In T6708#181592, @werner wrote:I would also suggest that we show the git last git commit in Kleo's About dialog. That makes it far easier to see what we are testing. The Kleo version numbers are a bit arbitrary.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed Advanced Search
Advanced Search
Advanced Search
Jan 19 2024
Jan 19 2024
Jan 19 2024, 9:54 AM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), Restricted Project, vsd, Feature Request
I would also suggest that we show the git last git commit in Kleo's About dialog. That makes it far easier to see what we are testing. The Kleo version numbers are a bit arbitrary.
Jan 19 2024, 9:03 AM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), Restricted Project, vsd, Feature Request
Sorry, it was my fault building the test installer.
Jan 19 2024, 9:01 AM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), Restricted Project, vsd, Feature Request
To be clear: This ticket is only about GnuPG (more precisely dirmngr) and the changes are included in VSD and Gpg4win.
Jan 19 2024, 8:34 AM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), Restricted Project, vsd, Feature Request
Jan 18 2024
Jan 18 2024
Hi, ebo I would still think this is resolved. Because it was never meant that the user manually enters the value of "none" because there is no hint for the user that "none" is a reserved word. It should either be administratively configured which does not make much sense for Gpg4win or provided by the distribution. If left empty the default of GnuPG should be used. If we really want users to deactivate keyserver access by using "none" in the dirmngr.conf a much better solution would be a checkbox for this. In that case I would open a new issue.
Jan 18 2024, 3:54 PM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), Restricted Project, vsd, Feature Request
The fix was not included in the Testbuid...
Jan 18 2024, 3:33 PM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), Restricted Project, vsd, Feature Request
Jan 18 2024, 12:13 PM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), Restricted Project, vsd, Feature Request
• ebo moved T6708: Allow to inhibit the use of a default PGP keyserver from QA to WiP on the gnupg24 board.
Jan 18 2024, 12:12 PM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), Restricted Project, vsd, Feature Request
Does not work in Gpg4win-4.2.1-beta178
Jan 18 2024, 12:11 PM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), Restricted Project, vsd, Feature Request
works in Gpg4win-4.2.1-beta178
Note to self: need to check with "to the second" expiry time, in case this only occurs with summertime
works in Gpg4win-4.2.1-beta178
• werner added a comment to T6944: The default card key generation keeps an unprotected backup of the encryption key on disk.
We tested with Kleopatra:
- Only gpg4win 4.2 is affected (the current version) but 4.1 is not affected.
- No vsd version is affected.
• werner added a comment to T6944: The default card key generation keeps an unprotected backup of the encryption key on disk.
FWIW, I am already working on this.
• gniibe added a comment to T6944: The default card key generation keeps an unprotected backup of the encryption key on disk.
Currently, there is no support for gpg-agent to keep private key not on disk, but only on memory of gpg-agent. Given the situation,
I think that it is good to:
Jan 17 2024
Jan 17 2024
• werner triaged T6944: The default card key generation keeps an unprotected backup of the encryption key on disk as High priority.
• werner added a comment to T6943: Add tool to detect and clean unsolicited copies of smartcard keys.
Example output:
• werner triaged T6943: Add tool to detect and clean unsolicited copies of smartcard keys as High priority.
Jan 16 2024
Jan 16 2024
• werner changed the status of T6942: Differing fingerprint length with curve 448 from Open to Testing.
• werner lowered the priority of T6942: Differing fingerprint length with curve 448 from Unbreak Now! to Normal.
Tested with 2.4.4 beta and the problem shows only up with the parameter file but not when using --expert-full-gen-key or --quick-gen-key. The problem seems to be that the v5 flag is not enforced when using the parameter file. Thus the key is created as v4 key despite that we want to use v5 for the new x448 keys. It is not a severe bug becuase the key will work anyway using software supporting X448. Will of course be fixed for 2.4.4.
• werner moved T6654: gpgsm: p12 passphrase visible in debug output from WiP to QA on the gnupg24 board.
Jan 16 2024, 10:49 AM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), vsd32 (vsd-3.2.0), S/MIME, Restricted Project
• werner moved T6710: Improve Speedo for Linux to set DT_RUNPATH. from WiP to QA on the gnupg24 board.
• werner triaged T6941: gpgsm/dirmngr: support for end-entity certificates with an empty "Subject DN" as Normal priority.
Interesting. I need to look closer at it. I scheduled it for 2.4 but it won't be in the forthcoming 2.4.4. There are still other interesting things on the short list (e.g. timestamping support) but we may do that only in 2.6.
Thanks for the report. It comes right in time for the next release. It might already be fixed due to a lot of changes in the pkcs#12 parser.
Thanks for the report. This is the fun with different code pathes. Obviously the v5 fingerprint needs to be used for the pre-made revocation.
Jan 15 2024
Jan 15 2024
• werner triaged T6873: v2.4 unnecessarily prompts on multi-key encryption despite 1st key being unlocked as Normal priority.
Jan 12 2024
Jan 12 2024
• werner edited projects for T6902: gpgconf: the questionable value 256 for flags in gpgrt_opt_t, added: gnupg22; removed backport.
• werner moved T6719: Support Proxy-Authorization: Negotiate on Windows from Backlog to WiP on the gnupg24 board.
• werner changed the status of T6710: Improve Speedo for Linux to set DT_RUNPATH. from Open to Testing.
Now you can untar and run
Jan 11 2024
Jan 11 2024
• werner moved T6710: Improve Speedo for Linux to set DT_RUNPATH. from Backlog to WiP on the gnupg24 board.
The extra option --debug-allow-pin-logging was implemented with commit rGe43bd2a7a78.
• werner moved T6838: keyboxd hangs on stale locks after changing hostname from Backlog to QA on the gnupg24 board.
Better don't remove your entire ~/.gnupg - removing the *.lock files after gpgconf -K all is sufficient.
Jan 9 2024
Jan 9 2024
• werner moved T6918: gpgconf parsing of VERSION file broken from Backlog to gnupg-2.2.43 on the gnupg22 board.
This is due to the changed format of the VERSION file.
Jan 5 2024
Jan 5 2024
thats great news! I will test the keyword with Archlinux's Builds System (and Fakeroot) as soon as possible!
• ebo added a project to T6425: improve pinentry behavior and texts in smart card context : gnupg24.
• werner moved T6379: Kleopatra: Brainpool key can not be moved to smart card from Backlog to QA on the gnupg24 board.
• werner moved T6902: gpgconf: the questionable value 256 for flags in gpgrt_opt_t from Backlog to QA on the gnupg24 board.
• werner moved T6811: gpgv: Read-only trustedkeys.kbx should not be compressed from Backlog to QA on the gnupg24 board.
• werner moved T2069: Passphrase prompts for each subkey, but not clear which dialog belongs to which subkey from Backlog to done on the gnupg24 board.
• werner moved T6365: Help text translation is not applied from Backlog to done on the gnupg24 board.
• werner moved T6313: 2.4.0 does not support in-source-tree builds from Backlog to done on the gnupg24 board.
• werner moved T6255: --list-keys output truncated and loops repeatedly from Backlog to done on the gnupg24 board.
• werner moved T5897: Fix MinGW compilation error with 'struct _stat32' in common/sysutils.c from gnupg-2.3.4 from Backlog to done on the gnupg24 board.
• werner moved T6179: gnupg 2.3.7 broke YubiKey support: DBG: Curve with OID not supported: 2b06010401da470f01 from Backlog to done on the gnupg24 board.
• werner moved T5109: Initial socket connection to server from Backlog to done on the gnupg24 board.
• werner moved T3883: Add Win32-OpenSSH support to gpg-agent's ssh-agent from Backlog to done on the gnupg24 board.
• werner moved T3398: fingerprint-based import screener is no defense against malice from Backlog to done on the gnupg24 board.
• werner moved T6558: gpgtar: Does not stop spawned gpg process when exiting from Backlog to done on the gnupg24 board.
I sued the done column because we have not assigned it to any milestone.
Fixed a long time ago.
Hope so too. If there was a docker image or something I would gladly test it, otherwise I'll report back as soon as a release is out
• werner moved T6757: gpgsm 2.4 Fails to import P12 certificate/key from Backlog to QA on the gnupg24 board.
We can't test this but assume that the fix for T6752 is sufficient here.
• werner changed the status of T6796: gpg does create socketdir after every operation from Open to Testing.
With rG239c1fdc28dcd0dc7aa5341be7c966da2231642a we now have a socketdir keyword for gpgconf.ctl. man gpgconf and look for that file. Will be released with 2.4.4.
Jan 4 2024
Jan 4 2024
Jan 2 2024
Jan 2 2024
• werner changed the status of T6831: May chose a signing key from a not inserted card over an inserted one from Open to Testing.
I applied your patch and also fixed another possible problem.
Dec 29 2023
Dec 29 2023
• werner edited projects for T6811: gpgv: Read-only trustedkeys.kbx should not be compressed, added: gnupg22; removed backport.
• gniibe added a project to T6811: gpgv: Read-only trustedkeys.kbx should not be compressed: backport.
Bug is in 2.2, too.
• gniibe renamed T6811: gpgv: Read-only trustedkeys.kbx should not be compressed from gpgv does not correctly fallback to trustedkeys.kbx to gpgv: Read-only trustedkeys.kbx should not be compressed.
• gniibe changed the status of T6811: gpgv: Read-only trustedkeys.kbx should not be compressed from Open to Testing.
I found that the warning is emitted when it tries to call keybox_compress.
It should not be called when it's READONLY (which gpgv specifies).
Dec 27 2023
Dec 27 2023
Dec 25 2023
Dec 25 2023
• gniibe changed the status of T6902: gpgconf: the questionable value 256 for flags in gpgrt_opt_t from Open to Testing.
Fixed in rG2be53b214d1c: tools: Fix argparse table of gpgconf..
It would be good to apply this to 2.2, so, adding "backport" tag.
Dec 23 2023
Dec 23 2023
Dec 21 2023
Dec 21 2023
• werner triaged T6902: gpgconf: the questionable value 256 for flags in gpgrt_opt_t as Normal priority.
Dec 18 2023
Dec 18 2023
I'd say we should not do anything about this. Stale lock files are a general problem but can be solved using admin tasks. We may provide a tool to cleanup things on request.
Okay, now we have pass the warnings down to gpg and gpgsm so the problem will be easier to analyze. We also stop trying after 10 seconds. Sample error messages:
Dec 16 2023
Dec 16 2023
We were hoping before christmas. But it is unlikely due to some other stuff we had to do. Early Jan. Definitely a priority for us right now to get it out.
Dec 15 2023
Dec 15 2023
@werner Any news on when will 2.4.4 will land? I cannot figure out how to build the project from source, and I couldn't adapt the Fedora packaging to build it either. I would like to have a way to finally sign my git commits.
Dec 12 2023
Dec 12 2023
• aheinecke edited projects for T4446: please add --quick-revoke-subkey, added: Restricted Project; removed OpenPGP.
We could also use this for T6874: Kleopatra subkey management improvements
Nov 27 2023
Nov 27 2023
Nope, The gpgconf --kill keyboxd hangs too, if I see right, while waiting for agent:
$ strace gpgconf --kill keyboxd [...] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x7f2d74fe2a10) = 3244 wait4(3244, 0x7ffc9836e364, 0, NULL) = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
Nov 26 2023
Nov 26 2023
• werner edited projects for T6838: keyboxd hangs on stale locks after changing hostname, added: gnupg24; removed gnupg24 (gnupg-2.4.4).
Nov 23 2023
Nov 23 2023
See also T6465
Nov 23 2023, 12:03 PM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), Restricted Project, kleopatra
Nov 21 2023
Nov 21 2023
• ebo moved T6654: gpgsm: p12 passphrase visible in debug output from QA to gnupg-2.2.42 on the gnupg22 board.
Nov 21 2023, 4:50 PM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), vsd32 (vsd-3.2.0), S/MIME, Restricted Project
• ebo moved T6654: gpgsm: p12 passphrase visible in debug output from QA to vsd-3.2.0 on the vsd32 board.
Nov 21 2023, 4:02 PM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), vsd32 (vsd-3.2.0), S/MIME, Restricted Project
is now hidden in VS-Desktop-3.1.90.287-Beta
Nov 21 2023, 4:01 PM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), vsd32 (vsd-3.2.0), S/MIME, Restricted Project
• werner triaged T6831: May chose a signing key from a not inserted card over an inserted one as Normal priority.
Nov 20 2023
Nov 20 2023
• aheinecke moved T6654: gpgsm: p12 passphrase visible in debug output from WiP to QA on the vsd32 board.
Nov 20 2023, 10:31 AM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), vsd32 (vsd-3.2.0), S/MIME, Restricted Project
Nov 17 2023
Nov 17 2023
• werner moved T6654: gpgsm: p12 passphrase visible in debug output from WiP to QA on the gnupg22 board.
Nov 17 2023, 10:55 AM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), vsd32 (vsd-3.2.0), S/MIME, Restricted Project
Nov 15 2023
Nov 15 2023
Nov 15 2023, 10:36 AM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), vsd32 (vsd-3.2.0), S/MIME, Restricted Project
• werner added a comment to T6802: Trying to sign with a brainpool X509 key results in non-compliance error.
Testing in 2.4 will not be easy because it requires code modification just for testing. However, de-vs is not supported by 2.4 and the greater plan is to get 2.6 approved for de-vs.
• ebo moved T6802: Trying to sign with a brainpool X509 key results in non-compliance error from QA to gnupg-2.2.42 on the gnupg22 board.
• ebo removed a project from T6802: Trying to sign with a brainpool X509 key results in non-compliance error: vsd32.
works in VS-Desktop-3.1.90.277-Beta