Fixed in the repo STABLE-BRANCH-1-4.
Forward ported to STABLE-BRANCH-2-0.
It's not in master (2.1).

interested in this, too. Especially since you always tell me assuan is so easy
to use because it's all in gpgme :-)

Hi,

There was a problem in Gpg4win-2.3.1 that GpgOL and GpgEX might be unable to
start Kleopatra or GPA. This problem has been fixed with 2.3.2

Thanks for your report. Please check if 2.3.2 does not solve your problem and
let us know if it still persists.

Regards,
Andre

Hi,
Thanks for your report. Could you please retest with 2.3.2 we've fixed an issue
where GpgOL had problems communicating with Kleopatra that could cause your
behavior although I'm not 100% sure as I can't reproduce your problem.

Thanks,
Andre

Thanks for your report. Sorry I missed this for 2.3.2.
I'll look into it for the next version.

Hi,

Thanks for your report. With gpg4win-2.3.2 we addressed that problem. See also
issue2319 which was also about this problem.

Please let us know if you still have that problem with 2.3.2 I could reproduce
it in testing and with the fix it no longer happens so I'm hopeful this can be
resolved :-)

Regards,
Andre

Duplicate of T2319

With 2.3.2 the fix was released.

With 2.3.2 we've fixed another bug that sent mails were still handled by gpgol
even when s/mime was disabled.

So far I know of no other problems -> Resolved.

Thank you for your checking of libs.
Failure of gpg-agent causes many errors.
One possible cause of gpg-agent's error is Npth. I have a patch for AIX:
https://lists.gnupg.org/pipermail/gnupg-devel/2016-June/031264.html

I'm pushing this change today to Npth repository.

There isn't an NFS file System on the Server.
It's possible that the lib's have issues but I compile the requsite lib's new
and I receive no Errors when I run the Tests.
I think the LIBPATH is OK, e.g. ./g10/gpg can find all lib's:

ldd ./g10/gpg
./g10/gpg needs:

/usr/lib/libc.a(shr.o)
/usr/lib/libpthread.a(shr_xpg5.o)
/usr/local/lib/libgpg-error.a(libgpg-error.so.0)
/usr/lib/libintl.a(libintl.so.1)
/usr/local/lib/libgcrypt.a(libgcrypt.so.20)
/usr/local/lib/libassuan.a(libassuan.so.0)
/usr/lib/libbz2.a(libbz2.so.1)
/unix
/usr/lib/libcrypt.a(shr.o)
/usr/lib/libpthreads.a(shr_comm.o)
/opt/freeware/lib/libgcc_s.a(shr.o)
/usr/lib/libiconv.a(shr4.o)

I looked T1779, and it failed just like this
report, with an NFS-v3 mounted file system.
Socket to gpg-agent doesn't work if it's on NFS file system.

I think that your installation of libgcrypt, libgpg-error, etc. has some issues.
Please check the installation of libgcrypt, libgpg-error, etc.

You would need to setup LIBPATH environment variable, if it's not installed to
the standard place.

Reference:
https://www.postgresql.org/message-id/52EF20B2E3209443BC37736D00C3C1380A6E79FE%40EXADV1.host.magwien.gv.at

Yes - the HOME was / but I change it to /root and now I recieve the following
Output (only failed):
.
.
.
make[3]: Entering directory '/develop/gnupg-2.1.13/tests/openpgp'
version.test: starting the gpg-agent failed
FAIL: version.test

> Hash algorithm MD5 is not installed (not an error)

PASS: mds.test
FAIL: decrypt.test
FAIL: decrypt-dsa.test
FAIL: sigs.test
FAIL: sigs-dsa.test
FAIL: encrypt.test
FAIL: encrypt-dsa.test
FAIL: seat.test
FAIL: clearsig.test
FAIL: encryptp.test
FAIL: detach.test
FAIL: armsigs.test
FAIL: armencrypt.test
FAIL: armencryptp.test
FAIL: signencrypt.test
FAIL: signencrypt-dsa.test
FAIL: armsignencrypt.test
FAIL: armdetach.test
FAIL: armdetachm.test
FAIL: detachm.test
FAIL: genkey1024.test
FAIL: conventional.test

> IDEA FAIL: conventional-mdc.test

multisig.test: valid is invalid (sig_sl_valid)
FAIL: multisig.test
verify.test: verify of msg_ols_asc failed
verify.test: verify of msg_cols_asc failed
verify.test: verify of msg_sl_asc failed
verify.test: verify of msg_olsols_asc_multiple failed
verify.test: verify of msg_oolss_asc failed
verify.test: verify of msg_cls_asc failed
verify.test: verify of msg_clss_asc failed
verify.test: verify of msg_clsclss_asc_multiple failed
FAIL: verify.test
armor.test: the armored_key_8192 bug is back in town
FAIL: armor.test
import.test: ./bug894-test.asc: import failed (bug 894)
FAIL: import.test
FAIL: ecc.test
PASS: 4gb-packet.test
SKIP: gpgtar.test
use-exact-key.test: : import failed
FAIL: use-exact-key.test
FAIL: default-key.test

> D74C5F22 FAIL: export.test

PASS: finish.test

31 of 34 tests failed
(1 test was not run)

Please report to https://bugs.gnupg.org

Makefile:650: recipe for target 'check-TESTS' failed
make[3]: * [check-TESTS] Error 1
make[3]: Leaving directory '/develop/gnupg-2.1.13/tests/openpgp'
Makefile:773: recipe for target 'check-am' failed
make[2]: * [check-am] Error 2
make[2]: Leaving directory '/develop/gnupg-2.1.13/tests/openpgp'
Makefile:527: recipe for target 'check-recursive' failed
make[1]: * [check-recursive] Error 1
make[1]: Leaving directory '/develop/gnupg-2.1.13/tests'
Makefile:580: recipe for target 'check-recursive' failed
make: * [check-recursive] Error 1

If I understand correctly, you ran 'make check' by root and root's HOME is '/'.
It is unexpected by the test program. If it works with HOME=/root or some other
value, it's not real failure.

t-stringhelp.c:428: test 2 failed
FAIL: t-stringhelp
PASS: t-timestuff
PASS: t-convert
PASS: t-percent
PASS: t-gettime
PASS: t-sysutils
PASS: t-sexputil

> Known envvars: GPG_TTY(ttyname) TERM(ttytype) DISPLAY(display)
> XAUTHORITY(xauthority) XMODIFIERS GTK_IM_MODULE DBUS_SESSION_BUS_ADDRESS
> QT_IM_MODULE INSIDE_EMACS PINENTRY_USER_DATA(pinentry-user-data)

PASS: t-session-env
PASS: t-openpgp-oid
PASS: t-ssh-utils
PASS: t-mapstrings
PASS: t-zb32
PASS: t-mbox-util
PASS: t-iobuf
PASS: t-strlist
PASS: t-private-keys
PASS: t-ccparray

PASS: t-exechelp

1 of 18 tests failed

Please report to https://bugs.gnupg.org

make: The error code from the last command is 1.

Stop.
make: The error code from the last command is 2.

Stop.
make: The error code from the last command is 2.

Stop.
make: The error code from the last command is 1.

Stop.

Hello,

I posted fix for this issue to mailing-list. See:
http://marc.info/?l=gcrypt-devel&m=146732375910584&w=2

fwiw, the documentation says:

       --try-all-secrets
              Don't look at the key ID as stored in the message  but  try  all
              secret  keys  in  turn  to  find  the right decryption key. This
              option forces the behaviour  as  used  by  anonymous  recipients
              (created  by  using  --throw-keyids  or  --hidden-recipient) and
              might come handy in case where an encrypted message  contains  a
              bogus key ID.

but that behavior is in fact not the default when used with anonymous
recipients, either:

2 dkg@alice:/tmp/cdtemp.hphmpn$ gpg --decrypt test.asc
gpg: encrypted with RSA key, ID 00000000
gpg: decryption failed: No secret key
2 dkg@alice:/tmp/cdtemp.hphmpn$ gpg --no-skip-hidden-recipients --decrypt test.asc
gpg: encrypted with RSA key, ID 00000000
gpg: decryption failed: No secret key
2 dkg@alice:/tmp/cdtemp.hphmpn$

I can confirm that this is still a problem on 2.1.13: --try-all-secrets does not
work as documented:

2 dkg@alice:/tmp/cdtemp.hphmpn$ gpg --try-all-secrets --decrypt test.asc
gpg: encrypted with RSA key, ID 00000000
gpg: decryption failed: No secret key
2 dkg@alice:/tmp/cdtemp.hphmpn$ gpg --try-secret-key test --decrypt test.asc
gpg: anonymous recipient; trying secret key 82A22A9306735B0C ...
gpg: okay, we are the anonymous recipient.
gpg: encrypted with RSA key, ID 00000000
test test
0 dkg@alice:/tmp/cdtemp.hphmpn$

Hi,

Can you please let me know if we could get hold of the older version than
1.7.1 of libgcrypt ?

Thank you for your report. Please give us more information.
Please show us the failure message, so that we can fix.

Fix commited to master with rev 643575f

BTW: Tools should not reconfigure GnuPG with the default homedir without
explicit user consent.

Can you please let me know how we can fix this bug. We are using Redhat Linux 6
and the highest version it supports for gcc is 4.4.x . If we need to go for a
higher version we need to download source code and do the rpm( which may take
more time. )

It seems that it's the bug of libgcrypt.
https://lists.gnupg.org/pipermail/gcrypt-devel/2016-June/003901.html

Hi,
the 2.1.13 announcement has
"""

• gpg: Allow export of non-passphrase protected secret keys.

"""
(from https://lists.gnupg.org/pipermail/gnupg-announce/2016q2/000390.html)
so this defect may be fixed with 2.1.13 I guess, cool!
Probably only need a test to confirm?

Fixed in e584d646. Includes a fix for the old test for those who need to
backport it.

Well it is a bug in your code and not in Libgcrypt. The md_read function is
guaranteed to always return a valid digest. However if you explicitly for SHA1
and SHA1 is not enabeld in the context we can't continue. Better use 0 as
second arg to md_read.

I will improve the error message for 1.7.2

Fixed in 2.1.13.

I think that it requires GCC version 4.6 or later for AVX instruction.
4.9 or later is better.
Ideally, configure should check GCC version.

Sorry, this is a duplicate of T2391. apparently i accidentally
double-clicked and roundup doesn't protect against that sort of thing. :/

For the few gpgsm tests we have, the --faked-system-time option is used. We
should use this here too.

uldis: Thanks for your comment. Let me show my opinion.
There are three ways (at least) to create a semaphore.
Each has different semantics, how it can be shared among different processes.

(1) sem_init with pshared=0: Not shared among processes
(2) sem_init with pshared=1: Shared among children processes of particular parent
(3) sem_open: Shared among any processes (with relevant permission)

For AIX, npth doesn't work well with (1). You suggested (3), while I proposed (2).
It is true that (2) and (3) would open up some attack vector(s),
but I believe that (2) is smaller, if any.

I fear that a LF yields other problems as well. However, the percent escaping
woyld make it easier to find.

Please first test with a current version - 2.0.30 was released in March, your
2.0.26 is close to 2 years old.

I can't find an explanation why gentoo inserts "-hardfloat". I doubt that this
is willy-nilly and as long as this has not been figured out, there is a
possibility of a different ABI and thus we can't simply alias it. Can you
please work with Kristian or someone else from gentoo to figure this out?

Thanks for binutils link.

I am not sure about the cause for this bug. However it might be fixed either be
2.1.3 (released a few days ago) or libgpg-error 1.23.

Workaround: Use
ggp --export-ownertrust >ot.txt
rm trustdb.gpg
gpg --import-ownertrust <ot.txt

Again, the host is not my invention. I linked it before and I'll do it again:
https://wiki.gentoo.org/wiki/Raspberry_Pi.

Gentoo's cross-compile tool, crossdev, suggests using "-hardfloat-" and "-
softfloat-" in the vendor field.

And here is how binutils handles this (they don't shy away from asterisks):
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=blob;f=bfd/config.bfd

This shows default-cache-ttl and max-cache-ttl being ignored:

$ eval gpg-agent --daemon
$ env | grep GPG
GPG_AGENT_INFO=/tmp/gpg-NFU8a4/S.gpg-agent:17812:1
$ gpg2 -q --decrypt foo.gpg
blah
$ kill -HUP 17812
$ gpg2 -q --decrypt foo.gpg
blah
$ date
Sat Jun 18 11:15:24 JST 2016
$ cat .gnupg/gpg-agent.conf
default-cache-ttl 300
max-cache-ttl 300
$ date
Sat Jun 18 11:24:06 JST 2016
$ gpg2 -q --decrypt foo.gpg
blah

This issue may be related to: T2054

We could bail early if we see something like this.

But since percent-unescaping is supposed to be able to handle arbitrary
characters (and consumers of this data have to percent-unescape anyway), why not
escape the record separator instead of bailing?

Thanks. I apply it to 2.1.

Quite obvious. There are probably a lot of other places which will fail with a
LF in a file name. What do you think of detecting such strange directory names
early and bail out with a fatal error?

D376: 850_0001-scdaemon-add-homedir-to-the-ARGPARSE_OPTS.patch

Awesome, that did the trick!
Many thanks.

Is armv7a-hardfloat-linux-gnu guaranteed to be ABI compatible to some other arm
triplet? If that is the case, I suggest to either drop your(?) invention of
-hardfloat- or, better, to work with the config mainatiners to make sure it is
viewed as an alias.

How does binutils handle this triplet?

If you can describe the user base for that triplet, I may add an exception to
mkheader to get things done faster.