Page MenuHome GnuPG

gniibe (NIIBE Yutaka)
UserAdministrator

Projects (9)

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

User Details

User Since
Mar 27 2017, 4:47 PM (287 w, 4 d)
Roles
Administrator
Availability
Available

Recent Activity

Thu, Sep 29

gniibe added a comment to T6002: scute w/ gpg23: Support multiple cards/tokens, major update with KEYGRIP.

Merged the changes in t6002 branch into master.

Thu, Sep 29, 3:16 AM · Feature Request, scute
gniibe added a comment to T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified.

Applied and pushed the change from @joeyberkovitz in rG3257385378bb: dirmngr: Interrogate LDAP server when base DN specified..

Thu, Sep 29, 3:10 AM · LDAP, dirmngr, gnupg (gpg23), Feature Request
gniibe committed rG3257385378bb: dirmngr: Interrogate LDAP server when base DN specified. (authored by joeyberkovitz).
dirmngr: Interrogate LDAP server when base DN specified.
Thu, Sep 29, 2:54 AM
gniibe committed rG4b2066afb498: dirmngr: Change interrogate_ldap_dn for better memory semantics. (authored by gniibe).
dirmngr: Change interrogate_ldap_dn for better memory semantics.
Thu, Sep 29, 2:54 AM
gniibe committed rG03f392333729: Register DCO for Joey Berkovitz. (authored by gniibe).
Register DCO for Joey Berkovitz.
Thu, Sep 29, 2:54 AM
gniibe committed rG530d709607e5: dirnmgr: Fix the function prototype. (authored by gniibe).
dirnmgr: Fix the function prototype.
Thu, Sep 29, 2:54 AM

Wed, Sep 28

gniibe committed rSfa6369651060: Fix keyinfo listing. (authored by gniibe).
Fix keyinfo listing.
Wed, Sep 28, 8:19 AM
gniibe committed rS3bf758969ded: Do not launch gpg-agent if no-autostart is active. (authored by werner).
Do not launch gpg-agent if no-autostart is active.
Wed, Sep 28, 8:07 AM
gniibe committed rS1a87b2f26ad9: Add option to return leaf certificate only. (authored by gouttegd).
Add option to return leaf certificate only.
Wed, Sep 28, 8:07 AM
gniibe committed rS819009a5a782: Avoid segv in case of a MISSING_KEY error. (authored by werner).
Avoid segv in case of a MISSING_KEY error.
Wed, Sep 28, 8:07 AM
gniibe committed rS9a61a3267f7d: Avoid endless loop due to bogus certificate chains. (authored by werner).
Avoid endless loop due to bogus certificate chains.
Wed, Sep 28, 8:07 AM
gniibe committed rS3d3222d9f9a0: Add configure option only-marked (authored by werner).
Add configure option only-marked
Wed, Sep 28, 8:07 AM
gniibe committed rSb2cacfb9373a: Tweak for GetSlotList for Firefox. (authored by gniibe).
Tweak for GetSlotList for Firefox.
Wed, Sep 28, 8:07 AM
gniibe committed rS458eea3371ea: Don't use SCD READCERT, but just use gpgsm. (authored by gniibe).
Don't use SCD READCERT, but just use gpgsm.
Wed, Sep 28, 8:07 AM
gniibe committed rSc916e41937df: Fix sign/decrypt operation. (authored by gniibe).
Fix sign/decrypt operation.
Wed, Sep 28, 8:07 AM
gniibe committed rS26d21a2e7ca5: Allow SeedRandom. (authored by gniibe).
Allow SeedRandom.
Wed, Sep 28, 8:07 AM
gniibe committed rS8170a35bddea: Fix C_GetSlotInfo. (authored by gniibe).
Fix C_GetSlotInfo.
Wed, Sep 28, 8:07 AM
gniibe committed rSb4bc848320bb: Fix slot_get_status. (authored by gniibe).
Fix slot_get_status.
Wed, Sep 28, 8:07 AM
gniibe committed rS88e3e58fa237: First step for multiple device support, using the keygrip. (authored by gniibe).
First step for multiple device support, using the keygrip.
Wed, Sep 28, 8:07 AM
gniibe committed rSf666690b817e: Second step for multiple device support. No monitoring cards. (authored by gniibe).
Second step for multiple device support. No monitoring cards.
Wed, Sep 28, 8:07 AM
gniibe committed rS85fce6342624: Remove $DISPSERIALNO support. (authored by gniibe).
Remove $DISPSERIALNO support.
Wed, Sep 28, 8:07 AM
gniibe committed rS1cc5c465862e: Fix NR_ATTR_CERT. (authored by gniibe).
Fix NR_ATTR_CERT.
Wed, Sep 28, 8:07 AM
gniibe committed rSfd72f517b923: Allow up to four cards (only use the first slot for now). (authored by gniibe).
Allow up to four cards (only use the first slot for now).
Wed, Sep 28, 8:07 AM

Tue, Sep 27

gniibe committed rC3c04b692de1e: kdf:pkdf2: Check minimum allowed key size when running in FIPS mode. (authored by tobhe).
kdf:pkdf2: Check minimum allowed key size when running in FIPS mode.
Tue, Sep 27, 6:57 AM
gniibe committed rC857e6f467d0f: kdf:pkdf2: Require longer input when FIPS mode. (authored by gniibe).
kdf:pkdf2: Require longer input when FIPS mode.
Tue, Sep 27, 6:57 AM
gniibe changed the status of T6219: Ensure minimum key length for KDF in FIPS mode from Open to Testing.

Thank you for your report.

Tue, Sep 27, 6:34 AM · libgcrypt, FIPS, Bug Report

Mon, Sep 26

gniibe committed rG993820c31521: dirmngr: Factor out interrogate_ldap_dn function. (authored by gniibe).
dirmngr: Factor out interrogate_ldap_dn function.
Mon, Sep 26, 9:08 AM
gniibe added a comment to T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified.

To proceed, I pushed an initial part as rG993820c31521: dirmngr: Factor out interrogate_ldap_dn function., which doesn't change any behavior.
Then, the point of the change will be clearer.

Mon, Sep 26, 9:03 AM · LDAP, dirmngr, gnupg (gpg23), Feature Request
gniibe is attending E944: Weekly Standup.
Mon, Sep 26, 8:20 AM
gniibe added a comment to T6160: pinentry Emacs support assumes socket location at ${TMPDIR}/emacs${UID}, fails to connect (need to respect XDG_RUNTIME_DIR).

pinentry-emacs is obsolete. It's for older Emacs (<= 25, IIUC) which had lisp/pinentry.el.
For Emacs 26 and newer, you can simply use epa-pinentry-mode having the value of loopback.

Mon, Sep 26, 8:11 AM · Feature Request, pinentry, Emacs
gniibe added a comment to E944: Weekly Standup.

Last week:

  • Learn about VS-Desktop a bit
  • For myself, build&install libkleo & kleopatra to see the features
  • created pam_authproto-2022-09-20.tgz
  • scute

This week:

  • scute merging
  • libgcrypt master and use of (unintended) variable length array
Mon, Sep 26, 7:39 AM
gniibe changed the status of T5034: dev: Deprecate libassuan-config, libgcrypt-config, ksba-config, ntbtls-config, npth-config, and gpg-error-config from Open to Testing.
Mon, Sep 26, 7:18 AM

Thu, Sep 22

gniibe committed rCc20022ffd4ad: fips: Skip PCT if RSA keygen test-parms specified (authored by neverpanic).
fips: Skip PCT if RSA keygen test-parms specified
Thu, Sep 22, 6:57 AM

Wed, Sep 21

gniibe committed rSae4b7d8e2764: Support ECC signature. (authored by gniibe).
Support ECC signature.
Wed, Sep 21, 8:24 AM
gniibe committed rS4a1169983259: Fix wrong fix of off-by-one error. (authored by gniibe).
Fix wrong fix of off-by-one error.
Wed, Sep 21, 8:24 AM
gniibe committed rSc94f1d709613: Add constants from PKCS#11 3.0. (authored by gniibe).
Add constants from PKCS#11 3.0.
Wed, Sep 21, 8:24 AM
gniibe committed rPTH61ae94a7489a: Revert "Don't use symbol/macro which starts with _." (authored by gniibe).
Revert "Don't use symbol/macro which starts with _."
Wed, Sep 21, 7:41 AM
gniibe added a reverting change for rPTH317885a6b11f: Don't use symbol/macro which starts with _.: rPTH61ae94a7489a: Revert "Don't use symbol/macro which starts with _.".
Wed, Sep 21, 7:41 AM
gniibe added a comment to rPTH317885a6b11f: Don't use symbol/macro which starts with _..

That's from my confusion. I'll revert.

Wed, Sep 21, 7:39 AM
gniibe committed rE628cb1a786bd: m4: Fix detection of gpgrt's libdir. (authored by gouttegd).
m4: Fix detection of gpgrt's libdir.
Wed, Sep 21, 3:09 AM

Tue, Sep 20

gniibe added a comment to T5862: authentication with USB token.

Testing gpg-auth : There are two different use cases

  • test with xsecurelock for screen lock
  • test with pam-autoproto for login / gdb / etc.
Tue, Sep 20, 9:39 AM · gpgagent, Feature Request, scd
gniibe committed rPTH317885a6b11f: Don't use symbol/macro which starts with _. (authored by gniibe).
Don't use symbol/macro which starts with _.
Tue, Sep 20, 8:26 AM
gniibe added a comment to T5862: authentication with USB token.

Here are pam_authproto.c with Makefile, so that you can compile it with libpam:

Tue, Sep 20, 6:19 AM · gpgagent, Feature Request, scd

Mon, Sep 19

gniibe added a comment to E943: Weekly Standup.
  • Yes, gpgrt release please.

Last week:

  • Minor fixes
    • libgcrypt
    • libgpg-error
    • gnupg
    • gpgme
  • T6200
  • T6204
  • T5862
    • Mostly done. Remaining thing is how/where to distribute pam-authproto module

This week:

Mon, Sep 19, 9:31 AM
gniibe added a comment to T4002: gpg-error.h uses c11 reserved word "noreturn".

@ikloecker Thank you for the pointer.
When people will use C23 compiler, there will be no problem (even with non-fixed version). That's good. :-)

Mon, Sep 19, 9:07 AM · Bug Report
gniibe declined E943: Weekly Standup.
Mon, Sep 19, 8:54 AM

Fri, Sep 16

gniibe committed rC984d94fa9fff: Minor clean up. (authored by gniibe).
Minor clean up.
Fri, Sep 16, 9:28 AM
gniibe committed rCf97b2f706dd0: Move function prototype to cipher.h. (authored by gniibe).
Move function prototype to cipher.h.
Fri, Sep 16, 9:28 AM
gniibe committed rC3962623fe6de: Fix _gcry_err_code_to_errno. (authored by gniibe).
Fix _gcry_err_code_to_errno.
Fri, Sep 16, 9:28 AM
gniibe committed rC82226dad7ae0: More clean up. (authored by gniibe).
More clean up.
Fri, Sep 16, 9:28 AM
gniibe committed rC000c50e07819: Fix use of noreturn. (authored by gniibe).
Fix use of noreturn.
Fri, Sep 16, 7:44 AM
gniibe added a comment to T4002: gpg-error.h uses c11 reserved word "noreturn".

Pushed similar changes for GnuPG and libgcrypt (which are actually harmless as it is internal use, not exposed header).

Fri, Sep 16, 7:40 AM · Bug Report
gniibe committed rGd5e29991c0c7: dirmngr:dns,doc,gpg: Fix for noreturn for C11. (authored by gniibe).
dirmngr:dns,doc,gpg: Fix for noreturn for C11.
Fri, Sep 16, 7:36 AM

Thu, Sep 15

gniibe committed rEa86ad1cbb6bd: yat2m: Use __noreturn__ attribute. (authored by gniibe).
yat2m: Use __noreturn__ attribute.
Thu, Sep 15, 8:25 AM
gniibe committed rE6f103890e972: Remove extra semicolons. (authored by gniibe).
Remove extra semicolons.
Thu, Sep 15, 8:21 AM
gniibe added a project to T6204: gpgme:python Fix setup.py, using pkg-config (not deprecated gpg-error-config and gpgme-config): Restricted Project.

Pushed the fix.
Note that non-in-tree build never been reliable (using the result of the configure, in tree).
So, I basically don't consider the use case of non-in-tree build.

Thu, Sep 15, 7:00 AM · Python, gpgme
gniibe committed rMfbd94076461e: Fix for modern compiler. (authored by gniibe).
Fix for modern compiler.
Thu, Sep 15, 6:50 AM
gniibe committed rMae9258fbf3b9: build:python: Don't use gpg-error-config/gpgme-config. (authored by gniibe).
build:python: Don't use gpg-error-config/gpgme-config.
Thu, Sep 15, 6:50 AM
gniibe added a comment to T6204: gpgme:python Fix setup.py, using pkg-config (not deprecated gpg-error-config and gpgme-config).

Reviewing the build process, it's just better to use @...VAR...@ by configure (instead of invoke pkg-config again in setup.py).

Thu, Sep 15, 6:44 AM · Python, gpgme
gniibe triaged T6204: gpgme:python Fix setup.py, using pkg-config (not deprecated gpg-error-config and gpgme-config) as High priority.
Thu, Sep 15, 5:01 AM · Python, gpgme
gniibe closed T5721: gpg22: Update *.m4 to prefer use of gpgrt-config and *.pc to *-config as Resolved.
Thu, Sep 15, 4:58 AM · gnupg (gpg22)
gniibe closed T5721: gpg22: Update *.m4 to prefer use of gpgrt-config and *.pc to *-config, a subtask of T5034: dev: Deprecate libassuan-config, libgcrypt-config, ksba-config, ntbtls-config, npth-config, and gpg-error-config, as Resolved.
Thu, Sep 15, 4:58 AM
gniibe committed rGed1264e74b11: build: Update gpg-error.m4. (authored by gniibe).
build: Update gpg-error.m4.
Thu, Sep 15, 4:58 AM
gniibe committed rGddc6f7d19491: build: Use LDAP_DEPRECATED to detect ldap library. (authored by gniibe).
build: Use LDAP_DEPRECATED to detect ldap library.
Thu, Sep 15, 4:24 AM
gniibe committed rG7a936505dcc4: build: Update .gitignore for translations under po/. (authored by gniibe).
build: Update .gitignore for translations under po/.
Thu, Sep 15, 4:24 AM

Wed, Sep 14

gniibe claimed T6200: gnupg: GPG_ERR_SOURCE_DEFAULT should be defined.

Pushed changes.

Wed, Sep 14, 10:01 AM · gnupg
gniibe committed rGe70e09c3d5e7: common: Fix for GPG_ERR_SOURCE_DEFAULT check. (authored by gniibe).
common: Fix for GPG_ERR_SOURCE_DEFAULT check.
Wed, Sep 14, 10:01 AM
gniibe committed rGd55728539f0e: kbx: Fix for GPG_ERR_SOURCE_DEFAULT. (authored by gniibe).
kbx: Fix for GPG_ERR_SOURCE_DEFAULT.
Wed, Sep 14, 10:01 AM
gniibe added a comment to T6200: gnupg: GPG_ERR_SOURCE_DEFAULT should be defined.

Note that, we cannot use enum values in CPP constant expression like:

# if GPG_ERR_SOURCE_DEFAULT != GPG_ERR_SOURCE_KEYBOX

That's because CPP has no way to know enum values.

Wed, Sep 14, 9:54 AM · gnupg
gniibe committed rG598884699dfc: dirmngr: Fix for USE_LDAP. (authored by gniibe).
dirmngr: Fix for USE_LDAP.
Wed, Sep 14, 9:47 AM
gniibe committed rG0b532627e832: common: Fix t-recsel. (authored by gniibe).
common: Fix t-recsel.
Wed, Sep 14, 8:43 AM
gniibe committed rG23d7b7cfb0f9: dirmngr:dns: Fixes for function prototypes. (authored by gniibe).
dirmngr:dns: Fixes for function prototypes.
Wed, Sep 14, 8:07 AM
gniibe committed rG3d7dbf16618d: agent,dirmngr,gpg,scd: Clean up for modern compiler. (authored by gniibe).
agent,dirmngr,gpg,scd: Clean up for modern compiler.
Wed, Sep 14, 5:55 AM

Tue, Sep 13

gniibe committed rG87d4338ed1d2: gpg,common,scd,sm: Function prototype fixes for modern compiler. (authored by gniibe).
gpg,common,scd,sm: Function prototype fixes for modern compiler.
Tue, Sep 13, 9:55 AM
gniibe committed rGe133bcb1cdf2: tools:gpg-auth: Enhance it to support use case for login. (authored by gniibe).
tools:gpg-auth: Enhance it to support use case for login.
Tue, Sep 13, 9:55 AM
gniibe triaged T6200: gnupg: GPG_ERR_SOURCE_DEFAULT should be defined as Normal priority.
Tue, Sep 13, 9:53 AM · gnupg

Mon, Sep 12

gniibe is attending E942: Weekly Standup.
Mon, Sep 12, 9:14 AM
gniibe added a comment to E942: Weekly Standup.
  • Next week: September 19th - not available

Last week:

  • T6193
    • Learn gentoo activity for clang 15 + musl c library
    • Then, pushes fixes for Clang 15
  • Created T6191: FIPS: Supporting running FIPS enabled machine
  • gpgme: Fixed T6187
  • T5862
    • gpg-auth is ready for use with xsecurelock
    • test with authproto of xsecurelock with pam-authproto.so (which is similar to pam_exec.so, but supports pam->conv better)

This week:

  • Provide pam-authproto.so as Debian package, possibly, extending libpam-modules
Mon, Sep 12, 8:53 AM

Fri, Sep 9

gniibe added a comment to T5862: authentication with USB token.

Here is a PAM module, which interact a spawned process using authproto protocol of xsecurelock.

Fri, Sep 9, 9:30 AM · gpgagent, Feature Request, scd
gniibe added a comment to T5699: libgpg-error 1.43 fails t-lock-single-thread test on x86_64 with musl and macOS.

Checking musl internal, it seems that we can detect a single threaded application by:
https://git.musl-libc.org/cgit/musl/tree/src/internal/libc.h#n22

Fri, Sep 9, 5:53 AM · gpgrt, Bug Report

Thu, Sep 8

gniibe committed rA6bc8a106c4bd: Silence compiler warnings. (authored by gniibe).
Silence compiler warnings.
Thu, Sep 8, 8:50 AM
gniibe committed rE10dc853291a1: Silence compiler warnings. (authored by gniibe).
Silence compiler warnings.
Thu, Sep 8, 8:34 AM
gniibe added a comment to T6193: Build failure with Clang 15 (pinentry-curses.c, error: call to undeclared function 'addnwstr' ...).

Could you please check what pkg-config --cflags ncurses returns?
In my environment (of Debian), it returns:

Thu, Sep 8, 7:56 AM · clang, Gentoo, pinentry, Bug Report
gniibe committed rC37dc9f8fd00a: Silence compiler warnings for unused internal value. (authored by gniibe).
Silence compiler warnings for unused internal value.
Thu, Sep 8, 7:47 AM
gniibe committed rC10d9878dd84f: Fix function prototypes. (authored by gniibe).
Fix function prototypes.
Thu, Sep 8, 7:47 AM
gniibe committed rPbc115547e0e9: Fix secmem for modern C compiler. (authored by gniibe).
Fix secmem for modern C compiler.
Thu, Sep 8, 7:33 AM

Wed, Sep 7

gniibe added a comment to T6191: FIPS: Supporting running FIPS enabled machine.

Here is a list of possible issues:

Wed, Sep 7, 8:58 AM · FIPS, gnupg (gpg23), Bug Report
gniibe added subtasks for T6191: FIPS: Supporting running FIPS enabled machine: T5930: Use the FIPS-compatible digest&sign API, T5964: gnupg should use the KDFs implemented in libgcrypt.
Wed, Sep 7, 4:48 AM · FIPS, gnupg (gpg23), Bug Report
gniibe added a parent task for T5964: gnupg should use the KDFs implemented in libgcrypt: T6191: FIPS: Supporting running FIPS enabled machine.
Wed, Sep 7, 4:48 AM · gnupg (gpg23), FIPS, libgcrypt, Feature Request
gniibe added a parent task for T5930: Use the FIPS-compatible digest&sign API: T6191: FIPS: Supporting running FIPS enabled machine.
Wed, Sep 7, 4:48 AM · FIPS, gnupg (gpg23), Feature Request
gniibe triaged T6191: FIPS: Supporting running FIPS enabled machine as Wishlist priority.
Wed, Sep 7, 4:47 AM · FIPS, gnupg (gpg23), Bug Report
gniibe created T6191: FIPS: Supporting running FIPS enabled machine.
Wed, Sep 7, 4:46 AM · FIPS, gnupg (gpg23), Bug Report
gniibe committed rM80670f60ba97: Fix parsing import status for invalid fingerprint. (authored by gniibe).
Fix parsing import status for invalid fingerprint.
Wed, Sep 7, 4:36 AM
gniibe added a comment to T6187: import of p12 file fails with "invalid crypto engine".

Pushed the fix for GPG_ERR_INV_ENGINE.

Wed, Sep 7, 4:29 AM · kleopatra, gpgme, gnupg, Restricted Project
gniibe added a comment to T6187: import of p12 file fails with "invalid crypto engine".

gpgsm may emit S IMPORT_PROBLEM 1 (with no fingerprint information) when it cannot find valid fingerprint.
I think that this case should be handled correctly by GPGME, not returning GPG_ERR_INV_ENGINE.

Wed, Sep 7, 4:27 AM · kleopatra, gpgme, gnupg, Restricted Project
gniibe added a comment to T3883: Add Win32-OpenSSH support to gpg-agent's ssh-agent.

It's not yet pushed, because it requires new release of libgpg-error (for T6112: libgpg-error,w32: bidirectional Pipe support for estream).

Wed, Sep 7, 1:56 AM · gnupg (gpg23), Windows, ssh, gpgagent, Feature Request

Tue, Sep 6

gniibe committed rGdc9227ca577d: tools:gpg-auth: Support use of pinpad. (authored by gniibe).
tools:gpg-auth: Support use of pinpad.
Tue, Sep 6, 6:56 AM
gniibe committed rGf7e0b0c8a56a: common: Fix to determine ECC curve for SSH. (authored by gniibe).
common: Fix to determine ECC curve for SSH.
Tue, Sep 6, 6:56 AM

Mon, Sep 5

gniibe added a comment to E941: Weekly Standup.

Last week:

This week:

  • gpg-auth handling more use cases
    • card with pinpad card reader
    • error cases, like no token available
    • login authentication with pam-exec
  • semihosted environment building
    • see how make check works for Windows target on GNU/Linux using Wine
Mon, Sep 5, 10:46 AM
gniibe committed rG7a22f764d518: tools:gpg-auth: Show SSH key comment when asking PIN. (authored by gniibe).
tools:gpg-auth: Show SSH key comment when asking PIN.
Mon, Sep 5, 7:49 AM