Page MenuHome GnuPG
Feed Advanced Search

Apr 22 2021

werner triaged T5406: gnupg-2.3.1: 'make check' on all tests tries to use installed 'keyboxd' as Normal priority.
Apr 22 2021, 11:07 AM · gnupg (gpg23), Bug Report
werner changed the status of T5406: gnupg-2.3.1: 'make check' on all tests tries to use installed 'keyboxd' from Open to Testing.

You are right. The problem is that in a development version we use an envvar to locate the programs, so there is usually no problem because the software has already been installed and the final test doesn't catch this. We should add a version check to all components to catch such problems.

Apr 22 2021, 8:49 AM · gnupg (gpg23), Bug Report
werner triaged T5408: gpgconf should? not list disabled components as Normal priority.

Given that we don't yet support TPM for Windows you should go ahead and apply this patch. tpm should also be removed from the list of components.

Apr 22 2021, 8:33 AM · Bug Report, Windows, gnupg (gpg23)

Apr 21 2021

werner triaged T5407: gpg fails to import second secret key in .pfx (PKCS12) file as Normal priority.
Apr 21 2021, 9:09 PM · gnupg24, gnupg (gpg23), Feature Request, S/MIME
cho-m added a project to T5406: gnupg-2.3.1: 'make check' on all tests tries to use installed 'keyboxd': gnupg (gpg23).
Apr 21 2021, 3:02 AM · gnupg (gpg23), Bug Report

Apr 20 2021

werner updated the task description for T5386: Release GnuPG 2.3.1.
Apr 20 2021, 3:35 PM · gnupg (gpg23), Release Info
werner reopened T5405: Release GnuPG 2.3.2 as "Open".
Apr 20 2021, 3:35 PM · gnupg (gpg23), Release Info
werner closed T5386: Release GnuPG 2.3.1 as Resolved.
Apr 20 2021, 3:34 PM · gnupg (gpg23), Release Info
werner closed T5405: Release GnuPG 2.3.2 as Resolved.
Apr 20 2021, 3:19 PM · gnupg (gpg23), Release Info
werner updated the task description for T5405: Release GnuPG 2.3.2.
Apr 20 2021, 3:19 PM · gnupg (gpg23), Release Info
werner triaged T5405: Release GnuPG 2.3.2 as Normal priority.
Apr 20 2021, 3:06 PM · gnupg (gpg23), Release Info

Apr 19 2021

werner closed T5400: 2.3.0 build issue on macOS - missing LIBICONV in sm/Makefile.am and ctype.h in tools/gpg-card.c as Resolved.
Apr 19 2021, 8:31 PM · gnupg (gpg23), Bug Report
werner added a project to T5400: 2.3.0 build issue on macOS - missing LIBICONV in sm/Makefile.am and ctype.h in tools/gpg-card.c: gnupg (gpg23).

Thanks, that was right in time for this weeks 2.3.1.

Apr 19 2021, 8:18 PM · gnupg (gpg23), Bug Report
werner closed T4673: 2.3-only: Don't fallback to PC/SC on failure by the internal CCID driver, only use PC/SC when --disable-ccid is specified as Resolved.
Apr 19 2021, 5:56 PM · gnupg (gpg23), Restricted Project, scd, Feature Request
werner closed T4735: Please provide an option to make --verify accept only signatures from specific trusted UID as Resolved.

aheinecke: I agree, we should not port everything back just because we could do that.

Apr 19 2021, 5:55 PM · gnupg (gpg23), Feature Request
werner closed T5000: trustdb,keybox: Adding support of v5key as Resolved.
Apr 19 2021, 5:51 PM · Restricted Project, gnupg (gpg23)
werner added a comment to T5000: trustdb,keybox: Adding support of v5key.

Has been released with 2.3.0 and we better open a new task if problems show up with v5 key. I am pretty sure that there will be a few v5 key problems after they get in real use.

Apr 19 2021, 5:51 PM · Restricted Project, gnupg (gpg23)
werner closed T4398: Rework Console and command line handling on Windows, a subtask of T4417: Work needed for gnupg 2.3, as Resolved.
Apr 19 2021, 5:48 PM · gnupg (gpg23)
werner closed T4398: Rework Console and command line handling on Windows as Resolved.

This has been released with 2.3.0 and no relevant problems have reported in the last two weeks, thus closing.

Apr 19 2021, 5:48 PM · Feature Request, gnupg (gpg23)

Apr 15 2021

werner added a project to T4673: 2.3-only: Don't fallback to PC/SC on failure by the internal CCID driver, only use PC/SC when --disable-ccid is specified: gnupg (gpg23).
Apr 15 2021, 8:39 AM · gnupg (gpg23), Restricted Project, scd, Feature Request
gniibe closed T3300: scd: Support multiple readers by PC/SC driver as Resolved.
Apr 15 2021, 7:10 AM · Restricted Project, gnupg (gpg23), scd
gniibe closed T5390: Italian translation GnuPG 2.3 as Resolved.

Thank you. Merged and pushed.

Apr 15 2021, 3:15 AM · i18n, gnupg (gpg23)

Apr 14 2021

gniibe added a comment to T5393: gnupg coverity static analysis reports.

@werner No problem. Just go ahead.

Apr 14 2021, 1:45 AM · gnupg (gpg23), Bug Report

Apr 13 2021

Jakuje added a comment to T5393: gnupg coverity static analysis reports.

Regarding the identical branches thing: This is on purpose. The function works closely together with another one which will then BUG() out. @Jakuje: If you know some meta comment to attribute this, please let me know.

Apr 13 2021, 9:05 PM · gnupg (gpg23), Bug Report
werner added a comment to T5393: gnupg coverity static analysis reports.

Regarding the identical branches thing: This is on purpose. The function works closely together with another one which will then BUG() out. @Jakuje: If you know some meta comment to attribute this, please let me know.

Apr 13 2021, 7:11 PM · gnupg (gpg23), Bug Report
werner added a comment to T5393: gnupg coverity static analysis reports.

@gniibe: If you don't mind I would like to steal task this from you. I have noticed a few things which could get a little code refresh in addition to the fixes.

Apr 13 2021, 6:57 PM · gnupg (gpg23), Bug Report
Jakuje added a comment to T5393: gnupg coverity static analysis reports.

There is couple of issues that I did not want to propose a patch for, but might require some attention:

Error: IDENTICAL_BRANCHES (CWE-398): [#def28] [important]
gnupg-2.3.0/common/tlv-builder.c:353: identical_branches: The same code is executed regardless of whether "tag < 31" is true, because the 'then' and 'else' branches are identical. Should one of the branches be modified, or the entire 'if' statement replaced?
#  351|     (void)constructed;  /* Not used, but passed for uniformity of such calls.  */
#  352|   
#  353|->   if (tag < 0x1f)
#  354|       {
#  355|         buflen++;

There are also couple of reports about the function default_homedir(), which is supposed to return const char * but in reality, it sometimes allocates memory while callers do not expect it so they do not free:

Error: RESOURCE_LEAK (CWE-772): [#def11]
gnupg-2.2.27/common/homedir.c:477: alloc_fn: Storage is returned from allocation function "default_homedir".
gnupg-2.2.27/common/homedir.c:477: var_assign: Assigning: "newdir" = storage returned from "default_homedir()".
gnupg-2.2.27/common/homedir.c:488: noescape: Resource "newdir" is not freed or pointed-to in "make_absfilename".
gnupg-2.2.27/common/homedir.c:490: leaked_storage: Returning without freeing "newdir" leaks the storage that it points to.
#  488|     the_gnupg_homedir = make_absfilename (newdir, NULL);;
#  489|     xfree (tmp);
#  490|-> }
#  491|   
#  492|
Apr 13 2021, 6:47 PM · gnupg (gpg23), Bug Report
Jakuje added a comment to T5393: gnupg coverity static analysis reports.

Thank you. The initial run was against olderer version of gnupg (and had one issue in g10/keyedit.c -- see the new patch with fixup). Now I ran it against the version 2.3 and there are couple of more issues to be fixed (rebased on top of already applied changes and the previous commits).

Apr 13 2021, 3:44 PM · gnupg (gpg23), Bug Report
gniibe added a comment to T5393: gnupg coverity static analysis reports.

Thank you.

Apr 13 2021, 8:02 AM · gnupg (gpg23), Bug Report
gniibe claimed T5393: gnupg coverity static analysis reports.
Apr 13 2021, 7:12 AM · gnupg (gpg23), Bug Report
gniibe closed T5389: gnupg 2.3 missing libassuan include directory in CFLAGS for several targets as Resolved.

Thank you. Applied and pushed.

Apr 13 2021, 6:59 AM · gnupg (gpg23), Bug Report

Apr 12 2021

Jakuje added a comment to T5389: gnupg 2.3 missing libassuan include directory in CFLAGS for several targets.

(FYI I did not notice any other errors with 2.3 so far)

Apr 12 2021, 6:25 PM · gnupg (gpg23), Bug Report
Jakuje created T5393: gnupg coverity static analysis reports.
Apr 12 2021, 5:59 PM · gnupg (gpg23), Bug Report
gniibe closed T4888: GpgSM: Support ECC key generation by gpgsm_genkey, a subtask of T4098: GpgSM: Add ECC support, as Resolved.
Apr 12 2021, 12:21 PM · gnupg (gpg23), Feature Request, S/MIME
gniibe claimed T5389: gnupg 2.3 missing libassuan include directory in CFLAGS for several targets.
Apr 12 2021, 7:05 AM · gnupg (gpg23), Bug Report

Apr 10 2021

Denisov23 created T5390: Italian translation GnuPG 2.3.
Apr 10 2021, 12:51 PM · i18n, gnupg (gpg23)

Apr 9 2021

werner added projects to T4823: Test Yubikey's support for ed25519: yubikey, gnupg (gpg23).
Apr 9 2021, 8:30 PM · gnupg24, gnupg (gpg23), yubikey
Jakuje created T5389: gnupg 2.3 missing libassuan include directory in CFLAGS for several targets.
Apr 9 2021, 2:39 PM · gnupg (gpg23), Bug Report

Apr 8 2021

werner set External Link to https://lists.gnupg.org/pipermail/gnupg-announce/2021q2/000458.html on T5343: Release GnuPG 2.3.0.
Apr 8 2021, 11:10 AM · Release Info, gnupg (gpg23)

Apr 7 2021

werner closed T5343: Release GnuPG 2.3.0 as Resolved.
Apr 7 2021, 9:09 PM · Release Info, gnupg (gpg23)
werner updated the task description for T5343: Release GnuPG 2.3.0.
Apr 7 2021, 9:09 PM · Release Info, gnupg (gpg23)
werner triaged T5386: Release GnuPG 2.3.1 as Normal priority.
Apr 7 2021, 8:44 PM · gnupg (gpg23), Release Info

Mar 28 2021

ageis added a comment to T4514: Batch mode/unattended key generation: support multiple subkeys.

Hey @wener.. As I mentioned in the original post, there's a default-new-key-algo setting... Is it still not possible to use specify something like "rsa4096/cert,rsa4096/encr,rsa4096/sign,rsa4096/auth"?? Would love to see some progress on this. Glad to help test.

Mar 28 2021, 8:08 AM · gnupg24, gnupg (gpg23), Feature Request

Mar 27 2021

werner closed T5366: "*** stack smashing detected ***" in test suite as Resolved.
Mar 27 2021, 11:27 AM · gnupg (gpg23)

Mar 26 2021

werner claimed T5366: "*** stack smashing detected ***" in test suite.
Mar 26 2021, 2:14 PM · gnupg (gpg23)
cbiedl created T5366: "*** stack smashing detected ***" in test suite.
Mar 26 2021, 1:46 PM · gnupg (gpg23)

Mar 23 2021

werner closed T5341: gpgconf does not list default_pubkey_algo pseudo option anymore as Resolved.

The flag value is now 144 and not 146, but that extra bit (value 2) did not make sense for the option. So I think things are okay now.

Mar 23 2021, 12:42 PM · gnupg (gpg23), Bug Report

Mar 22 2021

werner triaged T5353: gpgme: Implement keylist_data for gpgsm as Normal priority.
Mar 22 2021, 1:41 PM · gnupg24, gnupg (gpg23), gpgme, Feature Request

Mar 16 2021

werner closed T4702: Deadline for the GnuPG 2.3.0 release, a subtask of T4713: Bug in get_best_pubkey_byname, as Resolved.
Mar 16 2021, 4:53 PM · Restricted Project, gnupg (gpg23)
werner closed T4417: Work needed for gnupg 2.3 as Resolved.
Mar 16 2021, 4:49 PM · gnupg (gpg23)
werner added a comment to T4417: Work needed for gnupg 2.3.

Given that all subtasks are at least in testing state, we can close this bug.

Mar 16 2021, 4:49 PM · gnupg (gpg23)

Mar 8 2021

werner created T5343: Release GnuPG 2.3.0.
Mar 8 2021, 10:00 PM · Release Info, gnupg (gpg23)
werner changed the status of T4398: Rework Console and command line handling on Windows from Open to Testing.

and item 6. Now for more testing.

Mar 8 2021, 9:57 PM · Feature Request, gnupg (gpg23)
werner changed the status of T4398: Rework Console and command line handling on Windows, a subtask of T4417: Work needed for gnupg 2.3, from Open to Testing.
Mar 8 2021, 9:57 PM · gnupg (gpg23)
werner claimed T5341: gpgconf does not list default_pubkey_algo pseudo option anymore.
Mar 8 2021, 5:00 PM · gnupg (gpg23), Bug Report

Mar 7 2021

Angel added a comment to T5323: adduid and key expiration oddity in gpg-wks-client.

Maybe have gpg-wks-client(or also --export-filter) print a warning if the filtered result has a key expiration different than the original key? That seems the simplest way tp approach the problem.

Mar 7 2021, 11:32 PM · gnupg24, Bug Report, wkd

Mar 5 2021

werner added a comment to T4398: Rework Console and command line handling on Windows.

Items 1 to 5 have now been resolved.

Mar 5 2021, 3:52 PM · Feature Request, gnupg (gpg23)
werner closed T4365: Encoding problem: gpg truncates multibyte characters in interactive prompts on Windows, a subtask of T4398: Rework Console and command line handling on Windows, as Resolved.
Mar 5 2021, 3:50 PM · Feature Request, gnupg (gpg23)
werner closed T4365: Encoding problem: gpg truncates multibyte characters in interactive prompts on Windows as Resolved.

That it. Things works nicely for me. Won't be backported to 2.2 because this introduces minor changes in the behaviour.

Mar 5 2021, 3:50 PM · Windows, gnupg (gpg23), Bug Report

Mar 4 2021

werner added a comment to T4398: Rework Console and command line handling on Windows.

So we now get UTF-8 argv in all GnuPG modules. Globing has been enabled for gpg using our own globing code instead of the ASCII only "int _dowildcard = 1;" mingw way.

Mar 4 2021, 5:19 PM · Feature Request, gnupg (gpg23)

Feb 26 2021

werner added a comment to T4777: Pinentry sometimes mixes languages.

The show error is due a missing translation. What happened was that the translation was marked fuzzy and this marker was removed not realizing that the string really changed. The change was "...in the GnuPG system" -> "...in the %s system" which had been done to allow for different gpg names.

Feb 26 2021, 1:54 PM · gnupg (gpg23), S/MIME, gpgagent

Feb 25 2021

aheinecke added a comment to T4777: Pinentry sometimes mixes languages.

Start from scratch on a german system, even when you do a gpg --version it shows it is in german. Then import a PKCS#12 container and the dialog is in english.

Feb 25 2021, 5:16 PM · gnupg (gpg23), S/MIME, gpgagent
werner claimed T4777: Pinentry sometimes mixes languages.

A wild guess is that the different envvar systems we have in use are the culprit. It is anyway time to get this straight.

Feb 25 2021, 5:14 PM · gnupg (gpg23), S/MIME, gpgagent

Feb 23 2021

werner created T5323: adduid and key expiration oddity in gpg-wks-client.
Feb 23 2021, 6:05 PM · gnupg24, Bug Report, wkd

Feb 22 2021

werner added a comment to T4417: Work needed for gnupg 2.3.

Note that the backlog at https://dev.gnupg.org/tag/gpg23/ has quite some items and it is not yet clear which we will implement/fix first.

Feb 22 2021, 8:54 AM · gnupg (gpg23)

Feb 11 2021

werner added a comment to T4417: Work needed for gnupg 2.3.

For 2.3.0 we won't be able to fix all bugs./feature requests. Instead we l will solve that in the 2.3 series.

Feb 11 2021, 11:07 AM · gnupg (gpg23)
werner removed subtasks for T4417: Work needed for gnupg 2.3: T4344: Periodic check of own keys with the WKD, T4362: Replace the exec funtions for photoids in gpg by our standard exec functions., T4406: Allow the use of the default-new-key-algo format for --quick-gen-key..
Feb 11 2021, 11:05 AM · gnupg (gpg23)
werner removed a parent task for T4406: Allow the use of the default-new-key-algo format for --quick-gen-key.: T4417: Work needed for gnupg 2.3.
Feb 11 2021, 11:05 AM · gnupg24, Feature Request
werner removed a subtask for T4417: Work needed for gnupg 2.3: T3495: The --list-keys should account for groups that are defined.
Feb 11 2021, 11:00 AM · gnupg (gpg23)

Feb 10 2021

werner closed T4713: Bug in get_best_pubkey_byname as Resolved.

Works for me.

Feb 10 2021, 8:03 PM · Restricted Project, gnupg (gpg23)
werner lowered the priority of T4601: gpg --quiet --quick-sign-key is not quiet from Normal to Low.
Feb 10 2021, 3:05 PM · gnupg24, gnupg (gpg23), Bug Report
werner closed T4599: remap `--search` to `--locate-keys` (with warning) as Wontfix.
Feb 10 2021, 3:03 PM · gnupg (gpg23), dirmngr
werner closed T4488: dirmngr: allow changing `use-tor` in a reload as Wontfix.

dirmngr needs to be killed for this. gpgconf --kill dirmngr.

Feb 10 2021, 3:02 PM · gnupg (gpg23), dirmngr
werner added a subtask for T4398: Rework Console and command line handling on Windows: T4365: Encoding problem: gpg truncates multibyte characters in interactive prompts on Windows.
Feb 10 2021, 2:59 PM · Feature Request, gnupg (gpg23)
werner added a parent task for T4365: Encoding problem: gpg truncates multibyte characters in interactive prompts on Windows: T4398: Rework Console and command line handling on Windows.
Feb 10 2021, 2:59 PM · Windows, gnupg (gpg23), Bug Report
werner merged T3466: Add tool to convert a card backup key to a regular secret key into T4359: Convert backup keyfiles to regular key's.
Feb 10 2021, 2:58 PM · gnupg24, gnupg (gpg23), Feature Request
werner merged task T3466: Add tool to convert a card backup key to a regular secret key into T4359: Convert backup keyfiles to regular key's.
Feb 10 2021, 2:58 PM · gnupg (gpg23), Feature Request
werner closed T4154: allow setting passphrase from an environment variable as Wontfix.
Feb 10 2021, 2:55 PM · Feature Request, gnupg (gpg23)
werner closed T3573: Research performance problems with some large keyring. as Resolved.

Meanwhile we introduced the keyboxd which should solve such problems. It will be marked experimental in 2.3 but I expect that it will soon be used as the default way to store keys - at least under Windows.

Feb 10 2021, 2:52 PM · gnupg (gpg23)
werner closed T3415: GnuPG should refuse to encrypt using 64-bit block ciphers by default as Resolved.
Feb 10 2021, 2:49 PM · gnupg (gpg23), Bug Report
werner closed T3284: ssh-add -D does not return an error as it should. as Wontfix.

Won't be done because the expectations of users are different on whether they use ssh-agent or gpg-agent. And it breaks scripts

Feb 10 2021, 11:42 AM · gnupg (gpg23), Documentation
werner closed T3108: gpgconf lists the wrong extra socket path when a path is explicitly configured in gpg-agent.conf as Wontfix.
Feb 10 2021, 11:39 AM · gnupg (gpg23), gpgagent
werner closed T3237: gnupg complies to CO_DE_VS when generating keys non-interactively only by accident as Invalid.

I would not all this an accident.

Feb 10 2021, 11:37 AM · gnupg (gpg23)
werner renamed T2958: Extend --unwrap to also remove a compression layer. from extract signature from encrypted+signed message to Extend --unwrap to also remove a compression layer..
Feb 10 2021, 11:24 AM · gnupg24, Feature Request, gnupg (gpg23)
werner added a comment to T2958: Extend --unwrap to also remove a compression layer..

We have the --unwrap option which already does this. The problem here is that an addition compression layer is not removed. Therefore I will rename this report to add a feature strip things down to a signature or literal data packet..

Feb 10 2021, 11:23 AM · gnupg24, Feature Request, gnupg (gpg23)
werner closed T2925: Permissions of pubkey.kbx not retained through changes as Wontfix.

Eventually we will move to keyboxd which is already an experimental option in 2.3. Thus we won't do anything here.

Feb 10 2021, 11:13 AM · gnupg (gpg23), Bug Report
werner closed T2912: command line keytocard as Wontfix.

The gpg-card is more flexible than the old gpg stuff. If there is something missing we will add it over time but it does not make sense to keep this request open.

Feb 10 2021, 11:12 AM · gnupg (gpg23), Feature Request
werner lowered the priority of T2862: support session key extraction and overriding for gpgsm from Normal to Wishlist.
Feb 10 2021, 11:10 AM · gnupg24, Feature Request, gnupg (gpg23)
werner closed T2850: auto-key-locate is annoying as Resolved.

Due to better working timeouts we have mostly soolved these problems,. Further keyservers are not anymore of great use these days.

Feb 10 2021, 11:09 AM · gnupg (gpg23), gnupg, Feature Request
werner closed T2836: dirmngr: wakes up periodically as Resolved.

The other patches don't make sense because of future plans for dirmngr.

Feb 10 2021, 11:07 AM · gnupg, gnupg (gpg23), Bug Report, dirmngr
werner lowered the priority of T2760: Populate comment field when exporting authentication key for SSH from Normal to Wishlist.
Feb 10 2021, 11:05 AM · gnupg24, ssh, Feature Request
werner lowered the priority of T2290: Allow gpgv2 to use armored GPG keys as keyring file with trusted keys from Normal to Wishlist.
Feb 10 2021, 11:02 AM · gnupg24, Feature Request
werner lowered the priority of T2186: --encrypt-to ambiguous with a expired and revoked key from Normal to Low.
Feb 10 2021, 11:01 AM · gnupg24, Feature Request
werner closed T1089: Please store requests in a cache to avoid sending out duplicate requests (mailto: interface) as Wontfix.
Feb 10 2021, 10:59 AM · gnupg (gpg23), gnupg, Debian, Feature Request

Feb 8 2021

werner placed T4713: Bug in get_best_pubkey_byname up for grabs.

Thanks for the fix.

Feb 8 2021, 8:56 PM · Restricted Project, gnupg (gpg23)

Feb 5 2021

gniibe added a comment to T4713: Bug in get_best_pubkey_byname.

pubkey_cmp should be symmetric (pubkey_cmp(A,B) == - pubkey_cmp(B,A)), but it was not.

Feb 5 2021, 7:17 AM · Restricted Project, gnupg (gpg23)

Feb 3 2021

werner reopened T4713: Bug in get_best_pubkey_byname as "Open".

The problem persists when using keyboxd which returns keys in a different order.

Feb 3 2021, 3:29 PM · Restricted Project, gnupg (gpg23)

Feb 1 2021

aheinecke added a comment to T4735: Please provide an option to make --verify accept only signatures from specific trusted UID.

I'm slightly against a backport as this is a behavior change for example KMail and GpgOL which use the --sender option might get different results after this change. I don't think it would be problematic but as said I have a slight preference against backporting because changing behavior of existing calls is better something for the new major release which is in its final steps for release anyway.

Feb 1 2021, 10:47 AM · gnupg (gpg23), Feature Request
mgorny added a comment to T4735: Please provide an option to make --verify accept only signatures from specific trusted UID.

Shall we backport this to 2.2 which is our LTS release?

Feb 1 2021, 10:42 AM · gnupg (gpg23), Feature Request

Jan 28 2021

gniibe closed T5170: card: Allow use cases with no corresponding *.key file under private-keys-v1.d as Resolved.
Jan 28 2021, 3:14 AM · Restricted Project, gnupg (gpg23)