Thanks for your help @gniibe and apologies for wasting your time. It looks like this is an issue with ncurses on musl systems and I'll pursue it there. I have a patch to their configure which works & fixes building pinentry.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Sep 9 2022
Sep 9 2022
thesamesam closed T6193: Build failure with Clang 15 (pinentry-curses.c, error: call to undeclared function 'addnwstr' ...) as Invalid.
thesamesam added a comment to T6193: Build failure with Clang 15 (pinentry-curses.c, error: call to undeclared function 'addnwstr' ...).
I've reported it on bug-ncurses@ to get some insight: https://marc.info/?l=ncurses-bug&m=166268018624805&w=2.
thesamesam added a comment to T6193: Build failure with Clang 15 (pinentry-curses.c, error: call to undeclared function 'addnwstr' ...).
Mysteriously, I get nothing:
$ pkg-config --cflags nursesSep 8 2022
Sep 8 2022
GIT_SILENT: prepare 5.21.2
To debug this you can enable logging of the dirmngr (which does actually talk to the keyservers). To do so open GnuPG System/Network in Kleopatra's configuration dialog and set the debugging level to 4 - All and enter a filename for the log file.
ebeiersdorfer added a comment to T6014: Add support for relative redirect URI-references to dirmngr.
Ah OK I'm following now, I had took that as maybe another lookup at that time was failing. The keyserver that we have configured is hkps://keys.openpgp.org. Is there any misconfiguration here with that setting?
In T6014#163001, @ebeiersdorfer wrote:OK, so this warning should just be ignored then?
ebeiersdorfer added a comment to T6014: Add support for relative redirect URI-references to dirmngr.
OK, so this warning should just be ignored then?
• ikloecker added a comment to T6188: kleopatra: notepad verify/decrypt button not always greyed out when it should be.
I have implemented this a bit differently in particular with usability (e.g. discoverability of the import possibility) and accessibility in mind:
- Add a separate Import button instead of re-using the Sign/Encrypt button.
For one, this allows the user to encrypt a public key block. Moreover,
buttons that magically change their meaning are bad for accessibility.
- Update the three crypto operation buttons in one place.
- Disable the Verify/Decrypt button if the notepad is empty.
• ikloecker committed rKLEOPATRA7df275a78e70: Improve usability and accessibility of the notepad operations (authored by • ikloecker).
Improve usability and accessibility of the notepad operations
Remove word puzzles
• werner committed rW2cc69035ad80: Do not create symlinks to VSD files without version number. (authored by • werner).
Do not create symlinks to VSD files without version number.
• aheinecke triaged T6194: GpgME++: Certify edit interactor has no state for multiple promotions as Low priority.
Silence compiler warnings.
Silence compiler warnings.
• gniibe added a comment to T6193: Build failure with Clang 15 (pinentry-curses.c, error: call to undeclared function 'addnwstr' ...).
Could you please check what pkg-config --cflags ncurses returns?
In my environment (of Debian), it returns:
• gniibe committed rC37dc9f8fd00a: Silence compiler warnings for unused internal value. (authored by • gniibe).
Silence compiler warnings for unused internal value.
Fix function prototypes.
Fix secmem for modern C compiler.
thesamesam set External Link to https://bugs.gentoo.org/869128 on T6193: Build failure with Clang 15 (pinentry-curses.c, error: call to undeclared function 'addnwstr' ...).
thesamesam added a comment to T6193: Build failure with Clang 15 (pinentry-curses.c, error: call to undeclared function 'addnwstr' ...).
It looks like there was a problem similar to this a while ago: https://dev.gnupg.org/T2320 where it turned out for unicode ncurses builds, a specific header had to be included, but that workaround seems to have been removed from pinentry since.
Sep 7 2022
Sep 7 2022
ametzler1 added a comment to T5816: mailing list address confusion (lists.gnupg.org shown, but does not work).
bernhard added a comment.Mon, Sep 5, 6:05 PM
If it is was broken for you and works now, let us know here. if "lists." still is there in email addresses somewhere, please also list.
Kleopatra does searches in parallel. What you see in the second dialog might be a response from a Web Key Directory (i.e. search by mail address with lookup at the mail domain).
Post release version bump
• aheinecke committed rWcda93355876c: Update NEWS and READMEs for todays release (authored by • aheinecke).
Update NEWS and READMEs for todays release
Update Kleopatra and kde-l10n
wording improvements in NEWS
• werner committed rGabf7d3c54546: agent: Don't start in --supervised mode if no-autostart is enabled. (authored by • werner).
agent: Don't start in --supervised mode if no-autostart is enabled.
• werner committed rG0988e49c45d0: gpg: Support key flags for RENC, TIME, and GROUP. (authored by • werner).
gpg: Support key flags for RENC, TIME, and GROUP.
Here is a list of possible issues:
• gniibe added a parent task for T5930: Use the FIPS-compatible digest&sign API: T6191: FIPS: Supporting running FIPS enabled machine.
• werner added a comment to T6187: Kleopatra: Import of p12 file fails with "invalid crypto engine".
BTW, gnupg/doc/DETAILS tells that the fingerprint is optional:
• gniibe committed rM80670f60ba97: Fix parsing import status for invalid fingerprint. (authored by • gniibe).
Fix parsing import status for invalid fingerprint.
• gniibe added a comment to T6187: Kleopatra: Import of p12 file fails with "invalid crypto engine".
Pushed the fix for GPG_ERR_INV_ENGINE.
• gniibe added a comment to T6187: Kleopatra: Import of p12 file fails with "invalid crypto engine".
gpgsm may emit S IMPORT_PROBLEM 1 (with no fingerprint information) when it cannot find valid fingerprint.
I think that this case should be handled correctly by GPGME, not returning GPG_ERR_INV_ENGINE.
It's not yet pushed, because it requires new release of libgpg-error (for T6112: libgpg-error,w32: bidirectional Pipe support for estream).
Sep 6 2022
Sep 6 2022
In T6085#162918, @ebo wrote:well, when creating openPGP keys with kleopatra I did not see any hints. I do not think that the issue would be vaild for password based encryption. There the common usecase is autogeneration, anyway
In T6085#162921, @aheinecke wrote:@ikloecker yes as mentioned in my response the current hints are only for symmetric.
@ikloecker yes as mentioned in my response the current hints are only for symmetric.
Add NEWS for 3.1.24
• aheinecke closed T6147: Kleopatra: Failure to move extracted archive folder accross disks as Resolved.
ebeiersdorfer reopened T6014: Add support for relative redirect URI-references to dirmngr as "Open".
well, when creating openPGP keys with kleopatra I did not see any hints. I do not think that the issue would be vaild for password based encryption. There the common usecase is autogeneration, anyway
• ikloecker added a comment to T6188: kleopatra: notepad verify/decrypt button not always greyed out when it should be.
After some discussion with Andre we decided:
- We keep both buttons always enabled. Reasoning: We do not want to disallow a valid operation just because our heuristic says that attempting a decryption makes no sense.
- Instead of the Encrypt button we switch the Decrypt button to Import if we detect a key block. This way the users can encrypt key blocks (which does make sense; in particular, for protecting exported secret keys), but attempting to decrypt a key block will always fail.
The long hint is "hidden" in the tooltip of the short hint.
Well it is good that we have it now and we should not remove it. But when asked I would probably have said that this dialog / page should be removed altogether. I would bet that if we did a user survey this dialog is not used at all. Or very very rarely.
And the issue for which @ebo opened this ticket is in my opinion that you have to fail first before you see the hint.
• aheinecke lowered the priority of T6190: GPGSM: Import / Export of raw and p8 certs / containers broken from Normal to Low.
• aheinecke renamed T6190: GPGSM: Import / Export of raw and p8 certs / containers broken from GPGSM: Import / Epxort of raw and p8 certs / containers broken to GPGSM: Import / Export of raw and p8 certs / containers broken.
I can confirm the fix.
• aheinecke closed T6189: Secret key backup of S/MIME certificate creates bad result, a subtask of T6190: GPGSM: Import / Export of raw and p8 certs / containers broken, as Resolved.
• aheinecke triaged T6190: GPGSM: Import / Export of raw and p8 certs / containers broken as Normal priority.
• ikloecker changed the status of T6189: Secret key backup of S/MIME certificate creates bad result from Open to Testing.
Should be fixed.
• ikloecker committed rKLEOPATRA7c2e37417b09: Tell gpgsm to export the secret key as PKCS#12 (authored by • ikloecker).
Tell gpgsm to export the secret key as PKCS#12
This is most likely a regression of switching to the gpgme-based secret key export.
• ikloecker triaged T6189: Secret key backup of S/MIME certificate creates bad result as High priority.
I was looking for this when writing the update NEWS for the latest release and noticed that this has not been pushed yet. I really think that it would be nice to have that. Especially for Smartcard use cases.
• aheinecke added a comment to T6187: Kleopatra: Import of p12 file fails with "invalid crypto engine".
Ok. That is about the Invalid Crypto Engine. But this does not explain why a .p12 export via Kleopatra leads to this error when we export a valid certificate. The same thing I do with Kleopatra on the Command Line works:
• ikloecker placed T6187: Kleopatra: Import of p12 file fails with "invalid crypto engine" up for grabs.
The error is generated in parse_import in gpgme/src/import.c:
if (errno || args == tail || *tail != ' ')
{
/* The crypto backend does not behave. */
free (import);
return trace_gpg_error (GPG_ERR_INV_ENGINE);
}Added now
Update GpgOL to released version
swdb: GpgOL 2.5.4
Update NEWS for todays release
Post release version bump
Auto update po files
• ebo awarded T6085: pinentry-qt: Earlier passphrase hint when creating new key a Like token.
• aheinecke committed rW42d0405f007c: Add po/build-cc to distclean target in po (authored by • aheinecke).
Add po/build-cc to distclean target in po
Fix mode of a patch
• aheinecke committed rWa24577f8f002: MSI: Add gui for serbian translation (authored by • aheinecke).
MSI: Add gui for serbian translation
appimage: Package man pages
tools:gpg-auth: Support use of pinpad.
• gniibe committed rGf7e0b0c8a56a: common: Fix to determine ECC curve for SSH. (authored by • gniibe).
common: Fix to determine ECC curve for SSH.
Sep 5 2022
Sep 5 2022
bernhard added a comment to T5816: mailing list address confusion (lists.gnupg.org shown, but does not work).
Or better:
- If it is was broken for you and works now, let us know here.
- if "lists." still is there in email addresses somewhere, please also list.
Thanks!
Update Kleopatra to latest master
• aheinecke committed rKLEOPATRA4c2e7317dcc4: Initialize user id list with a whitespace (authored by • aheinecke).
Initialize user id list with a whitespace
Update Kleopatra to latest master
• werner committed rSeb838bf345fe: Do not launch gpg-agent if no-autostart is active. (authored by • werner).
Do not launch gpg-agent if no-autostart is active.
bernhard changed the status of T5816: mailing list address confusion (lists.gnupg.org shown, but does not work) from Open to Testing.
https://lists.gnupg.org/mailman/listinfo/gnupg-devel has `To post a message to all the list members, send email to gnupg-devel@gnupg.org." now, which seems fine, it was wrong before.
• aheinecke moved T6085: pinentry-qt: Earlier passphrase hint when creating new key from Restricted Project Column to Restricted Project Column on the Restricted Project board.
• aheinecke moved T6076: Kleopatra: Many icons are hard to see if the dark high-contrast mode is activated from Restricted Project Column to Restricted Project Column on the Restricted Project board.
• aheinecke moved T5974: MSI: Register p12 file extension as an optional parameter from Restricted Project Column to Restricted Project Column on the Restricted Project board.
• werner added a comment to T5816: mailing list address confusion (lists.gnupg.org shown, but does not work).
Fixed for 3 lists. I can't remember the details but quite some time ago someone requested some changes and while applying them the host_name must have changed / I changed it. The problem with Mailman is that it does not use plain config files to keep under etckeeper. At least not with some effort.
• aheinecke lowered the priority of T6085: pinentry-qt: Earlier passphrase hint when creating new key from Normal to Low.
I think there was a misunderstanding here. We already set .pinentry.constraints.hint.long and .pinentry.constraints.hint.short in GnuPG-VSD but firstly they are only about symmetric.
And the issue for which @ebo opened this ticket is in my opinion that you have to fail first before you see the hint.
bernhard added a comment to T5816: mailing list address confusion (lists.gnupg.org shown, but does not work).
@werner also I suggest to check the default setting for this, see https://www.list.org/mailman-install/customizing.html and you can use the scripts mentioned there to check the configuration of several mailinglists at once and change it, if you know, which one is to blame, e.g. the host_name value.