GPGMail on Lion crash report
Mail crashed with an error bad that said it was doing GPGMail. I've attached a crash dump.
- crash.txt 84.7 KB
Comments are currently closed for this discussion. You can start a new one.
Keyboard shortcuts
Generic
? | Show this help |
---|---|
ESC | Blurs the current field |
Comment Form
r | Focus the comment reply box |
---|---|
^ + ↩ | Submit the comment |
You can use Command ⌘
instead of Control ^
on Mac
Support Staff 1 Posted by Luke Le on 26 Jan, 2012 01:02 AM
You're crash may also be related to your config error issue.
http://support.gpgtools.org/discussions/everything/737-cant-install...
We'll fix that, once we've fixed your config error :)
siemsen closed this discussion on 01 Feb, 2012 06:24 PM.
Luke Le re-opened this discussion on 01 Feb, 2012 06:30 PM
Support Staff 2 Posted by Luke Le on 01 Feb, 2012 06:30 PM
Hi,
I was just curious why you closed the discussion. Don't you experience the problem anymore?
3 Posted by siemsen on 01 Feb, 2012 06:43 PM
I found out what the config error related to. I had a symbolic link in my ~/.gnupg directory. My secring.gpg file was a symbolic link to a file on a volume that wasn't mounted. When I mounted it, I no longer got the error.
The symbolic link was an attempt to address the desire to keep my secring somewhere safe. The gpg-agent is meant to solve this problem, but I haven't been able to make gpg-agent work. After wasting too much time on this problem, I've given up, and I keep my secring on my hard drive. At least I can decrypt mail sent to me.
Now I have a new problem. I'll open a new ticket for it.
Thanks.
-- Pete
Support Staff 4 Posted by Luke Le on 01 Feb, 2012 06:44 PM
Ah ok, yeah we've seen the symlink issue before and will address it in a future version.
Sorry for that.
5 Posted by siemsen on 01 Feb, 2012 06:50 PM
I don't experience the crash, because I know that if I have a line in my GPG.conf file that says "secret-keyring xxx", where "xxx" is a symbolic link filesystem that isn't mounted, Mail will generate a cryptic error dialog when it starts. If I click "OK", Mail will work, but will eventually crash with a dump like the one I sent in the discussion.
So I don't use a symbolic link. That is inconvenient/insecure, but at least Mail doesn't crash.
BTW, does gpg-agent work? I see that it's started via launchd at login time, and with some debugging I see that it receives messages from Mail/GPGMail when I decrypt an encrypted email. But I can't seem to make it do what it is supposed to do, so that I can remove my securing.gpg from my system. I want to:
1. log in
2. connect a USB drive containing securing.gpg
3. mount the USB drive and decrypt the file
4. load the key from the secring file into gpg-agent
5. dismount the USB drive
6. use Mail all day, without the damn USB drive
Thanks,
-- Pete
Support Staff 6 Posted by Luke Le on 01 Feb, 2012 07:09 PM
Hi Pete,
I don't think gpg-agent works the way you want it to.
gpg-agent is not used to keep your secring in cache but rather the passphrases so you don't have to enter it each time you decrypt or sign a message.
gpg-agent securely caches the passphrases and relays them to gpg upon request. You can easily test this if you set the max cache time to 0. You'll be asked for a passphrase anytime.
It would also be fairly insecure to have gpg-agent cache the whole decrypted keyring, as a hacker could somehow access the internal memory of gpg-agent which would contain the decrypted version of the keyring instead of the encrypted version which is on your usb thumb drive.
However storing the key on a thumb drive makes it more secure due to the fact, that you should only connect the drive when you actually want to decrypt/sign Mails.
What should definitely
7 Posted by siemsen on 02 Feb, 2012 12:11 AM
(Perhaps your reply was cut off?)
Thank you so much! I begin to understand. I assumed gpg-agent was like ssh-agent, which actually stores keys. I got my info from http://www.debian-administration.org/articles/452, but I obviously didn't read carefully enough. I still don't understand why it's "ok" for ssh-agent to cache entire keys, but its not "ok" for gpg-agent to do the same.
I agree that I should only connect the drive when I actually want to decrypt/sign messages. My problem is that I often want to read messages without having the USB drive inserted/mounted and the encrypted dog on the USB drive mounted/decrypted. I can't figure out how to configure Mail/GPGMali so that it knows the path to the securing.gpg file on the USB drive, but it doesn't actually try to use it until I've inserted and mounted/decrypted the encrypted dmg that's on the USB drive. The schemes I've tried always require that I have the drive available before I start Mail.
Support Staff 8 Posted by Luke Le on 02 Feb, 2012 12:38 AM
In all honesty, I don't really think I can give you a well educated answer for that, since I don't know too much about the inner workings of SSH.
From what I just read, the ssh-agent stores the decrypted version of your private key in its cache. This happens after you add the private key using the ssh-add command. You're prompted to enter the password, and after successfully doing so, the key is cached.
Any consequent access of the key doesn't prompt you for the password, since the ssh-agent already has the decrypted key.
And I think this is where gpg-agent differs. Instead of the decrypted key, gpg-agent only stores the passphrase to provide the same behaviour.
I'm not sure whether that is more or less secure but it seems to be the main difference between the two.
It's also true that you can in fact cache single keys with gpg-agent. I just learned that by talking to a GPGTools Team member.
What I've found out after looking into that fact, this might be because gpg-agent can act as a drop in replacement for ssh-agent.
You again use the command ssh-add to add your private keys and gpg-agent will behave just like that.
But coming back to your main problem, unfortunately you'll be not be able to solve your problem on your own by re-configuring GPG.
An upcoming version of GPGMail which I'm hard at work on will however be smarter about your scenario.
You'll not be shown an error message when you start Mail.app, instead you'll see an indication in the preferences (or maybe the Mail.app toolbar) that OpenPGP is not working properly, possibly by a red bullet.
Mail.app will function as supposed only any GPG operations are not available.
Once you connect your stick, the indicator bullet will change to green and you'll be able to decrypt/verify/encrypt emails.
We'll implement it as unintrusive as possible.
9 Posted by siemsen on 02 Feb, 2012 12:56 AM
Thanks very much for taking the time to clarify this. I think I'll have to resort to what others do here. Never sign emails. When I receive an encrypted mail, then
1. stop Mail
2. insert USB
3. copy secring.gpg to ~/.gnupg/
4. restart Mail
5. decrypt and read the email
6. stop Mail
7. delete the secring.gpg file
8. restart Mail
Or, as another user does, don't use GPGMail. When I receive an encrypted mail, save it to a file and decrypt it with a gpg command.
-- Pete
Support Staff 10 Posted by Luke Le on 02 Feb, 2012 01:21 AM
That sounds like a serious pain in the ass workflow, but I can understand your security concerns.
Both solutions leave me unsatisfied and I'll look into the problem tomorrow to see if we can find a quick solution for this
Support Staff 11 Posted by Luke Le on 02 Feb, 2012 02:28 AM
Hi Pete,
could you please try this version - 2.0a27:
http://cl.ly/2d213e16260t0a3r072b
Simply put the GPGMail.mailbundle file into ~/Library/Mail/Bundles/
and replace the old one.
You should then be able to use your old symlink setup.
Please let me know how it goes.
Also, what I was wondering, what makes you think that having the gpg-agent cache your secret keys be more secure than having your usb drive connected to your mac?
Or do you just not want to keep the usb drive connected all the time?
12 Posted by siemsen on 02 Feb, 2012 04:23 PM
Hmmm. It seems to work the same the previous version. I put the new version in my ~/Library/Mail/Bundles. Then I edited my ~/.gnupg/gpg.conf file to uncomment the line that says
secret-keyring /Volumes/gnupg/secring.gpg
When I started Mail I got an error dialog that said
GPG_CONFIG_ERROR_TITLE
GPG_CONFIG_ERROR_MESSAGE
I clicked "OK" and Mail started up. I quit Mail, inserted the USB, created the symlink, and restarted Mail. It came up without error. I quit Mail and unmounted the USB, and started Mail. I got the above error.
-- Pete
Support Staff 13 Posted by Luke Le on 02 Feb, 2012 06:29 PM
At the moment you still see the error, but Mail will use your secret key once available. So there should be no reason to un quit Mail while pluggin/unplugging your key
14 Posted by siemsen on 03 Feb, 2012 05:39 PM
Thanks! It works as you say. This is the behavior I'd like to see! I'll just ignore the error when Mail starts.
Thanks again for all your help.
-- Pete.
15 Posted by siemsen on 03 Feb, 2012 05:50 PM
(to reply to a question you asked previously in this thread)
Yes, I don't want to keep the USB drive connected all the time, but for a good reason. I have a desktop Mac and a laptop Mac. I use the desktop most of the time, and the laptop when I go to meetings. I attend some monthly meetings in which everyone present has a laptop on wireless, and some people attend via teleconference and/or videoconference. Everyone is on line. I'm the chairman of some of these meetings. In them, it sometimes happens that my boss suddenly says "Pete, please email us that spreadsheet/PowerPoint/diagram". That means *right now* - the meeting can't continue until I email the thing. In that scenario, it's not reasonable for me to hunt around for a USB drive. The attendees are all technically savvy, and I don't want to have to explain that my mail client crashes if I don't have the USB inserted. Inevitably, there would be some meeting for which I'd forget to bring the USB drive. I can't just have the USB key inserted in the laptop all the time - it will get banged around, the laptop won't fit in a bag when there's a key hanging out, it breaks the whole idea that the key is separate from the laptop, etc.
If GPGMail requires that I have a USB key plugged in, I won't use GPGMail. Thank you for giving me a version of GPGMail that I can use.
-- Pete
16 Posted by siemsen on 17 Feb, 2012 04:27 PM
Luke,
I noticed a "feature" of the special release that you sent me. If I start Mail without having my USB drive mounted, it gives the GPG_CONFIG_ERROR_TITLE error as expected, and I click "OK" and Mail works without crashing. That's great, but if I do Mail->Preferences, Mail won't display the Preferences widow. If I stop Mail, mount the USB, start Mail, and do Mail->Preferences, it works. If I stop mail, unmount the USB, start Mail, click "OK" on the error dialog, and mount the USB, Mail won't display Preferences.
So I can only change my preferences if I had the USB drive mounted when I started Mail.
Thanks,
-- Pete
Support Staff 17 Posted by Luke Le on 17 Feb, 2012 04:35 PM
Hi Pete,
that's not good!
We're having a GPGMail hackathon today which will address a lot of outstanding issues.
I'll add this one to it!
Support Staff 18 Posted by Steve on 19 Feb, 2012 12:13 PM
Fixed yesterday :)
http://gpgtools.lighthouseapp.com/projects/65764/tickets/380-crash-...
http://gpgtools.lighthouseapp.com/projects/65764/tickets/392
Closing. Thanks for the report siemsen!
Steve closed this discussion on 19 Feb, 2012 12:13 PM.