User Details
- User Since
- Mar 27 2017, 4:47 PM (404 w, 12 h)
- Roles
- Administrator
- Availability
- Busy Busy until Dec 9 2030.
Yesterday
Fri, Dec 20
This problem has gone in libgpg-error 1.51, since the implementation doesn't use environ any more.
Thu, Dec 19
Tue, Dec 17
Mon, Dec 16
Here is a patch to support "w32_error" for assuan_sock_get_flag function.
It's a bug I introduced when fixing T7309.
Fixed in rGaa36f6ae8bae: gpg: Fix key generation with existing key from card.
Fri, Dec 13
Thu, Dec 12
IIUC, simpler solution would be modifying m4/socklen.m4 adding Solaris variant specific code.
Tweaking _XOPEN_SOURCE requires the change of Autoconf, which would be larger surgery.
Here are changes for gcry_md_open and its friends.
My idea in https://dev.gnupg.org/T7338#195529 doesn't work well when a function call is done multiple times.
Assuming SUCCESS, and marking all non-compliant places in the code works, and it would be good because libgcrypt so far maintains non-compliant path with rejection.
Wed, Dec 11
Tue, Dec 10
Mon, Dec 9
Pushed the change for adding hash tests in rC7faf542f1573: fips,tests: Add t-digest.
Fri, Dec 6
It seems that the internal API is not enough.
Now, we have _gcry_md_hash_buffer function with the new FIPS service indicator.
It's used for public key crypto, too.
The compliance for hash function is a part of public key crypto, but not all.
A change for gcry_md_hash_* functions are pushed by rC3478caac62c7: fips,md: Implement new FIPS service indicator for gcry_md_hash_*..
It doesn't have tests with FIPS service indicator yet.
Thu, Dec 5
New external API is by GCRYCTL_FIPS_SERVICE_INDICATOR and/or the new macro gcry_get_fips_service_indicator.
This change is pushed by rCf51f4e98930e: fips: Introduce GCRYCTL_FIPS_SERVICE_INDICATOR and the macro.
New internal API is introduced with T7340 by the commit rCe1cf31232825: fips: Introduce an internal API for FIPS service indicator.
Change is pushed by rCe1cf31232825: fips: Introduce an internal API for FIPS service indicator.
Mon, Dec 2
Closed, since this was documentation for the workaround, four years ago.
Put it under lower priority, as it's basically programming error.
OK, it's done. closed.
Fri, Nov 29
Here is my proposal to avoid unsynched state for data.
diff --git a/src/client.c b/src/client.c index 410f940..0989984 100644 --- a/src/client.c +++ b/src/client.c @@ -250,6 +250,7 @@ assuan_transact (assuan_context_t ctx, int off; char *line; int linelen; + gpg_error_t last_err = 0;
Done for 2.5.0.
Done in 2.5.0.
Fixed in 2.5.0.
Fixed in 2.5.0.
Fixed in 2.5.0 and 2.4.6.
Fixed in 2.5.0 and 2.4.6.
Fixed in 2.4.6.
Fixed in 2.4.6.
Fixed in 2.4.6.
I can say it's fixed in 2.4.7.
Mon, Nov 25
For this ticket, I reviewed the code around my SOS changes.
Because I'd like to focus the point of retaining binary representation when doing import->export,
I created another thicket: T7426
One bug is when importing a key.
Nov 18 2024
In select_application function, we can minimize the holding W-lock.
This may requires major changes for scdaemon.
For the cancelling operation, each card reader access should have an independent resource manager context.
Currently, a single pcsc.context is shared by all reader accesses.
Hard lockup should be avoided. In particular, following conditions should meet:
- gpgconf --kill scdaemon can kill scdaemon
- KEYINFO requests can be answered for other connections of scdaemon
As of 2024-11-18, my hypothesis is:
- there are some sort of race conditions between PC/SC + card reader (or its driver) + smartcard + scdaemon on Windows, at least at initial use after boot
- because of this, SCardConnect of PC/SC call wrongly fails (somehow confirmed by @ebo's experiments + @gniibe's speculation), or wrongly never returns (@gniibe's guess, side info: its slowness is observed in T7400).
@ebo Thank you for your testing.
Nov 15 2024
Please note that a card insertion to a card reader and a card reader connection to PC are different things.
It may cause different results.