gpg_passwd function parses configuration file for GPG_PW.
I include a local configuration via dot ('.') operator. In this file I overwrite GPG_PW. duply parses main config file, finds old (overwritten) GPG_PW. gpg reports "invalid passphrase'.
Replacing the contents of 'gpg_passwd' function with 'echo -n $GPG_PW' works around this issue. Are there any security implications?