We need more testing.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
All Stories
Oct 29 2018
We had this idea to have a label: or similar item in the extended-key-format which is displayed in addition to the other info. The user can then use an editor to put whatever she likes into this field.
It actually tries several servers but we need to set a limit because we need to cope with longer timeouts. Do you suggest to toggle between v4 and v6 addresses? That is if a v6 address fails, first try the next v4 address and it that fails, another v6 address, etc.
I don't see a problem. If you have the private key you can and will use it. I guess your concern is an oracle?
IIUC, in Gentoo multilib (or other distributions), <triplent>-{gpg-error,libgcrypt,libassuan,npth,libksba,npth}-config script is used.
In forthcoming libgpg-error 1.33, single gpgrt-config is used for all architecture, by having --libdir option at invocation time.
New gpg-error.m4 detects gpgrt-config, too.
And configure supplies --libdir when it invokes gpgrt-config.
For other *.m4 (libassuan, ksba, libgcrypt, ntbtls), it is possible for them to check GPGRT_CONFIG to use gpgrt-config if any.
For npth.m4, it can do that too, with no hard dependency to libgpg-error.
I decided to change gpgrt-config to have --libdir option.
By supplying libdir directly, it's no need anymore to detect the directory by CC variable.
gpg-error.m4 is also updated.
Oct 28 2018
Oct 27 2018
Thanks.
Oct 26 2018
Fixed in master and 1.8.
@dkg: Thanks for the comments and your patience to convince me.
The next step is to release libgcrypt 1.8.4 :-)
I need more information:
- where is pkg-config path for <host_alias>? How is it determined?
- 32-bit: /lib or /lib32?
- 64-bit: /lib or /lib64?
- something like x32: where???
I consider:
- Single gpgrt-config is better (and simpler)
- new option --for-host=<host_alias>? (--host is already used for query for host)
- update *.m4 using this new option to provide host information to determine the path
Actually we plan to provide a more convenient way to perform the DH operation. See for example P7 for the non-elegant way which is required today.
Fixed in master and 1.8 by detecting a fork and re-opening the devices
Fixed in master and 2.2
libassuan: Done
libksba: Done
npth: Done
ntbtls: Done
libgcrypt: Done
Oct 25 2018
Oh, that is really old code dating back to dirmngr-1. There is only one user I will see whether I can replace it with the generic parser we have in http.c
Now that is funny c+p code. I vaporized it to just a few lines.
It seems that this part of the code was not finished. Unfortunately upstream of the dns code is unresponsive and thus we started to maintain the code base by ourselves. There is still an open question whether we should do that to the full extend, in which case we would integrate the code closer into the GnuPG framework with its own logging subsystems.
The correct technical term is OpenPGP Public Keyblock but I better shut up on the certificate vs. Public key(block) question.