Re: Potential problem with security/pinepgp

To: pkgsrc-users%netbsd.org@localhost
Subject: Re: Potential problem with security/pinepgp
From: Paul Goyette <paul%whooppee.com@localhost>
Date: Sat, 9 Sep 2017 07:48:13 +0800 (+08)

Hmmm, investigating further shows that the filter program is a shell
script, /usr/pkg/bin/pinegpg (with several sym-links).  This script is
executable, but does NOT start with a #! line, so it (apparently) runs
using the user's default shell.  In my case, that is tcsh, and the
assignment

	tmpdir=~/.pinegpg

is not valid syntax.

Adding a #! line at the top of the script (to invoke bash, since the
package has a dependency on bash!) fixes the problem.

So the real question becomes, where did my shebang go?   :)

Looking at the build log, I see

/bin/cat pinegpgp | /usr/bin/sed -e 's%^cename=.*%cename=GnuPG%;s%^ces=.*%ces="/usr/pkg/bin/gpg -at -s"%;s%^cee=.*%cee="/usr/pkg/bin/gpg -at -e"%;s%^cese=.*%cese="/usr/pkg/bin/gpg -at -se"%;s%^cec=.*%cec="\/usr/pkg/bin/gpg"%; s%^cefp=.*%cefp=gpg%' > pinegpg.cgcc -E -DGPG -DUSE_MKTEMP -DUSE_NSE_FIX pinegpg.c | /usr/bin/grep -v "^#.* .*" > pinegpg

pinegpg.c:1:2: error: invalid preprocessing directive #!
 #!/usr/pkg/bin/bash
  ^

Looks like it tries to use the gcc pre-processor, which is failing...

This package doesn't seem to have changed in a long time, so it is
totally unclear why it's just now starting to fail.  I wonder when
is the last time that the gcc preprocessor was updated?   :)


On Sat, 9 Sep 2017, Paul Goyette wrote:

I recently updated all of my packages, and I've started seeing the
following error messages whenever mail/pine uses pinepgp to verify a
signed message or to decrypt an encrypted message.

	mktemp: mkstemp failed on /pinegpg.HM3hbB: Permission denied
	/usr/pkg/bin/gpg-check: cannot create : directory nonexistent

In both cases, the gpg operation fails to complete, and in the case
of the encrypted message, only the cyphertext is displayed (no clear
text).

My ~/,pinerc contains

display-filters="_LEADING(-----BEGIN PGP MESSAGE-----)_"/usr/pkg/bin/gpg-check,"_LEADING(-----BEGIN PGP SIGNED MESSAGE-----)_"/usr/pkg/bin/gpg-check,

       _BEGINNING("-----BEGIN PGP")_ /usr/local/bin/pgp4pine -d -i _TMPFILE_


Based on the error messages, it would seem that something has recently
changed WRT the _TMPFILE_

Does anyone else use security/pinepgp?  Seeing similar issues?



+------------------+--------------------------+----------------------------+
| Paul Goyette     | PGP Key fingerprint:     | E-mail addresses:          |
| (Retired)        | FA29 0E3B 35AF E8AE 6651 | paul at whooppee dot com   |
| Kernel Developer | 0786 F758 55DE 53BA 7731 | pgoyette at netbsd dot org |
+------------------+--------------------------+----------------------------+


+------------------+--------------------------+----------------------------+
| Paul Goyette     | PGP Key fingerprint:     | E-mail addresses:          |
| (Retired)        | FA29 0E3B 35AF E8AE 6651 | paul at whooppee dot com   |
| Kernel Developer | 0786 F758 55DE 53BA 7731 | pgoyette at netbsd dot org |
+------------------+--------------------------+----------------------------+

References:
- Potential problem with security/pinepgp
  - From: Paul Goyette

Prev by Date: Potential problem with security/pinepgp
Next by Date: Re: devel/gtexinfo fails to build in ebarmv7hf (NetBSD 8)
Previous by Thread: Potential problem with security/pinepgp
Indexes:

Home | Main Index | Thread Index | Old Index