty dumps core because of missing privelege
Status: Closed Unable to Reproduce
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: amd64 Any
: --- Affects Some People
Assignee: Adam Weinberger
URL:
Keywords: crash, needs-qa
Depends on:
Blocks:
 
Reported: 2015-12-11 12:30 UTC by alexander.haderer
Modified: 2018-05-02 15:53 UTC (History)
3 users (show)

See Also:
bugzilla: maintainer-feedback? (kuriyama)
koobs: merge-quarterly?


Attachments
truss of gpg-agent talking with pinentry (1.05 KB, text/plain)
2015-12-11 12:30 UTC, alexander.haderer
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description alexander.haderer 2015-12-11 12:30:27 UTC
Created attachment 164117 [details]
truss of gpg-agent talking with pinentry

Scenario: symmetric encryption of a file

(asymmetric encryption not tested, probably affected, too)

case A: When running as root:

  root@uhura:/tmp # gpg -c somefile
  Enter passphrase

   Passphrase: 
  Please re-enter this passphrase
   Passphrase: 
  root@uhura:/tmp # 

result is as expected: somefile.gpg is on disk as encrypted file

case B: When running as user with non-root priveleges:

  % gpg -c somefile
  gpg: problem with the agent: End of file
  gpg: error creating passphrase: Operation cancelled
  gpg: symmetric encryption of 'somefile' failed: Operation cancelled
  % 

console/messages shows: kernel: pid 9717 (pinentry-tty), uid 2002: exited on signal 11

trussing the gpg-agent while talking with pinentry shows, that

1. pinentry starts up
2. they do some handshaking and parameter exchange
3. pinentry dies after receiving  "GETPIN"

see truss snippet attached

with best regards
Comment 1 alexander.haderer 2015-12-11 13:42:59 UTC
Sorry, forgot to mention:

FreeBSD uhura 10.2-RELEASE FreeBSD 10.2-RELEASE #0 r286666: Wed Aug 12 15:26:37 UTC 2015     root@releng1.nyi.freebsd.org:/usr/obj/usr/src/sys/GENERIC  amd64

gnupg installed with pkg install
Comment 2 patpro 2016-02-27 19:56:06 UTC
Hi,

I have a similar crash using gpg2 to create a private key using a command like gpg2 --full-gen-key
The command ends with:
	...
	Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
	We need to generate a lot of random bytes. It is a good idea to perform
	some other action (type on the keyboard, move the mouse, utilize the
	disks) during the prime generation; this gives the random number
	generator a better chance to gain enough entropy.
	gpg: no running gpg-agent - starting '/usr/local/bin/gpg-agent'
	gpg: waiting for the agent to come up ... (5s)
	gpg: connection to agent established
	gpg: agent_genkey failed: End of file
	Key generation failed: End of file

and dmesg/logs show:

	pid 1278 (pinentry-tty), uid 0: exited on signal 11

truss and ktrace show that pinentry dies during transaction with gpg-agent.

It's 10.2-RELEASE-p9, running pinentry and gnupg installed from pkg. Same results with locally compiled pinentry port.
Comment 3 patpro 2016-02-27 20:01:15 UTC
(In reply to patpro from comment #2)

and I forgot to mention: it happens when I run the command as root
Comment 4 Walter Schwarzenfeld freebsd_triage 2018-01-10 04:33:40 UTC
10.2 RELEASE is gone. Is this still a problem? or overcome by events.
Comment 5 alexander.haderer 2018-01-10 13:43:00 UTC
hi,

this is still a problem for non-root user on a newer system: 11.0-RELEASE-p15 amd64

host user 53 (~/tmp): gpg -c xxx
gpg: Warning: using insecure memory!
gpg: problem with the agent: End of file
gpg: error creating passphrase: Operation cancelled
gpg: symmetric encryption of 'xxx' failed: Operation cancelled

host user 54 (~/tmp): tail /var/log/messages
Jan 10 14:28:01 host kernel: pid 1138 (pinentry-tty), uid 2002: exited on signal 11

host user 54 (~/tmp): pkg info -d gnupg
gnupg-2.2.4:
        pinentry-1.0.0_3
        libksba-1.3.5
        libgpg-error-1.27
        libgcrypt-1.8.2
        libassuan-2.5.1
        gnutls-3.5.16
        indexinfo-0.3.1
        readline-7.0.3_1
        npth-1.5
        gettext-runtime-0.19.8.1_1
        sqlite3-3.21.0_1
Comment 6 Adam Weinberger freebsd_committer 2018-01-10 18:17:53 UTC
11.0 is no longer supported; you'll need to upgrade to 11.1.

That said, it works for me:

[adamw@apnoea ~] id
uid=1002(adamw) gid=1002(adamw) groups=1002(adamw),0(wheel)
[adamw@apnoea ~] uname -a
FreeBSD apnoea.adamw.org 11.1-RELEASE-p6 FreeBSD 11.1-RELEASE-p6 #0: Fri Dec  8 21:49:15 MST 2017     root@apnoea.adamw.org:/usr/obj/usr/src/sys/ASSISTCONTROL  amd64
[adamw@apnoea ~] pkg info gnupg | head -1
gnupg-2.2.4
[adamw@apnoea ~] man sh > output
[adamw@apnoea ~] gpg -c output
gpg: /home/adamw/.gnupg/gpg.conf:206: obsolete option "no-use-agent" - it has no effect
gpg: Warning: using insecure memory!
[adamw@apnoea ~]

Which pinentry ports do you have installed? I'm wondering if there's something odd in your gpg.conf. You might try resetting it to default and see if that works for you.
Comment 7 alexander.haderer 2018-01-11 11:50:55 UTC
hi,

another test with FreeBSD 11.1 p4 amd64 installed from scratch and a fresh installed gnupg (via pkg install gnupg) now works as expected: gpg -c file encrypts the file.

This issue now can be closed.

A note for others coming to this bug report having similar issues: My assumption is that a missing/broken package dependency in gnupg caused this bug. People having the missing package installed "by accident" did not see the bug. During tests I have seen that the installation of gnupg installs more dependend packages than on a fresh 11.0 or ealier system.
Comment 8 Adam Weinberger freebsd_committer 2018-01-11 16:13:34 UTC
Glad to hear it works for you. I'm closing this bug, but I'm concerned about your reference to an extra package. If you find out which package it is, send me an email or open a PR for it.
Comment 9 Luke Crooks 2018-05-02 14:41:32 UTC
I have come across this issue today, well I think its the same issue.

On my host system, I have installed gnupg, created some keys, works fine.

Exported those keys, imported into a jail, and when I try to import the secret key, with:

>> gpg --allow-secret-key-import --import -v ~/mygpgkey_sec.gpg

The second secret key import gives this error:

>> gpg: Warning: using insecure memory!
>> gpg: sec  rsa4096/E0108CA4B11481 2018-05-01  FreeBSD server <luke@s.com>
>> gpg: pub  rsa4096/E0108CA4B11481 2018-05-01  FreeBSD server <luke@s.com>
>> gpg: key E0108CA4B1148132: "FreeBSD server <luke@s.com>" not changed
>> gpg: key E0108CA4B1148132/E0108CA4B114: secret key imported
>> gpg: pinentry launched (34423 tty 1.0.0 ? ? ?)
>> gpg: key E0108CA4B114/B5EA89265E982A: error sending to agent: End of file
>> gpg: Total number processed: 1
>> gpg:              unchanged: 1


However, it worked fine on the host system, and this same import routine works on another machine.

I can only assume this is because this jail doesn't have the missing package that is required to fix the issue (as it isn't listed as a dependency). I have tried installing with pkg install and via ports.

I have tried as root and a normal user, but this is either the same issue where I have a missing dependency, or something else, but reading the above I believe it to be the former.
Comment 10 Luke Crooks 2018-05-02 15:01:22 UTC
If I prefix my import with a 

>> killall gpg-agent

And then try and run the import I get:
>> gpg --allow-secret-key-import --import -v gpg_keys/freebsd_sec.gpg
>> gpg: Warning: using insecure memory!
>> gpg: directory '/home/luke/.gnupg' created
>> gpg: keybox '/home/luke/.gnupg/pubring.kbx' created
>> gpg: sec  rsa4096/E0108CA4B1148 2018-05-01   FreeBSD server <luke@s.com>
>> gpg: pub  rsa4096/E0108CA4B1148 2018-05-01  FreeBSD server <luke@solentwholesale.com>
>> gpg: /home/luke/.gnupg/trustdb.gpg: trustdb created
>> gpg: using pgp trust model
>> gpg: key E0108CA4B1148132: public key "FreeBSD server <luke@s.com>" imported
>> gpg: no running gpg-agent - starting '/usr/local/bin/gpg-agent'
>> gpg: waiting for the agent to come up ... (5s)
>> gpg: connection to agent established
>> gpg: key E0108CA4B1148/E0108CA4B1148: secret key imported
>> gpg: pinentry launched (95385 tty 1.0.0 ? ? ?)
>> gpg: key E0108CA4B1148/B5EA89265E98: error sending to agent: End of file
>> gpg: Total number processed: 1
>> gpg:               imported: 1
>> gpg:       secret keys read: 1

So I know I am talking to the agent, but get an error sending to the agent.
Comment 11 Luke Crooks 2018-05-02 15:53:59 UTC
For future googlers, if you ever end up here, its most likely that in order to use  gpg in a jail, you need to create the follwing entry in ~/.gnupg/gpg-agent.conf

>> allow-loopback-pinentry

And then for every gpg command you run, you need to prefix it with:

>> gpg --pinentry-mode loopback <other options>

E.g.

>> gpg gpg --pinentry-mode loopback -d my_file.gpg
>> Results here