Bug 1127220

Summary: [libgpgme] gpgme_op_import issue when signal is received (e.g. CTRL-C in zypper)
Product: [openSUSE] openSUSE Tumbleweed Reporter: Michael Andres <ma>
Component: BasesystemAssignee: Pedro Monreal Gonzalez <pmonrealgonzalez>
Status: NEW --- QA Contact: E-mail List <qa-bugs>
Severity: Normal    
Priority: P5 - None CC: pmonrealgonzalez, vcizek
Version: Current   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Attachments: GOOD case importing 8 keys.
FAIL case returning no error though not all keys were processed.

Description Michael Andres 2019-02-27 15:03:03 UTC
Created attachment 798296 [details]
GOOD case importing 8 keys.

Applies to libgpgme 1.10.0 (SLE15*) as well as 1.11 (TW)

You may be able to trigger the error by running 'zypper ref' and hitting CTRL-C once and fast:
> $ zypper ref
> ^C
> 
> Note: The rpm database seems to contain old V3 version gpg keys which are meanwhile obsolete and
> considered insecure:
> 
>         gpg-pubkey-1abd1afb-54176598
>         ...
The reported V3 keys are wrong. In fact zypp checks which keys were not imported into the keyring, and assumes that these are V3. We can most probably work around this in zypp, but nevertheless it seems to be a bug in libgpgme (maybe missing EINTR handling).



Zypp writes the ASCII armored gpg keys found in the rpm DB into a file. The file is then read using 
> gpgme_data_new_from_file( &buffer, file, 1 );
> gpgme_op_import( ctx, buffer );

The signal is most probably received and handled while gpgme_op_import is running. The function then returns without error, but checking gpgme_op_import_result reveals that the stats are incomplete (8 keys have been offered in the file, but 0 considered keys are reported though 1 is in the imports list (DA400A68):
> [zypp::gpg] KeyManager.cc(importKey):411 ------------------------------------
> [zypper] main.cc(signal_handler):23 OOOOPS
> [zypp::gpg] KeyManager.cc(importKey):418 gpgme_op_import_result {
> [zypp::gpg] KeyManager.cc(importKey):418   0 The total number of considered keys.
> [zypp::gpg] KeyManager.cc(importKey):418   0 The number of keys without user ID.
> [zypp::gpg] KeyManager.cc(importKey):418   0 The total number of imported keys.
> [zypp::gpg] KeyManager.cc(importKey):418   0 imported RSA keys.
> [zypp::gpg] KeyManager.cc(importKey):418   0 unchanged keys.
> [zypp::gpg] KeyManager.cc(importKey):418   0 new user IDs.
> [zypp::gpg] KeyManager.cc(importKey):418   0 new sub keys.
> [zypp::gpg] KeyManager.cc(importKey):418   0 new signatures.
> [zypp::gpg] KeyManager.cc(importKey):418   0 new revocations.
> [zypp::gpg] KeyManager.cc(importKey):418   0 secret keys read.
> [zypp::gpg] KeyManager.cc(importKey):418   0 imported secret keys.
> [zypp::gpg] KeyManager.cc(importKey):418   0 unchanged secret keys.
> [zypp::gpg] KeyManager.cc(importKey):418   0 keys not imported.
> [zypp::gpg] KeyManager.cc(importKey):418   - 0DA7D5EB3C7C38E18E55F555C24F66DEDA400A68: 0
> [zypp::gpg] KeyManager.cc(importKey):418 }


This is how it looks like without signal:
> [zypp::gpg] KeyManager.cc(importKey):411 ------------------------------------
> [zypp::gpg] KeyManager.cc(importKey):418 gpgme_op_import_result {
> [zypp::gpg] KeyManager.cc(importKey):418   8 The total number of considered keys.
> [zypp::gpg] KeyManager.cc(importKey):418   0 The number of keys without user ID.
> [zypp::gpg] KeyManager.cc(importKey):418   8 The total number of imported keys.
> [zypp::gpg] KeyManager.cc(importKey):418   0 imported RSA keys.
> [zypp::gpg] KeyManager.cc(importKey):418   0 unchanged keys.
> [zypp::gpg] KeyManager.cc(importKey):418   0 new user IDs.
> [zypp::gpg] KeyManager.cc(importKey):418   0 new sub keys.
> [zypp::gpg] KeyManager.cc(importKey):418   0 new signatures.
> [zypp::gpg] KeyManager.cc(importKey):418   0 new revocations.
> [zypp::gpg] KeyManager.cc(importKey):418   0 secret keys read.
> [zypp::gpg] KeyManager.cc(importKey):418   0 imported secret keys.
> [zypp::gpg] KeyManager.cc(importKey):418   0 unchanged secret keys.
> [zypp::gpg] KeyManager.cc(importKey):418   0 keys not imported.
> [zypp::gpg] KeyManager.cc(importKey):418   - 0DA7D5EB3C7C38E18E55F555C24F66DEDA400A68: 0
> [zypp::gpg] KeyManager.cc(importKey):418   - F8875B880D518B6B8C530D1345A1D0671ABD1AFB: 0
> [zypp::gpg] KeyManager.cc(importKey):418   - 22C07BA534178CD02EFE22AAB88B2FD43DBDC284: 0
> [zypp::gpg] KeyManager.cc(importKey):418   - EAAAB2461DA8429EF152BE23AF92960D7C99E700: 0
> [zypp::gpg] KeyManager.cc(importKey):418   - 1D4A7EC7023D0D3EDEACE106F8648C9409CA02B0: 0
> [zypp::gpg] KeyManager.cc(importKey):418   - FCADAFC81273B9E7F184F2B0826659A9013E5B65: 0
> [zypp::gpg] KeyManager.cc(importKey):418   - FEAB502539D846DB2C0961CA70AF9E8139DB7C82: 0
> [zypp::gpg] KeyManager.cc(importKey):418   - 428E4E348405CE7900DB99C230A8343A498D5A23: 0
> [zypp::gpg] KeyManager.cc(importKey):418 }


I'll also attach GOODgpgme.log and FAILgpgme.log created by GPGME_DEBUG=9 for the above two cases.
Comment 1 Michael Andres 2019-02-27 15:05:26 UTC
Created attachment 798297 [details]
FAIL case returning no error though not all keys were processed.
Comment 9 Swamp Workflow Management 2019-07-31 22:15:16 UTC
SUSE-SU-2019:2030-1: An update that solves three vulnerabilities and has 41 fixes is now available.

Category: security (moderate)
Bug References: 1047962,1049826,1053177,1065022,1099019,1102261,1110542,1111319,1112911,1113296,1114908,1115341,1116840,1118758,1119373,1119820,1119873,1120263,1120463,1120629,1120630,1120631,1121611,1122062,1122471,1123137,1123681,1123843,1123865,1123967,1124897,1125415,1127026,1127155,1127220,1130161,1131823,1135749,1137977,663358,764147,965786,978193,993025
CVE References: CVE-2018-20532,CVE-2018-20533,CVE-2018-20534
Sources used:
SUSE Linux Enterprise Workstation Extension 15 (src):    PackageKit-1.1.10-4.10.4
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    libsolv-0.7.5-3.12.2, libyui-ncurses-pkg-2.48.5.2-3.5.2, libyui-qt-pkg-2.45.15.2-3.5.3, libzypp-17.12.0-3.23.6, zypper-1.14.28-3.18.6
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src):    PackageKit-1.1.10-4.10.4, libsolv-0.7.5-3.12.2, libzypp-17.12.0-3.23.6, yast2-pkg-bindings-devel-doc-4.0.13-3.7.2, zypper-1.14.28-3.18.6
SUSE Linux Enterprise Module for Development Tools 15 (src):    libsolv-0.7.5-3.12.2
SUSE Linux Enterprise Module for Desktop Applications 15 (src):    PackageKit-1.1.10-4.10.4, libyui-qt-pkg-2.45.15.2-3.5.3
SUSE Linux Enterprise Module for Basesystem 15 (src):    libsolv-0.7.5-3.12.2, libyui-ncurses-pkg-2.48.5.2-3.5.2, libyui-ncurses-pkg-doc-2.48.5.2-3.5.3, libyui-qt-pkg-2.45.15.2-3.5.3, libyui-qt-pkg-doc-2.45.15.2-3.5.3, libzypp-17.12.0-3.23.6, yast2-pkg-bindings-4.0.13-3.7.2, zypper-1.14.28-3.18.6
SUSE Linux Enterprise Installer 15 (src):    libsolv-0.7.5-3.12.2, libyui-ncurses-pkg-2.48.5.2-3.5.2, libyui-qt-pkg-2.45.15.2-3.5.3, libzypp-17.12.0-3.23.6, yast2-pkg-bindings-4.0.13-3.7.2, zypper-1.14.28-3.18.6

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 10 Swamp Workflow Management 2019-08-18 13:16:49 UTC
openSUSE-SU-2019:1927-1: An update that solves three vulnerabilities and has 41 fixes is now available.

Category: security (moderate)
Bug References: 1047962,1049826,1053177,1065022,1099019,1102261,1110542,1111319,1112911,1113296,1114908,1115341,1116840,1118758,1119373,1119820,1119873,1120263,1120463,1120629,1120630,1120631,1121611,1122062,1122471,1123137,1123681,1123843,1123865,1123967,1124897,1125415,1127026,1127155,1127220,1130161,1131823,1135749,1137977,663358,764147,965786,978193,993025
CVE References: CVE-2018-20532,CVE-2018-20533,CVE-2018-20534
Sources used:
openSUSE Leap 15.0 (src):    PackageKit-1.1.10-lp150.11.1, libsolv-0.7.5-lp150.7.1, libyui-ncurses-pkg-2.48.5.2-lp150.7.1, libyui-qt-pkg-2.45.15.2-lp150.7.1, libzypp-17.12.0-lp150.2.13.1, yast2-pkg-bindings-4.0.13-lp150.2.13.1, zypper-1.14.28-lp150.2.13.1