Bug 197588

I'm having the same problem with psi-0.11_pre20070314 (upgraded to see if it will disappear)and pinentry 0.7.3. A friend of mine is using Debian and has no such problems with the same versions.

same problem here.

equery uses psi                          
[ Searching for packages matching psi... ]
[ Colour Code : set unset ]
[ Legend : Left column  (U) - USE flags from make.conf              ]
[        : Right column (I) - USE flags packages was installed with ]
[ Found these USE variables for net-im/psi-0.10-r3 ]
 U I
 - - audacious        : Enable monitoring of audio tracks that are played in (media-sound/audacious)
 + + crypt            : Add support for encryption -- using mcrypt or gpg where applicable
 + + extras           : Enables extra non official patches
 - - insecure-patches : Enables extra non official patches that may pose as a security risk
 - - linguas_ar       : <unknown>
 - - linguas_bg       : <unknown>
 - - linguas_ca       : <unknown>
 - - linguas_cs       : <unknown>
 - - linguas_da       : <unknown>
 - - linguas_de       : <unknown>
 - - linguas_el       : <unknown>
 - - linguas_eo       : <unknown>
 - - linguas_es       : <unknown>
 - - linguas_et       : <unknown>
 - - linguas_fi       : <unknown>
 - - linguas_fr       : <unknown>
 - - linguas_hu       : <unknown>
 - - linguas_it       : <unknown>
 - - linguas_mk       : <unknown>
 - - linguas_nl       : <unknown>
 - - linguas_pl       : <unknown>
 - - linguas_pt       : <unknown>
 - - linguas_pt_BR    : <unknown>
 - - linguas_ru       : <unknown>
 - - linguas_se       : <unknown>
 - - linguas_sk       : <unknown>
 - - linguas_sl       : <unknown>
 - - linguas_sr       : <unknown>
 - - linguas_sw_TZ    : <unknown>
 - - linguas_vi       : <unknown>
 - - linguas_zh       : <unknown>
 + + ssl              : Adds support for Secure Socket Layer connections
 - - xscreensaver     : Adds support for XScreenSaver extension.


emerge --info
Portage 2.1.3.19 (default-linux/amd64/2006.1/desktop, gcc-4.1.2, glibc-2.6.1-r0, 2.6.23-gentoo-r3 x86_64)
=================================================================
System uname: 2.6.23-gentoo-r3 x86_64 AMD Athlon(tm) 64 Processor 3500+
Timestamp of tree: Mon, 24 Dec 2007 09:46:01 +0000
distcc 2.18.3 x86_64-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled]
ccache version 2.4 [enabled]
app-shells/bash:     3.2_p17
dev-java/java-config: 1.3.7, 2.0.33-r1
dev-lang/python:     2.4.4-r6
dev-python/pycrypto: 2.0.1-r6
dev-util/ccache:     2.4-r7
sys-apps/baselayout: 1.12.10-r5
sys-apps/sandbox:    1.2.18.1-r2
sys-devel/autoconf:  2.13, 2.61-r1
sys-devel/automake:  1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10
sys-devel/binutils:  2.18-r1
sys-devel/gcc-config: 1.3.16
sys-devel/libtool:   1.5.24
virtual/os-headers:  2.6.23-r2
ACCEPT_KEYWORDS="amd64"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-march=athlon64 -O2 -pipe"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config /var/bind"
CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf /etc/revdep-rebuild /etc/terminfo /etc/texmf/web2c /etc/udev/rules.d"
CPPFLAGS=" -I/usr/local/enlightenment/e-071014/include -I/usr/local/enlightenment/e-071014/include"
CXXFLAGS="-march=athlon64 -O2 -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="candy ccache distlocks metadata-transfer noinfo parallel-fetch sandbox sfperms strict unmerge-orphans userfetch"
GENTOO_MIRRORS="ftp://ftp.wh2.tu-dresden.de/pub/mirrors/gentoo"
LANG="en_US.utf8"
LC_ALL="en_US.utf8"
LDFLAGS=" -L/usr/local/enlightenment/e-071014/lib -L/usr/local/enlightenment/e-071014/lib"
LINGUAS="en"
MAKEOPTS="-j2"
PKGDIR="/usr/portage/packages"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --filter=H_**/files/digest-*"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/portage/local/layman/sunrise /usr/local/portage /usr/local/portage"
SYNC="rsync://rsync.de.gentoo.org/gentoo-portage"
USE="X a52 aac aalib alsa amd64 apache2 arts bash-completion berkdb bitmap-fonts cairo cdr cjk cli cracklib crypt cups curl dbus directfb dri dts dvd dvdr eds emboss encode esd fam fbcon ffmpeg firefox flac fortran gd gdbm gif gnome gpm gstreamer gtk gtk2 hal iconv ipod isdnlog jpeg kde libcaca lirc mad midi mikmod mp3 mpeg mudflap ncurses nethack nls nptl nptlonly nsplugin offensive ogg opengl openmp oss pam pcre perl png postgres ppds pppd python qt qt3 qt4 quicktime readline reflection ruby sdl session spell spl ssl svg tcpd theora threads truetype truetype-fonts type1-fonts unicode userlocales vorbis xml xorg xv xvid zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en" LIRC_DEVICES="serial" USERLAND="GNU" VIDEO_CARDS="vesa fbdev radeon"
Unset:  CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS

Comment 3 Robin Johnson 2008-01-02 02:40:25 UTC

This looks like bug 183075 that got closed as NEEDINFO.
Specifically pinentry does NOT cache the passphrase. That is the task of the agent. If there is no agent available, it doesn't get cached...

Comment 4 Robin Johnson 2008-01-02 02:41:02 UTC

Add crypto herd.

Comment 5 Alon Bar-Lev (RETIRED) 2008-01-02 06:44:26 UTC

True.
gnupg-2 requires agent running for caching.
Please try:

gpg-agent --daemon bash
<run psi from this shell>

Comment 6 Alon Bar-Lev (RETIRED) 2008-01-02 18:47:47 UTC

Just want to know, troll are you available in some way? I did not see you handle any of the bugs assigned to you.

It works now with net-im/psi-0.11_pre2007031.
Thanks :)

Comment 8 Alon Bar-Lev (RETIRED) 2008-01-03 17:32:03 UTC

Please explain what is working...
What about 0.10? Have you checked this?

Well,
now it doesn't ask for a password everytime you receive an encrypted message or change your status.
Unfortunately I haven't tested with 0.10, but will try it as soon as I can.

Comment 10 Alon Bar-Lev (RETIRED) 2008-01-03 19:25:14 UTC

OK.
Please reopen if you have any further issues.

This is actually a non-issue. If the gpg-ebuilds would allow installing gpg1 and gpg2 in parallel (which is what they were designed for), psi would flawlessly work without changing a single line of code

Also, I doubt that gpg-agent will really help with psi, because as far as I understand, gpg-agent only lets you chose how long (as in timeout) your passphrase should be cached, whereas psi is designed to decide for itself how long to cache the passphrase.

Just tested it, version 0.10-r3 also has no problems after the command
gpg-agent --daemon bash

Comment 13 Alon Bar-Lev (RETIRED) 2008-01-03 20:11:37 UTC

(In reply to comment #11)
> This is actually a non-issue. If the gpg-ebuilds would allow installing gpg1
> and gpg2 in parallel (which is what they were designed for), psi would
> flawlessly work without changing a single line of code

This is irrelevant to this bug.

Applications should work also if user choose to install only gpg-2.
And if a gpg-2 only configuration is available, why force gpg-1 on all systems that have gpg-2 installed?

Also, there was no change in any line of code for 0.11, 0.10 was released before gnupg-2, so a minor fixups applied.

> Also, I doubt that gpg-agent will really help with psi, because as far as I
> understand, gpg-agent only lets you chose how long (as in timeout) your
> passphrase should be cached, whereas psi is designed to decide for itself how
> long to cache the passphrase.

Don't doubt or guess, check it out, if it does not work for you please describe the issue.

As for passphrase cache, gpg-2 does not allow applications to cache passphrase as the applications tends to do this in unsecured manner. As far as I talked to Justin (psi developer), he is aware of this.

On gpg-2 passphrase cache is maintained by gpg-agent, and the cache settings can be configured as options for gpg-agent.

Comment 14 Alon Bar-Lev (RETIRED) 2008-01-03 20:11:56 UTC

(In reply to comment #12)
> Just tested it, version 0.10-r3 also has no problems after the command
> gpg-agent --daemon bash

Thank you for your help.

Comment 15 Robin Johnson 2008-01-03 20:18:59 UTC

wolfgang: 
"whereas psi is designed to decide for itself how long to cache the passphrase."
gpg-agent allows applications to decide how long to cache for, but it handles getting the passphrase and the cache itself.

Off the top of my head, using the Assuan protocol to the agent:
GET_PASSPHRASE $CACHE_ID ....
CLEAR_PASSPHRASE $CACHE_ID
To explicitly request or forgot the passphrase. There is another one that manages the timeout.

Comment 16 Alon Bar-Lev (RETIRED) 2008-01-03 20:42:58 UTC

(In reply to comment #15)
> Off the top of my head, using the Assuan protocol to the agent:
> GET_PASSPHRASE $CACHE_ID ....
> CLEAR_PASSPHRASE $CACHE_ID

But gpg --server does not expose these... :)
gpg exposes:
OPTION use-cache-for-signing=0|1

And there is no option to redirect raw options for the agent... (There is from the agent to the smartcard daemon...)