Cygwin version of gpg does not work in 2.x
OpenPGP addon for Mozilla Thunderbird
Brought to you by:
pbrunschwig
Menu
▾
▴
#839 Cygwin version of gpg does not work in 2.x
wont-fix
nobody
2.0
Minor
60
gpg (GnuPG) 2.2.7-unknown
Windows
---
nobody
2018-08-12
2018-05-16
No
Before version 2.0 I could use gpg2 from cygwin 64-bit with enigmail. But from 2.0 this does not work. Anybody know why this is?? Why do we not want the cygwin version??
Can you please attach a debugg log file? See https://www.enigmail.net/index.php/en/faq-en?view=topic&id=15 for how to create it.
When you choose the file it say it is not a gpg exec. But I have seen, since I have this setting since before that it runs the tool. So setup fails to like the file. And later you can not use it for signing or encrypting.
I have the same problem with Cygwin x32, GnuPG v2.2.8. Enigmail v2.0.7 does not like it.
Enigmail v0.95.7 worked just fine with GnuPG 1.4.22 from the same Cygwin installation.
I have tried to follow the flow of initialization of enigmail. And it looks like it fails when it is checking home directory for gpg. That is where the .gnupg file is. That is in cygwin format not in windows format. But I can not say for sure. Does enigmail really need to know where this file is?? Running the cygwin gpg version of gpg will read the correct file anyway.
Note: old version that is working can not run in TB60. so need a new working enigmail.
Last edit: Jens Yllman 2018-08-09
If that's the problem, then specify the home directory using the "Additional parameters for GnuPG" setting in Enigmail. Something like
That got me past the initialization error. I did --homedir "C:\...." and it worked. But now I get key errors instead when I try to sign/encrypt.
Last edit: Jens Yllman 2018-08-09
Also, another note, you never can add this parameter during wizard setup. So doing it that way will never work. And you have to set the extra parameter before you select the gpg2.exe file in cygwin, or it will not work eather.
After setting the homedir I now get
gpgAgent.jsm: setAgentPath: gpgconf found: yes
but directly after that I get
gpgAgent.jsm: detectGpgAgent: no GPG_AGENT_INFO variable set
gpgAgent.jsm: detectGpgAgent: GPG_AGENT_INFO='none'
Could that be the reason why the keyring operations does not work??
If keyring operations don't work, then I suspect that --homedir "C:..." is incorrect...
The thing is that if I do not specify homedir I get the cygwin setting which is /home/user/.gnupg. And when I specify homedir enigmail will say config found. But that the config is missing the GPG_AGENT_INFO.
So the question is, how did enigmail 1.9 do this that 2.0 does not? And can we work around it in 2.0? Cause the cygwin environment is the same.
GPP_AGENT_INFO is not relevant for GnuPG 2.2. The problem is actually that setting --homedir to a Unix patch will confuse Enigmail. Please try the following instead:
HKEY_CURRENT_USER\Software\GNU\GNUPG\HomeDirto the Windows path of your ~/.gnup directory, .i.e something like C:\path\to\gpghomeThen restart Thunderbird and retry.
OK, I will try, but this is cygwin version of GPG, so I do not think it reads the regestry. And nothing is in the regestry now. Using --homedir "C:\path\to\gpghome" makes Enigmail happy. But I understand that GPG is not happy. Since it wants /home/user/.gnugp.
So the question is why do Enigmail need to physically check the home directory. If all was left to GPG in this case I just think it works. It did work before 2.0 with same install of cygwin and gpg.
I have to provide some background to answer this question. After Enigmail 1.9 dropped support for GnuPG 1.4, the number of support requests that related to environment setup issues increased dramatically. This has to to with the fact that GnuPG 1.4 is a single exectuable, whereas 2.0 (and 2.2 even more) is a suite of several individual components that need to work together smoothly. This make installation of GnuPG much harder.
In order to overcome this, I implemented quite some functionality in Enigmail 2.0 to better detect the user's situation, try to fix setup issues automatically, or at least provide better hints to the user for how to fix their installation errors. These measures contain features like ensuring that the GnuPG home directory is writeable, and checking certain config files.
Thunderbird is a Windows executable, and hence Enigmail has to use Windows-style paths to access directories. This will very likely not work with cygwin, as cygwin binaries expect a Unix path. Thinking about it, I therefore conclude that cygwin probably cannot be supported anymore. You can still use gpg on cygwin from the command line, but I'd recommend you install the Windows version of GnuPG for Enigmail. If you set the GnuPG home dir for the Windows version of gpg to your cygwin ~/.gnupg directory, then they probably work together smoothly. You just need to make sure that gpg-agent.conf does not contain any
pinentry-programconfig line.OK, I did let Enigmail install Gpg4Win. And that install actually could see that I allready had a gpg install and a home directory in cygwin. So it set homedir to that directory. And now everything seem to work. But, having Thunderbird open keeps lockfiles that make gpg from cygwin fail. I will look some more into that. I do not use gpg that often in cygwin, yet.
Last edit: Jens Yllman 2018-08-10
Does Enigmail start the gpg-agent as daemon?? Is there some way till stop that daemon nice?? Cause that process is creating a lock when signing/encrypting. And it would be nice if thoose locks got released when you close Thunderbird.
Also, there are some other locks that does not get released when you modify your keystores. It is easy to delete. But I would like them to go away nice. Why keep the locks after operation finished??
Or an option to not start gpg-agent as a daemon?
A few facts about gpg-agent:
So, setting the registry key does not help. Now I am back to how it was first.
Pity that Cygwin gpg2 is not supported in 2.x branch. Would it be possible to backport critical issues (e.g. EFAIL) to 1.9.x branch and make another service release?
Last edit: Dmitry Katsubo 2018-08-10
Enigmail 1.9 is substantially different from 2.0, thus porting the fixes would require quite some effort. In addition, Enigmail 1.9 is a dead-end. There were major changes in Thunderbird 60, such that 1.9 won't not run on Thunderbird 60.
I think there is a need for a guide how to do with cygwin and gpg4win together!
Or actually. It would be kind of nice to have cygwin support built in. I wonder how much work it would be to skip the checks if we in cygwin? :)
To be quite clear, Cygwin was never officially supported by Enigmail. Cygwin just happened to work by chance, which is why we never said "we don't support it".
Supporting cygwin It's not only about skipping certain checks. It's also about the future. Gpg gets more and more complex with additional helper tools (like dirmngr, gpgconf, ...), which will need to be supported one way or the other. All this is not trivial if Cygwin reports (and expects) Unix paths and Enigmail (and Thunderbird) works with Windows paths.
I honestly don't think that the number of users of Enigmail with Cygwin would justify the effort.