Page MenuHome GnuPG
Feed Advanced Search

Mar 18 2020

werner moved T4832: card: when KDF is enabled, use of pinpad input should be disabled from Backlog to For next release on the gnupg (gpg22) board.
Mar 18 2020, 4:06 PM · Restricted Project, gnupg (gpg22), scd, Bug Report
werner added a comment to T4832: card: when KDF is enabled, use of pinpad input should be disabled.

Backported to 2.2

Mar 18 2020, 4:06 PM · Restricted Project, gnupg (gpg22), scd, Bug Report
werner moved T4847: "gpgsm: invalid radix64 character 2d skipped" when trying to import a PEM file with DOS line endings (CR+LF) from Backlog to For next release on the gnupg (gpg22) board.
Mar 18 2020, 3:50 PM · gnupg (gpg22), S/MIME, Bug Report
werner moved T4536: dirmngr fails to find OCSP signer certificate when responder is identified with key ID from Backlog to For next release on the gnupg (gpg22) board.
Mar 18 2020, 3:49 PM · S/MIME, gnupg (gpg22), Bug Report
werner moved T4831: gnupg-2.2.19 fails to build on latest Fedora Rawhide from Backlog to For next release on the gnupg (gpg22) board.
Mar 18 2020, 3:49 PM · gnupg (gpg22), toolchain, Bug Report
werner edited projects for T4667: "gpg: deleting secret key failed: No pinentry" when in --batch mode with --pinentry=loopback, added: gnupg (gpg23); removed gnupg (gpg22).

Okay, in 2.2 the output now looks like this:

Mar 18 2020, 3:32 PM · gnupg24, gnupg (gpg23), Bug Report
werner claimed T4667: "gpg: deleting secret key failed: No pinentry" when in --batch mode with --pinentry=loopback.
Mar 18 2020, 3:02 PM · gnupg24, gnupg (gpg23), Bug Report
werner added a comment to T4667: "gpg: deleting secret key failed: No pinentry" when in --batch mode with --pinentry=loopback.

This is closely related to T3465 which was fixed in master. Running a gpg-agent 2.3 agent and using gpg 2.2 it works; however, using a gpg 2.3 bails out with an error message that we are in batch mode. I will look at this.

Mar 18 2020, 3:02 PM · gnupg24, gnupg (gpg23), Bug Report
werner edited projects for T4612: Add spare space to the keybox to always allow the import of revocations., added: gnupg (gpg23); removed gnupg (gpg22).

Won't happen for 2.2

Mar 18 2020, 2:23 PM · gnupg24, gnupg (gpg23), Bug Report
werner added a comment to T4573: Files encrypted on another platform using password based encryption (-c) intermittently fail to decrypt on Kleopatra.

@gniibe: I am not sure we really continued by mail - do you have any updates on the status?

Mar 18 2020, 2:19 PM · gnupg (gpg22), Bug Report
werner changed the status of T4536: dirmngr fails to find OCSP signer certificate when responder is identified with key ID from Open to Testing.

Sorry, I have not yet followed you test plan but given that we have the patch in master for a long time now I think it is okay to port it to 2.2.

Mar 18 2020, 2:15 PM · S/MIME, gnupg (gpg22), Bug Report
werner added a comment to T4867: with non-existent homedir, `gpgconf --check-programs` produces surprising output..

The newlines are not percent escaped because that could lead to very long lines and thus break parsers. Another reason is that the error messages are easier to read this way. An empty first field is anyway not valid and parsers should skip that.

Mar 18 2020, 1:42 PM · gnupg (gpg22), Bug Report
werner added a comment to T4825: gpg --weak-digest SHA1 incurs a serious performance cost for `--check-trustdb`.

I tried to replicate that with my ~3000 keys on master and I don't see any difference. Did you tried it several times? It might be due to the signature verification cache.

Mar 18 2020, 1:33 PM · gnupg (gpg22), Bug Report
werner closed T4670: Key expiration time ignored for zero creation date keys as Resolved.
Mar 18 2020, 12:45 PM · patch, gnupg (gpg22), Bug Report
werner added a comment to T4670: Key expiration time ignored for zero creation date keys.

I checked the code and your patch looks right. I am going to apply it.

Mar 18 2020, 12:18 PM · patch, gnupg (gpg22), Bug Report
werner closed T4811: --locate-key should try to fetch a key if the local copy is expired. as Invalid.

I am not able to replicate my own bug. At least since the introduction of --locate-external-keys the code paths are identical. I am nut sure why I filed this bug.

Mar 18 2020, 11:41 AM · Bug Report, gnupg (gpg22)

Mar 17 2020

gniibe closed T4880: npth: Add functions to wake up condition variable, a subtask of T4864: New scdaemon command to watch device removal, as Invalid.
Mar 17 2020, 2:59 AM · Restricted Project, Feature Request, scd, Bug Report

Mar 16 2020

werner lowered the priority of T4879: GnuPG treats reordered OpenPGP certificates differently from High to Low.

It is easy to explain:

Mar 16 2020, 1:04 PM · gnupg24, gnupg (gpg23), OpenPGP, Bug Report
gniibe added a subtask for T4864: New scdaemon command to watch device removal: T4880: npth: Add functions to wake up condition variable.
Mar 16 2020, 6:03 AM · Restricted Project, Feature Request, scd, Bug Report

Mar 13 2020

werner claimed T4879: GnuPG treats reordered OpenPGP certificates differently.
Mar 13 2020, 5:33 PM · gnupg24, gnupg (gpg23), OpenPGP, Bug Report

Mar 12 2020

dkg updated the task description for T4879: GnuPG treats reordered OpenPGP certificates differently.
Mar 12 2020, 8:29 PM · gnupg24, gnupg (gpg23), OpenPGP, Bug Report
dkg created T4879: GnuPG treats reordered OpenPGP certificates differently.
Mar 12 2020, 8:01 PM · gnupg24, gnupg (gpg23), OpenPGP, Bug Report
gniibe added a project to T4624: libassuan-config and libassuan.pc both put -lws2_32 before -lgpg-error, which fails during static linking: Restricted Project.
Mar 12 2020, 6:46 AM · Restricted Project, Windows, libassuan, Bug Report
gniibe added a project to T4623: pkg-config for mingw needs to emit -lws2_32: Restricted Project.
Mar 12 2020, 6:46 AM · Restricted Project, Windows, gpgrt, Bug Report
gniibe added a project to T4301: Handling multiple subkeys on two SmartCards: Restricted Project.
Mar 12 2020, 6:45 AM · Restricted Project, gnupg, scd, Bug Report
gniibe added a project to T4491: Compile error in nPth's t-fork.c on Solaris 11.3 i86pc: Restricted Project.
Mar 12 2020, 6:39 AM · npth, Bug Report
gniibe added projects to T4583: pinentry-tty should accept backspace, delete, and ctrl-U: Restricted Project, pinentry.
Mar 12 2020, 6:39 AM · pinentry, Restricted Project, Bug Report
gniibe added a project to T4585: pinentry-tty mishandles ctrl-C: Restricted Project.
Mar 12 2020, 6:38 AM · Restricted Project, Bug Report
gniibe added a project to T3207: FASTWIPE_T undefined: Restricted Project.
Mar 12 2020, 6:34 AM · Restricted Project, ntbtls, Bug Report

Mar 9 2020

Moonchild added a comment to T4249: No connection to Keyserver possible.

I'm using enigmail 1.9.9 because I'm on a mail client that doesn't use WebExtensions, so it's using gnupg for keyserver stuff. In this case that means I've been able to verify it's a gnupg issue (both Kleopatra and enigmail displaying the same issue as CLI).

Mar 9 2020, 9:54 PM · gnupg, dirmngr, Bug Report, gpg4win
dkg added a comment to T4867: with non-existent homedir, `gpgconf --check-programs` produces surprising output..

Yes, i'd surmised that the ::::: lines are continuation lines of the error message. but why not just percent-escape the newline in the error message too? Where in the documentation of this API does it say to expect continuation lines of error messages? Is gpgconf expected to be used programmatically?

Mar 9 2020, 6:21 PM · gnupg (gpg22), Bug Report
dkg added a comment to T4249: No connection to Keyserver possible.

@Moonchild wrote:

using enigmail with the new version

Mar 9 2020, 6:14 PM · gnupg, dirmngr, Bug Report, gpg4win
Simrah added a comment to T4870: Kleopatra - do not change the language from Russian.

Added variable value

set language
LANGUAGE=en_US

I launched the Kleopatra again. I did not notice any changes.

Mar 9 2020, 1:13 PM · Windows 64, Windows, kleopatra, Bug Report
Moonchild added a comment to T4249: No connection to Keyserver possible.

Just registered to report pretty much the same.
I've been using gpg 2 for a long while and it's been doing just fine, up to the point where people started using keys it didn't recognise that require a later version.

Mar 9 2020, 1:03 PM · gnupg, dirmngr, Bug Report, gpg4win
werner added a comment to T4867: with non-existent homedir, `gpgconf --check-programs` produces surprising output..

Well, I misread the output. What you see is what is expected. From the gpgconf man page:

Mar 9 2020, 12:57 PM · gnupg (gpg22), Bug Report
aheinecke triaged T4870: Kleopatra - do not change the language from Russian as Low priority.

Thanks for your report. Yes this is sadly a known issue. Our backend system has it's own localization that uses the system language and does not care about the Kleopatra configuration.

Mar 9 2020, 12:46 PM · Windows 64, Windows, kleopatra, Bug Report
werner added a comment to T4868: Heap buffer overflow in _gcry_mpi_tdiv_qr().

We don't consider this a security problem because the tool you used is a debug helper which we use during development (if at all). All real code needs to verify that it does not request a division by zero. The div-by-zero checks we added 8 years agot to other code paths (e.g. mpi_pow, rC2c54c4da19d3a79e9f749740828026dd41f0521a) are failstop measurements which should never be triggered.

Mar 9 2020, 12:45 PM · Bug Report
Simrah created T4870: Kleopatra - do not change the language from Russian.
Mar 9 2020, 12:29 PM · Windows 64, Windows, kleopatra, Bug Report
Research_Team_loginsoft added a comment to T4868: Heap buffer overflow in _gcry_mpi_tdiv_qr().

Thanks for quick response and fixing the issue. We wanted to request for a CVE since libgcrypt is widely used and a patch has been provided. Please let us know if you have any disclosure policy.

Mar 9 2020, 11:53 AM · Bug Report
werner closed T4868: Heap buffer overflow in _gcry_mpi_tdiv_qr() as Resolved.

You are providing invaldid data to this debug helper tools and run into a div-by-zero. I will add the usual test earlier in the code path so that a fatal error is triggered. Thanks for the report.

Mar 9 2020, 10:39 AM · Bug Report
Research_Team_loginsoft updated the task description for T4868: Heap buffer overflow in _gcry_mpi_tdiv_qr().
Mar 9 2020, 8:42 AM · Bug Report
Research_Team_loginsoft updated the task description for T4868: Heap buffer overflow in _gcry_mpi_tdiv_qr().
Mar 9 2020, 8:42 AM · Bug Report
Research_Team_loginsoft created T4868: Heap buffer overflow in _gcry_mpi_tdiv_qr().
Mar 9 2020, 8:40 AM · Bug Report

Mar 6 2020

dkg added a comment to T4867: with non-existent homedir, `gpgconf --check-programs` produces surprising output..

I think you mean "mix", not "fix". right?

Mar 6 2020, 7:06 PM · gnupg (gpg22), Bug Report
werner added a comment to T4867: with non-existent homedir, `gpgconf --check-programs` produces surprising output..

You should not fix stdout with stderr. Granted we could fflush stdout after a line, but rsh is dead and so all software can distinguish between them.

Mar 6 2020, 9:03 AM · gnupg (gpg22), Bug Report
dkg updated the task description for T4867: with non-existent homedir, `gpgconf --check-programs` produces surprising output..
Mar 6 2020, 12:25 AM · gnupg (gpg22), Bug Report

Mar 5 2020

dkg created T4867: with non-existent homedir, `gpgconf --check-programs` produces surprising output..
Mar 5 2020, 11:01 PM · gnupg (gpg22), Bug Report
werner added a comment to T4866: `gpg-agent --gpgconf-list` returns a non-zero error code 2 if $HOME is non-existent, causing `gpgconf` to fail.

I t could print a warning for a non-existant homedir

Mar 5 2020, 8:24 PM · gpgagent, gnupg, Bug Report
dkg added a comment to T4866: `gpg-agent --gpgconf-list` returns a non-zero error code 2 if $HOME is non-existent, causing `gpgconf` to fail.

Sure, I personally know that GnuPG requires a homedir to operate.

Mar 5 2020, 3:20 PM · gpgagent, gnupg, Bug Report
werner added a comment to T4866: `gpg-agent --gpgconf-list` returns a non-zero error code 2 if $HOME is non-existent, causing `gpgconf` to fail.

As you surely known GnuPG requires its home directory; in particular when using the gpgconf to manage the config options. Thus I can't see what to do other than error out. gpgconf needs to know the location of the config file; if it is containign diretcory is not existant it will fail anyway.

Mar 5 2020, 10:14 AM · gpgagent, gnupg, Bug Report

Mar 4 2020

dkg created T4866: `gpg-agent --gpgconf-list` returns a non-zero error code 2 if $HOME is non-existent, causing `gpgconf` to fail.
Mar 4 2020, 4:46 PM · gpgagent, gnupg, Bug Report

Mar 3 2020

gniibe triaged T4864: New scdaemon command to watch device removal as Normal priority.
Mar 3 2020, 8:26 AM · Restricted Project, Feature Request, scd, Bug Report
gniibe claimed T4864: New scdaemon command to watch device removal.
Mar 3 2020, 8:26 AM · Restricted Project, Feature Request, scd, Bug Report
gniibe created T4864: New scdaemon command to watch device removal.
Mar 3 2020, 8:26 AM · Restricted Project, Feature Request, scd, Bug Report

Mar 2 2020

aheinecke triaged T4842: Kleopatra: Right click menu greyed out as Normal priority.

I don't have a Free BSD. Can you please try out the patch that I have appended to https://bugs.kde.org/show_bug.cgi?id=415168 ?

Mar 2 2020, 1:17 PM · kleopatra, Bug Report

Feb 29 2020

cipherpunks created T4862: pubkeys are imported despite the --no-auto-key-retrieve option.
Feb 29 2020, 5:15 PM · Too Old, FAQ, gnupg

Feb 28 2020

kopfuss added a comment to T4861: GPGme 1.13.1 fails at t-json.
In T4861#132936, @dkg wrote:

0005 and 0006 from the debian distribution of gpgme.

Feb 28 2020, 9:06 PM · gpgme, Bug Report
aheinecke added a comment to T4861: GPGme 1.13.1 fails at t-json.

Thanks for the report. Indeed I closed this as a duplicated. Thanks @dkg for pointing out the patches.

Feb 28 2020, 11:28 AM · gpgme, Bug Report
aheinecke merged T4861: GPGme 1.13.1 fails at t-json into T4820: gpgme's json test fails with gpg 2.2.19.
Feb 28 2020, 11:26 AM · gpgme (gpgme 1.23.x), Bug Report
aheinecke merged task T4861: GPGme 1.13.1 fails at t-json into T4820: gpgme's json test fails with gpg 2.2.19.
Feb 28 2020, 11:26 AM · gpgme, Bug Report
gniibe added a project to T4832: card: when KDF is enabled, use of pinpad input should be disabled: Restricted Project.
Feb 28 2020, 8:39 AM · Restricted Project, gnupg (gpg22), scd, Bug Report
gniibe changed the status of T3891: kdf-setup does not set admin and user PIN codes from Open to Testing.

I pushed the change to master.

Feb 28 2020, 8:34 AM · Restricted Project, scd, Bug Report
werner added a project to T4861: GPGme 1.13.1 fails at t-json: gpgme.
Feb 28 2020, 8:08 AM · gpgme, Bug Report

Feb 27 2020

dkg added a comment to T4861: GPGme 1.13.1 fails at t-json.

I think this might be the same as T4820.

Feb 27 2020, 11:08 PM · gpgme, Bug Report
kopfuss updated the task description for T4861: GPGme 1.13.1 fails at t-json.
Feb 27 2020, 9:46 PM · gpgme, Bug Report
kopfuss created T4861: GPGme 1.13.1 fails at t-json.
Feb 27 2020, 9:38 PM · gpgme, Bug Report

Feb 26 2020

dkg added a comment to T4855: The trusted-key option requires a long key ID and won't take a fingerprint.

I've just pushed ad55de70930543c1681b11e4bd624be074122b23 onto branch dkg/fix-4855 as a proposed fix, to permit --trusted-key to accept a full 20-byte fingerprint.

Feb 26 2020, 7:13 PM · gnupg (gpg22), Feature Request
Mikaela created T4855: The trusted-key option requires a long key ID and won't take a fingerprint.
Feb 26 2020, 11:55 AM · gnupg (gpg22), Feature Request

Feb 25 2020

kloczek added a comment to T4854: gpgme 1.13.1: test suite is failing.

Latest one (gnupg 2.2.19)

Feb 25 2020, 10:37 PM · gpgme, Bug Report
werner added a comment to T4854: gpgme 1.13.1: test suite is failing.

(I stripped the report down to its core)

Feb 25 2020, 9:13 PM · gpgme, Bug Report
werner updated the task description for T4854: gpgme 1.13.1: test suite is failing.
Feb 25 2020, 9:11 PM · gpgme, Bug Report
kloczek updated the task description for T4854: gpgme 1.13.1: test suite is failing.
Feb 25 2020, 2:53 PM · gpgme, Bug Report
kloczek created T4854: gpgme 1.13.1: test suite is failing.
Feb 25 2020, 2:52 PM · gpgme, Bug Report
kloczek added a comment to T4853: libgpg-error: after regenerate ac/am/lt files and build reported version is 1.37-unknown.

Sorry but that really strange.
I need to regenerate those files.
Could you please describe what needs to be done to have proper version?

Feb 25 2020, 1:51 PM · Bug Report
werner closed T4853: libgpg-error: after regenerate ac/am/lt files and build reported version is 1.37-unknown as Invalid.

Do not use arbitary libtool versions or use autoreconf - this is maintainer-only and any problems are not considered a bug.

Feb 25 2020, 1:49 PM · Bug Report
kloczek created T4853: libgpg-error: after regenerate ac/am/lt files and build reported version is 1.37-unknown.
Feb 25 2020, 3:01 AM · Bug Report

Feb 18 2020

gniibe changed the status of T4624: libassuan-config and libassuan.pc both put -lws2_32 before -lgpg-error, which fails during static linking from Open to Testing.

With the fix of T4623, this bug is now fixed.

Feb 18 2020, 8:17 AM · Restricted Project, Windows, libassuan, Bug Report
gniibe changed the status of T4623: pkg-config for mingw needs to emit -lws2_32 from Open to Testing.

Fixed in master, using Libs.private support.

Feb 18 2020, 8:05 AM · Restricted Project, Windows, gpgrt, Bug Report

Feb 17 2020

gniibe changed the status of T4832: card: when KDF is enabled, use of pinpad input should be disabled from Open to Testing.

Fixed in master.

Feb 17 2020, 9:48 AM · Restricted Project, gnupg (gpg22), scd, Bug Report
werner triaged T4848: Usage of git in configure.ac for pinentry/gpa finds incorrect repositories as Normal priority.

Yeah, this can be done.

Feb 17 2020, 9:19 AM · pinentry, gpa, toolchain, Bug Report

Feb 16 2020

netspider closed T4849: procedure entry point not found in gpg-agent.exe as Resolved.

I already tried reinstalling gpg4win without first uninstalling it (I thought it might repair corrupt files) but now I uninstalled first and it is working again.

Feb 16 2020, 2:31 PM · Bug Report
netspider added a comment to T4849: procedure entry point not found in gpg-agent.exe.

I searched through C: and D: and found it in D:\Programme\GnuPG\bin and in D:\Programme\Gpg4win\bin - both seem to be created by gpg4win. I'll try reinstalling, hopefully without deleting my private keys...

Feb 16 2020, 2:23 PM · Bug Report
werner added a comment to T4849: procedure entry point not found in gpg-agent.exe.

The DLL libassuan-0.dll was not found or the system somehow found.
Do you have other versions of GnuPG or Gpg4win installed? Please search the system for copies of the above mentioned DLL?

Feb 16 2020, 2:11 PM · Bug Report

Feb 15 2020

netspider created T4849: procedure entry point not found in gpg-agent.exe.
Feb 15 2020, 10:48 PM · Bug Report
werner changed the status of T4847: "gpgsm: invalid radix64 character 2d skipped" when trying to import a PEM file with DOS line endings (CR+LF) from Open to Testing.

Fixed in master and 2.2

Feb 15 2020, 7:25 PM · gnupg (gpg22), S/MIME, Bug Report
werner claimed T4847: "gpgsm: invalid radix64 character 2d skipped" when trying to import a PEM file with DOS line endings (CR+LF).
Feb 15 2020, 7:08 PM · gnupg (gpg22), S/MIME, Bug Report
werner edited projects for T4847: "gpgsm: invalid radix64 character 2d skipped" when trying to import a PEM file with DOS line endings (CR+LF), added: gnupg (gpg22); removed gnupg.

Really interesting: The code didn't changed since since 2003 and the bug must have been there all the time. It does happen only for 25% of the certificates with CR and LF; the others have padding characters at the end '=' which is also an indication of the end of the base64 block. I wonder why this has not been reported more often; maybe because most people import binary certificates.

Feb 15 2020, 7:01 PM · gnupg (gpg22), S/MIME, Bug Report
rpurdie created T4848: Usage of git in configure.ac for pinentry/gpa finds incorrect repositories.
Feb 15 2020, 6:12 PM · pinentry, gpa, toolchain, Bug Report
thomas added a comment to T4847: "gpgsm: invalid radix64 character 2d skipped" when trying to import a PEM file with DOS line endings (CR+LF).

Wald certificate will be fixed very soon. But as it is not fixed yet, I provided an http link, not https for you.

Feb 15 2020, 3:41 PM · gnupg (gpg22), S/MIME, Bug Report
werner added projects to T4847: "gpgsm: invalid radix64 character 2d skipped" when trying to import a PEM file with DOS line endings (CR+LF): S/MIME, gnupg.

Thomas, please provide a sample certificate. I can't access the intevation site to see whether one of the links has the cert. And pretty please fix the wald certificates!

Feb 15 2020, 12:43 PM · gnupg (gpg22), S/MIME, Bug Report

Feb 14 2020

thomas created T4847: "gpgsm: invalid radix64 character 2d skipped" when trying to import a PEM file with DOS line endings (CR+LF).
Feb 14 2020, 4:07 PM · gnupg (gpg22), S/MIME, Bug Report
werner closed T4846: Undocumented --print-md algo's as Wontfix.

No, this depends on the version of Libgcrypt. Sorry, won't be documented or changed. Thanks for the report, though.

Feb 14 2020, 2:13 PM · Bug Report
Heino created T4846: Undocumented --print-md algo's.
Feb 14 2020, 10:18 AM · Bug Report

Feb 13 2020

bzbue1 added a comment to T4689: Kleopatra Verification is hanging .

I'd like to re-report this bug for version 3.1.11-Gpg4win-3.1.11
in Windows 10 version 1809 build 17763.1039 and version 1909 build 18363.657.

Feb 13 2020, 1:36 PM · kleopatra, Bug Report, gpg4win

Feb 11 2020

Gerard created T4842: Kleopatra: Right click menu greyed out.
Feb 11 2020, 6:44 PM · kleopatra, Bug Report

Feb 10 2020

lat002 added a comment to T4840: KMyMoney Save Encrypted; 100% Data Loss.

OK. The reason I'd posted on here was because KMyMoney was working properly until I tried to use the encryption.

Feb 10 2020, 9:38 PM · Bug Report, gpg4win
werner changed the status of T4831: gnupg-2.2.19 fails to build on latest Fedora Rawhide from Open to Testing.

Building with -fno-common now works for me on 2.2 and master. Thanks for the patch.

Feb 10 2020, 4:52 PM · gnupg (gpg22), toolchain, Bug Report
werner added a comment to T4831: gnupg-2.2.19 fails to build on latest Fedora Rawhide.

I took your patch but modified it to define EXTERN_UNLESS_MAIN_MODULE only at one place.

Feb 10 2020, 4:39 PM · gnupg (gpg22), toolchain, Bug Report
yblank created T4841: GpgOL encrypt leaves outlook message dialog open.
Feb 10 2020, 11:04 AM · Support, Too Old, gpgol
aheinecke closed T4840: KMyMoney Save Encrypted; 100% Data Loss as Invalid.

Hi,
Thanks for the report but, but we are not developers of KMymoney, I can only offer to help the developers if they have questions but please rather report a bug at bugs.kde.org regarding that so that they can figure out what might be wrong.

Feb 10 2020, 9:53 AM · Bug Report, gpg4win