I tried to get this module to work but when I supply a proper pubring.gpg and call gnupg_encrypt with ($message,MYKEY) the best error message I'm able to get back is "gpg: can't open `sites/all/modules/gnupg/.gnupg/pubring.gpg' gpg: keydb_search failed: file open error gpg: MYKEY: skipped: file open error gpg: : encryption failed: file open error"
While on my remote host running a bit stricter setup the error message is, unedited: "Warning: using insecure memory! gpg: can't open `': No such file or directory gpg: : encryption failed: No such file or directory." I also tried to set proc_open to true here but the result remained the same.
The latter was from gpg version 1.4.9/PHP 5.2.6 , the first from gpg 2.0.10/PHP 5.2.8.
Interestingly, gnupg_get_keys() works as expected and thus verifies that the pubring should not be the cause of the problem. I'd be grateful for any hint at what to try next, especially since I'm not that familiar with proc_open and pipes in PHP.
Comments
Comment #1
Arto commentedComment #2
grahlOK, I grabbed gnupg-6.x-1.x-dev from Feb 18th and with additionally adding the following line to gnupg.module, right before the proc_open, I am now able to encrypt. What is removed are two empty single quote marks.
I haven't seen why that is since the array $options has the row recipient with a valid key_id as a last argument. Obviously this is an ugly hack and needs a better solution.
203a204,205
> $command=substr($command,0,-2);
>
271a274
>
Comment #3
Arto commentedI'm moving this bug report over to the OpenPGP module which obsoletes the GnuPG module.
I need to double-check whether this issue is still a problem for the OpenPGP module. The GnuPG code (in
openpgp/openpgp_gpg/openpgp_gpg.inc) was mostly a straight port of the previous code ingnupg.module, so this bug may possibly still be present in theGnuPG::encrypt()function which replacesgnupg_encrypt().#406334: OpenPGP_GPG::get_keys() fails if key is not specified seems to be a closely related issue.
Comment #4
adamo commentedI believe this was a problem with gnupg_exec() in the old module, which also caused the get_keys() issue you referenced.
From the issue:
In your old code null options would get run through escapeshellarg(), which is where the extra single quotes came from. In your new code you check if the option is null before running it through escapeshellarg() and adding it to the command line. So I think this is all set.
Comment #5
Arto commentedThe GnuPG class has now been renamed to OpenPGP_GPG per issue #586696: Compatibility with GnuPG PECL extension.
Comment #6
Arto commentedMany thanks for checking this, Adam. It does indeed seem that I fixed that at some point (and then promptly forgot about it) when I was developing the new module, so this issue is resolved.