Page MenuHome GnuPG
Feed All Stories

Dec 26 2022

l10n daemon script <scripty@kde.org> committed rKLEOPATRA7fa4182352b4: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Dec 26 2022, 4:33 AM
l10n daemon script <scripty@kde.org> committed rKLEOPATRAe7dda50500a8: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Dec 26 2022, 3:21 AM

Dec 25 2022

l10n daemon script <scripty@kde.org> committed rLIBKLEO86fbdd8040b6: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Dec 25 2022, 6:05 AM
l10n daemon script <scripty@kde.org> committed rKLEOPATRA0a82fe65b1fc: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Dec 25 2022, 5:52 AM
l10n daemon script <scripty@kde.org> committed rLIBKLEO7af1fc436c7d: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Dec 25 2022, 4:24 AM
l10n daemon script <scripty@kde.org> committed rKLEOPATRA408c1f316feb: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Dec 25 2022, 3:55 AM

Dec 24 2022

l10n daemon script <scripty@kde.org> committed rKLEOPATRAddaca6cf9be4: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Dec 24 2022, 3:15 AM

Dec 23 2022

chris2553 closed T6319: gnupg-2.4.0 says "NOTE: THIS IS A DEVELOPMENT VERSION!" as Resolved.
Dec 23 2022, 9:28 PM · Bug Report
chris2553 added a comment to T6319: gnupg-2.4.0 says "NOTE: THIS IS A DEVELOPMENT VERSION!".

Your response to my other bug report (T6320) advised me not to build in tree and that fixed the "make check" problem. In turn, that means I no longer need to patch Makefile.am and run autoreconf. That has made this Development Version warning to go away.

Dec 23 2022, 9:26 PM · Bug Report
werner closed T6320: gnupg-2.4.0: make check fails as Resolved.

See T6310 and the release note update at T6303.

Dec 23 2022, 3:42 PM · Duplicate, Bug Report
werner added a comment to T6319: gnupg-2.4.0 says "NOTE: THIS IS A DEVELOPMENT VERSION!".

Sorry, I can't replicate this.

Dec 23 2022, 3:39 PM · Bug Report
aheinecke committed rXf38c67ca9cb4: Remove Help command (authored by aheinecke).
Remove Help command
Dec 23 2022, 1:05 PM
aheinecke committed rX1171ec60f13e: Remove -O0 from hardening flags (authored by aheinecke).
Remove -O0 from hardening flags
Dec 23 2022, 1:05 PM
werner committed rG9a012d2c53cf: Merge branch 'STABLE-BRANCH-2-2.40' into STABLE-BRANCH-2-2 (authored by werner).
Merge branch 'STABLE-BRANCH-2-2.40' into STABLE-BRANCH-2-2
Dec 23 2022, 12:49 PM
aheinecke committed rW422e1e785c10: MSI: Handle Product name in outer msi sig (authored by aheinecke).
MSI: Handle Product name in outer msi sig
Dec 23 2022, 12:46 PM
werner committed rG8c0dedd99b26: Post release updates (authored by werner).
Post release updates
Dec 23 2022, 12:21 PM
werner committed rG75ad0ea6dcad: Release 2.2.41 (authored by werner).
Release 2.2.41
Dec 23 2022, 12:21 PM
werner committed rG42637c0ead81: po: Auto update (authored by werner).
po: Auto update
Dec 23 2022, 12:21 PM
chris2553 updated the task description for T6319: gnupg-2.4.0 says "NOTE: THIS IS A DEVELOPMENT VERSION!".
Dec 23 2022, 11:50 AM · Bug Report
chris2553 created T6320: gnupg-2.4.0: make check fails.
Dec 23 2022, 11:48 AM · Duplicate, Bug Report
aheinecke committed rW86da9b53c845: MSI: Split into multiple cabs and reuse them (authored by aheinecke).
MSI: Split into multiple cabs and reuse them
Dec 23 2022, 11:35 AM
chris2553 created T6319: gnupg-2.4.0 says "NOTE: THIS IS A DEVELOPMENT VERSION!".
Dec 23 2022, 11:04 AM · Bug Report
aheinecke committed rWe343c7208dc0: Remove all files when uninstalling gpg4win (authored by aheinecke).
Remove all files when uninstalling gpg4win
Dec 23 2022, 10:53 AM
aheinecke added a comment to T4505: SM, W32: GPGSM hangs up the GnuPG System.

@ikloecker You are right, I only thought of public key import. Then lets serialize this. Might even make for a nicer Progressbar if we count the outstanding files.

Dec 23 2022, 9:51 AM · Restricted Project, gpgol, S/MIME, gpg4win, Windows
l10n daemon script <scripty@kde.org> committed rKLEOPATRA02437b0ccf2a: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Dec 23 2022, 3:11 AM

Dec 22 2022

ikloecker added a comment to T4505: SM, W32: GPGSM hangs up the GnuPG System.

I have an Idea. Can't we read all data into memory in Kleopatra (for Certificates this should be ok) and then give this to GPGME as a single data object. So that only one process imports multiple files?

Dec 22 2022, 7:21 PM · Restricted Project, gpgol, S/MIME, gpg4win, Windows
aheinecke added a comment to T4505: SM, W32: GPGSM hangs up the GnuPG System.

I really don't want to bypass gpgme and then parse the import results and all other status output of gpgsm ourselves. I'll go for Andre's suggestion and serialize imports of multiple files.

Dec 22 2022, 4:59 PM · Restricted Project, gpgol, S/MIME, gpg4win, Windows
aheinecke triaged T6251: Invalid ID in GpgOL while sending myself a signed and encrypted message as Wishlist priority.

Please attach the certificate so that we can check what is problematic with that certificate. I am changing this issue to wishlist as the solution here will most likely be that we have to extend the S/MIME capabilities of Gpg4win.

Dec 22 2022, 3:44 PM · Info Needed, S/MIME, gpgol
aheinecke closed T6286: gpgme-json not installed by default as Resolved.

For testing I have created a Gpg4win installer and only selected minimal installation and gpgme-json was there. Both in /bin and /bin_64.

Dec 22 2022, 3:37 PM · Feature Request, gpgme, gpg4win
aheinecke committed rW846ffd30216b: Always install gpgme (authored by aheinecke).
Always install gpgme
Dec 22 2022, 3:32 PM
ikloecker committed rKLEOPATRA9f8397403099: Remove reference to color which does not always apply (authored by ikloecker).
Remove reference to color which does not always apply
Dec 22 2022, 2:49 PM
werner created gpd.
Dec 22 2022, 2:09 PM
werner committed rD788efa7ef2f3: web: Noted CVE for T6284 (authored by werner).
web: Noted CVE for T6284
Dec 22 2022, 10:57 AM
werner added a project to T6284: Another integer overflow in Libksba: CVE.

This bug is CVE-2022-47629

Dec 22 2022, 10:48 AM · CVE, Bug Report, libksba
werner updated the task description for T6304: Release Libksba 1.6.3.
Dec 22 2022, 10:48 AM · Release Info, libksba
werner closed T3883: Add Win32-OpenSSH support to gpg-agent's ssh-agent as Resolved.
Dec 22 2022, 10:34 AM · Not A Bug, workaround, gnupg24, Windows, ssh
mfilippov added a comment to T3883: Add Win32-OpenSSH support to gpg-agent's ssh-agent.

Thanks all. It is a bug in Win32 OpenSSH. https://github.com/PowerShell/Win32-OpenSSH/issues/1953 it is already fixed. I think the issue will be resolved after the update is shipped. I could use ssh -T git@github.com as a workaround.

Dec 22 2022, 10:05 AM · Not A Bug, workaround, gnupg24, Windows, ssh
l10n daemon script <scripty@kde.org> committed rKLEOPATRAd0e8d9957025: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Dec 22 2022, 3:07 AM
gniibe committed rGe89d57a2cb10: tests: Fix tests/gpgme for in-source-tree builds. (authored by gniibe).
tests: Fix tests/gpgme for in-source-tree builds.
Dec 22 2022, 1:02 AM
gniibe added a comment to T3883: Add Win32-OpenSSH support to gpg-agent's ssh-agent.

Well, not our bug... it's a kind of support question and answer:
This might help: https://stackoverflow.com/questions/3844393/what-to-do-about-pty-allocation-request-failed-on-channel-0

Dec 22 2022, 1:00 AM · Not A Bug, workaround, gnupg24, Windows, ssh
gniibe changed the status of T6313: 2.4.0 does not support in-source-tree builds from Open to Testing.

Pushed the change.

Dec 22 2022, 12:54 AM · gnupg24, workaround, Bug Report
gniibe changed the status of T6315: libgpg-error: argparse: empty header doesn't work well from Open to Testing.

Ah, I had not done git pull for a week, and I didn't realize your patch.

Dec 22 2022, 12:51 AM · Bug Report, gpgrt

Dec 21 2022

aheinecke committed rWaa5c7c1299dd: Fix checksums of GnuPG-2.2.41 (authored by aheinecke).
Fix checksums of GnuPG-2.2.41
Dec 21 2022, 3:20 PM
aheinecke committed rWa91a4792cc5d: Update GnuPG packages for v3 (authored by aheinecke).
Update GnuPG packages for v3
Dec 21 2022, 3:05 PM
aheinecke committed rW6100f3e4190f: Fix version switch in download.sh (authored by aheinecke).
Fix version switch in download.sh
Dec 21 2022, 2:59 PM
aheinecke committed rW3d58da5cc1b9: Remove LIBKLEO_VERSION and QT_REQUIRED_VERSION mods (authored by aheinecke).
Remove LIBKLEO_VERSION and QT_REQUIRED_VERSION mods
Dec 21 2022, 2:59 PM
aheinecke committed rW6aec79c3c98d: Update kleopatra and libkleo post release (authored by aheinecke).
Update kleopatra and libkleo post release
Dec 21 2022, 2:59 PM
aheinecke committed rW29edc5b861fc: Add DISTRIBUTION_TEXT as parameter for Kleopatra (authored by aheinecke).
Add DISTRIBUTION_TEXT as parameter for Kleopatra
Dec 21 2022, 1:33 PM
aheinecke committed rWa65c1dab4dbd: Remove some unused configure flags (authored by aheinecke).
Remove some unused configure flags
Dec 21 2022, 1:33 PM
aheinecke committed rW0cdb0adc965a: Post release version bump (authored by aheinecke).
Post release version bump
Dec 21 2022, 1:33 PM
aheinecke committed rKLEOPATRAf15d4198213f: Add groups documentation to xmlgui declaration (authored by aheinecke).
Add groups documentation to xmlgui declaration
Dec 21 2022, 1:29 PM
aheinecke committed rKLEOPATRA6fcd618548c6: Update and reall include versioninfo for windows (authored by aheinecke).
Update and reall include versioninfo for windows
Dec 21 2022, 1:29 PM
ikloecker added a comment to T4505: SM, W32: GPGSM hangs up the GnuPG System.

I really don't want to bypass gpgme and then parse the import results and all other status output of gpgsm ourselves. I'll go for Andre's suggestion and serialize imports of multiple files.

Dec 21 2022, 12:20 PM · Restricted Project, gpgol, S/MIME, gpg4win, Windows
werner added a comment to T3883: Add Win32-OpenSSH support to gpg-agent's ssh-agent.

This does not look like a problem in GnuPG/gpg4win because gnupg implements the ssh-agent protocol and not the ssh server or client functionality. ssh tells sshd whether it shall allocate a PTY (Pseudo TTY). I don't use ssh with github but it is likely that you may only run commands (which don't require a PTY). Usually you would invoke a "git" command cia ssh.

Dec 21 2022, 12:10 PM · Not A Bug, workaround, gnupg24, Windows, ssh
werner added a comment to T6315: libgpg-error: argparse: empty header doesn't work well.

I pushed a similar fix last week: rE885a287a57cf060b4c
and gnupg has a hack to fix it for oler libgpg-error versions.

Dec 21 2022, 12:04 PM · Bug Report, gpgrt
werner added a comment to T4505: SM, W32: GPGSM hangs up the GnuPG System.

I meant bypass the gpgme engine and call gpgsm directly. Maybe using gpgme's spawn engine. But I am not sure whether this is really a good idea. If we can find a way to pass multiple filenames to gpgsm --server that would be better. But requires updates to gpgsm.

Dec 21 2022, 11:59 AM · Restricted Project, gpgol, S/MIME, gpg4win, Windows
aheinecke reopened T3516: Gpg4win: Version info for Kleopatra, a subtask of T3742: Gpg4win 3.1.0, as Open.
Dec 21 2022, 11:45 AM · gpg4win
aheinecke reopened T3516: Gpg4win: Version info for Kleopatra as "Open".

Only just noticed that this was added incompletely, it was added to the build system but not linked in.

Dec 21 2022, 11:45 AM · kleopatra, gpg4win
mfilippov added a comment to T3883: Add Win32-OpenSSH support to gpg-agent's ssh-agent.

Authentication succeed if I pressed enter after:PTY allocation request failed on channel 0

Dec 21 2022, 10:58 AM · Not A Bug, workaround, gnupg24, Windows, ssh
mfilippov added a comment to T3883: Add Win32-OpenSSH support to gpg-agent's ssh-agent.

I try WinGPG 4.1.0, and I receive an error:
ssh git@github.com
PTY allocation request failed on channel 0

Dec 21 2022, 10:53 AM · Not A Bug, workaround, gnupg24, Windows, ssh
ikloecker added a comment to T4505: SM, W32: GPGSM hangs up the GnuPG System.

@werner Do I understand correctly that by "It might be easier to bypass the gpgsm and run gpgsm directly" you mean using gpgsm in server mode? Or what do you mean with "bypass gpgsm and run gpgsm" (which seems contradictory).

Dec 21 2022, 10:38 AM · Restricted Project, gpgol, S/MIME, gpg4win, Windows
l10n daemon script <scripty@kde.org> committed rKLEOPATRAc1f245b850a4: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Dec 21 2022, 3:12 AM
gniibe added a project to T6315: libgpg-error: argparse: empty header doesn't work well: Bug Report.
Dec 21 2022, 3:07 AM · Bug Report, gpgrt
gniibe added a comment to T6315: libgpg-error: argparse: empty header doesn't work well.

Something like this should fix the behavior:

diff --git a/src/argparse.c b/src/argparse.c
index ef0c161..403c4a7 100644
--- a/src/argparse.c
+++ b/src/argparse.c
@@ -3000,7 +3000,13 @@ show_help (opttable_t *opts, unsigned int nopts, unsigned int flags)
         writestrings (0, "Options:", "\n", NULL);
       for (i=0; i < nopts; i++ )
         {
-          s = map_fixed_string (_( opts[ordtbl[i]].description ));
+          if ((opts[ordtbl[i]].flags & ARGPARSE_OPT_HEADER)
+              && opts[ordtbl[i]].description
+              && !*opts[ordtbl[i]].description)
+            /* It's empty header.  */
+            s = opts[ordtbl[i]].description;
+          else
+            s = map_fixed_string (_( opts[ordtbl[i]].description ));
           if ( s && *s== '@' && !s[1] ) /* Hide this line.  */
             continue;
           if ( s && (opts[ordtbl[i]].flags & ARGPARSE_OPT_HEADER))
Dec 21 2022, 3:07 AM · Bug Report, gpgrt
gniibe claimed T6313: 2.4.0 does not support in-source-tree builds.

I will push this change:

commit e89d57a2cb10bd04d266165015f159be2ab48984
Author: NIIBE Yutaka <gniibe@fsij.org>
Date:   Wed Dec 21 10:52:24 2022 +0900
Dec 21 2022, 2:55 AM · gnupg24, workaround, Bug Report
gniibe created T6315: libgpg-error: argparse: empty header doesn't work well.
Dec 21 2022, 1:51 AM · Bug Report, gpgrt

Dec 20 2022

werner committed rKbffa9b346071: Release 1.6.3 (authored by werner).
Release 1.6.3
Dec 20 2022, 7:25 PM
werner committed rKf61a5ea4e0f6: Fix an integer overflow in the CRL signature parser. (authored by werner).
Fix an integer overflow in the CRL signature parser.
Dec 20 2022, 7:25 PM
jukivili added inline comments to rDa5a5d49bebf2: web: Add news about 2.4.
Dec 20 2022, 5:33 PM
aheinecke closed T5227: GpgOL: User documentation as Resolved.
Dec 20 2022, 4:53 PM · Documentation, Restricted Project, gpgol
werner added a comment to T4505: SM, W32: GPGSM hangs up the GnuPG System.

With 100 concurrently running gpgsm processes they all try to get the lock for the keyring. And they need to do this several times and often also for the same certificate (fetched from an external resource to complete the chain). Not good. It might be easier to bypass the gpgsm and run gpgsm directly instead of adding a feature to gpgsm to directly import from many files.

Dec 20 2022, 2:31 PM · Restricted Project, gpgol, S/MIME, gpg4win, Windows
ikloecker added a comment to T4505: SM, W32: GPGSM hangs up the GnuPG System.

Sure, we could do this. Shouldn't make the ImportCertificatesCommand much more complex than it already is.

Dec 20 2022, 1:22 PM · Restricted Project, gpgol, S/MIME, gpg4win, Windows
aheinecke reopened T4505: SM, W32: GPGSM hangs up the GnuPG System as "Open".

Reopening this as there still seem to be ways to run into a deadlock as was reported in RT#13361. While I still think this points to some issue in gpgsm, when Testing this I found the behavior of Kleopatra to be wrong.

Dec 20 2022, 1:07 PM · Restricted Project, gpgol, S/MIME, gpg4win, Windows
werner added a comment to T6303: Release GnuPG 2.4.0.

Note that in-source-tree builds are broken - see T6313

Dec 20 2022, 12:23 PM · gnupg, Release Info
werner added a comment to rGc19ea75f10d6: tests: Fix make check with GPGME..

Unfortunately this breaks in-source-tree builds - see T6313

Dec 20 2022, 12:21 PM
werner added a comment to T6313: 2.4.0 does not support in-source-tree builds.

You should do it for all software ;-).

Dec 20 2022, 12:05 PM · gnupg24, workaround, Bug Report
Philipp.Strobel renamed T6314: Missing vendor signature in Installer-Package from Missing signature in Installer-Package to Missing vendor signature in Installer-Package.
Dec 20 2022, 11:54 AM · Bug Report, gpg4win
aheinecke closed T6314: Missing vendor signature in Installer-Package as Resolved.

Has been remedied. We should have noticed before the release but the heavy warnings you get only appear if the binary is downloaded from the internet.

Dec 20 2022, 11:52 AM · Bug Report, gpg4win
aheinecke committed rD78cda6893d6a: swdb: Update for Gpg4win-4.1.0 (authored by aheinecke).
swdb: Update for Gpg4win-4.1.0
Dec 20 2022, 11:50 AM
aheinecke committed rD13e08e00d4b4: swdb: Update checksums for signed installer (authored by aheinecke).
swdb: Update checksums for signed installer
Dec 20 2022, 11:50 AM
aheinecke committed rW73ef41280b17: web: Update checksums for signed installer (authored by aheinecke).
web: Update checksums for signed installer
Dec 20 2022, 11:43 AM
aheinecke claimed T6314: Missing vendor signature in Installer-Package.

This was an accident. Will be fixed ASAP.

Dec 20 2022, 11:36 AM · Bug Report, gpg4win
thesamesam added a comment to T6313: 2.4.0 does not support in-source-tree builds.

Sorry, one more thing: I should use out of source builds for all gnupg software (libgpg-error, libksba, etc)? It's fine if so, just want to check what the policy is.

Dec 20 2022, 11:28 AM · gnupg24, workaround, Bug Report
thesamesam added a comment to T6313: 2.4.0 does not support in-source-tree builds.

Ah, thanks! I didn't know this was unsupported. I'll change what we're doing.

Dec 20 2022, 11:22 AM · gnupg24, workaround, Bug Report
werner renamed T6313: 2.4.0 does not support in-source-tree builds from Test failure with gnupg-2.4.0 (`/usr/sbin/mkdir: cannot create directory ‘setup.scm’: Not a directory`) to 2.4.0 does not support in-source-tree builds.
Dec 20 2022, 11:22 AM · gnupg24, workaround, Bug Report
werner triaged T6313: 2.4.0 does not support in-source-tree builds as Normal priority.

You are building in the source tree - not a good idea. This should be supported but we don't test this. Please make your life easier and don't do build this way. We try to fix this for the next release.

Dec 20 2022, 11:21 AM · gnupg24, workaround, Bug Report
Philipp.Strobel updated the task description for T6314: Missing vendor signature in Installer-Package.
Dec 20 2022, 11:16 AM · Bug Report, gpg4win
Philipp.Strobel updated the task description for T6314: Missing vendor signature in Installer-Package.
Dec 20 2022, 11:13 AM · Bug Report, gpg4win
Philipp.Strobel created T6314: Missing vendor signature in Installer-Package.
Dec 20 2022, 11:12 AM · Bug Report, gpg4win
thesamesam updated the task description for T6313: 2.4.0 does not support in-source-tree builds.
Dec 20 2022, 10:59 AM · gnupg24, workaround, Bug Report
thesamesam created T6313: 2.4.0 does not support in-source-tree builds.
Dec 20 2022, 10:59 AM · gnupg24, workaround, Bug Report
werner closed T6284: Another integer overflow in Libksba as Resolved.
Dec 20 2022, 10:56 AM · CVE, Bug Report, libksba
werner committed rDa5a5d49bebf2: web: Add news about 2.4 (authored by werner).
web: Add news about 2.4
Dec 20 2022, 10:55 AM
aheinecke committed rW2d63f45f2c2f: Merge branch 'master' of git://git.gnupg.org/gpg4win (authored by aheinecke).
Merge branch 'master' of git://git.gnupg.org/gpg4win
Dec 20 2022, 10:53 AM
aheinecke committed rWc39791463f78: Set Version to 4.1.0 (authored by aheinecke).
Set Version to 4.1.0
Dec 20 2022, 10:53 AM
aheinecke committed rW5cb66c048fa0: doc: Remove NEWSFILE from READMEs (authored by aheinecke).
doc: Remove NEWSFILE from READMEs
Dec 20 2022, 10:53 AM
aheinecke committed rW42573961540f: Update NEWS and README for 4.1.0 (authored by aheinecke).
Update NEWS and README for 4.1.0
Dec 20 2022, 10:53 AM
aheinecke committed rW78c2361018fd: Update gnupg and libksba (authored by aheinecke).
Update gnupg and libksba
Dec 20 2022, 10:53 AM
aheinecke committed rW9076d3f2bcab: Switch to released GpgOL Version (authored by aheinecke).
Switch to released GpgOL Version
Dec 20 2022, 10:53 AM
werner closed T6304: Release Libksba 1.6.3 as Resolved.
Dec 20 2022, 10:51 AM · Release Info, libksba