Thanks for the prompt action here. Some build environments (e.g. distro builds) might ask for additional compiler warnings in the user-supplied CFLAGS, but i suppose those build environments that enable the warnings deserve what they get.

That makes sense to me. So I've now moved the -Wno flags out of the maintainer mode conditional but left the parts adding warnings in the maintainer mode conditional.

Good to hear this request from someone else, this gives it more priority :-).

The thing is that that I accidentally added the -Wno-* flags only in maintainer-mode as they were -Wmore-strict-warning-flags. One reason for using more strict warnings in maintainer mode is to allow building with older gcc versions without having to test for the availability of the warning flags.

Thanks for the report. This is annoying me, too when doing release builds.

I'm for merging this as I understand the rationale. In Kleo / GpgOL I also only need one valid signature.

I've just published a branch dkg/fix-T4276 (with commit 4100794e305ba22241ea5a4f7b42bb5189fbd948) which i think resolves this issue.

Fixing this is technically an API change, but i can find no evidence that this has ever been used by any consumer of the gpg module. (e.g. i searched in debian and on the public web)

This is obviously correct. Why has it not been merged?

Users keep showing up in our support, confused by this inconsistency. This problem continues in 2020. What's holding this back?

@JW-D Sorry but that is a Wontfix. We had a similar task: T4115

On think should be mentioned. Both accounts are IMAP, but the Posteo account has one particular feature. All inbound traffic from their server to my client (receiving e-mails) is encrypted with my own public S/MIME certificate (they call it "Eingangsverschlüsselung") so all non-encrypted e-mail will be treated between Posteo server and my client as S/MIME end-to -end encrypted e-mails. This is not the case with the t-online account (there it is just TLS encrypted). However, I believe a PGP signature verification should happen after S/MIME decryption on the client.

Ah! I see it now. I've looked at the screenshots again and noticed that Enigmail writes for the posteo message. "Part of the messaage is signed" and shows it as encrypted, while for t-online it is the full message that is signed and not encrypted.

This account is IMAP, nothing special, I´ll send a screenshot from the add-ins by e-mail.

Well, I deinstalled gpg 3.1.7 and reinstalled it. For some reason my two gnupg smart cards work fine, but my two Yubikeys cannot be detected anymore (no such device). But in the last weeks, they were deteced, only the switching between Yubikey and Smart Card made some trouble. That they cannot be recognized is new and makes real trouble. If you think it would maybe helpful, I can submit a scdaemon.log file by e-mail.

According to the log GpgOL is not notified by Outlook that a mail is read. So it does nothing.

The debug file will be sent by e-mail to you immediately. THANKS

But sadly I can't see any problem with the mail. Looking at the source of the mail it has the image as one attachment. That attachment is displayed. There are no other attachments part of the mail and so other clients also only show that one attachment.

yes I got the screenshot but they sadly did not tell me much. I don't have a good idea right now why it does not work for that one account.

Revision D482 adds an extra confirmation prompt before deleting the secret primary key.
Revision D483 adds portuguese translation for the primary key deletion confirmation message.

Fix missing curly brace.

Thanks !

This change has been pushed to repository.

This change has been pushed to repository.

+
Thanks, WK
But before, I have a dumb question-> I need to connect the wires first, isn't it?
++

I have sended the email...

Put

log-file /somewhere/scd.log
debug ipc,cardio
verbose

into ~/.gnupg/scdaemon.conf and kill scdaemon. Then look at the output. I would suggest to first stop the pcscd so that GnuPG's internal CCID driver will be used. Make also sure that there is no a permission problem with the usb port. In case of a CCID (card reader protocol) problem a

debug-ccid-driver

in scdaemon.conf will also be helpful.

Without -no-undefined, libtool refuses to create the shared library (dll) on Cygwin, because libtool knows that creating a shared library (dll) on Cygwin does require all symbols to be defined.
Unfortunately but traditionally, by default libtool has to assume a library being created will have undefined symbols.
Hence, if the library to be created is designed to have all symbols defined, libtool needs to be informed about this fact using the -no-undefined flag.
This flag does allow libtool to create a shared library even on platforms known to require all symbols to be defined for shared libraries.

@werner Here are the patches:

If you have a patch please send it either by mail to gnupg-devel or attach it here. Thanks.

Please explain in more detail what the problem with Cygwin is.

In T4457#124752, @matheusmoreira wrote:

I thought about building a list of keys targeted for deletion so gpg can then ask the user to confirm the deletion of each key individually.

So long I change between smart cards, I can do it multiple times. If a Yubikey is recognized and a smart card follows next it will not work. Most recently I face also problems to detect the Yubikey (Message: no such device), but Smart Cards still working fine.

Did you get the screenshots from Thunderbird (works fine in both accounts) and Outlook (failure in one account)? If not, please provide e-mail address.