Skip to content

Commit a03a211

Browse files
committed
Never use a restricted agent connection
Enumerating secret keys with "KEYINFO --list" does not work over a restricted connection. As a result, gpg prints "gpg: problem with fast path key listing: Forbidden - ignored", which Mutt interprets as a prompt the user must respond to. This causes the user to need to press enter twice to send a signed email. Sequoia Chameleon does not implement the fallback and is unable to list secret keys or decrypt messages. The filtering done by split-gpg2 is far stronger than what gpg-agent does, so there is no loss of security. Fixes: QubesOS/qubes-issues#9483
1 parent 80fc81e commit a03a211

1 file changed

Lines changed: 8 additions & 4 deletions

File tree

splitgpg2/__init__.py

Lines changed: 8 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -454,10 +454,14 @@ async def connect_agent(self) -> None:
454454

455455
dirs = subprocess.check_output(
456456
['gpgconf', *self.homedir_opts(), '--list-dirs', '-o/dev/stdout'])
457-
if self.allow_keygen:
458-
socket_field = b'agent-socket:'
459-
else:
460-
socket_field = b'agent-extra-socket:'
457+
# Do not use the restricted socket.
458+
# Sequoia Chameleon is unable to list secret keys or decrypt messages,
459+
# and gpg prints "gpg: problem with fast path key listing: Forbidden - ignored",
460+
# which causes Mutt to require the user to press "Enter" again before sending
461+
# a message.
462+
# The filtering done by split-gpg2 is far stronger than anything the agent does
463+
# internally.
464+
socket_field = b'agent-socket:'
461465
# search for agent-socket:/run/user/1000/gnupg/S.gpg-agent
462466
agent_socket_path = [d.split(b':', 1)[1] for d in dirs.splitlines()
463467
if d.startswith(socket_field)][0]

0 commit comments

Comments
 (0)