This has been fixed with rP9dd46926f8d5: qt: Fix showing of pinentry window on Wayland.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
All Stories
Aug 2 2021
Notification when trying to enter empty passphrase:
Notification when trying to enter passphrase that does not satisfy multiple constraints:
Notification when trying to enter passphrase that is too short:
I propose the following patch to inform the user about the obsolete --secret-keyring option. The same is done for many other obsolete options.
Thank you! But let me mention, that my older smart cards (Version 2,2) holding also RSA-4096 keys. They could be generated on card without any problem. I had the problem only with OpenPGP cards version 3,4. This I would like to strenghten.
Thank you for the information.
My setting is RSA-4096 key. Also it showed "pipe was broken", but it disappeared too quickly, so I do not have a screenshot from that.
I checked with my OpenPGP card v3.4.
It works for me with GnuPG 2.2.x and 2.3.x.
My setting is for RSA-2048 key.
Aug 1 2021
This is very saddening and alarming from a respected member of the community whose opinion matters.
Hmm, do we need a backport?
Please try 3.1.16 and make sure that you don't have other variants of gpg4win installed or Outlook plugins also using parts of gpg4win or its libraries.
You should have read the release notes of 2.1 (first point). We can't keep a bug open because you had a wrong understanding of GnuPG properties. Sorry.
Jul 31 2021
Hi, I have the same problem, in Italian Language becouse this is the system language!
Kleopatra 3.1.16 on Windows 10
Jul 30 2021
bug has been closed as Wontfix [..] I see no reason to continue the discussion in the bugtracker.
Can confirm this problem still exists in version 3.1.16. The context menu in Windows Explorer and some menu entries in Kleopatra are in the wrong language, while most of the application is in the correct language. This looks very messy.
Gpg4win and Kleopatra should not look at the date/format locale settings for the language, but at the actual Windows display language.
This bug has been closed as Wontfix more than a year ago. I see no reason to continue the discussion in the bugtracker.
Well, the keys are not generated but public keys are imported. @gniibe's key has meanwhile expired but we keep it because it will allow users to verify some older source packages. An expired signature key is not an error but merely means that one should evaluate the meaning of the signature with more diligence.
Jul 29 2021
I share your concerns about centralization of keyserver infrastructure. Rejecting this security fix doesn't help keep keyservers decentralized, though.
As a start, I applied your patches.
Jul 28 2021
It is now over 10 months that the proponents of these additions have not followed up on the discussion.
Works for a long time now (unless we broke it again;-)
dlopen'ing of gpgme is NOT SUPPORTED. It is in general not a good idea to do this on standard Unix systems.
To extend on this: dlopen'ing of gpgme is NOT SUPPORTED. It is in general not a good idea to do this on standard Unix systems. On Windows we could make it work because DLLs on that platform are well designed and not a hack like the Unix shared objects.
Jul 27 2021
We really want thunderbird users that interact with GPGME to have a great and stable user experience, but the problem with dynamic loading and self compiled versions is that we cannot really know the build settings and enviornment and it is very time consuming to reproduce that. GPGME does some very low level things for optimized IPC that can depend on build options etc. This is why I am mostly in favor that thunderbird ships a defined version that we can debug and see the settings.
Reading the mozilla entry more carefully, there still seems to be an issue.
https://blog.gerv.net/2012/01/mozilla-projects-and-gpled-code/
@kaie, thanks for the pointer!
Jul 26 2021
In T5250#148131, @bernhard wrote:BTW @kaie
Thunderbird cannot use anything requiring GPL in its default configuration, because Thunderbird wants to distribute a single MPL licensed package that includes all components that are required for OpenPGP.
Any pointer why, they have made that choice, though? A bundle of MPL and GNU GPL components is fully allowed by the licenses as far as I know.
Sorry, I don't understand what you are trying to say, so let me give you some more detail.
@aheinecke Please test this on Windows
Huh, can't believe I somehow missed that this actually got a reply three years ago...
Everything in ~/.gnupg is and has always been private to gnupg unless explicitly stated otherwise.
Jul 25 2021
For many years I was convinced that my secret keys are stored in an encrypted folder. The .keyring file was there, everything looked correct...
Jul 24 2021
Using GPGME is probably the best way, even if gpgme-json might also work for some operations.