Thanks for reporting and testing my fixes.
Feed All Stories
Aug 19 2022
Aug 19 2022
• ikloecker closed T6137: arch-specific (32 bit) failures in AddExistingSubkeyJobTest::testAddExistingSubkeyWithExpiration as Resolved.
chyen added a comment to T3883: Add Win32-OpenSSH support to gpg-agent's ssh-agent.
Probably, PIPE_REJECT_REMOTE_CLIENTS mode and lpSecurityAttributes=NULL is OK.
GIT_SILENT: prepare 22.08.1
Aug 18 2022
Aug 18 2022
andreasstieger added a comment to T6137: arch-specific (32 bit) failures in AddExistingSubkeyJobTest::testAddExistingSubkeyWithExpiration.
Our tests are fine as of rM2e7a61b898fc.
kdf: Restructure KDF test vectors
kdf: Allow empty password for Argon2
smlx added a comment to T5555: Cannot add existing ECDSA key as a signing subkey.
Yes, that patch is not a great solution. Ideally there would be an interactive choice in the gpg CLI between encrypting/signing subkey during the add-existing-subkey operation.
• ikloecker triaged T6140: Kleopatra: F5 does not always work in smartcard dialog as Normal priority.
Yeah. F5 only refreshes the smart cards. It doesn't refresh Kleopatra's key cache.
• werner added a comment to T6137: arch-specific (32 bit) failures in AddExistingSubkeyJobTest::testAddExistingSubkeyWithExpiration.
It will be a lot of work to change this in gpg. Thus ISO dates were only introduced with gpgsm after the former glibc maintainer refused to switch to a 64 bit time_t - which would have been easy enough at that time (about the year 2001).
• ikloecker committed rM2fa5c80aeba4: cpp: Fix handling of "no key" or "invalid time" situations (authored by • ikloecker).
cpp: Fix handling of "no key" or "invalid time" situations
• ikloecker committed rM2e7a61b898fc: qt,tests: Make test pass on 32-bit systems (authored by • ikloecker).
qt,tests: Make test pass on 32-bit systems
• ikloecker added a comment to T6137: arch-specific (32 bit) failures in AddExistingSubkeyJobTest::testAddExistingSubkeyWithExpiration.
Yes, it's a problem in gpg. gpg asks for the expiration date of the subkey
[ 277s] EditInteractor: 4 -> nextState( GET_LINE, keygen.valid ) -> 5
gpgme replies with an ISO date
[ 277s] EditInteractor: action result "21000101T120000"
Then gpg asks again for the expiration date
[ 277s] EditInteractor: 5 -> nextState( GET_LINE, keygen.valid ) -> 4294967295
which gpgme doesn't expect, so that gpgme return a "general error".
Jakuje added a comment to T6127: FIPS 140-3 final review comments.
For the record, the changeset in the attached merge request is final and waiting for reviews.
• gniibe committed rTf550b3323c8e: Use gcry_cipher_setup_geniv and gcry_cipher_geniv for GCM. (authored by • gniibe).
Use gcry_cipher_setup_geniv and gcry_cipher_geniv for GCM.
• gniibe added a comment to T4873: Enable AES GCM in FIPS mode.
Thank you for your log.
Aug 17 2022
Aug 17 2022
• ikloecker added a comment to T6137: arch-specific (32 bit) failures in AddExistingSubkeyJobTest::testAddExistingSubkeyWithExpiration.
Thanks! It seems that we pass the correct expiration date to gpg:
EditInteractor: action result "21000101T120000"
So, it's maybe a problem in gpg now.
andreasstieger added a comment to T6137: arch-specific (32 bit) failures in AddExistingSubkeyJobTest::testAddExistingSubkeyWithExpiration.
relevant items start at line 4900 ...
[ 274s] + pushd lang/qt/tests
• ikloecker added a comment to T6137: arch-specific (32 bit) failures in AddExistingSubkeyJobTest::testAddExistingSubkeyWithExpiration.
Hmm. Please run the test with
GPGMEPP_INTERACTOR_DEBUG=stderr GPGME_DEBUG=8 TESTS="initial.test t-addexistingsubkey final.test" make -e check-TESTS
in lang/qt/tests under the build folder to get (a lot of) debug output.
andreasstieger added a comment to T6137: arch-specific (32 bit) failures in AddExistingSubkeyJobTest::testAddExistingSubkeyWithExpiration.
WIP with those three patches:
• ikloecker triaged T6137: arch-specific (32 bit) failures in AddExistingSubkeyJobTest::testAddExistingSubkeyWithExpiration as Normal priority.
• werner changed the status of T6138: gpgconf: List auto-key-import and include-key-block again from Open to Testing.
• werner committed rGb356eddf3d7a: gpgconf: Make --auto-key-import and --include-key-block visible again. (authored by • werner).
gpgconf: Make --auto-key-import and --include-key-block visible again.
• werner edited projects for T6138: gpgconf: List auto-key-import and include-key-block again, added: gnupg (gpg22); removed gnupg.
Yes, I removed them accidentally because they were listed under the keyserver option heading in gpg. They actually belong below the import/export heading.
• ikloecker committed rMc977424a1d39: qt: Make sure expiration time is interpreted as unsigned number (authored by • ikloecker).
qt: Make sure expiration time is interpreted as unsigned number
• ikloecker committed rM81d4b7f2d707: qt,tests: Log the actual error code if the assertion fails (authored by • ikloecker).
qt,tests: Log the actual error code if the assertion fails
• ikloecker committed rMf2b48de26b8f: qt,tests: Make sure expiration time is interpreted as unsigned number (authored by • ikloecker).
qt,tests: Make sure expiration time is interpreted as unsigned number
• ikloecker moved T6137: arch-specific (32 bit) failures in AddExistingSubkeyJobTest::testAddExistingSubkeyWithExpiration from Restricted Project Column to Restricted Project Column on the Restricted Project board.
• ikloecker committed rKLEOPATRA6a55c1a2811a: Treat expiration times as unsigned numbers and prevent overflows (authored by • ikloecker).
Treat expiration times as unsigned numbers and prevent overflows
• ikloecker committed rKLEOPATRAf09588c35c05: Treat creation and expiration times as unsigned 32-bit numbers (authored by • ikloecker).
Treat creation and expiration times as unsigned 32-bit numbers
• ikloecker committed rLIBKLEO2ee089a59215: GIT_SILENT Remove unused local function (authored by • ikloecker).
GIT_SILENT Remove unused local function
• ikloecker committed rLIBKLEO90bf972afac8: Always treat time_t as an unsigned 32-bit number (authored by • ikloecker).
Always treat time_t as an unsigned 32-bit number
• ikloecker added a comment to T5555: Cannot add existing ECDSA key as a signing subkey.
This patch breaks adding existing ECDH encryption subkeys to a key because now gpg tries to treat the encryption subkey as signing subkey. This can be reproduced with test t-addexistingsubkey in gpgme.
• aheinecke triaged T6138: gpgconf: List auto-key-import and include-key-block again as Normal priority.
• ikloecker committed rEfcb19dbfd493: build: Omit -L<libdir> for standard paths on some 64-bit systems (authored by • ikloecker).
build: Omit -L<libdir> for standard paths on some 64-bit systems
margirou added a comment to T6097: SC-HSM 4K Compatibility.
I am attaching the files. The "gpgconf --list-config" gave the error "gpgconf: can't open global config file 'C:\\ProgramData\\GNU\\etc\\gnupg\\gpgconf.conf': No such file or directory", so I tried the "gpgconf --show-configs".
Use Qt:: directly
Use Qt:: directly
• werner added a comment to T6097: SC-HSM 4K Compatibility.
ACS readers simply don't work reliable under Linux.
• werner updated the task description for T6097: SC-HSM 4K Compatibility.
• werner added a comment to T6137: arch-specific (32 bit) failures in AddExistingSubkeyJobTest::testAddExistingSubkeyWithExpiration.
There is a reason that we switched to ISO Date strings in large parts of GnuPG ;-)
margirou renamed T6097: SC-HSM 4K Compatibility from scdaemon cannot recognise SC-HSM to SC-HSM 4K Compatibility.
Hello again,
• gniibe added a comment to T6136: build failure with slibtool - error: undefined symbol: QGpgME::RevokeKeyJob::staticMetaObject.
@ikloecker Thank you. You're right. Please go ahead.
andreasstieger updated the task description for T6137: arch-specific (32 bit) failures in AddExistingSubkeyJobTest::testAddExistingSubkeyWithExpiration.
Aug 16 2022
Aug 16 2022
andreasstieger updated the task description for T6137: arch-specific (32 bit) failures in AddExistingSubkeyJobTest::testAddExistingSubkeyWithExpiration.
andreasstieger updated the task description for T6137: arch-specific (32 bit) failures in AddExistingSubkeyJobTest::testAddExistingSubkeyWithExpiration.
• aheinecke committed rGbca00f1fba02: dirmngr: Fix NTBTLS include for test (authored by • aheinecke).
dirmngr: Fix NTBTLS include for test
• aheinecke committed rW28aa58cda775: appimage: Fix KDE plugins installation (authored by • aheinecke).
appimage: Fix KDE plugins installation
appimage: Update to devtools-10
appimage: Refresh patches
• ikloecker committed rW3003d37f3a7d: Add upstreamed patch that fixes tab order in KMessageWidget (authored by • ikloecker).
Add upstreamed patch that fixes tab order in KMessageWidget
agent: Fix bug introduced earlier today.
doc: Prepare NEWS
• werner committed rG914ee7247562: gpg: Fix "generate" command in --card-edit. (authored by • werner).
gpg: Fix "generate" command in --card-edit.
• werner committed rG2d23a72690b4: gpg: Update shadow-keys with --card-status also for non-openpgp cards. (authored by • werner).
gpg: Update shadow-keys with --card-status also for non-openpgp cards.
• werner committed rG287597cb2263: gpg: Fix --card-status to handle lowercase APPTYPEs (authored by • werner).
gpg: Fix --card-status to handle lowercase APPTYPEs
• werner committed rG7046001b0758: doc: Update description of the key format. (authored by • werner).
doc: Update description of the key format.
• werner committed rG755920d43357: agent: Let READKEY update the display-s/n of the Token entry. (authored by • werner).
agent: Let READKEY update the display-s/n of the Token entry.
• werner committed rG8e393e259264: gpg: Fix --card-status to handle lowercase APPTYPEs (authored by • werner).
gpg: Fix --card-status to handle lowercase APPTYPEs
• werner committed rG27ae89db6e69: gpg: Fix detecting OpenPGP card by serialno. (authored by • gniibe).
gpg: Fix detecting OpenPGP card by serialno.
• werner committed rG12ad9529782d: common: In private key mode write "Key:" always last in name-value. (authored by • werner).
common: In private key mode write "Key:" always last in name-value.
• ikloecker changed the status of T6046: Kleopatra: Make certifying certificates accessible from Open to Testing.
All issues have been addressed except:
- No accessible feedback when checking/unchecking user ID
This is caused by a bug in Qt which doesn't report the checkable state to AT-SPI.
• ikloecker changed the status of T6046: Kleopatra: Make certifying certificates accessible, a subtask of T5824: Kleopatra: Full accessibility support, from Open to Testing.
Add configure option only-marked
Aug 15 2022
Aug 15 2022
• ikloecker committed rKLEOPATRAcd308b239523: Add a label explaining what the user is expected to do (authored by • ikloecker).
Add a label explaining what the user is expected to do
• ikloecker committed rKLEOPATRA3c5248f9d1f6: Store and restore the size of the dialog, not its geometry (authored by • ikloecker).
Store and restore the size of the dialog, not its geometry
• ikloecker committed rKLEOPATRA7bfd78296eb4: Add helper for storing/retrieving the accessible name of a QAction (authored by • ikloecker).
Add helper for storing/retrieving the accessible name of a QAction
• ikloecker committed rKLEOPATRAc7c45ac3a835: Make InfoField available for other parts of Kleopatra (authored by • ikloecker).
Make InfoField available for other parts of Kleopatra
• ikloecker committed rKLEOPATRA61ba5b0bd91b: Use an InfoField for the fingerprint (authored by • ikloecker).
Use an InfoField for the fingerprint
• ikloecker committed rKLEOPATRA8a58b87b22f8: Remove <html> tag from the tool tip (authored by • ikloecker).
Remove <html> tag from the tool tip
Saklad5 added a comment to T4260: export all valid authentication subkeys in --export-ssh-key.
Any progress on this?
mlaurent committed rLIBKLEO14785b3d69c1: GIT_SILENT: time to increase version (authored by mlaurent).
GIT_SILENT: time to increase version
mlaurent committed rKLEOPATRA8fdb244ee6d9: GIT_SILENT: time to increase version (authored by mlaurent).
GIT_SILENT: time to increase version
• aheinecke closed T5774: Kleopatra: Better default when decrypting Outlook attachments as Resolved.
This has been in the last releases.
• aheinecke closed T5961: Kleopatra: S/MIME Details cannot be copied multiline on Windows as Resolved.
Just tested this on Windows, works now as expected. Thanks.
• aheinecke added a comment to T6094: Kleopatra: Take windows user email Address from Active Directory if available.
Thinking about this, the best way to avoid AD code in Kleopatra would probably be to just create a QProcess that executes Powershell or WMIC to query the AD.
• aheinecke moved T6119: GnuPG: Compliance mode status omitted when decrypting combined symmetric and asymmetric data from Restricted Project Column to Restricted Project Column on the Restricted Project board.
• werner added a comment to T6135: Agent, P15: Insert Smartcard query uses serial number instead of $DISPSERIALNO.
Here is an example
using this key file:
common: New function nve_set.
• werner committed rGdc9b2426288e: agent: Create and use Token entries to track the display s/n. (authored by • werner).
agent: Create and use Token entries to track the display s/n.
• werner added a comment to T6135: Agent, P15: Insert Smartcard query uses serial number instead of $DISPSERIALNO.
If the stub has been created or updated we will now ask for the card
with the Display-SN. If in addition a Label has been set to the key
that label is also shown. Note that the Display-S/N is associated wit
a card but the Label is associated with a key. For example if the
same key has been stored on two cards, the prompt will ask for one of
those cards but shows the same same Label. It is sufficient to insert
any of the cards with the key because that is what we actually need.
• werner added a comment to T6135: Agent, P15: Insert Smartcard query uses serial number instead of $DISPSERIALNO.
In master we already have Token lines which are created but not yet used. I am going to extend this with the display S/N and drop the idea of a separate Display-SN entry.
• ikloecker added a comment to T6136: build failure with slibtool - error: undefined symbol: QGpgME::RevokeKeyJob::staticMetaObject.
It seems that the case $libdir = '${exec_prefix}/lib64' is not handled correctly, i.e. I get
prefix=/usr
exec_prefix=${prefix}
includedir=${prefix}/include
libdir=${exec_prefix}/lib64
[...]
Libs: -L${libdir} -lgpg-errorin gpg-error.pc.
• gniibe added a comment to T6136: build failure with slibtool - error: undefined symbol: QGpgME::RevokeKeyJob::staticMetaObject.
Note that gpgrt-config supports the PKG_CONFIG_PATH and PKG_CONFIG_LIBDIR environment variables.
• gniibe closed T5438: gpgme_op_keylist_from_data_start ignores GPGME_KEYLIST_MODE_SIGS as Resolved.
It's in 1.18.0.
It's in 1.18.0.
• gniibe committed rE0b47de9c719b: build: Only install gpg-error-config when enabled. (authored by • gniibe).
build: Only install gpg-error-config when enabled.
• gniibe added a comment to T6136: build failure with slibtool - error: undefined symbol: QGpgME::RevokeKeyJob::staticMetaObject.
Please note that with newer libgpg-error releases, you can safely not install or can safely remove installed gpg-error-config. For GnuPG and its friends (including gpgme), gpgrt-config with gpg-error.pc are used instead (when no gpg-error-config).
Push the change.
• gniibe added a comment to T6136: build failure with slibtool - error: undefined symbol: QGpgME::RevokeKeyJob::staticMetaObject.
gpg-error-config (which is old shell script to offer functionality of pkg-config) gives -L/usr/lib64 when it is configured at the build time.
gpg-error-config hasn't got improved, but kept its behavior (for backward compatibility and lesser surprise), while we are moving to the support of gpg-error.pc (by pkg-config and/or gpgrt-config).
Aug 14 2022
Aug 14 2022
orbea added a comment to T6136: build failure with slibtool - error: undefined symbol: QGpgME::RevokeKeyJob::staticMetaObject.
Maybe the solution would be to stop using gpg-error-config and start using pkgconfig instead?
$ pkgconf --libs gpg-error -lgpg-error