As an example: It costed Stephan an me quite some time to understand why
you did the is_compliance and is_allowed ting. It is indeed a clever
idea but the documentation did not properly explained it and your
comment on our question didn't do it either (granted, we could have
asked more explicitly).
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed Advanced Search
Advanced Search
Advanced Search
Jun 21 2017
Jun 21 2017
justus added a comment to rG3621dbe52584: gpg,gpgsm: Fix compliance check for DSA and avoid an assert..
The password quality bar is not working. There are spaces missing in the texts.
../../efl/pinentry-efl.c: In function ‘create_window’:
../../efl/pinentry-efl.c:493:7: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement]
int ok_len = ELM_SCALE_SIZE(strlen(txt) * (PADDING * 1.5));
^~~justus triaged T3215: gpgme_op_import_keys() -- unclear documentation, problematic behavior as Normal priority.
Jun 20 2017
Jun 20 2017
Fixed in 48aae8167dcae80d43b08167a88d9eb170781a04.
dirmngr: Properly handle SRV records.
dirmngr: Refactor variable-sized array code.
dirmngr: Fix typo.
gpg: Fix error handling.
justus closed T3212: when canceling pinentry dialog while creating a new subkey, secondary pinentry dialog shows up as Resolved.
Fixed in badc1cdae52bd434e5fac2e4275575afeccc2837.
justus added a comment to rG3621dbe52584: gpg,gpgsm: Fix compliance check for DSA and avoid an assert..
I'm really unhappy with this kind of commit.
justus triaged T3212: when canceling pinentry dialog while creating a new subkey, secondary pinentry dialog shows up as Normal priority.
Agreed, that is odd.
justus closed T3213: No passphrase prompt when decrypting symmetric encrypted file (i.e. using gpg -c) as Invalid.
Yes, the passphrase is cached by gpg-agent.
Jun 19 2017
Jun 19 2017
gpgscm: Limit the number of parallel jobs.
justus committed rG6639aedaee05: gpgscm: Improve error handling of foreign functions. (authored by justus).
gpgscm: Improve error handling of foreign functions.
gpgscm: Improve option parsing.
gpgscm: Improve error reporting.
justus committed rGb766d3d1034e: tests: Run the OpenPGP tests using the new extended key format. (authored by justus).
tests: Run the OpenPGP tests using the new extended key format.
I'm not sure I understand the problem. Importing that key seems to work just fine. Listing as well.
justus committed rG6e23416fe61d: gpg: Disable compliance module for other GnuPG components. (authored by justus).
gpg: Disable compliance module for other GnuPG components.
Fixed in 6e23416fe61d4130918f2d1bf6e1f98d102c4610.
Jun 14 2017
Jun 14 2017
justus closed T2236: Importing a key with badly ordered packets doesn't reorder it, and while --edit-key does reorder it doesn't move the signature packets to the right place as Resolved.
Fixed as of 9b12b45aa5e67d4d422bf75a3879df1d52dbe67f.
gpg: Check and fix keys on import.
gpg: Refactor key checking and fixing.
gpg: Refactor keyedit module.
justus added a comment to T2236: Importing a key with badly ordered packets doesn't reorder it, and while --edit-key does reorder it doesn't move the signature packets to the right place.
It doesn't seem to impact performance significantly:
This is a feature request for the 'classic' branch. We will not implement any new features there. Please switch to GnuPG 'modern'.
Jun 13 2017
Jun 13 2017
campaign,de: translate partnering
• werner awarded rG15d2a009931f: dirmngr: Implement querying nameservers over IPv6. a Doubloon token.
In T3203#98567, @Valodim wrote:The key was created programmatically by my standard approach, which is bastardizing openkeychain unit tests. good question about the passphrase - I don't remember exactly, but I'm guessing it's either empty or "x". doesn't really matter in the context of this particular bug I guess :)
Oh, that merely lists all has algorithms Libgcrypt supports (iirc, within some sensible range). So yes, gpgsm would support that but I have never encountered one and I guess only gpgsm would be able to create such a CMS message.
Out of curiosity, how did you create the key? What is the use case?
This is fixed now. The fix 15d2a009931f44a60b9df6325f837add208459d6 should be easy to backport.
justus committed rG15d2a009931f: dirmngr: Implement querying nameservers over IPv6. (authored by justus).
dirmngr: Implement querying nameservers over IPv6.
Still, looks totally fine to me:
% sm/gpgsm --help|grep WHIRL
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224, WHIRLPOOL
Jun 12 2017
Jun 12 2017
In T3187#98531, @werner wrote:I will try to reproduce it. It might be that --passwd also trigerred the conversion to the new format.
Odd, I cannot reproduce this:
Jun 8 2017
Jun 8 2017
justus moved T3088: document --no-use-tor and its interaction with --use-tor from Backlog to Wishlist on the gnupg (gpg22) board.
justus moved T3117: improve warnings when daemons are older than gpg from Backlog to Wishlist on the gnupg (gpg22) board.
justus moved T3200: Fix sym cipher discrepancies in gpg4vsnfd evaluation documents. from Backlog to Blocker on the gnupg (gpg22) board.
justus renamed T3194: Export of keys fails (gets mangled) if stdout is redirected to a file on Windows from GPG on Windows 10: Order of export-key command affecting exported key quality? to Export of keys fails (gets mangled) if stdout is redirected to a file on Windows.
justus closed T3138: Help: "Error- key importing failed" - "gpg: starting migration from earlier GnuPG versions" ? as Invalid.
Hello. Please note that this is a bug tracker and not a support forum. Nevertheless, let's investigate.
justus triaged T3054: dirmngr only using cAcertificate attr type when querying LDAP directory as Wishlist priority.
Thanks for the input. You need to understand that this ("keyboard grabbing") is actually a security feature. If you don't like it, you can disable it (using the pinentry option --no-global-grab), or you can switch to a pinentry without that feature (e.g. the qt one).
justus triaged T3087: dirmngr, when configured to use an .onion address, should not permit HTTP redirects to a non-onion address as Wishlist priority.
justus triaged T3156: Offer to switch to automatic mode once in GpgOL and Kleopatra as Low priority.
justus closed T3055: where/how do I resolv this 'AIX-rpm < 5.3.0.0 is needed by pinentry-1.0.0-1'??? as Invalid.
Hi. Sorry for your problems, but this is a bug tracker and not a support forum. You should ask your distributor for help, or you might want to ask on our gnupg-users mailing list.
justus triaged T3088: document --no-use-tor and its interaction with --use-tor as Wishlist priority.
Implemented. The policy should be easy to adjust later on.
justus committed rGa64a55e10420: common,gpg,sm: Restrict the use of algorithms according to CO_DE_VS. (authored by justus).
common,gpg,sm: Restrict the use of algorithms according to CO_DE_VS.
justus committed rGb03fab09e188: gpg: Fix computation of compliance with CO_DE_VS. (authored by justus).
gpg: Fix computation of compliance with CO_DE_VS.
4.4.1 does not allow the use of AES-128 CFB as a cipher to encrypt the body of messages, but 4.4.2 even lists AES-128 CFB as conforming to VS-NfD. Furthermore, 4.1.1 allows,the use of AES-128 CFB as a cipher to encrypt the body of messages. I'm going to assume that this is a bug in the specification and also allow it for symmetric encryption.
In T2905#98127, @wltjr wrote:I got your point, I was saying do not have a chat client or program that would create pop ups and grab focus away. Its a highly debatable and personal preference type of thing. I have run into such already.
justus awarded M8: Campaign Banner 2017 a Hungry Hippo token.
justus triaged T3128: Configure the Arch Linux build slave to run with a time offset as Wishlist priority.
Jun 7 2017
Jun 7 2017
justus committed rGe051e3961562: common: Add cipher mode to compliance predicate. (authored by justus).
common: Add cipher mode to compliance predicate.
common,gpg,sm: Initialize compliance module.
justus committed rGf440cf73eab0: common,gpg: Move the compliance option printer. (authored by justus).
common,gpg: Move the compliance option printer.
justus committed rG842d233d4084: common,gpg,sm: Move the compliance option parser. (authored by justus).
common,gpg,sm: Move the compliance option parser.
gpg: Improve compliance with CO_DE_VS.
4.2.2 lists session keys for ciphers that are not allowed.
"werner (Werner Koch)" <noreply@dev.gnupg.org> writes:
justus reopened T3059: Make information that a verifyresult / decrypt result was compliant to a compliance mode available through GPGME as "Open".
GnuPG needs to report compliance when decrypting symmetrically encrypted packet.
this is not the place to report Debian bugs, nevertheless, I have assigned this to our resident Debian expert.
Jun 6 2017
Jun 6 2017
common,g10: Fix typos.
justus triaged T3194: Export of keys fails (gets mangled) if stdout is redirected to a file on Windows as Normal priority.