Indeed, GnuPG's IPC uses TCP connections from 127.0.0.1 to 127.0.0.1 taking the destination port (and a cookie) from a file. We can't change that easily to the new Unix socket implementation Windows recently introduced. I hope there is a way to exclude localhost->localhost from congestion control.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed Advanced Search
Advanced Search
Advanced Search
Fri, Mar 21
Fri, Mar 21
• werner triaged T7577: GnuPG could not work when TCP congestion provider is set to BBR2 in Windows as Normal priority.
Mar 20 2025
Mar 20 2025
• werner committed rDd34baa3bac3a: Add a note on the grabbed @gnupg account on Twitter. (authored by • werner).
Add a note on the grabbed @gnupg account on Twitter.
Mar 18 2025
Mar 18 2025
• werner committed rM91a59d2a3554: New decrypt flags GPGME_DECRYPT_LISTONLY. (authored by • werner).
New decrypt flags GPGME_DECRYPT_LISTONLY.
• werner committed rGad8bce774d91: gpgsm: Fix error message if all selected certificates are expired. (authored by Ramón García <ramon.garcia.f@gmail.com>).
gpgsm: Fix error message if all selected certificates are expired.
gpgsm: Simplify the expiration check.
• werner committed rG53f5aad90517: gpgsm: Avoid increasing error count when enumerating an expired cert. (authored by Ramón García <ramon.garcia.f@gmail.com>).
gpgsm: Avoid increasing error count when enumerating an expired cert.
• werner committed rG029ac17b40bd: gpgsm: When selecting certs also skip certificates too young. (authored by Ramón García <ramon.garcia.f@gmail.com>).
gpgsm: When selecting certs also skip certificates too young.
• werner committed rG4cf83273e84c: gpgsm: select unexpired certificates skipping expired ones (authored by Ramón García <ramon.garcia.f@gmail.com>).
gpgsm: select unexpired certificates skipping expired ones
doc: Register DCO for Ramon García F.
Mar 17 2025
Mar 17 2025
• werner committed rGf463586a9617: gpgsm: Extend --learn-card by an optional s/n argument. (authored by • werner).
gpgsm: Extend --learn-card by an optional s/n argument.
gpgconf: Fix reload and kill of keyboxd.
gpgconf: Fix reload and kill of keyboxd.
• werner added a comment to T7569: `gpgconf --homedir $x --kill keyboxd` doesn't appear to terminate a running keyboxd.
FWIW: It does works when using GNUPGHOME instead.
• werner closed T7570: `gpg --trust-model always --verify` produces incongruous warning "Using untrusted key!" as Resolved.
This has always been the case. git blame shows for check_signatures_trust:
Mar 14 2025
Mar 14 2025
• werner committed rGa7ec3792c5d1: scd,w32: Fix posssible lockup due to lost select results. (authored by • werner).
scd,w32: Fix posssible lockup due to lost select results.
Add API gpgme_op_random_value.
doc: Minor updates
• werner committed rGcc3efe9a7312: gpg: Fix key generation with existing key from card. (authored by • gniibe).
gpg: Fix key generation with existing key from card.
• werner moved T7457: gpg --full-gen-key doesn't show list of keys on card (regression) from Backlog to QA on the gnupg24 board.
Done
BTW, do we really need a C++ API for this? Might make sense due to the need for a context.
Mar 13 2025
Mar 13 2025
doc: Fix syntax error
Well, we also have the gpgme test suite which tests a couple of other things and for obvious reasons we need to keep this stable. Granted, sometimes we had to change the gpgme test suite as well. My personal preference would be your second choice.
• werner triaged T7560: GnuPG should learn the certificates when a new card has been seen as Normal priority.
• werner triaged T7565: Kleopatra: Add tooltips in sign/encrypt window if an encryption type is greyed out as Low priority.
gpg: Fix double free of internal data.
gpg: Fix double free of internal data.
gpg: Fix double free of internal data.
Mar 12 2025
Mar 12 2025
I can't replicate your findings here . In a test directory w/o a gpg.conf:
Uihhh
• werner committed rGc12b7d047e75: common: Add a flag for left anchored substring match to recsel. (authored by • werner).
common: Add a flag for left anchored substring match to recsel.
Did you also tried with --no-sig-cache ? That could help to get a better insight into the reason for that difference.
Mar 11 2025
Mar 11 2025
• werner added a comment to T7544: Kleopatra (gnupg, gpgsm) hang on key-creation when x.509 certs are in keystore.
Please test using the latest gpg4win installer (beta145).
• werner added a comment to T7560: GnuPG should learn the certificates when a new card has been seen.
The problem is that it may take really long to read the certificates form a card and some card applications even require to give a PIN for reading the certs. A background operation may thus surprisingly lock up the box
Move snapshot directory to gnupg.net
• werner committed rWd2148fbe831d: Unify packages list to include all possible gnupg branches. (authored by • werner).
Unify packages list to include all possible gnupg branches.
• werner changed the status of T7547: signatures from revoked or expired keys show up as missing keys, a subtask of T7527: Keyring/keybox denial of service, from Testing to Open.
• werner changed the status of T7547: signatures from revoked or expired keys show up as missing keys from Testing to Open.
Mar 10 2025
Mar 10 2025
• werner committed rE0f08f4aa8058: Re-fix logic for finding the beta version number (authored by • werner).
Re-fix logic for finding the beta version number
• werner committed rDdea932b29ef5: Add new news entry and move old news to the archive (authored by • werner).
Add new news entry and move old news to the archive
• werner committed rGe5555a40e633: Update autogen.sh from upstream to version 2025-03-10 (authored by • werner).
Update autogen.sh from upstream to version 2025-03-10
• werner committed rW26f7e428f651: Update autogen.sh from upstream to version 2025-03-10 (authored by • werner).
Update autogen.sh from upstream to version 2025-03-10
card: Add command "ll"
• werner committed rW91b92743a3e7: New option --release to run a complete build cycle. (authored by • werner).
New option --release to run a complete build cycle.
• werner committed rW13163b8dc769: Fix download directory for the gnupg-w32*xz tarball. (authored by • werner).
Fix download directory for the gnupg-w32*xz tarball.
Always use the mimetreeparser patch
Mar 7 2025
Mar 7 2025
swdb: gnupg 2.5.5
Post release updates
Fix Makefile dist files.
• werner committed rW8e650b106c94: Update to gnupg 2.5.5 and latest Kleo et al. (authored by • werner).
Update to gnupg 2.5.5 and latest Kleo et al.
po: msgmerge
Release 2.5.5
po: Update German translation
Typo fix and add missing prototype.
build: Update Libassuan M4 macros
New option --no-sign for build.sh
• werner added a reverting change for rWcec85eb35ccc: Switch download script from wget to curl: rW59085bec8d88: Revert "Switch download script from wget to curl".
• werner committed rW59085bec8d88: Revert "Switch download script from wget to curl" (authored by • werner).
Revert "Switch download script from wget to curl"
Mar 6 2025
Mar 6 2025
• werner moved T7547: signatures from revoked or expired keys show up as missing keys from Backlog to QA on the gnupg24 board.
• werner changed the status of T7547: signatures from revoked or expired keys show up as missing keys, a subtask of T7527: Keyring/keybox denial of service, from Open to Testing.
• werner changed the status of T7547: signatures from revoked or expired keys show up as missing keys from Open to Testing.
• werner committed rG1e581619bf53: gpg: Fix regression for the recent malicious subkey DoS fix. (authored by • werner).
gpg: Fix regression for the recent malicious subkey DoS fix.
• werner committed rGd3d7713c1799: gpg: Fix regression for the recent malicious subkey DoS fix. (authored by • werner).
gpg: Fix regression for the recent malicious subkey DoS fix.
• werner added a comment to T7544: Kleopatra (gnupg, gpgsm) hang on key-creation when x.509 certs are in keystore.
rG25d48663f9 seems to fix this for me. However in my test cases I got a hang in dirmngr simply by running several gpgsm instances to get the details of an X.509 key. I had different logging options enabled, though.
• werner lowered the priority of T7547: signatures from revoked or expired keys show up as missing keys from Unbreak Now! to High.
Please use "unbreak now" only for *released* software with a criticial bug.
• werner committed rG25d48663f9ed: dirmngr: Use the same thread init strategy as gpg-agent et al. (authored by • werner).
dirmngr: Use the same thread init strategy as gpg-agent et al.
• werner committed rG73f6c2dd4d3e: w32: On socket nonce mismatch close the socket. (authored by • werner).
w32: On socket nonce mismatch close the socket.
• werner triaged T7555: gpg --batch does not block all interactivity (e.g. prompting for passwords still happens) as Normal priority.
Mar 5 2025
Mar 5 2025
• werner committed rG41cf76b8c142: Log the Windows system error code at more places. (authored by • werner).
Log the Windows system error code at more places.
• werner closed T7550: master branch fails to build without `./configure --disable-ldap` as Invalid.
master is development and you can't expect that it always build on all platforms.
Mar 4 2025
Mar 4 2025
We do not have an error code for Admin PINs. The Admin PIN is also an OpenPGP card specific termm and other cards use different terms. For example a NKS has no Admin PIN at all but an alternative PIN.
Feb 26 2025
Feb 26 2025
Add API gpgme_op_random_bytes.
Remove now unused functions.
New API gpgme_op_random_bytes is now in master (gpgme 2.0). Use tests/run-genrandom --help for testing. Extra features will come soon.
• werner added a comment to T7542: Subscribing to lists supported at https://lists.gnupg.org/mailman/listinfo/ seems not working.
Please try again. This was due to a change in the RBL we use. Might be fixed now.
Feb 25 2025
Feb 25 2025
• werner added a comment to T7434: Kleopatra: Initial keylisting hangs for ~60 seconds (gpg-agent: Socket ...S.gpg-agent cannot be bound).
Looks like scdaemon which I experienced today also but without having enabled scdaemon logging.
Feb 24 2025
Feb 24 2025
• werner committed rGc68eca636375: tools: Add envvar GPG_AUTHCODE_SIGN_MODE to disable signing. (authored by • werner).
tools: Add envvar GPG_AUTHCODE_SIGN_MODE to disable signing.
• werner closed T7539: validating an OpenPGP `Signed Message` with a text-mode signature and binary-mode literal data packet as Resolved.
I don't see a bug here and any change in this domain disks a regression with existing data. BTW, the mode byte was not even part of the signed data before signature version 5.
• werner closed T7106: Trailing newline trouble in clearsigned message generation and verification as Resolved.
My comment from a year ago still holds true; you may want to fix your testing framework and re-openig this bug iff you can show that there will be no regression with PGP 7 and later.
Feb 21 2025
Feb 21 2025
dirmngr: Prepare for new command KS_DEL.
• werner committed rGdb7141d462ed: dirmngr: Factor a common command parsing code out. (authored by • werner).
dirmngr: Factor a common command parsing code out.
• werner committed rG75667050dc34: build: Update autogen.sh to the current version. (authored by • werner).
build: Update autogen.sh to the current version.
speedo: Do not build gpgme anymore.
Also fixed for 2.4
• werner committed rGda0164efc7f3: gpg: Fix a verification DoS due to a malicious subkey in the keyring. (authored by • werner).
gpg: Fix a verification DoS due to a malicious subkey in the keyring.
• werner committed rG9cd371b12d80: gpg: Remove a signature check function wrapper. (authored by • werner).
gpg: Remove a signature check function wrapper.