Bug 1787708 - Accept keys without uid if key is already present
Summary: Accept keys without uid if key is already present
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: gnupg2
Version: 32
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Red Hat Crypto Team
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2020-01-04 13:08 UTC by Marcel Haerry
Modified: 2020-05-16 04:20 UTC (History)
4 users (show)

Fixed In Version: gnupg2-2.2.20-2.fc32 gnupg2-2.2.20-2.fc31 gnupg2-2.2.20-2.fc30
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2020-05-07 03:09:57 UTC
Type: Bug
Embargoed:


Attachments (Terms of Use)

Description Marcel Haerry 2020-01-04 13:08:56 UTC
If you are refreshing keys from keys.openpgp.org they might not contain any userid as they were not validated.

This throws an error atm:

$ gpg --verbose --keyserver hkp://keys.openpgp.org --recv-keys 0x0E0C3B086B41F258
gpg: data source: http://keys.openpgp.org:11371
gpg: pub  rsa2048/0x0E0C3B086B41F258 2007-04-11  
gpg: key 0x0E0C3B086B41F258: no user ID
gpg: Total number processed: 1
$ gpg --list-keys 0x0E0C3B086B41F258
gpg: error reading key: No public key

There is upstream an ongoing discussion https://dev.gnupg.org/T4393 though it is not really moving.

Since the keyflood issue from summer 2019 Debian decided to move to use keys.openpgp.org as default and also includes patches to enable the errorless import of such keys:

https://salsa.debian.org/debian/gnupg2/blob/debian/master/debian/patches/Use-hkps-keys.openpgp.org-as-the-default-keyserver.patch#L24-34

Given the Debian patches seem to work fine and there is little movement upstream to fix that, but the error message affect all users on Fedora updating from keys.openpgp.org it would be wise to include the patches as well in Fedora.

Output with patches:

$ gpg --verbose --keyserver hkp://keys.openpgp.org --recv-keys 0x0E0C3B086B41F258
gpg: data source: http://keys.openpgp.org:11371
gpg: pub  rsa2048/0x0E0C3B086B41F258 2007-04-11  
gpg: key 0x0E0C3B086B41F258/0x8640E710E1AB3080: removed multiple subkey binding
gpg: key 0x0E0C3B086B41F258/0x162BC4DAB75E5CD4: removed multiple subkey binding
gpg: key 0x0E0C3B086B41F258: new key but contains no user ID - skipped
gpg: Total number processed: 1
gpg:           w/o user IDs: 1

Comment 1 Marcel Haerry 2020-01-04 13:21:35 UTC
PR https://src.fedoraproject.org/rpms/gnupg2/pull-request/5

Comment 2 Tomas Mraz 2020-01-06 09:59:56 UTC
I've built your PR on Rawhide, I suppose doing and F30, F31 update with the PR merged sooner or later should be fine.

Comment 3 Ben Cotton 2020-02-11 16:31:33 UTC
This bug appears to have been reported against 'rawhide' during the Fedora 32 development cycle.
Changing version to 32.

Comment 4 Fedora Update System 2020-04-30 13:21:15 UTC
FEDORA-2020-3a3d3c95ff has been submitted as an update to Fedora 30. https://bodhi.fedoraproject.org/updates/FEDORA-2020-3a3d3c95ff

Comment 5 Fedora Update System 2020-04-30 13:21:16 UTC
FEDORA-2020-a3361156cd has been submitted as an update to Fedora 31. https://bodhi.fedoraproject.org/updates/FEDORA-2020-a3361156cd

Comment 6 Fedora Update System 2020-05-01 05:03:33 UTC
FEDORA-2020-a3361156cd has been pushed to the Fedora 31 testing repository.
In short time you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2020-a3361156cd`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-a3361156cd

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 7 Fedora Update System 2020-05-01 06:12:57 UTC
FEDORA-2020-3a3d3c95ff has been pushed to the Fedora 30 testing repository.
In short time you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2020-3a3d3c95ff`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-3a3d3c95ff

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 8 Fedora Update System 2020-05-01 19:22:19 UTC
FEDORA-2020-3d5538a268 has been pushed to the Fedora 32 testing repository.
In short time you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2020-3d5538a268`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-3d5538a268

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 9 Fedora Update System 2020-05-07 03:09:57 UTC
FEDORA-2020-3d5538a268 has been pushed to the Fedora 32 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 10 Fedora Update System 2020-05-16 03:10:21 UTC
FEDORA-2020-a3361156cd has been pushed to the Fedora 31 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 11 Fedora Update System 2020-05-16 04:20:40 UTC
FEDORA-2020-3a3d3c95ff has been pushed to the Fedora 30 stable repository.
If problem still persists, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.