In T6085#162923, @ikloecker wrote:In T6085#162918, @ebo wrote:well, when creating openPGP keys with kleopatra I did not see any hints. I do not think that the issue would be vaild for password based encryption. There the common usecase is autogeneration, anyway
Autogeneration isn't viable if an organization has stupid password constraints that the autogenerated passwords do not satisfy. In particular, the autogenerated passwords do not contain any non-alphanumeric characters, but many password policies require such a character.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed Advanced Search
Advanced Search
Advanced Search
Aug 14 2023
Aug 14 2023
• aheinecke edited projects for T6085: pinentry-qt: Earlier passphrase hint when creating new key, added: gnupg; removed Installer.
Aug 10 2023
Aug 10 2023
ydixken updated the task description for T6641: pinentry-tty & pinentry-curses breaks tty when timeout occurs or CTRL-C is pressed.
ydixken updated the task description for T6641: pinentry-tty & pinentry-curses breaks tty when timeout occurs or CTRL-C is pressed.
ydixken renamed T6641: pinentry-tty & pinentry-curses breaks tty when timeout occurs or CTRL-C is pressed from pinentry-tty breaks tty when timeout occurs or CTRL-C is pressed to pinentry-tty & pinentry-curses breaks tty when timeout occurs or CTRL-C is pressed.
Jul 24 2023
Jul 24 2023
• ebo moved T6041: pinentry-qt dialog window no longer floats under Sway (fixed after 1.2.0) from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Jun 1 2023
Jun 1 2023
ikloecker renamed T6491: Pinentry-Qt: Password prompt for each subkey if password change is cancelled from Password prompt for each subkey if password change is cancelled to Pinentry-Qt: Password prompt for each subkey if password change is cancelled.
ikloecker lowered the priority of T6491: Pinentry-Qt: Password prompt for each subkey if password change is cancelled from High to Normal.
I have set T6513: Kleopatra: Require GpgME 1.21 as blocker for this issue because, in my opinion, showing the above mentioned "Operation fully cancelled" error message is from a user perspective worse than showing multiple password prompts.
May 31 2023
May 31 2023
ikloecker added a comment to T6491: Pinentry-Qt: Password prompt for each subkey if password change is cancelled.
Setting close_button when the user rejected the pin entry (by pressing the close button, the Cancel button or Esc) causes fully canceled. Unfortunately, Kleopatra (and in fact GpgME::Error) has no idea that fully canceled should be treated as canceled and not as error. Therefore, Kleopatra shows an ugly error message:
An error occurred while trying to change the passphrase for [...]:
Operation fully cancelled
May 17 2023
May 17 2023
• werner added projects to T6491: Pinentry-Qt: Password prompt for each subkey if password change is cancelled: pinentry, kleopatra.
I see the problem: The Qt Pinentry does not implement the BUTTON_INFO status and thus we don't get a fully canceled error back (gpg-agent maps the cancel error to fully-cancel if the close button was used). Should be easy to fix in pinentry (set pinentry->close_button in the close eventhandler).
May 12 2023
May 12 2023
Thank you, your suggestion inspired me to experiment a bit further and I found the problem - I needed in fact to delete the line from my ssh config, no idea why:
Match host * exec "gpg-connect-agent UPDATESTARTUPTTY /bye"
Now I update startup tty only on terminal start and it seems to be working. Still a bit strange.
On a terminal, please invoke:
$ gpg-connect-agent UPDATESTARTUPTTY /bye
May 4 2023
May 4 2023
• werner added a project to T6478: gpg-agent works for gpg, but not ssh with pinentry-tty: pinentry.
Apr 10 2023
Apr 10 2023
• gniibe changed the status of T6444: pinentry-1.2.1 does not configure against libgpg-error-1.47 from Open to Testing.
Apr 5 2023
Apr 5 2023
• ebo moved T4950: pinentry: Add warning when capslock is on from Restricted Project Column to Restricted Project Column on the Restricted Project board.
• ebo moved T5972: Can't insert charaters in a magic-wand generated password from Restricted Project Column to Restricted Project Column on the Restricted Project board.
• ebo moved T5863: pinentry-qt: Further improve the accessibility from Restricted Project Column to Restricted Project Column on the Restricted Project board.
• ebo moved T5543: pinentry-qt: Accessibility switch to repeat on enter from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Mar 28 2023
Mar 28 2023
• werner renamed T6400: Improve Pinentry error message for a bad $TERM from Key generation on freebsd fails with message about screen size to Improve Pinentry error message for a bad $TERM.
Actually this is about improving an error message.
Mar 21 2023
Mar 21 2023
• werner triaged T6418: pinentry-qt: Accessibility in case of entering 2 different passphrases as Normal priority.
• werner added a project to T6418: pinentry-qt: Accessibility in case of entering 2 different passphrases: a11y.
ok, ticket for the new issue is T6418
Mar 20 2023
Mar 20 2023
Not sure why this was assigned to Andre.
In T5543#168681, @ebo wrote:How about emptying both fields in case of mismatch and start from the beginning?
This exact step works. But if you misspell the repeat its unintuitive again what you should do.
closing with reference to external testing
Turned out to be a bit come complicated. I hope that I did not break any of the other pinentries:
rP8ab1682e80a2b4185ee9ef66cbb44340245966fc
Mar 2 2023
Mar 2 2023
Added SETQUALITYBAR support with some fixes for glitches when an error string was set. Wide characters seem to work OK.
Feb 27 2023
Feb 27 2023
Added curses-repeat branch which needs testing for wide chars and other stuff in case i missed something
Jan 19 2023
Jan 19 2023
• werner removed a project from T4346: Remove gpg-agent passphrase nags for empty / none passphrase: gnupg (gpg23).
Nov 14 2022
Nov 14 2022
Nov 3 2022
Nov 3 2022
Oct 28 2022
Oct 28 2022
ikloecker changed the status of T5863: pinentry-qt: Further improve the accessibility from Open to Testing.
This is now ready for testing.
Sep 26 2022
Sep 26 2022
• gniibe added a comment to T6160: pinentry Emacs support assumes socket location at ${TMPDIR}/emacs${UID}, fails to connect (need to respect XDG_RUNTIME_DIR).
pinentry-emacs is obsolete. It's for older Emacs (<= 25, IIUC) which had lisp/pinentry.el.
For Emacs 26 and newer, you can simply use epa-pinentry-mode having the value of loopback.
Sep 22 2022
Sep 22 2022
• werner removed a project from T5543: pinentry-qt: Accessibility switch to repeat on enter: Restricted Project.
Sep 14 2022
Sep 14 2022
• ebo removed a project from T5972: Can't insert charaters in a magic-wand generated password : Restricted Project.
works now
Sep 9 2022
Sep 9 2022
thesamesam closed T6193: Build failure with Clang 15 (pinentry-curses.c, error: call to undeclared function 'addnwstr' ...) as Invalid.
Thanks for your help @gniibe and apologies for wasting your time. It looks like this is an issue with ncurses on musl systems and I'll pursue it there. I have a patch to their configure which works & fixes building pinentry.
thesamesam added a comment to T6193: Build failure with Clang 15 (pinentry-curses.c, error: call to undeclared function 'addnwstr' ...).
I've reported it on bug-ncurses@ to get some insight: https://marc.info/?l=ncurses-bug&m=166268018624805&w=2.
thesamesam added a comment to T6193: Build failure with Clang 15 (pinentry-curses.c, error: call to undeclared function 'addnwstr' ...).
Mysteriously, I get nothing:
$ pkg-config --cflags nurses
Sep 8 2022
Sep 8 2022
• gniibe added a comment to T6193: Build failure with Clang 15 (pinentry-curses.c, error: call to undeclared function 'addnwstr' ...).
Could you please check what pkg-config --cflags ncurses returns?
In my environment (of Debian), it returns:
thesamesam set External Link to https://bugs.gentoo.org/869128 on T6193: Build failure with Clang 15 (pinentry-curses.c, error: call to undeclared function 'addnwstr' ...).
thesamesam added a comment to T6193: Build failure with Clang 15 (pinentry-curses.c, error: call to undeclared function 'addnwstr' ...).
It looks like there was a problem similar to this a while ago: https://dev.gnupg.org/T2320 where it turned out for unicode ncurses builds, a specific header had to be included, but that workaround seems to have been removed from pinentry since.
Sep 6 2022
Sep 6 2022
In T6085#162918, @ebo wrote:well, when creating openPGP keys with kleopatra I did not see any hints. I do not think that the issue would be vaild for password based encryption. There the common usecase is autogeneration, anyway
In T6085#162921, @aheinecke wrote:@ikloecker yes as mentioned in my response the current hints are only for symmetric.
@ikloecker yes as mentioned in my response the current hints are only for symmetric.
well, when creating openPGP keys with kleopatra I did not see any hints. I do not think that the issue would be vaild for password based encryption. There the common usecase is autogeneration, anyway
The long hint is "hidden" in the tooltip of the short hint.
And the issue for which @ebo opened this ticket is in my opinion that you have to fail first before you see the hint.
Sep 5 2022
Sep 5 2022
• aheinecke moved T6085: pinentry-qt: Earlier passphrase hint when creating new key from Restricted Project Column to Restricted Project Column on the Restricted Project board.
• aheinecke lowered the priority of T6085: pinentry-qt: Earlier passphrase hint when creating new key from Normal to Low.
I think there was a misunderstanding here. We already set .pinentry.constraints.hint.long and .pinentry.constraints.hint.short in GnuPG-VSD but firstly they are only about symmetric.
And the issue for which @ebo opened this ticket is in my opinion that you have to fail first before you see the hint.
Aug 26 2022
Aug 26 2022
• aheinecke moved T6085: pinentry-qt: Earlier passphrase hint when creating new key from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Fully done in my opinion.
This is in for so long we can mark it as resolved. I had tested it on Windows.
Aug 25 2022
Aug 25 2022
thesamesam added a comment to T6160: pinentry Emacs support assumes socket location at ${TMPDIR}/emacs${UID}, fails to connect (need to respect XDG_RUNTIME_DIR).
That's a fair point, cheers!
thesamesam added a comment to T6161: pinentry doesn't allow disabling various library linkages (libX11, KF5WaylandClient, Qt5X11Extras).
In T6161#162306, @ikloecker wrote:I'm not sure I understand. If you don't want pinentries depending on libX11, then simply disable those pinentries with --disable-pinentry-qt5, etc. For Wayland it may make sense to allow disabling it.
ikloecker added a comment to T6161: pinentry doesn't allow disabling various library linkages (libX11, KF5WaylandClient, Qt5X11Extras).
I'm not sure I understand. If you don't want pinentries depending on libX11, then simply disable those pinentries with --disable-pinentry-qt5, etc. For Wayland it may make sense to allow disabling it.
• werner triaged T6161: pinentry doesn't allow disabling various library linkages (libX11, KF5WaylandClient, Qt5X11Extras) as Normal priority.
• werner triaged T6160: pinentry Emacs support assumes socket location at ${TMPDIR}/emacs${UID}, fails to connect (need to respect XDG_RUNTIME_DIR) as Normal priority.
Let's turn this into a feature request.
thesamesam updated the task description for T6160: pinentry Emacs support assumes socket location at ${TMPDIR}/emacs${UID}, fails to connect (need to respect XDG_RUNTIME_DIR).
thesamesam changed External Link from https://bugs.gentoo.org/794649 to https://debbugs.gnu.org/33847 on T6160: pinentry Emacs support assumes socket location at ${TMPDIR}/emacs${UID}, fails to connect (need to respect XDG_RUNTIME_DIR).
thesamesam changed External Link from https://bugs.gentoo.org/794649) to https://bugs.gentoo.org/794649 on T6160: pinentry Emacs support assumes socket location at ${TMPDIR}/emacs${UID}, fails to connect (need to respect XDG_RUNTIME_DIR).
thesamesam set External Link to https://bugs.gentoo.org/794649) on T6160: pinentry Emacs support assumes socket location at ${TMPDIR}/emacs${UID}, fails to connect (need to respect XDG_RUNTIME_DIR).
• gniibe closed T5631: pinentry-curses on OpenIndiana (Illumos distro) doesn't display correctly as Resolved.
Fixed in 1.2.1.
• gniibe closed T5893: Patches to compile pinentry-1.2.0 cleanly with mingw.org's MinGW as Resolved.
Fixed in 1.2.1.
Fixed in 1.2.1.
Aug 24 2022
Aug 24 2022
At least, pinentry-qt offers this functionality since 1.2.0 (see T5517: Improvements for symmetric encryption).
Isn't this (mostly?) done? See T5517: Improvements for symmetric encryption.
ikloecker added a project to T5543: pinentry-qt: Accessibility switch to repeat on enter: Restricted Project.
ikloecker closed T6041: pinentry-qt dialog window no longer floats under Sway (fixed after 1.2.0) as Resolved.
pinentry 1.2.1 has been released today
ikloecker added a project to T6085: pinentry-qt: Earlier passphrase hint when creating new key: Installer.
Aug 23 2022
Aug 23 2022
ikloecker changed the status of T5863: pinentry-qt: Further improve the accessibility from Testing to Open.
Fix issues found while testing with NVDA.
Aug 8 2022
Aug 8 2022
Should be fixed. A copy of an older version of pinentry's source code that can be built with Q4 is now included and will result in a pinentry-qt4 executable. Note that while we won't break this pinentry intentionally we won't maintain it either.
Jul 27 2022
Jul 27 2022
New release of libassuan is expected to make sure it's cleared off.
Jul 26 2022
Jul 26 2022
• werner triaged T6041: pinentry-qt dialog window no longer floats under Sway (fixed after 1.2.0) as Normal priority.
• werner triaged T6085: pinentry-qt: Earlier passphrase hint when creating new key as Normal priority.
Jul 22 2022
Jul 22 2022
@gniibe Thanks!
In the repo, for all related software, it's done.
Note that versions since 2020-11-07 to 2021-07-03 have major problem with non-POSIX shell, which doesn't support $(..) construct.
Jul 18 2022
Jul 18 2022
Thank you.
Jul 15 2022
Jul 15 2022
it seems to be a GnuPG-VSD packaging issue, then
It's already possible to define a short and a long hint for the constraints via the file doc/help.txt and its translations. This is a standard technique used by GnuPG for customization of several UI texts. Since the passphrase constraints can be very complex we don't try to come up with a suitable default hint.
ikloecker renamed T6085: pinentry-qt: Earlier passphrase hint when creating new key from earlier passphrase hint when creating new key to pinentry-qt: Earlier passphrase hint when creating new key.
Jul 8 2022
Jul 8 2022
It looks like having it set will stop fallback from working entirely? Would you say that this cannot be fixed if WAYLAND_DISPLAY is set like I do above?
It looks like having it set will stop fallback from working entirely? Would you say that this cannot be fixed if WAYLAND_DISPLAY is set like I do above?
Jul 6 2022
Jul 6 2022
ikloecker triaged T6061: pinentry-qt on wayland does not fallback to pinentry-curses as Low priority.
pinentry does the following to check if it's running in a GUI session:
// check a few environment variables that are usually set on X11 or Wayland sessions const bool hasWaylandDisplay = qEnvironmentVariableIsSet("WAYLAND_DISPLAY"); const bool isWaylandSessionType = qgetenv("XDG_SESSION_TYPE") == "wayland"; const bool hasX11Display = pinentry_have_display(argc, argv); const bool isX11SessionType = qgetenv("XDG_SESSION_TYPE") == "x11"; const bool isGUISession = hasWaylandDisplay || isWaylandSessionType || hasX11Display || isX11SessionType;
i.e. it checks if a few environment variables are set or have a specific value.