Also done for 2.2.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Advanced Search
Aug 28 2023
Jul 24 2023
Jul 5 2023
Jun 5 2023
To align the default expiration time with the BSI approval and other related software we change this now to 3 years.
Apr 5 2023
Jan 20 2023
The introduction of --override-compliance-check actually hid the real
cause for the signature verification problem in de-vs mode for the
Ed25519 key. The real fix is to handle the EdDSA algorithm in
gnupg_pk_is_allowed.
Jan 19 2023
Release quite some time ago.
Dec 12 2022
Dec 9 2022
Dec 6 2022
Thanks !
A real fix will be in the next gpgrt release
Dec 5 2022
In T2671#158357, @werner wrote:It seems that editing a pre-created revocation certificate on Windows with Notepad doesn't let Kleopatra detect this correctly as OpenPGP file and thus refuses to import. Works on the command line but needs more testing.
Nov 17 2022
We need to do this also for CHANGE REFERENCE DATA - however, there should be an extra option so that we can debug this despite of the redacting.
Nov 16 2022
Nov 14 2022
Oct 31 2022
Oct 28 2022
Shall we really backport this to 2.2 given that ECC for S/MIME is in most cases a smartcard thing?
Fixed for master but not yet tested.
Oct 24 2022
works as proposed by werner.
Oct 20 2022
The latter. Detecting mail addresses with regexp is anyway a kludge and we have more stringent code to detect mail addresses in a user-id.
@werner i'm not sure i understand what "easy to enclose them in angle brackets just for comparison" means.
Oct 19 2022
Oct 18 2022
We already detect mail addresses for different purposes and thus it will be easy to enclose them in angle brackets just for comparision.. Almost all trust signatures out there are created by gpg and used to restrict the mail domain. No need for different regexp. See also the comments in the code related to the history.
Ah, sorry, I did my own changes before looking T6244#164317
Pushed the changes to 2.2 and master.
Thank you for your report. The issue is handling of static linking in GnuPG.
Oct 17 2022
It will be hard to fix this. GnuPG supports exactly one class of regular expressions: something bracketed between "<[^>]+[@.]" and ">$" . Even if the next release of gpg supports more regular expressions, gpg will have to wait years before it can start emitting different regular expressions for scoped tsigs by default.
I recommend, when making a User ID with only an e-mail address, to populate the User IDs by wrapping it in an angle bracket, rather than just leaving the raw e-mail address. It's not just the regexp matcher -- there are other pieces of OpenPGP software that won't recognize a raw e-mail address in a user ID as an e-mail address. It also makes it easy to distinguish such a User ID from a User ID that is not at all an e-mail address.
Thank you for your report. IIUC, your log is the build log of GnuPG 2.2, so, I put the tag "gnupg (gpg22)".
Oct 15 2022
I believe https://dev.gnupg.org/T6239 also applies here. It would be great if the fix could be backported.
Oct 14 2022
Oct 13 2022
Sep 29 2022
Indeed, the status line should not be emitted in this case. Thanks.
% gpgconf --list-options gpg | grep compliance compliance:16:2::1:1::"gnupg:: compliance_de_vs:144:3::2:2::0:: % dpkg --list libgcrypt20 | cat Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) ||/ Name Version Architecture Description +++-=================-============-============-===================================== ii libgcrypt20:amd64 1.10.1-2 amd64 LGPL Crypto library - runtime library % gpg --version gpg (GnuPG) 2.2.39 libgcrypt 1.10.1 Copyright (C) 2022 g10 Code GmbH License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law.
With a gcrypt not claiming compliance you should not get the status compliant or not but GnuPG should error out with forbidden.
Justus, you should know how to write a proper bug report. Please do that and don't just paste some more or less random output here with just hint that Libgcrypt is not compliant. tia.
Sep 25 2022
Sep 22 2022
Sep 16 2022
Sep 15 2022
Sep 14 2022
works now
Sep 6 2022
Sep 2 2022
Thanks for testing. I guess I will do a new release.
Sep 1 2022
Applies cleanly and fixes the crash. 👍
For master (2.3) the fix is not needed due to another way the code works, but having a more robust function is always good.
You may try the above commit - if should apply cleanly to 2.2.37.
You are right. This due to your old binary private key (stubs). Otherwise you would at least have one item ("Key:"). I need to see what do do about the release. Maybe a tool to update the key files would we a good workaround.