From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Mirko Vukovic Newsgroups: gmane.emacs.bugs Subject: bug#42984: 27.1; package-list results in error while updating archive due to malformed path Date: Thu, 26 Nov 2020 10:28:17 -0500 Message-ID: References: <83tutcrdyt.fsf@gnu.org> <83mtz4qkg2.fsf@gnu.org> Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="00000000000086c15205b5043389" Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="21321"; mail-complaints-to="usenet@ciao.gmane.io" Cc: 42984@debbugs.gnu.org, Stefan Kangas To: Eli Zaretskii Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Thu Nov 26 16:29:25 2020 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1kiJD1-0005NN-Si for geb-bug-gnu-emacs@m.gmane-mx.org; Thu, 26 Nov 2020 16:29:24 +0100 Original-Received: from localhost ([::1]:50478 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kiJD0-0004qi-UL for geb-bug-gnu-emacs@m.gmane-mx.org; Thu, 26 Nov 2020 10:29:22 -0500 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:50898) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kiJCh-0004py-49 for bug-gnu-emacs@gnu.org; Thu, 26 Nov 2020 10:29:03 -0500 Original-Received: from debbugs.gnu.org ([209.51.188.43]:59193) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kiJCg-0003MD-TO for bug-gnu-emacs@gnu.org; Thu, 26 Nov 2020 10:29:02 -0500 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1kiJCg-00020A-Q5 for bug-gnu-emacs@gnu.org; Thu, 26 Nov 2020 10:29:02 -0500 X-Loop: help-debbugs@gnu.org Resent-From: Mirko Vukovic Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Thu, 26 Nov 2020 15:29:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 42984 X-GNU-PR-Package: emacs Original-Received: via spool by 42984-submit@debbugs.gnu.org id=B42984.16064045417657 (code B ref 42984); Thu, 26 Nov 2020 15:29:02 +0000 Original-Received: (at 42984) by debbugs.gnu.org; 26 Nov 2020 15:29:01 +0000 Original-Received: from localhost ([127.0.0.1]:42498 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kiJCe-0001zJ-Lh for submit@debbugs.gnu.org; Thu, 26 Nov 2020 10:29:01 -0500 Original-Received: from mail-pg1-f179.google.com ([209.85.215.179]:43906) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kiJCc-0001z4-Fc for 42984@debbugs.gnu.org; Thu, 26 Nov 2020 10:28:59 -0500 Original-Received: by mail-pg1-f179.google.com with SMTP id 34so1973519pgp.10 for <42984@debbugs.gnu.org>; Thu, 26 Nov 2020 07:28:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=8Nl7qsfkCe4RQIeypjwdDudlW9N/0X2wGjQwBFFZoas=; b=UfkZGTQfpHohcLet8gCvYM9GE5SSGBGblsutZdHbw8sjgSP7Gxru4476mBkwROYdnD bNsX+hKhPnXOawLaMXleDd4ZjcKwcGoafGvoSUnxa2TQtl2EVlbA4e1NHcrmTZWlvBhf eibqEkUNf71dkWKsEvNEPPPvGFcWEx6hsE+vHKR5jdhNKZoLz6PTtw+IWbqT/XsrDWcF CQGOwdUAM1kDBprP0v84pLlgmJWa9su+JT94JeTA5sxVuEwD7ADnkYbaw4XdEDXTi4SG XzcdoATUJbC42e5alKRM0HZUuBIp/fVeWY2l3HBzw9vPrc22Zjnn83oybG3erjwsMc3K 5cKQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=8Nl7qsfkCe4RQIeypjwdDudlW9N/0X2wGjQwBFFZoas=; b=I0vDTu95fTdgRPQ2ng0RXLrfIPTqxCoVr/uU1c07zEyhRvh6Rod38Aary+6tT4AKTT iZ5vtjGnQ2he3DhCmYmyRl57S0VMjpeQJMPXtXht1SXB0JwBUemOtdrD4h3ag8PivTLY vxwC8xcOwqopzoe3LX8UvHDlVB0EWgAGd6nVxbLyTe9s5K0ooyi3jXpCaDGbLg+jxrYb CpxtmJ2kFA5TbP7VyP3mEyW4VRExiPN8tzEhXjl5uvnHpNqhgUnrEcinLV8DTs/VmNPh qCWXpQunhyPXX833GPiOgX3A9Lm9pVFr7FL1RRYYW177EUqHwpjDo7Z0ahzfHqQrU+dL SPpw== X-Gm-Message-State: AOAM531WMVu2XcuQ3rxL69GUblDYLf5R/dRF+ANjlJ8yvZ6GfTqvTaKF 2MgbNwb6YJvFpKqNmv7dDsmy7nhEt+B7wwlwjGo= X-Google-Smtp-Source: ABdhPJxVpw50lzl9z1tp4rPnwxD0T0hxcNrLgwWkXasj/GrMc//706Wbupy5Ju3UwcBpw+hEjguuvWTYsuyiyf5GwN4= X-Received: by 2002:a17:90a:de86:: with SMTP id n6mr4185892pjv.214.1606404532517; Thu, 26 Nov 2020 07:28:52 -0800 (PST) In-Reply-To: <83mtz4qkg2.fsf@gnu.org> X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Original-Sender: "bug-gnu-emacs" Xref: news.gmane.io gmane.emacs.bugs:194342 Archived-At: --00000000000086c15205b5043389 Content-Type: text/plain; charset="UTF-8" On Thu, Nov 26, 2020 at 9:09 AM Eli Zaretskii wrote: > > From: Stefan Kangas > > Date: Wed, 25 Nov 2020 23:36:36 -0500 > > Cc: mirko.vukovic@gmail.com, 42984@debbugs.gnu.org > > > > Eli Zaretskii writes: > > > > >> Does anyone have an idea why a path like this would be used on > Windows? > > >> > > >> > "/c/Users/977315/tmp/c:/Users/977315/.emacs.d/elpa/gnupg/pubring.kbx" > > > > > > Yes, it happens when MSYS2 ports of programs (gpg?) are mixed with > > > native Windows ports. > > > > Should we do anything about that, or is it expected? > > My guess is it's not an Emacs problem. But to be sure, I miss some > details: > > . is gpg being used an MSYS2 port of a native Windows > (a.k.a. "mingw") port? > . was the problematic file name emitted by gpg, or was it generated > by Emacs and passed to gpg? > > The last question could be answered by stepping in Edebug through > package--check-signature-content and epg functions it calls, and > looking at the file names we place on the gpg command line. > > If the OP could provide this information, we could easily see whether > there's some problem in Emacs in this use case. > Tracing package--check-signature-content - I trace it in plain emacs, started with emacs -Q - I edebug the function and step through it - I have a single signature and its status is no-pub-key which triggers the No public key error - This results in the message in the error buffer with the malformed directory Below is the code annotated with values of key variables. I did not see anything obvious. I evaluated context at several points. I following deeper into the epg-... functions, stopped when I saw compiler macros. I would need guidance to trace those. Let me know if you required additional debug/testing, including issuing gpg commands in the shell. (defun package--check-signature-content (content string &optional sig-file) "Check signature CONTENT against STRING. SIG-FILE is the name of the signature file, used when signaling errors." ;; Evaluated in edebug and copied from *Messages* ;; content: "\211 \263 \0 \n\0 ! \3043UGf\323\335\306B!\277\252 m\257\313\201\344,@ _\277}\316\0\n m\257\313\201\344,@..." ;; string: "(1\n (ace-window .\n [(0 9 0)\n ((avy\n (0..." ;; sig-file: "archive-contents.sig" (let ((context (epg-make-context 'OpenPGP))) ;; #s(epg-context :protocol OpenPGP :program "c:/msys64-a/usr/bin/gpg.exe" :home-directory nil :armor nil :textmode nil :include-certs nil :cipher-algorithm nil :digest-algorithm nil :compress-algorithm nil :passphrase-callback (epg-passphrase-callback-function) :progress-callback nil :edit-callback nil :signers nil :sender nil :sig-notations nil :process nil :output-file nil :result nil :operation nil :pinentry-mode nil :error-output "" :error-buffer nil) (when package-gnupghome-dir (setf (epg-context-home-directory context) package-gnupghome-dir)) ;; #s(epg-context :protocol OpenPGP :program "c:/msys64-a/usr/bin/gpg.exe" :home-directory "c:/Users/977315/.emacs.d/elpa/gnupg" :armor nil :textmode nil :include-certs nil :cipher-algorithm nil :digest-algorithm nil :compress-algorithm nil :passphrase-callback (epg-passphrase-callback-function) :progress-callback nil :edit-callback nil :signers nil :sender nil :sig-notations nil :process nil :output-file nil :result nil :operation nil :pinentry-mode nil :error-output "" :error-buffer nil) (condition-case error (epg-verify-string context content string) ;; "" (error (package--display-verify-error context sig-file) (signal 'bad-signature error))) (let (good-signatures had-fatal-error) ;; The .sig file may contain multiple signatures. Success if one ;; of the signatures is good. ;; context: #s(epg-context :protocol OpenPGP :program "c:/msys64-a/usr/bin/gpg.exe" :home-directory "c:/Users/977315/.emacs.d/elpa/gnupg" :armor nil :textmode nil :include-certs nil :cipher-algorithm nil :digest-algorithm nil :compress-algorithm nil :passphrase-callback (epg-passphrase-callback-function) :progress-callback nil :edit-callback nil :signers nil :sender nil :sig-notations nil :process nil :output-file "c:/Users/977315/AppData/Local/Temp/epg-output2eIiW..." :result ((error) (verify #s(epg-signature :status no-pubkey :key-id "066DAFCB81E42C40" :validity nil :fingerprint nil :creation-time 1606385102 :expiration-time nil :pubkey-algorithm 1 :digest-algorithm 10 :class 0 :version nil :notations nil))) :operation verify :pinentry-mode nil :error-output "gpg: keyblock resource '/home/977315/.emacs.d/elpa..." :error-buffer #) (dolist (sig (epg-context-result-for context 'verify)) ;; sig: #s(epg-signature :status no-pubkey :key-id "066DAFCB81E42C40" :validity nil :fingerprint nil :creation-time 1606385102 :expiration-time nil :pubkey-algorithm 1 :digest-algorithm 10 :class 0 :version nil :notations nil) (if (eq (epg-signature-status sig) 'good) ;; epg-signature-status returns NO-PUBKEY (push sig good-signatures) ;; If `package-check-signature' is allow-unsigned, don't ;; signal error when we can't verify signature because of ;; missing public key. Other errors are still treated as ;; fatal (bug#17625). (unless (and (eq (package-check-signature) 'allow-unsigned) ;; T (eq (epg-signature-status sig) 'no-pubkey)) ;; T (setq had-fatal-error t)))) ;; NIL (when (or (null good-signatures) ;; T (and (eq (package-check-signature) 'all) had-fatal-error)) ;; context: #s(epg-context :protocol OpenPGP :program "c:/msys64-a/usr/bin/gpg.exe" :home-directory "c:/Users/977315/.emacs.d/elpa/gnupg" :armor nil :textmode nil :include-certs nil :cipher-algorithm nil :digest-algorithm nil :compress-algorithm nil :passphrase-callback (epg-passphrase-callback-function) :progress-callback nil :edit-callback nil :signers nil :sender nil :sig-notations nil :process nil :output-file "c:/Users/977315/AppData/Local/Temp/epg-output2eIiW..." :result ((error) (verify #s(epg-signature :status no-pubkey :key-id "066DAFCB81E42C40" :validity nil :fingerprint nil :creation-time 1606385102 :expiration-time nil :pubkey-algorithm 1 :digest-algorithm 10 :class 0 :version nil :notations nil))) :operation verify :pinentry-mode nil :error-output "gpg: keyblock resource '/home/977315/.emacs.d/elpa..." :error-buffer #) (package--display-verify-error context sig-file) ;; Failed to verify signature archive-contents.sig: ;; No public key for 066DAFCB81E42C40 created at 2020-11-26T05:05:02-0500 using RSA ;; Command output: ;; gpg: keyblock resource '/home/977315/.emacs.d/elpa/gnupg/c:/Users/977315/.emacs.d/elpa/gnupg/pubring.kbx': No such file or directory ;; gpg: Signature made Thu, Nov 26, 2020 5:05:02 AM EST ;; gpg: using RSA key C433554766D3DDC64221BFAA066DAFCB81E42C40 ;; gpg: Can't check signature: No public key (signal 'bad-signature (list sig-file))) good-signatures))) --00000000000086c15205b5043389 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


=
On Thu, Nov 26, 2020 at 9:09 AM Eli Z= aretskii <eliz@gnu.org> wrote:
> From: Stefan = Kangas <stefan@ma= rxist.se>
> Date: Wed, 25 Nov 2020 23:36:36 -0500
> Cc: mirko= .vukovic@gmail.com, 42984@debbugs.gnu.org
>
> Eli Zaretskii <el= iz@gnu.org> writes:
>
> >> Does anyone have an idea why a path like this would be used o= n Windows?
> >>
> >>=C2=A0 =C2=A0"/c/Users/977315/tmp/c:/Users/977315/.emacs.= d/elpa/gnupg/pubring.kbx"
> >
> > Yes, it happens when MSYS2 ports of programs (gpg?) are mixed wit= h
> > native Windows ports.
>
> Should we do anything about that, or is it expected?

My guess is it's not an Emacs problem.=C2=A0 But to be sure, I miss som= e
details:

=C2=A0 . is gpg being used an MSYS2 port of a native Windows
=C2=A0 =C2=A0 (a.k.a. "mingw") port?
=C2=A0 . was the problematic file name emitted by gpg, or was it generated<= br> =C2=A0 =C2=A0 by Emacs and passed to gpg?

The last question could be answered by stepping in Edebug through
package--check-signature-content and epg functions it calls, and
looking at the file names we place on the gpg command line.

If the OP could provide this information, we could easily see whether
there's some problem in Emacs in this use case.
Tracing package--check-signature-content
<= ul class=3D"gmail-org-ul">
  • I trace it in plain emacs, started with emacs -Q
  • I edebug the function and step through it
  • = I have a single signature and its status is no-pub-key which t= riggers the No public key error
    • This results in the message in the error buffer with the malformed di= rectory
    Below is the code annotated with values of key v= ariables. I did not see anything obvious.

    I evalua= ted context at several points. I following deeper into the epg-... function= s, stopped when I saw compiler macros. I would need guidance to trace those= .

    Let me know if you required additional debug/tes= ting, including issuing gpg commands in the shell.
    (defun package--check-signature-content (content string &op=
tional sig-file)
  "Check signature CONTENT against STRING.
SIG-FILE is the name of the signature file, used when signaling
errors."
  ;; Evaluated in edebug and copied from *Messages*
  ;; content:  "\211 \263 \0 \n\0  ! \3043UGf\323\335\306B!\277\252 m\=
257\313\201\344,@  _\277}\316\0\n	  m\257\313\201\344,@..."
  ;; string: "(1\n (ace-window .\n	     [(0 9 0)\n	      ((avy\n		(0..=
."
  ;; sig-file: "archive-contents.sig"
  (let ((context (epg-make-context 'OpenPGP)))
  ;; #s(epg-context :protocol OpenPGP :program "c:/msys64-a/usr/bin/gp=
g.exe" :home-directory nil :armor nil :textmode nil :include-certs nil=
 :cipher-algorithm nil :digest-algorithm nil :compress-algorithm nil :passp=
hrase-callback (epg-passphrase-callback-function) :progress-callback nil :e=
dit-callback nil :signers nil :sender nil :sig-notations nil :process nil :=
output-file nil :result nil :operation nil :pinentry-mode nil :error-output=
 "" :error-buffer nil)
    (when package-gnupghome-dir
      (setf (epg-context-home-directory context) package-gnupghome-dir))
      ;; #s(epg-context :protocol OpenPGP :program "c:/msys64-a/usr/bi=
n/gpg.exe" :home-directory "c:/Users/977315/.emacs.d/elpa/gnupg&q=
uot; :armor nil :textmode nil :include-certs nil :cipher-algorithm nil :dig=
est-algorithm nil :compress-algorithm nil :passphrase-callback (epg-passphr=
ase-callback-function) :progress-callback nil :edit-callback nil :signers n=
il :sender nil :sig-notations nil :process nil :output-file nil :result nil=
 :operation nil :pinentry-mode nil :error-output "" :error-buffer=
 nil)
    (condition-case error
        (epg-verify-string context content string) ;; ""
      (error (package--display-verify-error context sig-file)
             (signal 'bad-signature error)))
    (let (good-signatures had-fatal-error)
      ;; The .sig file may contain multiple signatures.  Success if one
      ;; of the signatures is good.
      ;; context: #s(epg-context :protocol OpenPGP :program "c:/msys64=
-a/usr/bin/gpg.exe" :home-directory "c:/Users/977315/.emacs.d/elp=
a/gnupg" :armor nil :textmode nil :include-certs nil :cipher-algorithm=
 nil :digest-algorithm nil :compress-algorithm nil :passphrase-callback (ep=
g-passphrase-callback-function) :progress-callback nil :edit-callback nil :=
signers nil :sender nil :sig-notations nil :process nil :output-file "=
c:/Users/977315/AppData/Local/Temp/epg-output2eIiW..." :result ((error=
) (verify #s(epg-signature :status no-pubkey :key-id "066DAFCB81E42C40=
" :validity nil :fingerprint nil :creation-time 1606385102 :expiration=
-time nil :pubkey-algorithm 1 :digest-algorithm 10 :class 0 :version nil :n=
otations nil))) :operation verify :pinentry-mode nil :error-output "gp=
g: keyblock resource '/home/977315/.emacs.d/elpa..." :error-buffer=
 #<killed buffer>)
      (dolist (sig (epg-context-result-for context 'verify))
      ;; sig: #s(epg-signature :status no-pubkey :key-id "066DAFCB81E4=
2C40" :validity nil :fingerprint nil :creation-time 1606385102 :expira=
tion-time nil :pubkey-algorithm 1 :digest-algorithm 10 :class 0 :version ni=
l :notations nil)
        (if (eq (epg-signature-status sig) 'good) ;; epg-signature-stat=
us returns NO-PUBKEY
            (push sig good-signatures)
          ;; If `package-check-signature' is allow-unsigned, don't
          ;; signal error when we can't verify signature because of
          ;; missing public key.  Other errors are still treated as
          ;; fatal (bug#17625).
          (unless (and (eq (package-check-signature) 'allow-unsigned) ;=
; T
                       (eq (epg-signature-status sig) 'no-pubkey)) ;; T
            (setq had-fatal-error t)))) ;; NIL
      (when (or (null good-signatures) ;; T
                (and (eq (package-check-signature) 'all)
                     had-fatal-error))
       ;; context: #s(epg-context :protocol OpenPGP :program "c:/msys6=
4-a/usr/bin/gpg.exe" :home-directory "c:/Users/977315/.emacs.d/el=
pa/gnupg" :armor nil :textmode nil :include-certs nil :cipher-algorith=
m nil :digest-algorithm nil :compress-algorithm nil :passphrase-callback (e=
pg-passphrase-callback-function) :progress-callback nil :edit-callback nil =
:signers nil :sender nil :sig-notations nil :process nil :output-file "=
;c:/Users/977315/AppData/Local/Temp/epg-output2eIiW..." :result ((erro=
r) (verify #s(epg-signature :status no-pubkey :key-id "066DAFCB81E42C4=
0" :validity nil :fingerprint nil :creation-time 1606385102 :expiratio=
n-time nil :pubkey-algorithm 1 :digest-algorithm 10 :class 0 :version nil :=
notations nil))) :operation verify :pinentry-mode nil :error-output "g=
pg: keyblock resource '/home/977315/.emacs.d/elpa..." :error-buffe=
r #<killed buffer>)
        (package--display-verify-error context sig-file)
;; Failed to verify signature archive-contents.sig:
;; No public key for 066DAFCB81E42C40 created at 2020-11-26T05:05:02-0500 u=
sing RSA
;; Command output:
;; gpg: keyblock resource '/home/977315/.emacs.d/elpa/gnupg/c:/Users/97=
7315/.emacs.d/elpa/gnupg/pubring.kbx': No such file or directory
;; gpg: Signature made Thu, Nov 26, 2020  5:05:02 AM EST
;; gpg:                using RSA key C433554766D3DDC64221BFAA066DAFCB81E42C=
40
;; gpg: Can't check signature: No public key
        (signal 'bad-signature (list sig-file)))
      good-signatures)))=C2=A0
    =C2=A0
    --00000000000086c15205b5043389--