Feed Advanced Search

Fri, Jun 14

werner added a comment to T4393: GnuPG should always accept key updates even if the update does not contain UIDs.

Please use a private branch as usual. There has been no agreement or a discussion over this change nor do we have a DCO from him.

Fri, Jun 14, 6:10 PM · gnupg, Feature Request
werner added a comment to rGcb302d66b932: gpg: allow import of previously known keys, even without UIDs.

We also have not DCO on record for @Valodim

Fri, Jun 14, 6:00 PM
werner added a comment to rGcb302d66b932: gpg: allow import of previously known keys, even without UIDs.

Please use a private branch for such patches (dkg/fix-*) as you did in the past.

Fri, Jun 14, 5:58 PM
werner added a comment to rM7d0a979c07d2: python: Fix regression in t-decrypt-verify test..

Feel free to fix it but a "make -j3 distcheck" MUST work.

Fri, Jun 14, 5:52 PM
werner committed rM0378250846b7: core: Make the refactored global wait work. (authored by werner).
core: Make the refactored global wait work.
Fri, Jun 14, 1:58 PM
werner committed rMb2749d77da7d: core: Make the refactored user event loop work. (authored by werner).
core: Make the refactored user event loop work.
Fri, Jun 14, 1:58 PM
werner committed rM153f1128f81a: core: Use a better name for the internal synchronous wait. (authored by werner).
core: Use a better name for the internal synchronous wait.
Fri, Jun 14, 1:58 PM
werner added a comment to rMbd2d282e572b: python/tests: try to decrypt and verify new test data.

Unfortunately this is not the case. I had to remove the test code from t-decrypt-verify.c (7d0a979c07d2) to let "make check" work.

Fri, Jun 14, 11:56 AM
werner added projects to T4573: Files encrypted on another platform using password base encryption (-c) intermittently fail to decrypt on Kleopatra: gnupg (gpg22), kleopatra.
Fri, Jun 14, 11:52 AM · kleopatra, gnupg (gpg22), Bug Report
werner updated the task description for T4573: Files encrypted on another platform using password base encryption (-c) intermittently fail to decrypt on Kleopatra.
Fri, Jun 14, 11:47 AM · kleopatra, gnupg (gpg22), Bug Report
werner added a comment to T4574: Change #!/bin/sh to #!/bin/bash in libgpg-error-1.36/src/gpg-error-config-test.sh.

This is all valid Bourne shell syntax. In detail:

Fri, Jun 14, 11:42 AM · Bug Report

Thu, Jun 13

werner committed rD15b94976eea1: swdb: gpgme 1.13.1 (authored by werner).
swdb: gpgme 1.13.1
Thu, Jun 13, 4:14 PM
werner closed T4551: Release GPGME-1.13.1 as Resolved.

Release done.

Thu, Jun 13, 3:39 PM · gpgme, Release Info
werner committed rMea11c2a13cd4: Release 1.13.1 (authored by werner).
Release 1.13.1
Thu, Jun 13, 3:36 PM
werner committed rM44cedf97962a: Post release updates (authored by werner).
Post release updates
Thu, Jun 13, 3:36 PM
werner committed rM7d0a979c07d2: python: Fix regression in t-decrypt-verify test. (authored by werner).
python: Fix regression in t-decrypt-verify test.
Thu, Jun 13, 3:36 PM
werner added a commit to T4276: Context.decrypt() throws an error if *any* signature is bad: rM7d0a979c07d2: python: Fix regression in t-decrypt-verify test..
Thu, Jun 13, 3:36 PM · gpgme, Python, Bug Report
werner committed rMad1395f210f3: python: Set a default-key into gpg.conf for the tests. (authored by werner).
python: Set a default-key into gpg.conf for the tests.
Thu, Jun 13, 3:36 PM
werner committed rM4f11210b21a1: core: At debug levels up to 9 print only an ascii dump. (authored by werner).
core: At debug levels up to 9 print only an ascii dump.
Thu, Jun 13, 3:36 PM
werner added a comment to rMbd2d282e572b: python/tests: try to decrypt and verify new test data.

Can you please explain the commit messages. It seems the message was truncated.
And a failed test is a no-go in the regression test suite. A make check fails and thus the make release (or make distcheck) won't work either.

Thu, Jun 13, 3:12 PM
werner committed rMef50bffc7103: core: Use fully correct command args for gpg --verify. (authored by werner).
core: Use fully correct command args for gpg --verify.
Thu, Jun 13, 9:14 AM
werner committed rM28e620fa169d: core: Refactor the wait code utilizing the new fdtable. (authored by werner).
core: Refactor the wait code utilizing the new fdtable.
Thu, Jun 13, 9:14 AM
werner committed rM3b32f7a97f97: core: At debug levels up to 9 print only an ascii dump. (authored by werner).
core: At debug levels up to 9 print only an ascii dump.
Thu, Jun 13, 9:14 AM
werner committed rM5cfdf878fbc6: core: Link all context objects and add _gpgme_get_ctx. (authored by werner).
core: Link all context objects and add _gpgme_get_ctx.
Thu, Jun 13, 9:14 AM
werner committed rM2a3cdb3e819d: core: Improve code by using strconcat at two places. (authored by werner).
core: Improve code by using strconcat at two places.
Thu, Jun 13, 9:14 AM
werner committed rM52d8ed8dfb91: core: Replace the posix close notify mechanism by a new generic one. (authored by werner).
core: Replace the posix close notify mechanism by a new generic one.
Thu, Jun 13, 9:14 AM
werner committed rM92883efe7176: core: Introduce a context serial number. (authored by werner).
core: Introduce a context serial number.
Thu, Jun 13, 9:14 AM
werner added a comment to T4257: GPGME: op_verify failes for S/MIME with EBADF in multithreaded signature verification.

I have a larger change for the wait code in the works. This will go into 1.14.0 but not in 1.13.1

Thu, Jun 13, 9:06 AM · S/MIME, gpgme
werner updated the task description for T4551: Release GPGME-1.13.1.
Thu, Jun 13, 9:05 AM · gpgme, Release Info

Mon, Jun 10

werner added a comment to rC5e8765137c8c: ecc: Adding X448..

I don't mind how we call it in Libgcrypt. For GnuPG we should use "cv448" me things.

Mon, Jun 10, 4:25 PM

Sun, Jun 9

werner renamed T4568: Gpg4win / Kleopatra: Export from clipboard not supported from Gpg4win / Kleopatra Funktion Exportieren aus Zwischenablage nicht mehr möglich! to Gpg4win / Kleopatra: Export from clipboard not supported.
Sun, Jun 9, 6:27 PM

Sat, Jun 8

werner removed a project from T4566: dirmngr fails with HTTP 302 redirection to hkps: ntbtls.

I just assumed that is an ntbtls problem.

Sat, Jun 8, 10:26 PM · gnupg (gpg22), dirmngr, Bug Report
werner triaged T4564: gpgconf --change-options prints warning about dirmngr_ldapservers.conf when GNUPGHOME is set as Wishlist priority.
Sat, Jun 8, 10:41 AM · gnupg, Bug Report
werner triaged T4512: gpg's --keyserver option should be more robustly deprecated as Low priority.

We need --keyserver in gpg for just one reason: backward compatibility.

Sat, Jun 8, 10:40 AM · Documentation, gnupg (gpg22), Keyserver, dirmngr, Bug Report
werner added a project to T4566: dirmngr fails with HTTP 302 redirection to hkps: gnupg (gpg22).
Sat, Jun 8, 10:38 AM · gnupg (gpg22), dirmngr, Bug Report
werner triaged T4566: dirmngr fails with HTTP 302 redirection to hkps as High priority.
Sat, Jun 8, 10:38 AM · gnupg (gpg22), dirmngr, Bug Report
werner triaged T4565: Libgcrypt doesn't build if blake2 isn't in --enable-digests as Low priority.
Sat, Jun 8, 10:37 AM · Bug Report
werner triaged T4567: Libgcrypt doesn't build if ecc isn't in --enable-pubkey-ciphers as Low priority.
Sat, Jun 8, 10:36 AM · Bug Report

Fri, Jun 7

werner reopened T3972: 100% CPU usage endles loop of gpg --list-keys as "Open".

I received an strace for a similar case by PM.

Fri, Jun 7, 7:40 PM · gnupg (gpg22)
werner lowered the priority of T4563: gpg-agent fails to sign request from High to Normal.
Fri, Jun 7, 6:32 PM · Bug Report
werner committed rD116bc18197b6: web: Disable Stripe donations (authored by werner).
web: Disable Stripe donations
Fri, Jun 7, 9:02 AM

Thu, Jun 6

werner added a comment to P8 strace patch to only trace threads with -f..

It might have unwanted side-effects - I am not sure. Anyway for me it works.

Thu, Jun 6, 8:19 PM
werner committed rMf6fd90c99aea: tests: Minor fix to run-threaded.c. (authored by werner).
tests: Minor fix to run-threaded.c.
Thu, Jun 6, 7:05 PM
werner committed rMf84abcad253a: core: Add commented debug helper to posix-io.c. (authored by werner).
core: Add commented debug helper to posix-io.c.
Thu, Jun 6, 7:05 PM
werner committed rM6b9ff1ba391a: core: Fix error return value of _gpgme_run_io_cb. (authored by werner).
core: Fix error return value of _gpgme_run_io_cb.
Thu, Jun 6, 7:05 PM
werner added a comment to T4257: GPGME: op_verify failes for S/MIME with EBADF in multithreaded signature verification.

I had to patch strace to follow threads but not forks (P8) and then when built with support for -k I tracked it down: In the inbound handler we close the fd immediately on EOF. However the upper layers don't know about it and a select fails with EBADF. Of course we could ignore the EBADF, figure out the closed fd and restart. The problem is that another thread may have opened a new oobject and that will get the last closed fd assigned - bummer.

Thu, Jun 6, 5:08 PM · S/MIME, gpgme
werner created P8 strace patch to only trace threads with -f..
Thu, Jun 6, 5:07 PM
werner added inline comments to rGc13e459ffeff: gpgparsemail: Die on parse error (not abort)..
Thu, Jun 6, 7:47 AM
werner added a comment to T4544: More prompts before key deletion.

Nope

Thu, Jun 6, 7:39 AM · gnupg, Feature Request, patch
werner updated subscribers of rC07590f940f76: ecc: Add API for X25519..
Thu, Jun 6, 7:37 AM

Wed, Jun 5

werner added a comment to T4257: GPGME: op_verify failes for S/MIME with EBADF in multithreaded signature verification.

Something(tm) closes an arbitrary file descriptor behind our back. Not easy to track down because strace can not trace only threads - it always wants to trace all children as well - which is a bit too much and leads to other problems.

Wed, Jun 5, 9:03 PM · S/MIME, gpgme
werner raised the priority of T4257: GPGME: op_verify failes for S/MIME with EBADF in multithreaded signature verification from Normal to High.
Wed, Jun 5, 9:00 PM · S/MIME, gpgme
werner closed T4544: More prompts before key deletion as Wontfix.

In case I not already mentioned it: There won't be any new commands to delete a key. Of course you are free to change GnuPG as you like but I won't apply them here.

Wed, Jun 5, 6:18 PM · gnupg, Feature Request, patch
werner committed rM0f68c9f16bda: core: Prettify _gpgme_io_select debug output again and fix TRACE_SYSRES. (authored by werner).
core: Prettify _gpgme_io_select debug output again and fix TRACE_SYSRES.
Wed, Jun 5, 4:50 PM
werner committed rM8f9f3224aac7: core: Improve the debug messages even more. (authored by werner).
core: Improve the debug messages even more.
Wed, Jun 5, 3:55 PM
werner committed rM856d2e8d64f6: core: Avoid explicit locks in the debug code. (authored by werner).
core: Avoid explicit locks in the debug code.
Wed, Jun 5, 1:12 PM

Tue, Jun 4

werner claimed T4257: GPGME: op_verify failes for S/MIME with EBADF in multithreaded signature verification.
Tue, Jun 4, 11:42 AM · S/MIME, gpgme
werner closed T4456: gpgme repeatedly segfaults claws-mail after update to 1.13.0 as Resolved.
Tue, Jun 4, 11:06 AM · gpgme, Bug Report
werner moved T4257: GPGME: op_verify failes for S/MIME with EBADF in multithreaded signature verification from Backlog to For next release on the gpgme board.
Tue, Jun 4, 11:03 AM · S/MIME, gpgme
werner closed T4327: Exception handling for very large or invalid number in function parse_number(...) in the file cJSON.c:176 as Wontfix.

The solution conflicts the the fix suggested and implemented for T4330.

Tue, Jun 4, 11:02 AM · gpgme, Bug Report
werner closed T4328: Missing case distinction for value "NaN" and "Inf" of IEEE floating point variable in function print_number(...) in the file cJSON.c:176 as Resolved.

Fixed similar to the suggestion but NaN and INF are detected earlier.

Tue, Jun 4, 10:58 AM · gpgme, Bug Report
werner committed rMf56c996318df: json: Print "nan", "-inf", "inf" if needed. (authored by werner).
json: Print "nan", "-inf", "inf" if needed.
Tue, Jun 4, 10:57 AM
werner added a commit to T4328: Missing case distinction for value "NaN" and "Inf" of IEEE floating point variable in function print_number(...) in the file cJSON.c:176: rMf56c996318df: json: Print "nan", "-inf", "inf" if needed..
Tue, Jun 4, 10:57 AM · gpgme, Bug Report
werner closed T4330: Exception handling for very large or invalid number in function parse_number(...) in the file cJSON.c:184 as Resolved.
Tue, Jun 4, 10:43 AM · gpgme, Bug Report
werner committed rMfabe96126b4e: json: Improve handling of large exponents in the JSON parsor. (authored by werner).
json: Improve handling of large exponents in the JSON parsor.
Tue, Jun 4, 10:43 AM
werner added a commit to T4330: Exception handling for very large or invalid number in function parse_number(...) in the file cJSON.c:184: rMfabe96126b4e: json: Improve handling of large exponents in the JSON parsor..
Tue, Jun 4, 10:43 AM · gpgme, Bug Report
werner removed a project from T4379: Invalid crypto engine importing a certificate: gpgme.
Tue, Jun 4, 10:17 AM · S/MIME, Bug Report
werner moved T4456: gpgme repeatedly segfaults claws-mail after update to 1.13.0 from Backlog to For next release on the gpgme board.
Tue, Jun 4, 10:15 AM · gpgme, Bug Report
werner removed a project from T4518: Kleo changes log-file tcp://IPADDR to tcp:\\IPADDR: gpgme.
Tue, Jun 4, 10:13 AM · Windows, kleopatra
werner moved T4551: Release GPGME-1.13.1 from Backlog to For next release on the gpgme board.
Tue, Jun 4, 10:12 AM · gpgme, Release Info
werner closed T4556: Fully implement gpgme_op_encrypt_ext for S/MIME as Resolved.

With the current GPGME master and the forthcoming T4551 release this has been fixed.

Tue, Jun 4, 10:03 AM · Mutt, gpgme
werner set the icon for Mutt to Tag.
Tue, Jun 4, 9:31 AM
werner committed rM1024884e07f7: core: Implement recpstring option parsing for gpgsm. (authored by werner).
core: Implement recpstring option parsing for gpgsm.
Tue, Jun 4, 9:29 AM
werner committed rMe9ca36f876e1: core: Make gpgme_op_encrypt_ext work for CMS. (authored by werner).
core: Make gpgme_op_encrypt_ext work for CMS.
Tue, Jun 4, 9:29 AM
werner added a commit to T4556: Fully implement gpgme_op_encrypt_ext for S/MIME: rMe9ca36f876e1: core: Make gpgme_op_encrypt_ext work for CMS..
Tue, Jun 4, 9:29 AM · Mutt, gpgme
werner committed rG9bf650db022b: sm: Print a better diagnostic for encryption certificate selection. (authored by werner).
sm: Print a better diagnostic for encryption certificate selection.
Tue, Jun 4, 9:26 AM
werner reopened T3383: scdaemon option 'card-timeout' does not have any effect, a subtask of T3362: Prevent Smartcard from caching PIN when cache-ttl is set accordingly, as Open.
Tue, Jun 4, 7:45 AM · Feature Request
werner reopened T3383: scdaemon option 'card-timeout' does not have any effect as "Open".

I see a regression with your fix. This option is even controllable with gpgconf at the basic level. It would be better to make it a dummy option.

Tue, Jun 4, 7:45 AM · Documentation, scd, Bug Report

Mon, Jun 3

werner created T4556: Fully implement gpgme_op_encrypt_ext for S/MIME.
Mon, Jun 3, 6:04 PM · Mutt, gpgme
werner committed rGf2ac6742d403: Return better error code for some getinfo IPC commands. (authored by werner).
Return better error code for some getinfo IPC commands.
Mon, Jun 3, 4:52 PM
werner committed rGf3251023750d: Return better error code for some getinfo IPC commands. (authored by werner).
Return better error code for some getinfo IPC commands.
Mon, Jun 3, 4:52 PM
werner added a comment to T4555: GpgSM: BER Error / Invalid radix64 character 2d skipped if newline is missing at EOF.

A newline is required by the PEM standard.

Mon, Jun 3, 4:37 PM · Bug Report, S/MIME
werner added a comment to T4293: Add dedicated X25519 function to Libcgrypt .

Thanks for taking this one.

Mon, Jun 3, 11:13 AM · libgcrypt
werner added a comment to E459: Weekly Standup.

Going to work on ECC for S/MIME this week.

Mon, Jun 3, 11:08 AM

Fri, May 31

werner triaged T4547: improve error message ("Not enabled") when using Tor network and standard resolver as Normal priority.
Fri, May 31, 9:19 AM · dirmngr, gnupg (gpg22), Bug Report
werner triaged T4549: git pushing to playfair yields "error: invalid key: hooks.denypush.branch.XXX" and "error: invalid key: hooks.denymerge.XXX" as Low priority.
Fri, May 31, 9:17 AM · dev.gnupg.org
werner triaged T4548: gpgme should not ship gpgme-glib.pc if it is not built against glib as Low priority.
Fri, May 31, 9:17 AM · Bug Report, gpgme
werner changed the status of T4549: git pushing to playfair yields "error: invalid key: hooks.denypush.branch.XXX" and "error: invalid key: hooks.denymerge.XXX" from Open to Testing.
Fri, May 31, 9:16 AM · dev.gnupg.org
werner added a comment to T4549: git pushing to playfair yields "error: invalid key: hooks.denypush.branch.XXX" and "error: invalid key: hooks.denymerge.XXX".

Just did that: slashes and dots are now mapped to hyphens. Let me know if the problem persists.

Fri, May 31, 9:16 AM · dev.gnupg.org
werner added a comment to T4549: git pushing to playfair yields "error: invalid key: hooks.denypush.branch.XXX" and "error: invalid key: hooks.denymerge.XXX".

That is due to the update hook which has code like this:

Fri, May 31, 9:09 AM · dev.gnupg.org

Thu, May 30

werner committed rDa3c061fd6977: web: Fixed release date of 2.2.16. (authored by werner).
web: Fixed release date of 2.2.16.
Thu, May 30, 3:12 PM
werner committed rD90a624bc0e0f: web: Removed the "20 years" sticker from the logo. (authored by werner).
web: Removed the "20 years" sticker from the logo.
Thu, May 30, 3:12 PM

Wed, May 29

werner committed rDa0794c862a03: web: Release announce for 2.2.16 (authored by werner).
web: Release announce for 2.2.16
Wed, May 29, 9:28 AM
werner added a comment to T4536: dirmngr fails to find OCSP signer certificate when responder is identified with key ID.

Thanks, the mentioned OpenSSL option should be helpful.

Wed, May 29, 9:19 AM · S/MIME, gnupg (gpg22), Bug Report
werner added a project to T4541: C implementation of AES is vulnerable to side-channel attacks: side-channel.
Wed, May 29, 8:29 AM · side-channel, libgcrypt, Bug Report
werner set the color for side-channel to Grey.
Wed, May 29, 8:29 AM
werner triaged T4541: C implementation of AES is vulnerable to side-channel attacks as Normal priority.

Thanks for taking the time to describe this attack vector. We will need to study this closer to balance such a change with other side effects of this.

Wed, May 29, 8:27 AM · side-channel, libgcrypt, Bug Report
werner closed T4545: gpg ships gpgscm but not any of the necessary *.scm files as Wontfix.

gpgscm will anyway be moved to libgpg-error and then installed as part of that package. Given that we install it for quite some time with gnupg, I won't remove it unless we can be sure that it has been installed by libgpg-error. Feel free to remove it from Debian, though,

Wed, May 29, 8:19 AM · Bug Report
werner set External Link to https://lists.gnupg.org/pipermail/gnupg-announce/2019q2/000438.html on T4509: Release GnuPG 2.2.16.
Wed, May 29, 8:15 AM · Release Info, gnupg (gpg22)

Tue, May 28

werner closed T4509: Release GnuPG 2.2.16 as Resolved.
Tue, May 28, 6:14 PM · Release Info, gnupg (gpg22)