gpg4win sometimes crashes

Hello everyone,

I have gpg4win 3.1.11 installed on Windows 10. To improve performance, I have set up a task (scheduled for run at logon):

gpgconf.exe --launch gpg-agent

(I have no ideas whether this has anything to do with my problem, but either way it is a legitimate command that should not cause gpg4win to fail.)

When I try to use gpg4win (regardless whether I access it via Claws email or via Kleopatra) it works most of the time. In ~30% of the times, however, it does not respond at all, causing the application that called it to just hang for good. In these cases, there is nothing I can do to make it work short of reboot. Even if I kill all gpg-related processes in Windows task manager, it still does not work. They get restarted, but they hang again.

Rebooting does work tho.

My hardware is not possibly the bottleneck either (Ryzen 3700X with 32 GB RAM).

This is annoying. What can I do?

Hello,

seems like you somehow ran into a rare defect, so we need to start analysing
and find out how this can be reproduced. Some early ideas:

a) disable the task and see if this makes a difference. Even if it is unlikely that is should be a problem, it is at least something unusual, and it is easy to eliminate as a source of problems.

b) Try using “gpg” on the command line and see what it say, use some more diagnostics.
(For some details see https://wiki.gnupg.org/TroubleShooting)

Best,
Bernhard

Thank you for your response, Bernhard, and sorry for the late reply. The problem persists though.

a) I tried it, but then the roulette game occurs when I try to open the first encrypted email in Claws. Sometimes it works flawlessly, sometimes it lasts quite some time, and sometimes it hangs for good.

Deeper analysis with the Windows task manager revealed the following:

gpg-connect-agent.exe is started (either by my logon task, or if that one is disabled, when Claws tries to decrypt an email. The gpg-connect-agent.exe task then hangs. Sometimes, it manages to start the gpg-agent.exe task, which is responsible for the decrypting, before it hangs, sometimes it does not. And of course, sometimes everything works smoothly, with gpg-connect-agent.exe starting gpg-agent.exe and then terminating as it should.

I have not managed to determine any pattern that could predict when it will work and when it will not. However, I noticed that terminating the crashed gpg-connect-agent.exe in the task manager does help. I can then try again, and if I am not much mistaken, it always works on the second attempt.

I also searched the gpg folder, found a couple lock files (with the agent not running), and deleted them. That had no impact on the symptoms though.

b) Then I just get:

gpg: WARNING: no command supplied. Trying to guess what you mean …
gpg: Go ahead and type your message …

So I need more specific instructions on how to obtain possibly useful logs (directory?) or other information. But remember, the bottlenect is most obviously getting the gpg-agent.exe started. Once that is achieved, I have won.

Hi DAP,

reading the analysis: If you are not starting the agent at logon and you are not using Claws, does the problem still occur? (This test should help to exclude that idea that it is related to the gpg-connect-agent call.)

Regarding commands, a few more hints for testing: most commands have several methods to help diagnosing them. Here is the manual section for gpg-agent. Try a logfile and then increase verbosity by first adding -v and then som --debug options. There are also other methods to try, see https://gnupg.org/documentation/manuals/gnupg/Agent-Options.html#Agent-Options

A standard “gpg” command would be either “–decrypt” or “–sign”, also see the manual.

Best Regards,
Bernhard

If you are not starting the agent at logon
and you are not using Claws, does the problem still occur?

Then I am not using gpg at all. This is not related to Claws, seeing that the problem occurs when I start the gpg connect agent. If I disable the logon task and use Claws directly, I find that it usually works, however, often with a major delay (20 seconds or something). During this time, I see gpg.exe in the task manager, not gpg-connect-agent.exe.

Kleopatra also does not work until (if) the gpg-agent.exe is properly running.

The whole delay thingy is bothering me. What is the task waiting for? This cannot possibly be caused by high system load, not on a machine with a Ryzen 3700X and 32 GB RAM having nothing else to do than starting gpg.

Perhaps I have disabled another windows service that gpg would like access? But it cannot be a crucial one, otherwise gpg would not work at all. Generally, I am running Windows 10 1903 with a lot of bloatware and related services utterly disabled (all the way down to the MS App store, Cortana, UAC and the like). Are there any known dependencies?

Here is the manual section for gpg-agent. Try a logfile

I saw no manual section in your post, and I would like to know where I can create/find relevant logfiles. Which gpg command should I try anyway? Any suggestion?

Hi again,
the manual is behind the link I gave (https://gnupg.org/documentation/manuals/gnupg/Agent-Options.html#Agent-Options) and the idea is to try some basic decrypt or signing operations that needed gpg-agent for access to the secret key material.

General ideas for the delay could be

  • Some network access (dirmngr when using s/mime and some configurations will sometimes try to update revocation information) and then running in a timeout.
  • Some attempt to open up a pinentry (and local interprocess communication)
  • In the past sometime restrictions could otherwise but a burden on interprocess
    communications.

Of course a delay somehow indicates a timeout.

Does this help?
Best Regards,
Bernhard