In T7656#201519, @TobiasFella wrote:Do I understand correctly that this bug is then automatically done/fixed?
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Today
Today
• aheinecke added a comment to T7620: gpgme_get_key fails to detect secret encryption subkey after key generation on card (until context is recreated).
I do not think that this is the only place where such an issue occurs. Maybe we should make the documentation clearer about context key reuse. But the context is specifically designed to cache information about a key, so as to avoid memory overhead. I learned early on that its best for each new operation to use a new context. A context is basically an instance of gpg or gpgsm. So you start one process, ask it for a keylist, keep the process running, start another process, modify the key database, and then ask the first process again about his worldview. Either the first process is a bit confused because it has read data and then that data changed (what happens here) or it has no idea about the change since it was efficient and only read the database once. But here in this example you should be able to reproduce this also by making any other modifications to the key, adding other subkeys, userids etc. That GPGME even notices the secret key is more of a side effect of how the programming works because the GPGME gpg process will ask the gpg-agent (so a third process).
• aheinecke added a comment to T7434: Kleopatra: Initial keylisting hangs for ~60 seconds (gpg-agent: Socket ...S.gpg-agent cannot be bound).
The more I think of this, the more likely this appears to me as the source for all that random startup weirdness of GnuPG. Say you are on a large keyring and on a train, then that keyring is first passed through your enterprise malware protection for scanning or something like that. Then it works again until some metric, hash or something else changes.
• aheinecke added a comment to T7434: Kleopatra: Initial keylisting hangs for ~60 seconds (gpg-agent: Socket ...S.gpg-agent cannot be bound).
My recommendation would at this point be to use procmon with a file filter for just "If path contains gnupg then include" I mean maybe go only for the locking dirs but this way you will not only see what the GnuPG processes are doing but what everyone on the system is doing to the locks. So you will see when my old friends, third party security software might interfere.
For example: You will see on a default Windows which files are checked through telemetry. And here in this example you see directly that the Microsoft Malware Protection Engine is accessing the agents socket.
Yes. If gpgconf could read that version directly from kleopatra it would be even better. Bit in cases of early crashes this might be sub-optimal; thus I will tell gpgconf to get some additional version info from an installed versioninfo.txt file (which gpg4win creates). Thanks.
@gnibee Thanks! I noticed this too but wasn't familiar with the test suite, and didn't see an ASAN error so assumed nothing harmful. This explanation explains it.
Is this what you had in mind @werner:
Improve menu
• ikloecker committed rGTOe157f76083f3: Help mingw to find the right overload to use (authored by • ikloecker).
Help mingw to find the right overload to use
CarlSchwan committed rOJ8753cad918c4: Add compliance status to statubars when needed (authored by CarlSchwan).
Add compliance status to statubars when needed
Note: The Kleopatra in upcoming versions of Gpg4win 5 will have AboutData::version set to gpg4win-5.0.0 (or gpg4win-5.0.0-beta190 for beta versions). See T7666: Kleopatra: Rework versioning.
• TobiasFella committed rKLEOPATRA4542312506e5: Show a progress dialog when updating certificates (authored by • TobiasFella).
Show a progress dialog when updating certificates
• TobiasFella committed rKLEOPATRAc186834ea490: Show a progress dialog when updating certificates (authored by • TobiasFella).
Show a progress dialog when updating certificates
• ikloecker committed rW9c01310e832f: Remove entry for older qgpgme package (authored by • ikloecker).
Remove entry for older qgpgme package
Fix make dist
• TobiasFella committed rKLEOPATRA3f5321d01e05: Show a progress dialog when updating certificates (authored by • TobiasFella).
Show a progress dialog when updating certificates
• TobiasFella committed rKLEOPATRA4bbc9aee03d4: Show a progress dialog when updating certificates (authored by • TobiasFella).
Show a progress dialog when updating certificates
• ikloecker committed rO69390a554a0e: Use gpgme_off_t and gpgme_ssize_t everywhere for GpgME++ 2.0 (authored by • ikloecker).
Use gpgme_off_t and gpgme_ssize_t everywhere for GpgME++ 2.0
Update GpgOL to 2.6.1
• ikloecker committed rGPGMEQTd0aa23a7a384: On Windows, use gpgme_off_t and gpgme_ssize_t in the API (authored by • ikloecker).
On Windows, use gpgme_off_t and gpgme_ssize_t in the API
• ikloecker committed rGPGMEPPb75caf9ce2bc: On Windows, use gpgme_off_t and gpgme_ssize_t in the API (authored by • ikloecker).
On Windows, use gpgme_off_t and gpgme_ssize_t in the API
scd:piv: Support rsa3072
• werner moved T7663: Certificated signed using SHA-1 isn't trusted, but needs --force-sign-key to re-sign. from Backlog to QA on the gnupg26 board.
• werner committed rG15a71f108d9e: gpg: Allow updating a SHA-1 key certification w/o --force-sign-key. (authored by • werner).
gpg: Allow updating a SHA-1 key certification w/o --force-sign-key.
doc: Minor speedo build clarification
• werner committed rG018a2289ba8e: dirmngr: Don't install expired sks certificate (authored by Lucas Mulling via Gnupg-devel <gnupg-devel@gnupg.org>).
dirmngr: Don't install expired sks certificate
libtool: Add support for zOS
Please remember to add a comment to the code describing the reason for this renaming.
gpgsm,tests,tools: Fix memory leaks.
• gniibe renamed T7668: gnupg: regexp and build with -fsanitize=address from gnupg: regexp and build with -fsanitize=addres to gnupg: regexp and build with -fsanitize=address.
The issue is the routines of regcomp, regexec, regerror and regfree are in C library and the sanitizer library replaces them (and it's not compatible for the use case of GnuPG).
l10n daemon script <scripty@kde.org> committed rKLEOPATRA5797b7f4fadf: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
yat2m: Release the memory after the use.
argparse: Fix a memory leak.
Yesterday
Yesterday
Thanks, that was the only issue building there.
Note: The Kleopatra in upcoming versions of Gpg4win 5 will have AboutData::version set to gpg4win-5.0.0 (or gpg4win-5.0.0-beta190 for beta versions). See T7666: Kleopatra: Rework versioning.
• ikloecker edited projects for T7657: Kleopatra: Refresh OpenPGP Certificates doesn't respect WKD setting, added: Feature Request; removed Bug Report.
Tools / Refresh OpenPGP certificates runs gpg --refresh-keys. I don't think that this command knows anything about WKD.
• werner lowered the priority of T7040: Make it possible to install GnuPG VSD and GPD in parallel from High to Normal.
For vsd on Windows this will be solved due to the use of gnupg-vsd as default homedir. We already tested this with a beta MSI installer
This should compare the gpg4win version number:
• werner triaged T7657: Kleopatra: Refresh OpenPGP Certificates doesn't respect WKD setting as High priority.
I updated the github issue. The suggested change seems to have had no effect.
• TobiasFella set External Link to https://invent.kde.org/pim/kleopatra/-/merge_requests/386 on T7655: Kleopatra: show a progress window when updating a certificate.
• TobiasFella moved T7655: Kleopatra: show a progress window when updating a certificate from Backlog to WIP on the gpd5x board.
• TobiasFella committed rKLEOPATRAa9871a56c642: Show a progress dialog when updating certificates (authored by • TobiasFella).
Show a progress dialog when updating certificates
Thank you @alexk
I made a comment on github.
CarlSchwan committed rOJ0ec2e0fda72c: firsttimedialog: Invert order of manifest action buttons (authored by CarlSchwan).
firsttimedialog: Invert order of manifest action buttons
CarlSchwan committed rOJec5902836cdb: reencrypt: Allow selecting multiple keys (authored by CarlSchwan).
reencrypt: Allow selecting multiple keys
CarlSchwan committed rOJ75cc0e4e0466: firsttimedialog: Use icon only button for manifest actions (authored by CarlSchwan).
firsttimedialog: Use icon only button for manifest actions
Remove obsolete gen-local-l10n.sh
• ikloecker committed rW45cfa869557f: Add script for updating translation files of KDE projects (authored by • ikloecker).
Add script for updating translation files of KDE projects
• ikloecker committed rWa6fa857df4c6: Remove code for merging translations and remove custom translations (authored by • ikloecker).
Remove code for merging translations and remove custom translations
• ikloecker committed rW944864b7738a: build: Don't add package to extra package list if sources are missing (authored by • ikloecker).
build: Don't add package to extra package list if sources are missing
• ikloecker committed rW62e390b02f7b: kleopatra: Set custom KLEOPATRA_VERSION_STRING for Gpg4win (authored by • ikloecker).
kleopatra: Set custom KLEOPATRA_VERSION_STRING for Gpg4win
Please re-open if you find other Cygwin related build problems.
agent: Allow building under Cygwin.
You know that Cygwin is not supported but if that is the only place it should not arm to fix it.
Clean up translations
Update translations for tr
Clean up translations
Update a few translations for ja
Clean up translations
l10n daemon script <scripty@kde.org> committed rKLEOPATRA8a6306d2f20f: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
l10n daemon script <scripty@kde.org> committed rKLEOPATRA62279d786efa: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Another possible change will be use of KEM interface for gpgsm.
Not high priority, but for long term code maintenance.
• gniibe changed the status of T7664: tests/openpgp/ecc.scm fails when building GPG with address sanitizer from Open to Testing.
Bump snapshot of gpgoljs
Mon, May 26
Mon, May 26
collinfunk added a comment to T7664: tests/openpgp/ecc.scm fails when building GPG with address sanitizer.
Thanks for the quick fix. I feel a bit silly for not notcing that macro myself...
• werner closed T7662: GPG's uncompress_ecc_q_in_canon_sexp reads past a constant string into rodata as Resolved.
Fixed in all branches but there is no potential for exploiting. See also gnupg-devel@ ML.
• werner edited projects for T7663: Certificated signed using SHA-1 isn't trusted, but needs --force-sign-key to re-sign., added: Feature Request, gnupg26, gnupg24; removed Bug Report.
• werner triaged T7663: Certificated signed using SHA-1 isn't trusted, but needs --force-sign-key to re-sign. as Low priority.
This should do the trick (master) but have not yet tested it:
• ikloecker committed rMTP430e80104af3: Add translations used for Gpg4win 4.4.1 (authored by • ikloecker).
Add translations used for Gpg4win 4.4.1
• ikloecker committed rKLEOPATRA1aa33a7bb950: Add translations used for Gpg4win 4.4.1 (authored by • ikloecker).
Add translations used for Gpg4win 4.4.1
• ikloecker committed rLIBKLEOcacbddd9b390: Add translations used for Gpg4win 4.4.1 (authored by • ikloecker).
Add translations used for Gpg4win 4.4.1
• ikloecker committed rKLEOPATRAdfdbab94165d: Make use of new CreationFlags and new QuickJob API (authored by • ikloecker).
Make use of new CreationFlags and new QuickJob API
• ikloecker committed rKLEOPATRAf7da5917822f: Allow customization of full version info shown in About window (authored by • ikloecker).
Allow customization of full version info shown in About window
• ikloecker committed rKLEOPATRA8323f1bb01c1: Remove customization of RELEASE_SERVICE_VERSION (authored by • ikloecker).
Remove customization of RELEASE_SERVICE_VERSION
Fixed. Thanks for the report!
• ikloecker committed rGPGMEPP67abbf811080: Fix wrong definition of operator<<(std::ostream &, const Error &) (authored by • ikloecker).
Fix wrong definition of operator<<(std::ostream &, const Error &)
CarlSchwan committed rW0c7129e857eb: Backport gpgmepp/qgpgme patches for reencrypt feature (authored by CarlSchwan).
Backport gpgmepp/qgpgme patches for reencrypt feature
The classic NIST P521 pitfall ;-)
• ikloecker committed rGPGMEQT7e8932469e1d: Sort includes and macro invocations alphabetically (authored by • ikloecker).
Sort includes and macro invocations alphabetically