Ubuntu
signing-party package

sig2dot drops keys when used with "-d"-option

Bug #393242 reported by Ben M.
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
signing-party (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

Binary package hint: signing-party

input:
LANG=C gpg --no-options --no-default-keyring --keyring keys/temp.gpg --list-sigs | sig2dot -a -d "2008-01-01" > test.dot

output:
.dot-file with only a few keys

expected output:
.dot-file with all keys, which existed on 2008-01-01.

error messages:
Argument "Cert" isn't numeric in numeric le (<=) at /usr/bin/sig2dot line 206, <> line 4.
Using: uid CA Cert Signing Authority (Root CA) <email address hidden>
...
Argument "ct" isn't numeric in numeric le (<=) at /usr/bin/sig2dot line 206, <> line 3054.
Using: uid [marginal] ct magazine CERTIFICATE <email address hidden>

Description:
Sig2dot creates a graph when supplied with a list of signatures. The option -a will graph all keys which occured on the keyring, while the option -d <date> will create a .dot-file, which looks as on <date>.

The date is given properly. There is no known bug yet. This does not happen, when no date is given. Since I don't understand perl, someone with perl might take a look at it (vim /usr/bin/sig2dot).

ProblemType: Bug
Architecture: amd64
DistroRelease: Ubuntu 9.04
NonfreeKernelModules: nvidia
Package: sig2dot 1.0-2
PackageArchitecture: all
ProcEnviron:
 PATH=(custom, user)
 LANG=de_DE.UTF-8
 SHELL=/bin/bash
SourcePackage: signing-party
Uname: Linux 2.6.28-13-generic x86_64

Related branches

lp:debian/signing-party
Revision history for this message
Ben M. (bmhm) wrote :
Revision history for this message
Ben M. (bmhm) wrote :

Since sig2dot is a really wired and imperative perl-script, I am currently trying to reimplement it in python using object-oriented coding style.

Unfortunately I was unable to contact any maintainer of signing-party. Can someone file a bug in Debians bug tracker, please?

Regards

Revision history for this message
Ben M. (bmhm) wrote :

I were able to get it running. And it looks much less sophisticated.
Can I get a second opinion on this, please?

https://launchpad.net/sig2dot-revised

Revision history for this message
Christoph Berg (myon) wrote :

Hi Benjamin,

why didn't you mail the Debian BTS yourself instead of individual people? I got your mail, but it looked more like feature improvements than bugs, so I didn't put it high on the todo list. Furthermore, you didn't mention Ubuntu at all, so there's little surprise that this (launchpad) bug wasn't tackled yet.

Also, you submitted non-public material ("_Ich möchte nur darum bitten, vor Veröffentlichung die beigelegten Listen und Graphen zu entfernen_ - diese sind von den auf den Listen stehenden Personen nicht zur Weitergabe genehmigt."), so I cannot just forward your mail to the Debian BTS.

Cheers,
Christoph

Revision history for this message
Ben M. (bmhm) wrote :

Hi Christoph,

I am not allowed to publish any peoples names without asking them. You should be aware of that. It should just be an example anyway. You can fetch some random keys from any signing party. Or forward it without the attachments.
I actually wanted to report it to the Debian BTS, but in the end I didn't really know how - sending an email? So I looked for a maintainer and found you.

Since I new I should have used the bug tracker instead, I didn't really expect an answer - my fault, not yours. Anyway, it didn't make anything worse, did it? Writing a python program was a good exercise anyway ;-)

I'm sorry for any inconvenience which I may have caused.

Regards,
Ben

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package signing-party - 1.1.8-1

---------------
signing-party (1.1.8-1) unstable; urgency=low

  [ Guilhem Moulin ]
  * caff:
    + Improve the documentation of gpgparticipants annotations.
    + When clean-exporting a key (aka pruning), don't ignore signatures just
      because their certification level in under 'min-cert-level' (which
      defaults to 2). (Closes: #751252)
  * gpgwrap:
    + Import the default Debian CFLAGS defined by dpkg-buildflags, which makes
      the Buildd Log Scanner stop emitting 'W-dpkg-buildflags-missing CFLAGS'.
  * keyanalyze:
    + Import the default Debian CFLAGS defined by dpkg-buildflags, which makes
      the Buildd Log Scanner stop emitting 'W-dpkg-buildflags-missing CFLAGS'.
  * sig2dot:
    + Apply -d on OpenPGP signatures and revocation certificates only.
      (LP: #393242)
  * springgraph:
    + Avoid 'illegal division by zero' errors when dealing with isolated nodes
      and/or degenerated cylinders. (LP: #1267981)
    + Add an option -f to set the (TrueType) font, style and size to use on
      labels. This allows proper displaying of non-ASCII labels (provided the
      chosen font covers all the glyphs).
  * debian.control, debian.rules:
    + Update the config files before building the package. Patch from Breno
      Leitao. (Closes: #748977)

  [ Aaron Toponce ]
  * keyart: new script to dislay an ASCII art representation of OpenPGP key
    files.

 -- Guilhem Moulin <email address hidden> Sat, 21 Jun 2014 17:32:13 +0200

Changed in signing-party (Ubuntu):
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.