Package: gnupg Version: 2.1.16-2 Severity: normal Dear Maintainer,
I'm trying to fix bug 846675 on the 0install package. It seems to be caused by the latest GnuPG returning incorrect rc codes. On Debian/jessie (GnuPG 2.1.7), I get: $ curl http://0install.net/tests/newkey -o newkey $ gpg --status-fd 1 --keyserver-options no-auto-key-retrieve --verify newkey [...] [GNUPG:] ERRSIG 9B1F5D7F9721DA90 17 2 01 1118513305 9 According to http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob_plain;f=doc/DETAILS: *** ERRSIG <keyid> <pkalgo> <hashalgo> <sig_class> <time> <rc> It was not possible to check the signature. This may be caused by a missing public key or an unsupported algorithm. A RC of 4 indicates unknown algorithm, a 9 indicates a missing public key. So, the 9 at the end means the key was missing, which is 0install's trigger to download it. However, with GnuPG 2.1.16 I get: [GNUPG:] ERRSIG 9B1F5D7F9721DA90 17 2 01 1118513305 33554441 (33554441 is 0x0x2000009) 0install reports this as an error and does not attempt to fetch the key in this case. It would be good to restore the previous behaviour (or update the documentation if this is no longer correct). Thanks, -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 4.4.14-11.pvops.qubes.x86_64 (SMP w/4 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/dash Init: unable to detect Versions of packages gnupg depends on: ii gnupg-agent 2.1.16-2 ii libassuan0 2.4.3-2 ii libbz2-1.0 1.0.6-8 ii libc6 2.24-7 ii libgcrypt20 1.7.3-2 ii libgpg-error0 1.25-1 ii libksba8 1.3.5-2 ii libreadline7 7.0-1 ii libsqlite3-0 3.15.2-1 ii zlib1g 1:1.2.8.dfsg-2+b3 Versions of packages gnupg recommends: ii dirmngr 2.1.16-2 ii gnupg-l10n 2.1.16-2 Versions of packages gnupg suggests: pn parcimonie <none> pn xloadimage <none> -- no debconf information
