Re: [gmime-devel] Using GMimeDecryptResult - certificate information?
- From: Jeffrey Stedfast <fejj gnome org>
- To: Daniel Kahn Gillmor <dkg fifthhorseman net>, Gaute Hope <eg gaute vetsj com>, gmime development <gmime-devel-list gnome org>
- Subject: Re: [gmime-devel] Using GMimeDecryptResult - certificate information?
- Date: Wed, 13 Jul 2016 22:42:40 -0400
On 7/13/2016 7:22 PM, Daniel Kahn Gillmor wrote:
This seems likely to be wrong for gpg 2.1.x, where passphrase disclosure
to the gpg process itsef is generally discouraged in favor of the
daemon-managed gpg-agent.
need_passwd doesn't matter whether the agent is used or gmime is used, I
don't think? Maybe my memory is rusty, though?
This is arguably a bug in gmime -- shouldn't all these requests use
--batch?
It's possible. When is Gaute having these "hangs"? I did not see mention
of what operation was being done.
Encrypting and Verifying should use --batch --yes from what I can tell.
The other operations do not, probably because it broke gpg 1.x somehow
(maybe --batch --yes was too aggressive in feeding "yes" to all requests
for gpg's input requests?). Of course, it's also possible that I was
over optimizing...
If it's always safe to pass --batch --yes to gpg, then I have no problem
enabling that code always.
Jeff
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
