Page MenuHome GnuPG
Feed All Stories

Yesterday

pubgkr updated pubgkr.
Sun, Oct 17, 11:10 PM
werner added a comment to T5656: Error emitted: gpg: error reading symlink '/proc/curproc/file': No such file or directory.

Urgs, I already implemented this:

Sun, Oct 17, 6:46 PM · gnupg (gpg23), MacOS, Bug Report
werner added a comment to T5656: Error emitted: gpg: error reading symlink '/proc/curproc/file': No such file or directory.

On macOS _NSGetExecutablePath could be used, but iiuc this requires linking against dyld. For other OSes we would also need more code. I doubt that this makes a lot of sense these days; but we should come up with a solution, even if that means we need an envvar to specify the location of that open gpgconf.ctl file.

Sun, Oct 17, 6:41 PM · gnupg (gpg23), MacOS, Bug Report

Sat, Oct 16

werner closed T5660: Second key decrypts messages it shouldn't as Resolved.

That looks like a support question. Please ask on a mailing list for help. Sorry, we can't do individual support here.

Sat, Oct 16, 4:23 PM · Support

Fri, Oct 15

stes added a comment to T5631: pinentry-curses on OpenIndiana (Illumos distro) doesn't display correctly.

For completeness here's a screenshot that shows the situation on a TERM=sun-console text console with the latest code :

Fri, Oct 15, 6:14 PM · Testing, pinentry
werner triaged T5661: Symmetric only encryption with Kleopatra as High priority.
Fri, Oct 15, 4:37 PM · Feature Request, kleopatra
stes added a comment to T5659: pinentry-curses disable colors.

After thinking a little more about this issue, I am of the opinion that the best option here is to provide a compile time configure option :

Fri, Oct 15, 4:23 PM · pinentry, Feature Request
stes added a comment to T5658: pinentry-curses color option.

It would be convenient if the -c option could be easily set in the gpg-agent.conf or in some configuration file for pinentry. The workaround that I use now to create a script that I can then use as pinentry-program is extra work because it requires an additional script.

Fri, Oct 15, 4:21 PM · Documentation, pinentry
stes added a comment to T5631: pinentry-curses on OpenIndiana (Illumos distro) doesn't display correctly.

The typo is fixed now and after pulling the latest sources from the repo and configure --disable-ncurses :

Fri, Oct 15, 4:17 PM · Testing, pinentry
werner committed rD16f1d665623b: web: Fix old signature key URL (authored by werner).
web: Fix old signature key URL
Fri, Oct 15, 12:30 PM
werner committed rDe2d4c796af58: web: Publish new signature key (authored by werner).
web: Publish new signature key
Fri, Oct 15, 12:13 PM
gniibe added a comment to T5636: Run integrity checks + selftests from library constructor in FIPS.

It seems for me that the patches to random/ was written in old days.

  • Now, we have getentropy in libc
    • This is most reliable one
    • better than urandom, because it may block when kernel is not yet seeded
    • better than random, because it never blocks once kernel is seeded
  • So, the real path in rndlinux.c is actually, call to getentropy
  • No access to /dev/random or /dev/urandom any more, in fact
  • Although old code remains, non-touched
    • like use of syscall when getentropy function is not available
Fri, Oct 15, 8:42 AM · FIPS, libgcrypt, Bug Report
gniibe added a comment to T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation.

Add doc in gcrypt.texi.

Fri, Oct 15, 8:02 AM · FIPS, libgcrypt, Feature Request
gniibe committed rC8f31f652d453: doc: Add entries for hash+sign functions. (authored by gniibe).
doc: Add entries for hash+sign functions.
Fri, Oct 15, 8:01 AM
gniibe committed rCd45db4ad16fe: fips: Improve selftests invocation. (authored by Jakuje).
fips: Improve selftests invocation.
Fri, Oct 15, 4:37 AM
gniibe added a comment to T5617: fips: Check library integrity before running selftests.

Thank you. Applied.

Fri, Oct 15, 4:37 AM · FIPS, libgcrypt, Bug Report
gniibe added a comment to T5631: pinentry-curses on OpenIndiana (Illumos distro) doesn't display correctly.

Thanks for testing. I pushed a fix for my typo: rPb713f31c5b04: curses: Fix the previous commit.

Fri, Oct 15, 4:20 AM · Testing, pinentry
gniibe committed rPb713f31c5b04: curses: Fix the previous commit. (authored by gniibe).
curses: Fix the previous commit.
Fri, Oct 15, 4:18 AM
gniibe committed rG48359c723206: dns: Make reading resolv.conf more robust. (authored by gniibe).
dns: Make reading resolv.conf more robust.
Fri, Oct 15, 3:56 AM
gniibe added a comment to T5657: dirmngr: libdns sends malformed dns requests.

I don't know if it's same in your case, but to fix my case, I pushed a change {rG41eef36dc}

Fri, Oct 15, 3:52 AM · Info Needed, Bug Report, dns, dirmngr
gniibe added a comment to T5657: dirmngr: libdns sends malformed dns requests.

I managed to create a case. Put a line:

Fri, Oct 15, 3:28 AM · Info Needed, Bug Report, dns, dirmngr
gniibe triaged T5658: pinentry-curses color option as Normal priority.
Fri, Oct 15, 2:29 AM · Documentation, pinentry
gniibe triaged T5659: pinentry-curses disable colors as Normal priority.
Fri, Oct 15, 2:27 AM · pinentry, Feature Request
gniibe updated the task description for T5659: pinentry-curses disable colors.
Fri, Oct 15, 2:27 AM · pinentry, Feature Request
gniibe updated the task description for T5658: pinentry-curses color option.
Fri, Oct 15, 2:26 AM · Documentation, pinentry
gniibe added a comment to T5657: dirmngr: libdns sends malformed dns requests.

BTW, in your screen shot (log is preferred here), it shows 1c00, that must be actually written as AAAA (0x1c). In the bug T3803, we saw byte sequence like that, additional 00 was added then resulted malformed DNS packet.

Fri, Oct 15, 2:17 AM · Info Needed, Bug Report, dns, dirmngr

Thu, Oct 14

GnuBoy created T5660: Second key decrypts messages it shouldn't.
Thu, Oct 14, 11:15 PM · Support
swimmerm added a project to T5626: 'GPGCONF --list-dirs' command option on-screen displayed results show '%3a' unexpected and unneeded characters in each line displaying a C: drive path instead of simpler expected '...:C:\...' sub-strings with only valid ':' ('colon') characters present: gnupg (gpg22).
Thu, Oct 14, 11:13 PM · gnupg (gpg22), UI, Not A Bug, gpg4win
swimmerm renamed T5626: 'GPGCONF --list-dirs' command option on-screen displayed results show '%3a' unexpected and unneeded characters in each line displaying a C: drive path instead of simpler expected '...:C:\...' sub-strings with only valid ':' ('colon') characters present from 'GPGCONF --list-dirs' command option on-screen displayed results show '%3a' unexpected and unneeded characters in each line displaying a C: drive path instead of simpler expected '...:C:\...' sub-string with only valid ':' ('colon') characters present to 'GPGCONF --list-dirs' command option on-screen displayed results show '%3a' unexpected and unneeded characters in each line displaying a C: drive path instead of simpler expected '...:C:\...' sub-strings with only valid ':' ('colon') characters present.
Thu, Oct 14, 11:11 PM · gnupg (gpg22), UI, Not A Bug, gpg4win
swimmerm renamed T5626: 'GPGCONF --list-dirs' command option on-screen displayed results show '%3a' unexpected and unneeded characters in each line displaying a C: drive path instead of simpler expected '...:C:\...' sub-strings with only valid ':' ('colon') characters present from 'GPGCONF --list-dirs' command option on-screen displayed results show '%3a' unexpected and unneeded characters in each line displaying a C: drive path instead of simpler expected ':C:\' string with only valid ':' ('colon') characters present to 'GPGCONF --list-dirs' command option on-screen displayed results show '%3a' unexpected and unneeded characters in each line displaying a C: drive path instead of simpler expected '...:C:\...' sub-string with only valid ':' ('colon') characters present.
Thu, Oct 14, 11:10 PM · gnupg (gpg22), UI, Not A Bug, gpg4win
swimmerm renamed T5626: 'GPGCONF --list-dirs' command option on-screen displayed results show '%3a' unexpected and unneeded characters in each line displaying a C: drive path instead of simpler expected '...:C:\...' sub-strings with only valid ':' ('colon') characters present from 'GPGCONF --list-dirs' command option on-screen displayed results show '%3a' unexpected characters strings in each line displaying a C: drive path instead of simpler expected ':C:\' string with only valid ':' ('colon') characters present to 'GPGCONF --list-dirs' command option on-screen displayed results show '%3a' unexpected and unneeded characters in each line displaying a C: drive path instead of simpler expected ':C:\' string with only valid ':' ('colon') characters present.
Thu, Oct 14, 11:09 PM · gnupg (gpg22), UI, Not A Bug, gpg4win
werner added a comment to T5652: Show the GnuPG version in Kleopatra.

Even better. Thanks,

Thu, Oct 14, 8:03 PM · Restricted Project, gpg4win, Feature Request, kleopatra
Jakuje added a comment to T5617: fips: Check library integrity before running selftests.

OK, let us start discussion by applying the patch first.

I have wondered if introducing another state in FSM would be needed, because:

Thu, Oct 14, 6:58 PM · FIPS, libgcrypt, Bug Report
ikloecker moved T5652: Show the GnuPG version in Kleopatra from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Thu, Oct 14, 5:33 PM · Restricted Project, gpg4win, Feature Request, kleopatra
ikloecker closed T5652: Show the GnuPG version in Kleopatra as Resolved.

The information is shown on the primary tab of the About dialog. Displaying the information in the Libraries tab requires bleeding edge KDE frameworks because the possibility to show custom information on this tab has been added very recently.

Thu, Oct 14, 5:33 PM · Restricted Project, gpg4win, Feature Request, kleopatra
ikloecker committed rKLEOPATRA09e29d50959b: Show information about GnuPG and libgcrypt in about dialog (authored by ikloecker).
Show information about GnuPG and libgcrypt in about dialog
Thu, Oct 14, 5:31 PM
ikloecker committed rLIBKLEO97eb1dc3ecdd: Add helper for retrieving used versions of GnuPG and libgcrypt (authored by ikloecker).
Add helper for retrieving used versions of GnuPG and libgcrypt
Thu, Oct 14, 5:27 PM
ikloecker committed rLIBKLEO6fca33aa1aa7: Bump library version (authored by ikloecker).
Bump library version
Thu, Oct 14, 5:27 PM
stes added a comment to T5631: pinentry-curses on OpenIndiana (Illumos distro) doesn't display correctly.

My previous patch is not perfect as the screenshot in attach shows. The clear() is not really sufficient as it only redraws the portion below the frame in the new background color (black instead of white).

Thu, Oct 14, 4:48 PM · Testing, pinentry
stes added a comment to T5631: pinentry-curses on OpenIndiana (Illumos distro) doesn't display correctly.

In the patch in attach I do a clear screen in the non-ncurses case.

Thu, Oct 14, 4:12 PM · Testing, pinentry
ikloecker moved T5652: Show the GnuPG version in Kleopatra from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Thu, Oct 14, 2:47 PM · Restricted Project, gpg4win, Feature Request, kleopatra
ikloecker added a project to T5652: Show the GnuPG version in Kleopatra: Restricted Project.
Thu, Oct 14, 2:47 PM · Restricted Project, gpg4win, Feature Request, kleopatra
stes assigned T5659: pinentry-curses disable colors to gniibe.
Thu, Oct 14, 2:16 PM · pinentry, Feature Request
stes created T5659: pinentry-curses disable colors.
Thu, Oct 14, 2:15 PM · pinentry, Feature Request
stes created T5658: pinentry-curses color option.
Thu, Oct 14, 2:10 PM · Documentation, pinentry
stes added a comment to T5631: pinentry-curses on OpenIndiana (Illumos distro) doesn't display correctly.

Hello Tim and Yukata Iibe (gniibe),

Thu, Oct 14, 2:00 PM · Testing, pinentry
werner added a comment to T5652: Show the GnuPG version in Kleopatra.

A way to get the output of "gpgconf --show-versions" might also be useful. Actually this command could be used to get the versions.

Thu, Oct 14, 1:30 PM · Restricted Project, gpg4win, Feature Request, kleopatra
werner assigned T5652: Show the GnuPG version in Kleopatra to ikloecker.
Thu, Oct 14, 1:29 PM · Restricted Project, gpg4win, Feature Request, kleopatra
werner triaged T5657: dirmngr: libdns sends malformed dns requests as Normal priority.
Thu, Oct 14, 1:26 PM · Info Needed, Bug Report, dns, dirmngr
werner added a comment to T5657: dirmngr: libdns sends malformed dns requests.

dots are not allowed in hostnames.

Thu, Oct 14, 1:25 PM · Info Needed, Bug Report, dns, dirmngr
piec added a comment to T5657: dirmngr: libdns sends malformed dns requests.

OK, I'll gdb in there to see what happens. My domain is a classic pgp.domain.com

Thu, Oct 14, 11:13 AM · Info Needed, Bug Report, dns, dirmngr
gniibe triaged T5617: fips: Check library integrity before running selftests as Normal priority.

OK, let us start discussion by applying the patch first.

Thu, Oct 14, 9:53 AM · FIPS, libgcrypt, Bug Report
gniibe committed rCb496868dc37d: fips: Fix the previous commit. (authored by gniibe).
fips: Fix the previous commit.
Thu, Oct 14, 9:45 AM
gniibe committed rCd2c68849d19b: fips: Verify library integrity before running selftests. (authored by Jakuje).
fips: Verify library integrity before running selftests.
Thu, Oct 14, 9:38 AM
gniibe changed the status of T5645: RSA/DSA keygen modification for FIPS/ACVP testing from Open to Testing.
Thu, Oct 14, 9:29 AM · Testing, libgcrypt, FIPS, Bug Report
gniibe added a project to T5645: RSA/DSA keygen modification for FIPS/ACVP testing: Testing.
Thu, Oct 14, 9:28 AM · Testing, libgcrypt, FIPS, Bug Report
gniibe added a comment to T5645: RSA/DSA keygen modification for FIPS/ACVP testing.

Applied the RSA part.

Thu, Oct 14, 9:28 AM · Testing, libgcrypt, FIPS, Bug Report
gniibe committed rCbba63fab1a22: cipher: Allow generation of RSA keys > 2k (authored by Jakuje).
cipher: Allow generation of RSA keys > 2k
Thu, Oct 14, 8:51 AM
gniibe moved T5550: Fix check_binary_integrity from Next to Done on the FIPS board.
Thu, Oct 14, 8:13 AM · Testing, FIPS, libgcrypt
gniibe added a comment to T5657: dirmngr: libdns sends malformed dns requests.

Ah, other possible case is .. in hostname.

Thu, Oct 14, 7:50 AM · Info Needed, Bug Report, dns, dirmngr
gniibe added a project to T5657: dirmngr: libdns sends malformed dns requests: Info Needed.
Thu, Oct 14, 7:45 AM · Info Needed, Bug Report, dns, dirmngr
gniibe added a comment to T5657: dirmngr: libdns sends malformed dns requests.

It's hard to investigate your problem, with no information of host for the query.
I mean, there is no case to replicate (for us).

Thu, Oct 14, 7:44 AM · Info Needed, Bug Report, dns, dirmngr

Wed, Oct 13

werner updated the task description for T5565: Release GnuPG 2.3.3.
Wed, Oct 13, 8:23 PM · gnupg (gpg23), Release Info
werner committed rG773b8fbbe915: gpg: New option --override-compliance-check (authored by werner).
gpg: New option --override-compliance-check
Wed, Oct 13, 5:39 PM
werner committed rGfb26e144adfd: gpg: New option --override-compliance-check (authored by werner).
gpg: New option --override-compliance-check
Wed, Oct 13, 5:27 PM
ikloecker added a comment to T5656: Error emitted: gpg: error reading symlink '/proc/curproc/file': No such file or directory.

No, the error is harmless. I guess it shouldn't be printed (except when debugging).

Wed, Oct 13, 5:18 PM · gnupg (gpg23), MacOS, Bug Report
piec created T5657: dirmngr: libdns sends malformed dns requests.
Wed, Oct 13, 5:10 PM · Info Needed, Bug Report, dns, dirmngr
ikloecker added a comment to T5655: In -de-vs mode it is not possible so verify sigs with Ed25519 release keys..

Wouldn't it be safer to use gpgv for verifying the signature than to add a code path to gpg to circumvent the hard de-vs compliance check?

Wed, Oct 13, 5:05 PM · gnupg (gpg22), Restricted Project
werner added projects to T5656: Error emitted: gpg: error reading symlink '/proc/curproc/file': No such file or directory: MacOS, gnupg (gpg23).

We now require a way to get the actual image of a process. For macOS the BSD method is used and we obviously need to find another way for macOS.

Wed, Oct 13, 5:03 PM · gnupg (gpg23), MacOS, Bug Report
debohman created T5656: Error emitted: gpg: error reading symlink '/proc/curproc/file': No such file or directory.
Wed, Oct 13, 4:19 PM · gnupg (gpg23), MacOS, Bug Report
werner triaged T5655: In -de-vs mode it is not possible so verify sigs with Ed25519 release keys. as High priority.
Wed, Oct 13, 3:01 PM · gnupg (gpg22), Restricted Project
Allen Winter <winter@kde.org> committed rLIBKLEOa8c200def21f: src/ui/newkeyapprovaldialog.cpp - add GpgME namespace to Protocol (authored by Allen Winter <winter@kde.org>).
src/ui/newkeyapprovaldialog.cpp - add GpgME namespace to Protocol
Wed, Oct 13, 1:42 PM
ikloecker committed rWa20d40582579: Update kleopatra (authored by ikloecker).
Update kleopatra
Wed, Oct 13, 11:15 AM
ikloecker committed rW90f732c8d190: Update Kleopatra to lastest master (authored by ikloecker).
Update Kleopatra to lastest master
Wed, Oct 13, 11:15 AM
ikloecker committed rW46364a8de630: Updated gpgex to 1.0.8 (authored by ikloecker).
Updated gpgex to 1.0.8
Wed, Oct 13, 11:15 AM
ikloecker committed rW9af90e758d66: Update pinentry gpgme kleo and libkleo (authored by ikloecker).
Update pinentry gpgme kleo and libkleo
Wed, Oct 13, 11:15 AM
ikloecker committed rW71901db08edd: Update kde-l10n (authored by ikloecker).
Update kde-l10n
Wed, Oct 13, 11:15 AM
gniibe committed rKf3b7dd416777: ASN.1 parser: Provide token table (no more %token-table). (authored by gniibe).
ASN.1 parser: Provide token table (no more %token-table).
Wed, Oct 13, 11:03 AM
gniibe added a project to T5616: asn1-parse.y:861:20: error: 'yytoknum' undeclared: Testing.
Wed, Oct 13, 10:03 AM · Testing, toolchain, libksba, Bug Report
bernhard added a comment to T3883: Add Win32-OpenSSH support to gpg-agent's ssh-agent.

@rupor-github no problem for the delay. Thanks for explaining!

Wed, Oct 13, 9:00 AM · gnupg (gpg23), Windows, ssh, gpgagent, Feature Request
werner triaged T5621: No '%ProgramData%\GNU', '%ProgramData%\GNU\etc', '%ProgramData%\GNU\etc\gnupg' or '%ProgramData%\GNU\etc\gnupg\trusted-certs' or '%ProgramData%\GNU\etc\gnupg\extra-certs' get created after setup as Normal priority.
Wed, Oct 13, 8:29 AM · Documentation, Not A Bug, gpg4win
werner committed rDa4f6a3a9040b: web: Release announcement for GnuPG 2.3.3 (authored by werner).
web: Release announcement for GnuPG 2.3.3
Wed, Oct 13, 8:23 AM
gniibe committed rPd937ccfe4445: curses: Specify fg/bg when an extention of Ncurses is not available. (authored by gniibe).
curses: Specify fg/bg when an extention of Ncurses is not available.
Wed, Oct 13, 4:06 AM
gniibe closed T4848: Usage of git in configure.ac for pinentry/gpa finds incorrect repositories as Resolved.
Wed, Oct 13, 3:54 AM · pinentry, gpa, toolchain, Bug Report
gniibe closed T5628: v5: verify with signing sub key as Resolved.
Wed, Oct 13, 3:53 AM · gnupg (gpg23)
gniibe closed T5630: With GCC 4.2 gnupg-2.3.2/kbx/backend-support.c cannot be compiled Mac OS X 10.4.11, "Tiger" as Resolved.

Fixed in 2.3.3.

Wed, Oct 13, 3:50 AM · gnupg (gpg23), Bug Report
gniibe removed a project from T5628: v5: verify with signing sub key: Testing.

Fixed in GnuPG 2.3.3.

Wed, Oct 13, 3:48 AM · gnupg (gpg23)
gniibe closed T5609: keydb_get_keyblock failed with cv448 key as Resolved.

Fixed in GnuPG 2.3.3.

Wed, Oct 13, 3:45 AM · Testing, OpenPGP, gnupg (gpg23)
gniibe edited projects for T5631: pinentry-curses on OpenIndiana (Illumos distro) doesn't display correctly, added: Testing; removed Support.
Wed, Oct 13, 3:26 AM · Testing, pinentry
gniibe added a comment to T5631: pinentry-curses on OpenIndiana (Illumos distro) doesn't display correctly.

Thank you for locating the bug!

Wed, Oct 13, 3:25 AM · Testing, pinentry
gniibe added a comment to T5590: OpenPGP: Curve 448, modernize?.

I should have explain the context.
No, there is no discussion about this in the WG.

Wed, Oct 13, 2:17 AM · OpenPGP, gnupg (gpg23)

Tue, Oct 12

mooney added a comment to T5631: pinentry-curses on OpenIndiana (Illumos distro) doesn't display correctly.

Tue, Oct 12, 8:49 PM · Testing, pinentry
mooney added a comment to T5631: pinentry-curses on OpenIndiana (Illumos distro) doesn't display correctly.

Hi gniibe!

Tue, Oct 12, 8:46 PM · Testing, pinentry
werner set External Link to https://lists.gnupg.org/pipermail/gnupg-announce/2021q4/000466.html on T5565: Release GnuPG 2.3.3.
Tue, Oct 12, 7:44 PM · gnupg (gpg23), Release Info
gc100 closed T5634: Failure with: make DESTDIR=xxx install as Resolved.

Thank you again.

Tue, Oct 12, 6:50 PM · Bug Report
werner committed rDdbefe28fc81d: swdb: Release GnuPG 2.3.3 (authored by werner).
swdb: Release GnuPG 2.3.3
Tue, Oct 12, 6:20 PM
werner closed T5405: Release GnuPG 2.3.2 as Resolved.

The new bugs have been fixed in 2.3.3; see T5565.

Tue, Oct 12, 6:17 PM · gnupg (gpg23), Release Info
werner closed T5565: Release GnuPG 2.3.3 as Resolved.
Tue, Oct 12, 6:16 PM · gnupg (gpg23), Release Info
werner updated the task description for T5654: Release GnuPG 2.3.4.
Tue, Oct 12, 6:15 PM · gnupg (gpg23), Release Info
swimmerm added a comment to T5626: 'GPGCONF --list-dirs' command option on-screen displayed results show '%3a' unexpected and unneeded characters in each line displaying a C: drive path instead of simpler expected '...:C:\...' sub-strings with only valid ':' ('colon') characters present.

Just adding this note because a next step I'm also evaluating in my current T5593 configuration status it to temporarily create a new Gpg4win 3.1.16 hybrid configuration by also adding latest GnuPG v2.2.31 to see if all issues I reported are still there (which is also quite probable).

Tue, Oct 12, 6:13 PM · gnupg (gpg22), UI, Not A Bug, gpg4win