Page MenuHome GnuPG
Feed All Stories

All Stories
Use Results
Edit Query

Today

werner added a comment to T7855: keybox/keydb locking issue in 2.6 .

I'd sad we keep it as it is now (unless we see a regression). The real and only correct solution is the use of a daemon to serialize access.

Wed, Oct 22, 1:34 PM · gnupg26, gpd5x
werner committed rGdb9705ef594d: gpg: Avoid potential downgrade to SHA1 in 3rd party key signatures. (authored by werner).
gpg: Avoid potential downgrade to SHA1 in 3rd party key signatures.
Wed, Oct 22, 12:38 PM
werner committed rG8abc320f2a75: gpg: Error out on unverified output for non-detached signatures. (authored by werner).
gpg: Error out on unverified output for non-detached signatures.
Wed, Oct 22, 12:38 PM
werner committed rG1f85a6794eba: Update NEWS (authored by werner).
Update NEWS
Wed, Oct 22, 12:38 PM
ebo moved T7223: GpgOL: Handle Outlook settings which allow users to disable automatically marking mails as read from Backlog to Done on the gpgol board.
Wed, Oct 22, 12:08 PM · vsd32 (vsd-3.2.3), Restricted Project, gpgol
gniibe added a comment to T7855: keybox/keydb locking issue in 2.6 .

Still, there is a fundamental problem with keydb locking.

  • It only assures no-data-corruption.
  • When a process doing write access, another process reading the resource may encounter a problem (inconsistent data read), since data could be changed while accessing.
    • Currently, write access may occur with keybox compress, this means that users are not safe to invoke multiple gpg/gpgsm simultaneously (to be sure).
      • It would be: only keybox compress when users explicitly ask.
    • We could introduce a lock to read access... BUT naively adding a lock (both for read and write or read-multiple-write-one) results possible deadlock in gpgsm
      • in gpgsm, gpgsm_walk_cert_chain and gpgsm_validate_chain access the resource of keydb in a way of:
        • While it has a handle kh, by find_up routine, it may call keydb_store_cert by callback routine; The callback does write access to the resource opening another handle.
        • Currently, it works because of no lock for read access and keydb_store_cert appends data at the end.
Wed, Oct 22, 9:20 AM · gnupg26, gpd5x
ebo moved T7461: Kleopatra: List newly generated OpenPGP certificate with validation from WIP to Done on the gpd5x board.
Wed, Oct 22, 9:00 AM · vsd33 (vsd-3.3.0), gpd5x, kleopatra
gniibe committed rG0d887e6bea46: po: Update Japanese Translation. (authored by gniibe).
po: Update Japanese Translation.
Wed, Oct 22, 5:00 AM
gniibe committed rG4a2dda2002c4: kbx,gpg,gpgsm: Add FP-close method for keydb to close before unlock. (authored by gniibe).
kbx,gpg,gpgsm: Add FP-close method for keydb to close before unlock.
Wed, Oct 22, 5:00 AM
gniibe committed rG3db6f9f080bc: gpgsm: Fix delete and store certificate locking glitches. (authored by gniibe).
gpgsm: Fix delete and store certificate locking glitches.
Wed, Oct 22, 4:38 AM
gniibe committed rG2d9e1295a1f4: gpg,gpgsm: Serialize write access to keybox/keyring to protect. (authored by gniibe).
gpg,gpgsm: Serialize write access to keybox/keyring to protect.
Wed, Oct 22, 4:38 AM
gniibe committed rGef42a1e218ce: gpg,gpgsm: No more internal-lock when KEEP_LOCK is enabled. (authored by gniibe).
gpg,gpgsm: No more internal-lock when KEEP_LOCK is enabled.
Wed, Oct 22, 4:38 AM
gniibe committed rGa0beed35d6c6: kbx,gpg,gpgsm: Introduce keybox_compress_when_no_other_users. (authored by gniibe).
kbx,gpg,gpgsm: Introduce keybox_compress_when_no_other_users.
Wed, Oct 22, 4:38 AM
gniibe changed the status of T7855: keybox/keydb locking issue in 2.6 , a subtask of T2196: keydb locking can result in deadlock in 2.2, from Open to Testing.
Wed, Oct 22, 4:38 AM · gnupg22, Bug Report
gniibe changed the status of T7855: keybox/keydb locking issue in 2.6 , a subtask of T7827: Kleopatra: Add workaround for locking issue on key generation, from Open to Testing.
Wed, Oct 22, 4:38 AM · vsd34, gpd5x, vsd33, kleopatra
gniibe changed the status of T7855: keybox/keydb locking issue in 2.6 from Open to Testing.

All changes in gniibe/t7855 are pushed into master.

Wed, Oct 22, 4:38 AM · gnupg26, gpd5x
l10n daemon script <scripty@kde.org> committed rKLEOPATRA36f59b82e49c: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Wed, Oct 22, 3:42 AM

Yesterday

ikloecker claimed T7868: Kleopatra: config check box for AllowMarkTrusted not functional .
Tue, Oct 21, 5:52 PM · vsd34, gpd5x, kleopatra
ikloecker committed rKLEOPATRA6bfc490bbded: Don't process the docs on this old branch (authored by ikloecker).
Don't process the docs on this old branch
Tue, Oct 21, 5:19 PM
ikloecker moved T7868: Kleopatra: config check box for AllowMarkTrusted not functional from Backlog to WIP on the vsd34 board.

Backported for VSD 3.4 since this is clearly a regression introduced with T7350 and the fix is zero risk.

Tue, Oct 21, 5:10 PM · vsd34, gpd5x, kleopatra
ikloecker committed rKLEOPATRA867352e0e800: Remove "Allow to mark root certificates as trusted" check box (authored by ikloecker).
Remove "Allow to mark root certificates as trusted" check box
Tue, Oct 21, 5:07 PM
ikloecker added a project to T7868: Kleopatra: config check box for AllowMarkTrusted not functional : vsd34.
Tue, Oct 21, 5:07 PM · vsd34, gpd5x, kleopatra
ikloecker changed the status of T7868: Kleopatra: config check box for AllowMarkTrusted not functional from Open to Testing.

Fixed. The check box has been removed from the "S/MIME Validation" tab.

Tue, Oct 21, 4:51 PM · vsd34, gpd5x, kleopatra
ikloecker committed rKLEOPATRAea04de31485c: Remove "Allow to mark root certificates as trusted" check box (authored by ikloecker).
Remove "Allow to mark root certificates as trusted" check box
Tue, Oct 21, 4:42 PM
ikloecker changed the status of T7863: Kleopatra: the certificate list is not refreshed at the end of the deletion of multiple secret keys from Open to Testing.

Fixed and backported for VSD 3.4

Tue, Oct 21, 4:08 PM · gpd5x, vsd34, kleopatra
ikloecker committed rKLEOPATRAf155859bbb4d: Fix missing update of certificate list after deleting keys (authored by ikloecker).
Fix missing update of certificate list after deleting keys
Tue, Oct 21, 4:07 PM
ebo created T7868: Kleopatra: config check box for AllowMarkTrusted not functional .
Tue, Oct 21, 3:53 PM · vsd34, gpd5x, kleopatra
m.eik triaged T7867: split current config dialog into first-time wizard and config editor as Normal priority.
Tue, Oct 21, 3:09 PM · gpgol2
ikloecker committed rLIBKLEO7ad4536e0e16: Notify users of KeyCache when keys are removed (authored by ikloecker).
Notify users of KeyCache when keys are removed
Tue, Oct 21, 3:04 PM
svuorela committed rOJ6bfe3d421d45: Fix config page order (authored by svuorela).
Fix config page order
Tue, Oct 21, 1:50 PM
ebo moved T4785: GpgOL: "You have changed a copy of this Element" message in Outlook for S/MIME mails from Backlog to Triage on the gpgol board.
Tue, Oct 21, 12:55 PM · gpd5x, gpgol
werner committed rW11fa56c316be: Another Kleopatra update (authored by werner).
Another Kleopatra update
Tue, Oct 21, 12:42 PM
ikloecker committed rKLEOPATRAaed06faef186: Fix action to reload certificate list (authored by ikloecker).
Fix action to reload certificate list
Tue, Oct 21, 12:34 PM
werner added a comment to T7688: gpgme block when trying to encrypt.

That might be related to T2196 which has been hopefully fixed in 2.2.50 and also in the next 2.6. Closing this task.

Tue, Oct 21, 12:18 PM · gpgol2
werner closed T7688: gpgme block when trying to encrypt as Resolved.

That might be related to T2196 which has been hopefully fixed in 2.2.50 and also in the next 2.6. Closing this task.

Tue, Oct 21, 12:18 PM · gpgol2
werner committed rW7a17bd0d39b3: Update kleo, libkleo, gpg4win-tools, and gpgoljs (authored by werner).
Update kleo, libkleo, gpg4win-tools, and gpgoljs
Tue, Oct 21, 12:01 PM
ebo added a comment to T7843: GpgOL: Empty OpenPGP mails with "Read as plain" activated.

Might there be a relation to T7842? But I would have thought that then all signed messages would be unaffected.

Tue, Oct 21, 11:41 AM · vsd34, vsd, gpgol
werner moved T7864: updated nl.po for gnupg 2.4 from Backlog to done on the gnupg24 board.
Tue, Oct 21, 11:25 AM · gnupg24, Bug Report
werner closed T7864: updated nl.po for gnupg 2.4 as Resolved.
Tue, Oct 21, 11:25 AM · gnupg24, Bug Report
werner added a comment to T7864: updated nl.po for gnupg 2.4.

I applied it to the 2.4 branch but please do not continue to translate for 2.4. 2.6 (master) is the new target.

Tue, Oct 21, 11:24 AM · gnupg24, Bug Report
werner committed rG905138e25ff6: po: Update German translation (authored by werner).
po: Update German translation
Tue, Oct 21, 11:24 AM
werner committed rGadb0837956fb: nl: Update Dutch translation (authored by werner).
nl: Update Dutch translation
Tue, Oct 21, 11:17 AM
werner committed rW8a7287634530: Revert "msi: Install versioninfo.txt" (authored by werner).
Revert "msi: Install versioninfo.txt"
Tue, Oct 21, 11:14 AM
werner added a reverting change for rWe71929bce8ef: msi: Install versioninfo.txt: rW8a7287634530: Revert "msi: Install versioninfo.txt".
Tue, Oct 21, 11:14 AM
werner changed the status of T7866: Allow separate LDAP keyserver for uploading from Open to Testing.

Implemented but not tested at all.

Tue, Oct 21, 10:48 AM · LDAP, Feature Request, gnupg26
werner committed rG31de5d0d8cd5: dirmngr: New LDAP keyserver flag "upload" (authored by werner).
dirmngr: New LDAP keyserver flag "upload"
Tue, Oct 21, 10:47 AM
werner triaged T7866: Allow separate LDAP keyserver for uploading as Normal priority.
Tue, Oct 21, 10:42 AM · LDAP, Feature Request, gnupg26
gniibe changed the status of T7829: w32: daemon (gpg-agent/keyboxd/dirmngr) startup and connection race when there is a socket file already, a subtask of T7658: Okular: Dirmngr startup timeout on signature validation, from Open to Testing.
Tue, Oct 21, 9:18 AM · Bug Report, gpd5x, okular
gniibe changed the status of T7829: w32: daemon (gpg-agent/keyboxd/dirmngr) startup and connection race when there is a socket file already from Open to Testing.

Fixed in master: rGae431b04370f: w32:common: Take care of possible race on startup under Windows.

Tue, Oct 21, 9:18 AM · gnupg22, Bug Report, gpd5x, okular
werner committed rG2b54dd035a32: w32: When deleting a private key retry up to 400ms. (authored by werner).
w32: When deleting a private key retry up to 400ms.
Tue, Oct 21, 9:16 AM
werner committed rGd61546521b71: common: Reformat some comments in iobuf.c (authored by werner).
common: Reformat some comments in iobuf.c
Tue, Oct 21, 9:16 AM
mlaurent committed rMTPc2fc60b2c24e: GIT_SILENT: increase KF min version (authored by mlaurent).
GIT_SILENT: increase KF min version
Tue, Oct 21, 7:52 AM
mlaurent committed rLIBKLEO4cb899e9bd0a: GIT_SILENT: increase KF min version (authored by mlaurent).
GIT_SILENT: increase KF min version
Tue, Oct 21, 7:49 AM
gniibe changed the status of T7805: Permission denied on batch deletion of mixed (openpgp+smime) certs from Open to Testing.

This issue should be fixed in 2.6, too.

Tue, Oct 21, 7:14 AM · gnupg, vsd, kleopatra
gniibe committed rG4050139d46fb: gpg: Minor clean up for keydb_lock API. (authored by gniibe).
gpg: Minor clean up for keydb_lock API.
Tue, Oct 21, 7:14 AM
gniibe committed rG9fd630fb23b7: common,w32: Always use share mode readwrite for the keybox. (authored by werner).
common,w32: Always use share mode readwrite for the keybox.
Tue, Oct 21, 7:14 AM
gniibe committed rG39cc15029017: build,common,g13,sm,tools: Require GpgRT 1.56. (authored by gniibe).
build,common,g13,sm,tools: Require GpgRT 1.56.
Tue, Oct 21, 7:14 AM
gniibe committed rG8a5d2674c3be: common: New function gnupg_remove_ext. (authored by werner).
common: New function gnupg_remove_ext.
Tue, Oct 21, 7:14 AM
gniibe changed the status of T7805: Permission denied on batch deletion of mixed (openpgp+smime) certs, a subtask of T7855: keybox/keydb locking issue in 2.6 , from Open to Testing.
Tue, Oct 21, 6:50 AM · gnupg26, gpd5x
gniibe changed the status of T7138: Windows (Semi-hosted environment): filename and network access, a subtask of T6508: Port GnuPG to 64-bit Windows, from Open to Testing.
Tue, Oct 21, 4:57 AM · Windows 64, Feature Request, gnupg26
gniibe changed the status of T7138: Windows (Semi-hosted environment): filename and network access from Open to Testing.
Tue, Oct 21, 4:57 AM · gnupg, Bug Report
gniibe committed rG61ff3759e827: common,dirmngr:w32: Fix for semi-hosted environment. (authored by gniibe).
common,dirmngr:w32: Fix for semi-hosted environment.
Tue, Oct 21, 4:57 AM
gniibe added a comment to T7138: Windows (Semi-hosted environment): filename and network access.

Pushed the change to gnupg master: rG61ff3759e827: common,dirmngr:w32: Fix for semi-hosted environment.

Tue, Oct 21, 4:56 AM · gnupg, Bug Report
gniibe claimed T7138: Windows (Semi-hosted environment): filename and network access.

In libgpg-error, I pushed thread-safe version : rE0313b660f8bd: w32: Don't convert slash->backslash when it's under Wine.
I'm going to push similar code to gnupg master.

Tue, Oct 21, 3:26 AM · gnupg, Bug Report

Mon, Oct 20

ebo claimed T7701: Draft: Kleopatra: Add information for verification results.
Mon, Oct 20, 5:28 PM · gpd5x, kleopatra
ebo raised the priority of T7701: Draft: Kleopatra: Add information for verification results from Normal to High.
Mon, Oct 20, 5:22 PM · gpd5x, kleopatra
alexk renamed T7831: Kleopatra: Configuration of the initial status of all checkboxes in the sign/encrypt dialog from Kleopatra: Configuration of the "start status" of all checkboxes in the sign/encrypt dialog to Kleopatra: Configuration of the initial status of all checkboxes in the sign/encrypt dialog.
Mon, Oct 20, 4:36 PM · gpd5x, kleopatra
ebo raised the priority of T7790: Kleopatra: "no trusted certification" should have precedence over "expired" in signature verification from Normal to High.
Mon, Oct 20, 4:22 PM · gpd5x, kleopatra
ebo claimed T7786: Draft: Kleopatra: improvements of signature verification result messages.
Mon, Oct 20, 4:18 PM · a11y, gpd5x, kleopatra
svuorela committed rOJb016c75afd16: Split the ui file into the 4 pages it consists of (authored by svuorela).
Split the ui file into the 4 pages it consists of
Mon, Oct 20, 4:15 PM
svuorela committed rOJ1a4e22b62fc8: Round trip ui-file with designer. No expected changes. (authored by svuorela).
Round trip ui-file with designer. No expected changes.
Mon, Oct 20, 4:15 PM
ebo moved T6568: Kleopatra: make table column headings accessible from Backlog to WIP on the gpd5x board.
Mon, Oct 20, 4:14 PM · vsd34, gpd5x, a11y, kleopatra
ebo changed the edit policy for T6568: Kleopatra: make table column headings accessible.
Mon, Oct 20, 4:14 PM · vsd34, gpd5x, a11y, kleopatra
ikloecker changed the status of T7762: Kleopatra: Notepad: close message notification on revert, a subtask of T7412: Notepad improvements, from Open to Testing.
Mon, Oct 20, 4:01 PM · kleopatra
ikloecker changed the status of T7762: Kleopatra: Notepad: close message notification on revert from Open to Testing.

I merged Tobias's MR

Mon, Oct 20, 4:01 PM · gpd5x, kleopatra
ikloecker committed rWa7e0f7c1313d: qtbase: Adapt patch for CVE-2025-5455 to Qt 6.7 (authored by ikloecker).
qtbase: Adapt patch for CVE-2025-5455 to Qt 6.7
Mon, Oct 20, 3:56 PM
ebo moved T7782: Kleopatra: convert the audit log link to a button from Backlog to WIP on the gpd5x board.
Mon, Oct 20, 3:55 PM · gpd5x, kleopatra
ebo changed the status of T7782: Kleopatra: convert the audit log link to a button from Open to Testing.
Mon, Oct 20, 3:54 PM · gpd5x, kleopatra
ebo changed the status of T7588: Kleopatra: Several problems with icons in high contrast modes from Open to Testing.
Mon, Oct 20, 3:53 PM · a11y, Windows, gpd5x, kleopatra
ebo changed the status of T7588: Kleopatra: Several problems with icons in high contrast modes, a subtask of T6932: Icons, darkmode and stuff, from Open to Testing.
Mon, Oct 20, 3:53 PM · gpd5x, kleopatra
ikloecker committed rKLEOPATRA9682c5ec2ae0: Disable base widget while overlay is shown (authored by ikloecker).
Disable base widget while overlay is shown
Mon, Oct 20, 3:23 PM
ebo changed the status of T7334: Kleopatra: ADSK shown as "unknown recipient" from Open to Testing.

We need to check what the current status here is. This has been in the 5.0 Betas for a while, so testing with 5.0-Beta369 will work

Mon, Oct 20, 3:16 PM · gpd5x, kleopatra
werner committed rWc82376c69d4f: Update gpgme-2.0.1 checksum (authored by werner).
Update gpgme-2.0.1 checksum
Mon, Oct 20, 3:00 PM
werner committed rWe71929bce8ef: msi: Install versioninfo.txt (authored by werner).
msi: Install versioninfo.txt
Mon, Oct 20, 3:00 PM
ikloecker claimed T7863: Kleopatra: the certificate list is not refreshed at the end of the deletion of multiple secret keys .
Mon, Oct 20, 2:19 PM · gpd5x, vsd34, kleopatra
ikloecker changed the status of T7862: Kleopatra: No feedback by screen readers if no certificates are found on server lookup from Open to Testing.

Fixed and backported for VSD 3.4

Mon, Oct 20, 2:18 PM · vsd34, gpd5x, a11y, kleopatra
ikloecker added a project to T7862: Kleopatra: No feedback by screen readers if no certificates are found on server lookup: vsd34.
Mon, Oct 20, 2:17 PM · vsd34, gpd5x, a11y, kleopatra
ikloecker committed rKLEOPATRA7986094cb88d: Move focus from base widget to text overlay when overlay is shown (authored by ikloecker).
Move focus from base widget to text overlay when overlay is shown
Mon, Oct 20, 2:16 PM
ikloecker committed rKLEOPATRA1094d0978a0f: Make backported focus-moving change work as intended (authored by ikloecker).
Make backported focus-moving change work as intended
Mon, Oct 20, 2:16 PM
Next