I think that a backport to 1.8. also makes sense

I think this works now with error handling. At least it works for me, but needs some more testing of course.

I'm slightly against a backport as this is a behavior change for example KMail and GpgOL which use the --sender option might get different results after this change. I don't think it would be problematic but as said I have a slight preference against backporting because changing behavior of existing calls is better something for the new major release which is in its final steps for release anyway.

In T4735#135315, @werner wrote:

Shall we backport this to 2.2 which is our LTS release?

Thanks for the feedback. I sadly forgot to include the italian translations of GpgOL in the installer. So they will only be part of the next relase.

Here is a patch adding those checks:

diff --git a/cipher/ecc-ecdsa.c b/cipher/ecc-ecdsa.c
index d540578e..30103f14 100644
--- a/cipher/ecc-ecdsa.c
+++ b/cipher/ecc-ecdsa.c
@@ -172,6 +172,9 @@ _gcry_ecc_ecdsa_verify (gcry_mpi_t input, mpi_ec_t ec,
   mpi_point_struct Q, Q1, Q2;
   unsigned int nbits;

no, that doesn't change anything.

In T5268#142612, @ballapete wrote:

Wouldn't it be better to move these failures as a single one into the configure script that it definitely can tell "This Mac has getentropy()"?

Does it build if configure with parameter 'ac_cv_sys_symbol_underscore=yes'? <path-to-libgcrypt-source>/configure ac_cv_sys_symbol_underscore=yes --host=aarch64-apple-darwin ...

Compiling now works, but I get the following linker errors:

@jukivili Thanks for the reply! We've reverted that commit downstream in Gentoo as a temporary workaround, as due to some complications, our release systems needed to build without asm (for now) to ensure portability. Rest assured, this is not the default, and is discouraged for regular users.

Problem solved in Gpg4win 3.1.15 version! I think it can be closed!

Latext 1.9.1 builds without any unreported workarounds. Done. Close.

Building without "--disable-asm" works without any issues.

Thanks for your report.

FYI, this is not just an MacOS issue. We see that also on Gentoo Linux:

FYI: This commit broke building without ASM, see bug T5277.

Stick to your channels and get back after you have learned basic some basic developer workflows.

@hanno, this is a bug tracker and not yet another media for your rants.

Yeah looks like a duplicate. You may rename the bug to "Please implement some basic safety checks in a CI".

This should already be fixed in libgcrypt 1.9.1 by rCc6425a5537294dfe2beaafc9105f7af4ceac677f.

Same as https://dev.gnupg.org/T5277, thanks for the note.

This is likely the same as https://dev.gnupg.org/T5277. Do you configure with --disable-asm? If so: it should work without.

Wouldn't it be better to move these failures as a single one into the configure script that it definitely can tell "This Mac has getentropy()"?

Fix has been released. Keeping this in testing state for easier visibility of this task.

I applied the two patches on Mac OS X 10.5.8, Leopard, to random/rndlinux.c, resulting in this unified diff:

Release done.

There is a question for me here if we should make the behavior of rKLEOPATRA5639dc833f92 the default.

See also https://gitlab.com/openpgp-wg/webkey-directory/-/issues/3 which is the same issue.

I linked all related tasks for the release of 1.9.1, so that making release notes can be easier and recording information here.