Meanwhile we have some support for an empty subject but gpgsm still prints an error notice. See the T7171 for more.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed Advanced Search
Advanced Search
Advanced Search
May 13 2025
May 13 2025
• werner closed T6941: gpgsm/dirmngr: support for end-entity certificates with an empty "Subject DN", a subtask of T7171: Allow for empty Subject in X.509, as Resolved.
• werner closed T6941: gpgsm/dirmngr: support for end-entity certificates with an empty "Subject DN" as Resolved.
• werner committed rG7c2e7bcc41ad: agent: We should use a macro for the keygrip len in new code. (authored by • werner).
agent: We should use a macro for the keygrip len in new code.
May 12 2025
May 12 2025
• werner committed rC67b8da4ef627: Remove occurrences of old FSF postal address. (authored by Collin Funk via Gcrypt-devel <gcrypt-devel@gnupg.org>).
Remove occurrences of old FSF postal address.
• werner committed rC93034d649124: Fix ungrammatical use of "allow to" (authored by Paul Eggert <eggert@cs.ucla.edu>).
Fix ungrammatical use of "allow to"
• werner committed rM905bd760a99a: Add GPGME_CREATE_GROUP flag for gpgme_op_createkey and _createsubkey. (authored by • werner).
Add GPGME_CREATE_GROUP flag for gpgme_op_createkey and _createsubkey.
gpg: Fully implement the group key flag.
gpg: Fully implement the group key flag.
gpg: Fully implement the group key flag.
May 9 2025
May 9 2025
• werner committed rD7a45397df2f7: We should no use the defunc k.gnupg.net anymore. (authored by • werner).
We should no use the defunc k.gnupg.net anymore.
Update information about gnupg people.
• werner set External Link to https://lists.gnupg.org/pipermail/gnupg-announce/2025q2/000492.html on T7586: Release GnuPG 2.5.6.
Update distsigkey
Update distsigkey
Update distsigkey
Update the signature keys.
Announce GnuPG 2.5.6
Also update the to-be-signed DLL name.
• werner renamed T7645: Kleopatra: Encoding errors in signature verification audit log (timestamps) from Kleopatra: Encoding errors in signature verification audit log to Kleopatra: Encoding errors in signature verification audit log (timestamps).
• werner triaged T7645: Kleopatra: Encoding errors in signature verification audit log (timestamps) as Low priority.
I think we have another report on this in the tracker. The problem is indeed the ugly Windows time functions to print a string. Let me only remind that until a few years, Windows had the opinion that Germany uses the Westeuropäische Zeit like Portugal or the UK.
• werner added a project to T7647: cipher/simd-common-riscv.h missing from libgcrypt 1.11.1 tarball: riscv.
• werner added a comment to T7647: cipher/simd-common-riscv.h missing from libgcrypt 1.11.1 tarball.
That is quite possible because we do not have a test system for RISC-V and the make release tarbegt is not abale to verify this.
May 8 2025
May 8 2025
Fix DLL name of libpoppler.
Two patches for gpgol 2.6.0
• werner committed rW9ef029f83c22: Update to gnupg-2.5.6, Kleopatra and Okular current snapshots (authored by • werner).
Update to gnupg-2.5.6, Kleopatra and Okular current snapshots
• werner moved T4021: dirmngr: dirmngr/dns.c issue with 127.0.0.1 from WiP to QA on the gnupg24 board.
• werner closed T7547: signatures from revoked or expired keys show up as missing keys, a subtask of T7527: Keyring/keybox denial of service, as Resolved.
swdb: gnupg 2.5.6
Release 2.5.6
Post release updates
• werner committed rG598296b9fc60: tests:gpgscm: Fix build error on AIX. (authored by Collin Funk via Gnupg-devel <gnupg-devel@gnupg.org>).
tests:gpgscm: Fix build error on AIX.
• werner committed rG8ba33fffe9f4: common: Add Solaris support to get_signal_name. (authored by Collin Funk via Gnupg-devel <gnupg-devel@gnupg.org>).
common: Add Solaris support to get_signal_name.
• werner committed rG1fea38669155: po: Fix misspelled italian translation for 'encrypted' (authored by Mattia Narducci via Gnupg-devel <gnupg-devel@gnupg.org>).
po: Fix misspelled italian translation for 'encrypted'
• werner added a comment to T6681: agent: Clean up main loop and better cache handling of expiration (was: Adding agent_timer API for monitoring something and passphrase cache).
I can't see any documentation that a value of 0 disables the cache. The user might have used some undefined behaviour. For example in the old code we did a housecleaning when we were idle but the new code uses a timer and another thread for flushing the cache. We could open a feature request to entire disable the cache but I bet that we will get a lot of new bug reports because users will then need to enter their passphrase too often for one operation.
May 7 2025
May 7 2025
swdb: libgcrypt 1.11.1
Update to libgcrypt 1.11.1
Update to libgcrypt 1.11.1
• werner changed the status of T7633: libgcrypt fails to build on NetBSD due to the systems bswap32 macro defintion. from Open to Testing.
• werner changed the status of T7634: libgcrypt's test t-thread-local fails to link on some platforms. from Open to Testing.
• werner added a comment to T6681: agent: Clean up main loop and better cache handling of expiration (was: Adding agent_timer API for monitoring something and passphrase cache).
Lucas Mülling commented yesterday on gnupg-devel:
May 6 2025
May 6 2025
Update NEWS
• werner committed rG9589da97e2fc: gpgsm: Always print info about certs-only message. (authored by • werner).
gpgsm: Always print info about certs-only message.
• werner committed rGe1576eee040f: scd:p15: Make signing work for Nexus cards. (authored by • werner).
scd:p15: Make signing work for Nexus cards.
Right now we have
May 5 2025
May 5 2025
• werner added a comment to T7620: gpgme_get_key fails to detect secret encryption subkey after key generation on card (until context is recreated).
I doubt that this is a gpgme problem. With a gpgme log we will be able see the exact commands send to gpg and replicate this on the command line.
• werner committed rMa6e8f961436d: core: Fix regression for RSA in gpgme_pubkey_algo_string. (authored by • werner).
core: Fix regression for RSA in gpgme_pubkey_algo_string.
Prepare NEWS for the next release
Release 1.24.2
Post release updates.
• werner committed rMa4945675ece2: cpp: Ensure that all transitions go from one state to a different state (authored by • ikloecker).
cpp: Ensure that all transitions go from one state to a different state
cpp: Validate the transition map
• werner committed rMe327305b9669: cpp: Add missing transition, remove two ignored (and wrong) transitions (authored by • ikloecker).
cpp: Add missing transition, remove two ignored (and wrong) transitions
• werner changed the status of T3325: Allow encryption/signing in GPGME using a specified subkey from Open to Testing.
• werner committed rMbfd320abfeaf: Allow signing using an exactly specified subkey. (authored by • werner).
Allow signing using an exactly specified subkey.
• werner committed rMf2d40473b522: Change timestamp fields from signed to unsigned long. (authored by • werner).
Change timestamp fields from signed to unsigned long.
Mark the subkey used to find a key.
• werner triaged T7627: gpgme(qt) testsuite error on 32bit archs with 64bit time_t as Normal priority.
And the US administration might even change the definition of a year to, say, 100 months so that potus can rightfully keep his promise that there won't be more election in the foreseeable future ;-)
• werner triaged T7631: Building libassuan on AIX warns about missing function declarations. as Normal priority.
But the function works and returns the peer's credentials?
• werner triaged T7633: libgcrypt fails to build on NetBSD due to the systems bswap32 macro defintion. as High priority.
• werner triaged T7634: libgcrypt's test t-thread-local fails to link on some platforms. as High priority.
The main problem here was that this all is not async-safe and thus I once implemented only the standard cases I could test easily.
• werner added a comment to T7611: WoT: adding a marginal trustsig reduces the validity of a downstream certificate.
For the records:
• werner added a comment to T7611: WoT: adding a marginal trustsig reduces the validity of a downstream certificate.
A bug tracker shall never be used for discussion because the audience is not as expected. Only very few people follow a certain bug but several hundreds are following discussion on gnupg-devel@. That is basic hacker knowledge.
• werner changed the status of T7583: 2.5.5 removes sig on clean that 2.5.4 and earlier kept from Open to Testing.
May 4 2025
May 4 2025
• werner closed T7611: WoT: adding a marginal trustsig reduces the validity of a downstream certificate as Resolved.
Heiko, I told you already in T7106 that it is not a good idea to re-open a ticket. If you really want to discuss stuff, take that to a mailing list.
May 2 2025
May 2 2025
• werner committed rG9b7c067717d8: gpg: Fix another regression due to the T7547 fix. (authored by • werner).
gpg: Fix another regression due to the T7547 fix.
• werner committed rG3ea8cab6a404: common: Fix logic for certain recsel conditions. (authored by • werner).
common: Fix logic for certain recsel conditions.
• werner committed rG483f2ba02e70: gpg: Fix another regression due to the T7547 fix. (authored by • werner).
gpg: Fix another regression due to the T7547 fix.
Yes, this is related to T7547. With my last fix for that I overlooked that we use PUBKEY_USAGE_CERT to internally request the primary key but that one is not set because in general USAGE_SIG means the same (except for some case in PGP7 mode).
• werner added a project to T7589: Unable to export SSH keys for ED25519 keys generate on a SmartCard: ssh.
• werner added a project to T7634: libgcrypt's test t-thread-local fails to link on some platforms.: NetBSD.
• werner added a project to T7631: Building libassuan on AIX warns about missing function declarations.: AIX.
• werner triaged T7629: gcc 15 warns about -Wunterminated-string-initialization in gnupg as Low priority.
• werner closed T7611: WoT: adding a marginal trustsig reduces the validity of a downstream certificate as Resolved.
> I'm not sure i understand why "the latest" should be preferred.