Backported for 1.6.1

Fixed for master with commit cbdc355.

Thanks.

Changing category to dismngr to remind about doing a release.

The grammar is quite old and should anyway adjusted to modern standard. There
is a separately mainatained toke table which does not make much sense, given
that that it is possible to re-use the bison generated token table. I see what
I can do.

On 2013-10-15 at 22:53 +0000, asdil12 via BTS wrote:

I applied your patch onto gnupg-2.0.22 source (I couldn't get the automake-foo
run through), and it worked again. (enable-pinpad-varlen set in config).
I used the cherry reader for testing.

I applied your patch onto gnupg-2.0.22 source (I couldn't get the automake-foo
run through), and it worked again. (enable-pinpad-varlen set in config).
I used the cherry reader for testing.

For auto detection of pinpad, it does the detection itself.

But the reader only works when we have some information on card [0] or
configuration of enable-pinpad-varlen.
That's because there is no good standard way to detect reader's capability
for variable length input.

Internal ccid driver has better support for variable length input detection
based on its USB ID.

It is currently, out of sync and it only works for SCM SPR 532.
I will add KAAN, FSIJ, REINER, VASCO, and CHERRY for PC/SC with USB ID, too.
I need users' help for PC/SC for detection with card reader name.

[0] http://wiki.gnupg.org/CardReader/GemaltoPC

Done for 2.0

Marking as resolved, as this seems to work fine now as far as I can tell (I'm
certainly happy).

Do we need to do something for 1.4?

Finishing things up now.

David, what is the status?

I'm not able to reproduce the problem with commit b1abc01. It was reproducible
with the preceding revision (commit a74f05c), so I can confirm that b1abc01 has
fixed it.

Yes, mandatory locks are a problem. LockFile works on a separate lockfile to
implement such an advisory locking. If we would lock the random_seed file
directly reads or writes will fail and we won't be able to lock the creation of
that file.

You suggestion for 1.4. makes sense.

A new release has been made.

I found the problem. It is a plain stupid double free bug of an internal fixed
size buffer. Will be fixed soon.

tests/basic.c does now test with unaligned parameters.

We don't have any plans for a new release.

Can i get an update on where this patch stands? I'm concerned that people are
actively sniffing around the idea of crafting duplicate short keyids:

I tested this patch, and it does in fact change the behavior as requested.

All implemented for 2.1.

concerning the prompt: would it be possible to look up and display the key name
from id_rsa.pub, either at ssh-add time or at confirm time? i might remember
remote host fingerprints, but locally, those names are the best description.

Good idea. I started to implement it for 2.1. Tehre will be flag in the
sshcontrol file named "confirm". Need to compute the ssh fingerprint to
resemble the prompt ssh-agent prints (internally we use our keygrip style
fingerprints).

Fixed in master.

Duplicate of T1353

There is a configure check now. I am still not happy that we sleep at all, but
thats a bigger issue.

I can not reproduce this on Snow Leopard, I guess it has been fixed in the meantime.

Changed the test framework again. Now it works on the buildfarm.

Not quite. It does not work on Solaris when build on a NFS mount.

We did not checked the direct key signature during import. The problem is that
during the import we try to detect duplicate signatures by comparing the
signature but not the signed material. With the bogus signature already in the
keyring, importing a good signature will sort the latter out as a duplicate.

Implemented for dirmngr. That will go into dirmngr 1.1.0.

This patch fixes it for me. The problem is the order in that the home directory
is created. Usually it is done while creating a new keyring. Due to
--no-default-keyring no keyring is created and thus when we need to check the
trust the code there creates the directory and failed. I am not sure why I was
not able to replicate it yesterday.

• g10/tdbio.c (revision 5221)

+++ g10/tdbio.c (working copy)
@@ -521,7 +521,8 @@

*p = 0;
if( access( fname, F_OK ) ) {
    try_make_homedir( fname );

• log_fatal( _("%s: directory does not exist!\n"), fname );

+ if (access (fname, F_OK ))
+ log_fatal (_("%s: directory does not exist!\n"), fname);

}
*p = save_slash;

Commited to 2.0 and trunk, rev. 5224.
Now for dirmngr.

This is now a known problem. The likely reason is bug in the card's code. The
workaround is to forget about card based 3072 bit encryption keys.

Fixed in 1.4.10 - just released.

Seams to be resolved with Gpg4win-2.0.1-RC1 (GpgOL 1.0.1-svn308). Needs more
tests of other users.

Duplicate of T1102

You are right. See also T1102.

UID are expected to be UTF-8, IDN conversion should be done by the MUA.