Not to mention making sure we test for a time after the end of the old 32-bit clock.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
All Stories
Apr 26 2018
Apr 25 2018
T2984 might also be related as the fetches are ldap.
Still happens. There are also "BER" errors that seem random.
Alright, I will create a ticket with Exquilla to see with them if this could be fixed on their side.
Thanks for your report!
Apr 24 2018
Very strange behavior caused this. Outlook seems to detach from an object model call, handle a window message, and then return the object model call.
Apr 23 2018
Looking again at this: There is a reason why I used the simple permissive license for _that_ file and didn't referenced the Program (GnUPG) here:
Do you have an example for this in our code?
BTW< you should add an SPDX-Licence-Identifier while you are changing the boilerplate.
See also T2448
Apr 22 2018
Apr 21 2018
I just took a look through assuan-socket.c and it appears that we just need to send the nonce and don't need to read anything back. We also found a bug on our side that was preventing the nonce from being sent, which has been fixed. The error message logged above no longer happens.
This for importing passwords using a somewhat heuristic approach to accommodate for all the weird things other PKCS#12 implementations do. I have not looked into the specs for a decade and thus can't tell you the reason for that limitations. There might have been one back then. In any case PKCS#12 is the most insecure things in the PKCS suite and it is questionable whether this can be called a standard.
Also confirming the workaround. Not sure whether it would have done me any justice to counter-sign the key after accepting it locally, since I only verified it against their web page. The web page is hard to find with a Google search, since Google does not turn the unspaced hexadecimal fingerprint into something that matches the space-every-four-digits format used on their PGP/GPG instruction page. Searching for "Facebook PGP key" works, though.
The nonce is a string of octets thus it needs to be passed verbatim. I would need to study the code in libassun/src/assuan-socket.c to tell more.
Apr 20 2018
@werner After sending the nonce value from the socket file, does anything need to be read back before ssh-agent commands can be sent? Are there any byte ordering requirements for sending the nonce or can they be sent in the same order as they are in the file?
Thanks for the quick reply @aheinecke.
I (as the maintainer of pinentry-qt) fully agree with your sentiment. I changed it in pinentry-qt (since version 1.0.0) so that the keyboard input is only grabbed (which is a security feature) when the input focus is on the passphrase entry as I found it very annoying myself.
This task and Forum reports about CRL errors caused me to investigate a bit and we found a Bug with CRL's on Windows. T3923 which might be the root cause.
Looks ok now in my tests. I still want to test against more CA's with more CLRs (e.g. COMODO and CACert)