-
-
Notifications
You must be signed in to change notification settings - Fork 303
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Duplicate gpg keys in key selection menu for message encryption #4288
Comments
NeoMutt uses the gpgme lib internally to handle GPG stuff. There is no simply "command" we run to fetch the keys. Maybe @alejandro-colomar has an idea how to debug this? |
Can you please paste screenshots of the problem, to make sure I understand it? I think I know what you mean, but am not sure. I can try to debug it. |
I assume those red thingies are 3 different emails? Or are they the same? |
No, they are three times the same address. I cannot figure out why I see multiple entries here. The consequence is that I have to manually confirm each key, even though there really is only one. |
Does it happen only with some keys, or with all of them? Do you notice any pattern in when/how it happens? Do you use autocrypt? What is your gpgme version? What's your neomutt(1) version? |
And does it happen in other systems with the same keys? |
I am on osx, |
Are you able to run (old) mutt(1) on that system? And does it reproduce the issue? |
My first guess was that it would have to do with the number of different IDs that a PGP key has. For example, my key has 3 IDs, and I thought it could appear thrice in that bug.
Could you check if the number of IDs in your cases are consistent with the number of times the keys appear? |
Let's try this: git clone [email protected]:gpg/gpgme.git;
cd gpgme;
./autogen.sh;
mkdir .tmp;
cd .tmp;
../configure --enable-maintainer-mode;
make -j4;
make check;
cd tests;
./run-keylist your-email-here With the different emails that reproduce this, and see if the number of times that the keys appear are the same. |
I appreciate you looking into this. :-) |
I've applied this diff: diff --git a/ncrypt/crypt_gpgme.c b/ncrypt/crypt_gpgme.c
index 020c2392d..064cd349a 100644
--- a/ncrypt/crypt_gpgme.c
+++ b/ncrypt/crypt_gpgme.c
@@ -3122,6 +3122,7 @@ static struct CryptKeyInfo *get_candidates(struct ListHead *hints, SecurityFlags
while ((err = gpgme_op_keylist_next(ctx, &key)) == GPG_ERR_NO_ERROR)
{
+fprintf(stderr, "ALX: fpr: #%s#\n", key->fpr);
KeyFlags flags = KEYFLAG_NO_FLAGS;
if (key_check_cap(key, KEY_CAP_CAN_ENCRYPT))
@@ -3138,6 +3139,9 @@ static struct CryptKeyInfo *get_candidates(struct ListHead *hints, SecurityFlags
for (idx = 0, uid = key->uids; uid; idx++, uid = uid->next)
{
+fprintf(stderr, "ALX: idx: #%d#\n", (int)idx);
+fprintf(stderr, "ALX: uid: #%s#\n", uid->uid);
+getchar();
k = mutt_mem_calloc(1, sizeof(*k));
k->kobj = key;
gpgme_key_ref(k->kobj);
@@ -3269,7 +3273,9 @@ static struct CryptKeyInfo *crypt_getkeybyaddr(struct Address *a,
if (!oppenc_mode)
mutt_message(_("Looking for keys matching \"%s\"..."), a ? buf_string(a->mailbox) : "");
+fprintf(stderr, "ALX %s() begin\n", __func__);
keys = get_candidates(&hints, app, (abilities & KEYFLAG_CANSIGN));
+fprintf(stderr, "ALX %s() end\n", __func__);
mutt_list_free(&hints);
@@ -3282,6 +3288,7 @@ static struct CryptKeyInfo *crypt_getkeybyaddr(struct Address *a,
for (k = keys; k; k = k->next)
{
mutt_debug(LL_DEBUG5, " looking at key: %s '%.15s'\n", crypt_keyid(k), k->uid);
+fprintf(stderr, "ALX: %s(): k->uid: #%s#\n", __func__, k->uid);
if (abilities && !(k->flags & abilities))
{
@@ -3323,6 +3330,7 @@ static struct CryptKeyInfo *crypt_getkeybyaddr(struct Address *a,
if (match)
{
+fprintf(stderr, "ALX: %s(): match\n", __func__, k->uid);
struct CryptKeyInfo *tmp = crypt_copy_key(k);
*matches_endp = tmp;
matches_endp = &tmp->next;
@@ -3333,6 +3341,7 @@ static struct CryptKeyInfo *crypt_getkeybyaddr(struct Address *a,
a_valid_addrmatch_key = tmp;
}
}
+getchar();
crypt_key_free(&keys);
which allowed me to see the following in stderr:
Comparing to
and
I see that it all matches: 4 uids. 2 of them revoked, but somehow still available to neomutt(1). And 2 of them don't pass the tests in Lines 3299 to 3321 in d7060ff
so they are not shown. In your case, what do you see for I expect two uids that match, and maybe more that don't?
Thanks! :-) BTW, I'm looking for a job; if you know of something interesting, please let me know. http://www.alejandro-colomar.es/cv |
Also, it would be interesting if you can apply that diff to your neomutt, and run it, to see what it prints to stderr. |
From what I can see in https://keyserver.ubuntu.com/pks/lookup?search=F0678C4C22A9A7C2&fingerprint=on&op=index, I don't see why it's showing 3 lines in your case, but maybe applying the diff reveals something. |
Hi @CaveSven , Did you have the chance to try this (and a few other things)? |
Hi there,
I have recently set up neomutt on OSX and, confusingly, in the key selection menu I am presented a choice of keys that are all the same. I sometimes see two seemingly identical keys and sometimes three. It makes no difference which one I choose. I have been trying to understand where this duplication comes from, but so far have failed to figure it out. It is unclear to me which command neomutt uses in order to fetch available keys for an address. Using gpg from the command line, I do not see any duplicate keys.
I would appreciate any hint :-)
Many thanks!
The text was updated successfully, but these errors were encountered: