In T2905#97872, @wltjr wrote:

Ok I can add the keyboard/mouse grab stuff. I have the code already. I get your point, mine is the opposite of yours. I would say don't launch something if your typing in your pin or about to :)

May 31 2017, 11:10 AM · pinentry, Feature Request

justus committed rEdf1d61d5c84d: build: Prepend the maintainer CFLAGS. (authored by justus).

build: Prepend the maintainer CFLAGS.

May 31 2017, 10:36 AM

justus committed rE4a9857a2b6d8: Align 'es_poll' semantics closer with POSIX. (authored by justus).

Align 'es_poll' semantics closer with POSIX.

May 31 2017, 10:36 AM

justus added a comment to T3059: Make information that a verifyresult / decrypt result was compliant to a compliance mode available through GPGME.

Reading that PDF I guess we need the same functionality in gpgsm too, right?

May 31 2017, 9:56 AM · g10code Sprint (KW 22), gpgme, gnupg

May 30 2017

justus committed rM92574406fb5f: core: Sort the status table. (authored by justus).

core: Sort the status table.

May 30 2017, 2:54 PM

justus added revisions to T3059: Make information that a verifyresult / decrypt result was compliant to a compliance mode available through GPGME: D430: Implement 'is_de_vs' for decryption results and signatures. xxx, D429: gpg: Report compliance with CO_DE_VS. xxx.

May 30 2017, 2:40 PM · g10code Sprint (KW 22), gpgme, gnupg

justus added a task to D429: gpg: Report compliance with CO_DE_VS. xxx: T3059: Make information that a verifyresult / decrypt result was compliant to a compliance mode available through GPGME.

May 30 2017, 2:40 PM

justus added a task to D430: Implement 'is_de_vs' for decryption results and signatures. xxx: T3059: Make information that a verifyresult / decrypt result was compliant to a compliance mode available through GPGME.

May 30 2017, 2:40 PM

justus created D430: Implement 'is_de_vs' for decryption results and signatures. xxx.

May 30 2017, 2:39 PM

justus created D429: gpg: Report compliance with CO_DE_VS. xxx.

May 30 2017, 2:35 PM

justus committed rG663e5ed07374: gpg: Fix typos. (authored by justus).

gpg: Fix typos.

May 30 2017, 2:31 PM

justus added a comment to T3059: Make information that a verifyresult / decrypt result was compliant to a compliance mode available through GPGME.

In T3059#98047, @werner wrote:

DSA is signature-only but VS-NfD is only about encryption. Thus signatures are out of scope.

May 30 2017, 1:48 PM · g10code Sprint (KW 22), gpgme, gnupg

justus added a comment to T3059: Make information that a verifyresult / decrypt result was compliant to a compliance mode available through GPGME.

In T3059#98040, @aheinecke wrote:

In T3059#98039, @justus wrote:

Afaics the document does not specify the following. OpenPGP messages can carry multiple signatures, and the session key can be encrypted by multiple keys. I will implement the following logic:

A verification operation is compliant if one of the signatures is compliant.

A decryption operation is compliant if all of the algorithms used to encrypt the session keys are compliant.

Sounds exactly right to me.

May 30 2017, 12:52 PM · g10code Sprint (KW 22), gpgme, gnupg

justus added a comment to T3059: Make information that a verifyresult / decrypt result was compliant to a compliance mode available through GPGME.

Afaics the document does not specify the following. OpenPGP messages can carry multiple signatures, and the session key can be encrypted by multiple keys. I will implement the following logic:

May 30 2017, 11:26 AM · g10code Sprint (KW 22), gpgme, gnupg

justus added a comment to T3059: Make information that a verifyresult / decrypt result was compliant to a compliance mode available through GPGME.

In T3059#98015, @werner wrote:

g10/misc.c:gnupg_pk_is_compliant is my take on puble key algorithms.

May 30 2017, 9:15 AM · g10code Sprint (KW 22), gpgme, gnupg

May 29 2017

justus added a comment to T3059: Make information that a verifyresult / decrypt result was compliant to a compliance mode available through GPGME.

Ok, good to know. However, I still need more information about what it means to comply with CO_DE_VS. Any pointers?

May 29 2017, 4:22 PM · g10code Sprint (KW 22), gpgme, gnupg

justus added a comment to T3059: Make information that a verifyresult / decrypt result was compliant to a compliance mode available through GPGME.

The GPGME API uses field names like 'is_de_vs', but isn't that short-sighted because we hardcode names of compliance modes into the API? Also, 'vs' seems to match both 'VERSCHLUSSSACHE – VERTRAULICH' and 'VERSCHLUSSSACHE – NUR FÜR DEN DIENSTGEBRAUCH'.

May 29 2017, 4:01 PM · g10code Sprint (KW 22), gpgme, gnupg

justus added a project to T3059: Make information that a verifyresult / decrypt result was compliant to a compliance mode available through GPGME: g10code Sprint (KW 22).

May 29 2017, 12:44 PM · g10code Sprint (KW 22), gpgme, gnupg

justus added a comment to T3059: Make information that a verifyresult / decrypt result was compliant to a compliance mode available through GPGME.

I need more information about what it means to comply with CO_DE_VS. Any pointers?

May 29 2017, 12:42 PM · g10code Sprint (KW 22), gpgme, gnupg

justus claimed T3059: Make information that a verifyresult / decrypt result was compliant to a compliance mode available through GPGME.

May 29 2017, 10:49 AM · g10code Sprint (KW 22), gpgme, gnupg

justus committed rDf6fb4b66eedd: web: Remove mirror mirror.se.partyvan.eu. (authored by justus).

web: Remove mirror mirror.se.partyvan.eu.

May 29 2017, 9:49 AM

justus moved T2990: dirmngr fails with IPv6 nameserver in resolv.conf from Backlog to Blocker on the gnupg (gpg22) board.

May 29 2017, 9:39 AM · gnupg (gpg22), Bug Report, dirmngr

justus edited projects for T2990: dirmngr fails with IPv6 nameserver in resolv.conf, added: gnupg (gpg22); removed gnupg.

May 29 2017, 9:38 AM · gnupg (gpg22), Bug Report, dirmngr

May 24 2017

justus committed rG525f2c482abb: agent: Make digest algorithms for ssh fingerprints configurable. (authored by justus).

agent: Make digest algorithms for ssh fingerprints configurable.

May 24 2017, 6:13 PM

justus committed rGa5f046d99a08: agent: Write both ssh fingerprints to 'sshcontrol' file. (authored by justus).

agent: Write both ssh fingerprints to 'sshcontrol' file.

May 24 2017, 6:13 PM

justus committed rG3a07a69dfc87: common: Correctly render SHA256-based ssh fingerprints. (authored by justus).

common: Correctly render SHA256-based ssh fingerprints.

May 24 2017, 6:13 PM

justus committed rG3ac1a9d3a018: common: Support different digest algorithms for ssh fingerprints. (authored by justus).

common: Support different digest algorithms for ssh fingerprints.

May 24 2017, 6:13 PM

justus closed T2106: Support SHA-256 fingerprints for ssh as Resolved.

Fixed as of 525f2c482abb6bc2002eb878b03558fb43e6b004.

May 24 2017, 6:13 PM · gnupg (gpg22), gnupg, ssh, Feature Request

justus added a comment to T2905: EFL-based pinentry.

"wltjr (William L Thomson Jr)" <noreply@dev.gnupg.org> writes:

May 24 2017, 4:59 PM · pinentry, Feature Request

justus added a comment to T3027: gpg-agent crash on macOS Sierra triggerd by ssh.

"landro (Stefan Magnus Landrø)" <noreply@dev.gnupg.org> writes:

May 24 2017, 1:44 PM · Bug Report, gpgagent, gnupg

justus moved T2964: dirmngr and gpg-agent should work automatically even when GNUPGHOME is larger than sun_path from Backlog to Deferred on the gnupg (gpg22) board.

May 24 2017, 1:29 PM · Stalled, scd, gpgagent, Bug Report, gnupg, dirmngr

justus moved T2908: dirmngr can't be build w/o LDAP from Backlog to Wishlist on the gnupg (gpg22) board.

May 24 2017, 1:29 PM · gnupg (gpg22), dirmngr, Bug Report, gnupg

justus claimed T2423: configure: error: Sorry, the current implemenation requires mmap. due to empty CFLAGS (missing -fPIC).

@werner, can you please quickly outline how you imagine this to be fixed? Our jabber discussion is gone from my memory, and my client does not keep logs for MUCs for some reason.

May 24 2017, 1:25 PM · gnupg (gpg22), Bug Report, gnupg

justus moved T2423: configure: error: Sorry, the current implemenation requires mmap. due to empty CFLAGS (missing -fPIC) from Backlog to Blocker on the gnupg (gpg22) board.

May 24 2017, 1:23 PM · gnupg (gpg22), Bug Report, gnupg

justus moved T2236: Importing a key with badly ordered packets doesn't reorder it, and while --edit-key does reorder it doesn't move the signature packets to the right place from Backlog to Blocker on the gnupg (gpg22) board.

May 24 2017, 1:22 PM · gnupg (gpg22), Bug Report

justus moved T2917: --locate-key should re-fetch key via WKD if it is expired from Backlog to Blocker on the gnupg (gpg22) board.

May 24 2017, 1:18 PM · gnupg (gpg22), Bug Report

justus moved T1173: gpg has no easy way to view the reason and description of revocation sigs from Backlog to Wishlist on the gnupg (gpg22) board.

May 24 2017, 1:17 PM · gnupg, Debian, Feature Request

justus moved T1537: gpgv does not handle expired or revoked keys from Backlog to Wishlist on the gnupg (gpg22) board.

May 24 2017, 1:17 PM · Feature Request, gnupg

justus moved T2106: Support SHA-256 fingerprints for ssh from Backlog to Wishlist on the gnupg (gpg22) board.

May 24 2017, 1:17 PM · gnupg (gpg22), gnupg, ssh, Feature Request

justus moved T2381: Add more support for profiles in gpgconf from Backlog to Wishlist on the gnupg (gpg22) board.

May 24 2017, 1:17 PM · In Progress, gnupg (gpg22), gnupg, Feature Request

justus moved T2398: finger support using SRV DNS records from Backlog to Wishlist on the gnupg (gpg22) board.

May 24 2017, 1:17 PM · gnupg, Feature Request, dirmngr

justus moved T2912: command line keytocard from Backlog to Wishlist on the gnupg (gpg22) board.

May 24 2017, 1:16 PM · gnupg (gpg23), Feature Request

justus moved T2935: use-tor should have a third possible value, "if available" from Backlog to Wishlist on the gnupg (gpg22) board.

May 24 2017, 1:16 PM · gnupg (gpg22), In Progress, Feature Request, dirmngr

justus moved T2940: dirmngr fails for hkps when http-proxy is in use from Backlog to Wishlist on the gnupg (gpg22) board.

May 24 2017, 1:16 PM · Feature Request, gnupg (gpg22), Debian, gnupg, dirmngr

justus added a comment to T2905: EFL-based pinentry.

Ok, so the patch from the differential works. Could you please address these warnings?

May 24 2017, 11:20 AM · pinentry, Feature Request

May 23 2017

justus added a comment to T2905: EFL-based pinentry.

Also, would you be so kind to add an item to the NEWS file?

May 23 2017, 5:31 PM · pinentry, Feature Request

justus added a comment to T2905: EFL-based pinentry.

"wltjr (William L Thomson Jr)" <noreply@dev.gnupg.org> writes:

May 23 2017, 4:59 PM · pinentry, Feature Request

justus added a comment to T3027: gpg-agent crash on macOS Sierra triggerd by ssh.

So I noticed your log contains lot's of "starting a new PIN Entry", I assume you are using some kind of password manager integration, so that you don't need to enter it each time (sorry, I'm not familiar with how pinentry works on macOS).

May 23 2017, 4:00 PM · Bug Report, gpgagent, gnupg

justus added a comment to T2905: EFL-based pinentry.

Cool, thanks. Can you please explicitly say what version is the current one?

May 23 2017, 3:55 PM · pinentry, Feature Request

justus committed rG0c628321a18c: Register DCO for William L. Thomson Jr. (authored by justus).

May 23 2017, 3:53 PM

justus added a comment to T3027: gpg-agent crash on macOS Sierra triggerd by ssh.

"landro (Stefan Magnus Landrø)" <noreply@dev.gnupg.org> writes:

Too bad. I installed both libgcrypt and gnupg using homebrew, and apparently there is no way to make homebrew include debug info. I guess I could build from source and include debug info - where can I find instructions on doing that?

May 23 2017, 3:32 PM · Bug Report, gpgagent, gnupg

justus added a comment to T2905: EFL-based pinentry.

Hi @wltjr, thanks for picking this up. If we want to merge your code, we'll need a DCO from you. If you agree, please send https://dev.gnupg.org/source/gnupg/browse/master/doc/DCO to gnupg-devel@.

May 23 2017, 3:13 PM · pinentry, Feature Request

justus closed T3008: GPGME: Unit test suite failure with gpg 2.0.24 as Resolved.

https://build.opensuse.org/package/live_build_log/openSUSE:Leap:42.3:Staging:A:DVD/gpgme/standard/x86_64 looks good. Closing this task.

May 23 2017, 2:40 PM · gpgme, Bug Report

justus closed T2871: .gnupg/gpg.conf:143: invalid option as Resolved.

No reaction in Months, I'm closing this task. Feel free to reopen it with more information.

May 23 2017, 2:39 PM · gnupg

justus closed T2159: GNUPGHOME not set to the cwd as Resolved.

The test framework changed considerably, and the reporter is not responding with details. I don't believe this is applicable anymore. I'm closing this task. Feel free to reopen with more information.

May 23 2017, 2:38 PM · Tests, gnupg, Bug Report

justus closed T3154: German translation of the donation system as Resolved.

Afaics the translation is done. Feel free to poke me if something changes and needs to be re-translated.

May 23 2017, 2:35 PM · i18n, gpgweb

justus closed T3154: German translation of the donation system, a subtask of T3039: Translate donation system, as Resolved.

May 23 2017, 2:35 PM · gpgweb

justus added a comment to T3027: gpg-agent crash on macOS Sierra triggerd by ssh.

"landro (Stefan Magnus Landrø)" <noreply@dev.gnupg.org> writes:

In https://dev.gnupg.org/T3027#97654, @justus wrote:
> Hi @landro, thanks for the stack trace.  Could you please try to resolve this frame
>
>   4   libgcrypt.20.dylib            	0x000000010d8b14d2 openpgp_s2k + 594

Here it is. @justus

$ atos -o /usr/local/opt/libgcrypt/lib/libgcrypt.20.dylib -arch x86_64 -l 0x10d896000 0x000000010d8b14d2
openpgp_s2k (in libgcrypt.20.dylib) + 594

May 23 2017, 12:41 PM · Bug Report, gpgagent, gnupg