In T6199#172571, @CarlSchwan wrote:This will still more work to bring back the massive amount of unit tests. I'm also seriously considering to instead of moving this code to libkleo to instead create a new library with this and then have Kleopatra, kalendar, kube use it (and kmail too in the future but that would require a lot more work).
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Jul 5 2023
Jul 5 2023
I started working on it. Current progress, I managed to move the mimetreeparser/partmodel from kalendar to libkleo and removed the few akonadi bits.
Ignore *.exe and *.wixlib packages
Ready for testing. I could view a signed PDF and verify the signature with the gpg backend, but other things may not work because of missing dependencies.
Add Okular to the AppImage
It turned out that my pinentry reported "fully canceled" on Cancel (see T6491: Pinentry-Qt: Password prompt for each subkey if password change is cancelled) which made gpg output nothing.
Tested and works now for me as expected. Thanks.
• ikloecker committed rKLEOPATRAfa6ff398912a: Tell the command that it's finished (authored by • ikloecker).
Tell the command that it's finished
The original reporter mentioned that this only occurs when called from kleo. But let me recheck.
• werner committed rG944479e21d40: gpg: Return ERROR status for --quick-sign-key. (authored by • werner).
gpg: Return ERROR status for --quick-sign-key.
• werner removed a project from T2701: Do not let users create keys without an expiration date: gnupg.
Also done for 2.2.
• werner added a project to T3927: gpgsm certificate import fails because of hardcoded password length limitation: gnupg24.
Actually it has been fixed for the PBES2 case in 2.2 and 2.4. PBES2 is used with AES128 and AES256. I doubt that there is any value in adding such support for the legacy RC2 and 3DES methods.
• werner raised the priority of T3927: gpgsm certificate import fails because of hardcoded password length limitation from Low to Normal.
• werner edited projects for T6536: Extend P12 parser for ShroudedKeyBag inside a CertBag, added: gnupg22 (gnupg-2.2.42); removed gnupg22.
Same for the backport to 2.2 which uses the same test suite.
Jul 5 2023, 2:31 PM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), Bug Report, S/MIME, Restricted Project
• werner committed rGa6dad932f429: sm: Complete rewrite of the PKCS#12 parser (authored by • werner).
sm: Complete rewrite of the PKCS#12 parser
• werner changed the status of T6536: Extend P12 parser for ShroudedKeyBag inside a CertBag from Open to Testing.
Jul 5 2023, 2:30 PM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), Bug Report, S/MIME, Restricted Project
sm: Remove duplicated code.
wks: Make --add-revocs the default.
• werner committed rG24a9c77f36e7: gpgsm: Support SENDCERT_SKI for --call-dirmngr (authored by • werner).
gpgsm: Support SENDCERT_SKI for --call-dirmngr
• werner committed rG505e770b4c53: wks: Use export-clean for --mirror and --create. (authored by • werner).
wks: Use export-clean for --mirror and --create.
• werner committed rGff81ded48df4: dirmngr: New dummy option --compatibility-flags. (authored by • werner).
dirmngr: New dummy option --compatibility-flags.
• werner committed rGed92b45c474e: dirmngr: New option --ignore-crl-extensions. (authored by • werner).
dirmngr: New option --ignore-crl-extensions.
gpgtar: New option --no-compress.
• werner committed rG0bed46cae2c1: gpg: New option --no-compress as alias for -z0. (authored by • werner).
gpg: New option --no-compress as alias for -z0.
gpgsm: New option --input-size-hint.
gpgsm: Print PROGRESS status lines.
This has long been implemented due to the backport of the P12 parser and the recent rewrite of it.
• werner closed T4921: Support import of PKCS#12 encoded ECC private keys., a subtask of T4098: GpgSM: Add ECC support, as Resolved.
• werner moved T6536: Extend P12 parser for ShroudedKeyBag inside a CertBag from Backlog to WiP on the gnupg22 board.
Jul 5 2023, 2:23 PM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), Bug Report, S/MIME, Restricted Project
gpg --export-secret-subkeys --armor 704769B8D5C15319A27C74BBB47052506607DA6E confirms that gpg 2.4.1-beta21 outputs nothing if the password entry is canceled.
Of course, it's about right clicking the encryption subkey. That's what I tested. Anyway, cancel wasn't handled properly. Now it is.
Jul 5 2023, 11:56 AM · gpgme (gpgme 1.23.x), gnupg22 (gnupg-2.2.42), gnupg24 (gnupg-2.4.3), Feature Request, Restricted Project, Windows
• werner changed the status of T6528: gpg: No error status when encrypting to full disk from Open to Testing.
• werner committed rG1b60aab2c489: gpg: Make progress work for large files on Windows. (authored by • werner).
gpg: Make progress work for large files on Windows.
w32: Map ERROR_FILE_INVALID to EIO.
• werner committed rG8425cdcc8eb9: gpg: Print status line and proper diagnostics for write errors. (authored by • werner).
gpg: Print status line and proper diagnostics for write errors.
• werner committed rG8613230602ca: gpg: Set default expiration date to 3 years. (authored by • werner).
gpg: Set default expiration date to 3 years.
• werner committed rG5825daaf11db: speedo: Do not fail if osslsigncode verify can't be run. (authored by • werner).
speedo: Do not fail if osslsigncode verify can't be run.
In T5755#172514, @ikloecker wrote:I cannot reproduce the problem with Cancel. When I try this, I get the error "The result of the export is empty." and nothing is written to disk. I'm using GnuPG 2.4.
Anyway, handling of cancel was indeed missing.
• werner moved T6534: gpg's progress_filter needs to use uint64_t from Backlog to WiP on the gnupg22 board.
Jul 5 2023, 11:16 AM · gpgme (gpgme 1.23.x), gnupg22 (gnupg-2.2.42), gnupg24 (gnupg-2.4.3), Feature Request, Restricted Project, Windows
• werner moved T6528: gpg: No error status when encrypting to full disk from Backlog to WiP on the gnupg22 board.
Just a quick caveat: Save all attachments works really bad with complex message structures. If we now offer the option to delete all attachments after saving them this could have desastrous effects, i.e. the user could end up with unusable MIME-parts on their disk. I don't remember when I noticed this. Maybe with attached email messages, maybe with signed/encrypted messages, maybe with a combination of both.
Jul 5 2023, 11:11 AM · Restricted Project
The expiry checker checks for expiry. It doesn't and shouldn't do anything else.
• ikloecker committed rKLEOPATRAb82492b44a0c: Handle canceling of secret subkey export (authored by • ikloecker).
Handle canceling of secret subkey export
I cannot reproduce the problem with Cancel. When I try this, I get the error "The result of the export is empty." and nothing is written to disk. I'm using GnuPG 2.4.
We should make building with LDAP mandatory.
It seemed I was wrong that it is due to buffering.
In the use case of --sign and --encrypt, hashing is done with IOBUF's 64KiB buffer (already).
• gniibe added a comment to T6561: OpenPGP benchmarks on Windows OCB vs. CFB + MDC vs. Unsigned vs. Signed on real data..
I observed the benchmark by libgcrypt (Windows emulation 32-bit on Debian):
l10n daemon script <scripty@kde.org> committed rLIBKLEOc1e7178b1021: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
l10n daemon script <scripty@kde.org> committed rKLEOPATRAf4d30120121f: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
gpg: Fix gpg --server mode on Windows.
Jul 5 2023, 6:16 AM · Restricted Project
• gniibe committed rG577baf4af300: gpg: Format the value of type gnupg_fd_t by casting to int. (authored by • gniibe).
gpg: Format the value of type gnupg_fd_t by casting to int.
l10n daemon script <scripty@kde.org> committed rLIBKLEOa7d65d09fcd9: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Thank you for your report.
l10n daemon script <scripty@kde.org> committed rKLEOPATRAb215d85587dd: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
• gniibe committed rG9ae3cfcabec9: dirmngr: Enable the call of ks_ldap_help_variables when USE_LDAP. (authored by • gniibe).
dirmngr: Enable the call of ks_ldap_help_variables when USE_LDAP.
• gniibe committed rG3fb69641e84d: gpg: Use gnupg_fd_t for decryption and sign. (authored by • gniibe).
gpg: Use gnupg_fd_t for decryption and sign.
• gniibe committed rG2c2516f03a28: gpg: Use gnupg_fd_t for encrypt_crypt and gpg_verify. (authored by • gniibe).
gpg: Use gnupg_fd_t for encrypt_crypt and gpg_verify.
• gniibe committed rGdc13361524c1: dirmngr: Enable the call of ks_ldap_help_variables when USE_LDAP. (authored by • gniibe).
dirmngr: Enable the call of ks_ldap_help_variables when USE_LDAP.
gpg: Use gnupg_fd_t for open_outfile.
• gniibe committed rG2c5a93e66e3e: gpg:card: Remove the code for GnuPG version 1. (authored by • gniibe).
gpg:card: Remove the code for GnuPG version 1.
Jul 4 2023
Jul 4 2023
Fix last commit
• werner committed rG334f5d95c825: Merge branch 'STABLE-BRANCH-2-4' into master (authored by • werner).
Merge branch 'STABLE-BRANCH-2-4' into master
web: Release announcement
• werner committed rD6e8f0833fa52: web: Remove the LTS version from the download list (authored by • werner).
web: Remove the LTS version from the download list
swdb: GnuPG 2.4.3
Update to GnuPG 2.4.3
• werner edited projects for T6509: Release GnuPG 2.4.3, added: gnupg24 (gnupg-2.4.3); removed gnupg.
Post release updates
Release 2.4.3
po: msgmerge
po: Update Turkish translation
Jul 4 2023, 4:37 PM · Restricted Project
Jul 4 2023, 3:42 PM · Restricted Project
• werner edited projects for T6536: Extend P12 parser for ShroudedKeyBag inside a CertBag, added: gnupg24 (gnupg-2.4.3); removed gnupg24.
This was tested by me against the actual sample and the sample is now part of our internal regression test suite.
Jul 4 2023, 2:46 PM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), Bug Report, S/MIME, Restricted Project
• werner moved T6534: gpg's progress_filter needs to use uint64_t from QA to gnupg-2.4.3 on the gnupg24 board.
Jul 4 2023, 2:44 PM · gpgme (gpgme 1.23.x), gnupg22 (gnupg-2.2.42), gnupg24 (gnupg-2.4.3), Feature Request, Restricted Project, Windows
• werner moved T6135: Agent, P15: Insert Smartcard query uses serial number instead of $DISPSERIALNO from QA to gnupg-2.4.3 on the gnupg24 board.
• werner moved T6477: WKD redirects and dirmngr redirect rewriting from QA to gnupg-2.4.3 on the gnupg24 board.
• werner moved T6528: gpg: No error status when encrypting to full disk from QA to gnupg-2.4.3 on the gnupg24 board.
• werner moved T6528: gpg: No error status when encrypting to full disk from WiP to QA on the gnupg24 board.
• werner committed rGb83d86b988bb: scd:p15: Make signing work for Nexus cards. (authored by • werner).
scd:p15: Make signing work for Nexus cards.
gpgsm: Init a diagnostic var.
• werner committed rG5e94470d053e: common,w32: Add missing GetLastError->errno mapping. (authored by • werner).
common,w32: Add missing GetLastError->errno mapping.
• aheinecke added a comment to T5478: Kleopatra: Performance problems decrypting and encrypting large Archives.
I ran the test AES.OCB encrypt only, no compression test with the same GnuPG 2.4 version on Linux.
Another request for this would be that the for expired keys a --locate-key might be triggered. GpgOL currently does this in internal logic and this causes GnuPG to refetch the key e.g. from WKD if the key came originally from WKD. https://bugs.kde.org/show_bug.cgi?id=471911 I am not sure if the expiry checker already does this, but someone pointed me to the KDE bug and I will point back here because it makes little sense to fix this in the kmail resolver when we want to replace it.