[Pkg-mutt-maintainers] Bug#828751: gnupg2 transition breaks mutt's gpg.rc

[Jan Nordholz]

... or it even fails completely - I have pinentry-curses installed and the
second prompt does not appear at all, causing decryption to fail in any
case (as the input is redirected, pinentry-curses probably fails to find
the terminal).

Suggested fix: add '--pinentry-mode loopback' to mutt's invocations of gpg
wherever '--passphrase-fd 0' is supplied.

Proof of concept: grab an encrypted mail, gpg (v2) and run:

(1) gpg --status-fd 2 --passphrase-fd 0 --no-verbose --quiet --batch --output - $TESTMAIL > /dev/null <<< "$PHRASE"
(2) gpg --pinentry-mode loopback --status-fd 2 --passphrase-fd 0 --no-verbose --quiet --batch --output - $TESTMAIL > /dev/null <<< "$PHRASE"

and observe that for (1), which matches the current settings in gpg.rc, the
passphrase on FD 0 is ignored and pinentry is launched despite '--batch'.
Command (2) works though.

(If you have a gpg-agent with a valid passphrase running, kill/flush it
beforehand.)


Thanks,

Jan

PS: Note that the GnuPG transition has hit unstable in the meantime.
-- 
Jan Nordholz <jnordholz at sec.t-labs.tu-berlin.de>
Security in Telecommunications <fgsect.de>
TU Berlin / Telekom Innovation Laboratories
Ernst-Reuter-Platz 7, Sekr TEL 17 / D - 10587 Berlin, Germany
phone: +49 30 8353 58663