werner (Werner Koch)Administrator
Engineering

Projects

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Friday

  • Clear sailing ahead.

User Details

User Since
Mar 27 2017, 4:48 PM (86 w, 1 d)
Roles
Administrator
Availability
Available

Recent Activity

Today

werner committed rGe5c3a6999a37: doc: Clarify use of clear and nodefault in the AKL. (authored by werner).
doc: Clarify use of clear and nodefault in the AKL.
Wed, Nov 21, 9:38 AM
werner committed rG6acca0e4d9f9: doc: Clarify use of clear and nodefault in the AKL. (authored by werner).
doc: Clarify use of clear and nodefault in the AKL.
Wed, Nov 21, 9:38 AM

Yesterday

werner triaged T4263: Pinentry does not support --disable-doc configure option as Normal priority.

Well, that is a detailed bug report. Thanks.

Tue, Nov 20, 8:06 AM · pinentry, Bug Report

Mon, Nov 19

werner awarded T4242: Improper construction for gpg.constants.import in GPGME python bindings a Pterodactyl token.
Mon, Nov 19, 12:59 PM · Bug Report
werner committed rMb182838f71d8: core: Fix format string errors in w32-io.c and use of TRACE_SUC. (authored by werner).
core: Fix format string errors in w32-io.c and use of TRACE_SUC.
Mon, Nov 19, 12:49 PM
werner committed rC6faeca72b455: doc: Fix library initialization examples (authored by ametzler).
doc: Fix library initialization examples
Mon, Nov 19, 9:09 AM
werner committed rCaf0bbdb9019e: doc: Fix library initialization examples (authored by ametzler).
doc: Fix library initialization examples
Mon, Nov 19, 9:09 AM
werner is attending E411: Weekly Standup.
Mon, Nov 19, 9:07 AM
werner added a comment to E411: Weekly Standup.

(Do you a favor and get a http://di-li.eu/stereo_mikroskop.html, the model 900 is really usable for soldering).

Mon, Nov 19, 8:51 AM

Sat, Nov 17

werner raised the priority of T4242: Improper construction for gpg.constants.import in GPGME python bindings from High to Unbreak Now!.

Form my understanding this needs to be fixed urgently.

Sat, Nov 17, 10:54 AM · Bug Report

Fri, Nov 16

werner committed rM7a1e7006d06f: core: Protect the trace macros for fun and profit. (authored by werner).
core: Protect the trace macros for fun and profit.
Fri, Nov 16, 6:20 PM
werner committed rM7eda50a673d1: core: Fix a LF problem in the new debug fucntion. (authored by werner).
core: Fix a LF problem in the new debug fucntion.
Fri, Nov 16, 6:20 PM
werner committed rMcf423864062a: core: Fix format string errors in trace macros (authored by werner).
core: Fix format string errors in trace macros
Fri, Nov 16, 4:57 PM
werner committed rM94d274a1a33c: core: Remove old debug helper function (authored by werner).
core: Remove old debug helper function
Fri, Nov 16, 4:57 PM
werner committed rM5857491a2aa7: core: Simplify the trace maros by using variadics. (authored by werner).
core: Simplify the trace maros by using variadics.
Fri, Nov 16, 4:57 PM
werner committed rM8d91c0f4cdcc: Add SPDX identifiers to most source files (authored by werner).
Add SPDX identifiers to most source files
Fri, Nov 16, 1:36 PM
werner closed T4259: Invalid version check as Resolved.

Pretty obvious. Thanks.

Fri, Nov 16, 9:19 AM · gnupg, Bug Report
werner committed rG1e700961ddf4: gpg: Start using OCB mode by default with Libgcrypt 1.9. (authored by werner).
gpg: Start using OCB mode by default with Libgcrypt 1.9.
Fri, Nov 16, 9:19 AM
werner added a commit to T4259: Invalid version check: rG1e700961ddf4: gpg: Start using OCB mode by default with Libgcrypt 1.9..
Fri, Nov 16, 9:19 AM · gnupg, Bug Report
werner triaged T4260: export all valid authentication subkeys in --export-ssh-key as Low priority.
Fri, Nov 16, 9:11 AM · ssh, Feature Request
werner committed rGc8f79cec743c: doc: Add NEWS item from recent 2.2 releases. (authored by werner).
doc: Add NEWS item from recent 2.2 releases.
Fri, Nov 16, 8:31 AM

Thu, Nov 15

werner committed rEa5d4a4b32b11: core: New API gpgrt_cmp_version (authored by werner).
core: New API gpgrt_cmp_version
Thu, Nov 15, 7:32 PM
werner closed T4251: gpg-zip embeds the build-time path for tar instead of finding it at runtime. as Resolved.
Thu, Nov 15, 4:16 PM · gnupg (gpg22), Bug Report
werner committed rG2768293b1ee6: tools: Let gpg-zip print a deprecation warning. (authored by werner).
tools: Let gpg-zip print a deprecation warning.
Thu, Nov 15, 4:14 PM
werner added a commit to T4251: gpg-zip embeds the build-time path for tar instead of finding it at runtime.: rG2768293b1ee6: tools: Let gpg-zip print a deprecation warning..
Thu, Nov 15, 4:14 PM · gnupg (gpg22), Bug Report
werner triaged T4255: gpg-agent: "<gcrypt> Cannot allocate memory" with 10 threads decrypting OpenPGP as High priority.
Thu, Nov 15, 4:07 PM · gnupg, gpgagent
werner added a comment to T4255: gpg-agent: "<gcrypt> Cannot allocate memory" with 10 threads decrypting OpenPGP.

Hmmm

Thu, Nov 15, 4:06 PM · gnupg, gpgagent
werner added a comment to T4251: gpg-zip embeds the build-time path for tar instead of finding it at runtime..

I have a warning already in my working copy.

Thu, Nov 15, 3:07 PM · gnupg (gpg22), Bug Report
werner added a comment to T4256: gpg-agent: Spurious pinentries for an already unlocked key when decryption OpenPGP in 10 threads.

Well, it should not happen if you always use the same key.

Thu, Nov 15, 3:06 PM · gnupg, gpgagent
werner added a comment to T4256: gpg-agent: Spurious pinentries for an already unlocked key when decryption OpenPGP in 10 threads.

There is indeed a race condition between the passphrase cache and the pinentry invocation. There is even a comment on this somewhere in the code. The problem is that we would need to lock almost everything to avoid this rare condition.

Thu, Nov 15, 3:05 PM · gnupg, gpgagent
werner added a comment to T4255: gpg-agent: "<gcrypt> Cannot allocate memory" with 10 threads decrypting OpenPGP.

Which Libgcrypt version?

Thu, Nov 15, 3:02 PM · gnupg, gpgagent
werner closed T4254: broken link to gpgrelay in website as Resolved.

I fixed the gpgrelay link.

Thu, Nov 15, 8:41 AM · Bug Report

Wed, Nov 14

werner committed rDa365c7224732: web: Fix GPGrelay URL and mark some software as active or obsolete. (authored by werner).
web: Fix GPGrelay URL and mark some software as active or obsolete.
Wed, Nov 14, 8:35 PM
werner closed T4074: gpg-agent and scdaemon still running after log out as Wontfix.

It is useful if you often log out and in, for example using remote remote ssh session. If you don't like it, you should "gpgconf --kill gpg-agent" in your .bash_logout. ~/.xsession or whatever your system uses. Instead of --kill you can also use --reload so that the passphrase cache is flushed immediately and not only at the end of the TTL.

Wed, Nov 14, 2:34 PM · Bug Report
werner added a task to rC35e002d4b842: random: Initialize variable as requested by valgrind: T4250: Conditional jump or move depends on uninitialised value(s).
Wed, Nov 14, 2:21 PM
werner added a task to rCaa686dfc9b56: random: Initialize variable as requested by valgrind: T4250: Conditional jump or move depends on uninitialised value(s).
Wed, Nov 14, 2:21 PM
werner added commits to T4250: Conditional jump or move depends on uninitialised value(s): rCaa686dfc9b56: random: Initialize variable as requested by valgrind, rC35e002d4b842: random: Initialize variable as requested by valgrind.
Wed, Nov 14, 2:21 PM · libgcrypt, Bug Report
werner closed T4250: Conditional jump or move depends on uninitialised value(s) as Resolved.
Wed, Nov 14, 2:19 PM · libgcrypt, Bug Report
werner committed rCbc05e16bb494: doc: Minor typo fix (authored by werner).
doc: Minor typo fix
Wed, Nov 14, 2:18 PM
werner committed rC35e002d4b842: random: Initialize variable as requested by valgrind (authored by werner).
random: Initialize variable as requested by valgrind
Wed, Nov 14, 2:18 PM
werner committed rCaa686dfc9b56: random: Initialize variable as requested by valgrind (authored by werner).
random: Initialize variable as requested by valgrind
Wed, Nov 14, 2:17 PM
werner added a comment to T4250: Conditional jump or move depends on uninitialised value(s).

Thanks. Just pushed the change to master.

Wed, Nov 14, 2:16 PM · libgcrypt, Bug Report
werner committed rG56022fb304cf: Merge branch 'seckey-sync-work' into master (authored by werner).
Merge branch 'seckey-sync-work' into master
Wed, Nov 14, 1:43 PM
werner added a task to rG8b8ea802ca07: Remove the gpg-zip script.: T4251: gpg-zip embeds the build-time path for tar instead of finding it at runtime..
Wed, Nov 14, 1:41 PM
werner added a commit to T4251: gpg-zip embeds the build-time path for tar instead of finding it at runtime.: rG8b8ea802ca07: Remove the gpg-zip script..
Wed, Nov 14, 1:41 PM · gnupg (gpg22), Bug Report
werner removed a task from rG8b8ea802ca07: Remove the gpg-zip script.: T4252: Kleopatra / gpg4win Office Outlook plugin - Office Outlook 2010 crash if trying to send an encrypted message to yourself.
Wed, Nov 14, 1:39 PM
werner removed a commit from T4252: Kleopatra / gpg4win Office Outlook plugin - Office Outlook 2010 crash if trying to send an encrypted message to yourself: rG8b8ea802ca07: Remove the gpg-zip script..
Wed, Nov 14, 1:39 PM · gpg4win, gpgol, Bug Report
werner committed rG8b8ea802ca07: Remove the gpg-zip script. (authored by werner).
Remove the gpg-zip script.
Wed, Nov 14, 1:31 PM
werner added a commit to T4252: Kleopatra / gpg4win Office Outlook plugin - Office Outlook 2010 crash if trying to send an encrypted message to yourself: rG8b8ea802ca07: Remove the gpg-zip script..
Wed, Nov 14, 1:31 PM · gpg4win, gpgol, Bug Report
werner added a comment to T4251: gpg-zip embeds the build-time path for tar instead of finding it at runtime..

Let me also note that gpg-zip was not installed since 2006 due a conflict with gpg1.

Wed, Nov 14, 1:26 PM · gnupg (gpg22), Bug Report
werner added a comment to T4251: gpg-zip embeds the build-time path for tar instead of finding it at runtime..

gpg-zip is deprecated because we have replaced it by gpgtar. Given that you have a workaround for Debian I tend to close this bug as WONTFIX.

Wed, Nov 14, 1:11 PM · gnupg (gpg22), Bug Report

Tue, Nov 13

werner committed rD1543a050978b: drafts,openpgp-webkey-service: Insert missing string. (authored by werner).
drafts,openpgp-webkey-service: Insert missing string.
Tue, Nov 13, 9:57 PM
werner committed rD7fba4187a5ef: drafts,openpgp-webkey-service: Remove ununsed RFC reference. (authored by werner).
drafts,openpgp-webkey-service: Remove ununsed RFC reference.
Tue, Nov 13, 2:47 PM
werner committed rDd7ea67d4682a: drafts,openpgp-webkey-service: Publish revision -07 (authored by werner).
drafts,openpgp-webkey-service: Publish revision -07
Tue, Nov 13, 2:47 PM
werner committed rG914fa3be22bf: dirmngr: Support the new WKD draft with the openpgpkey subdomain. (authored by werner).
dirmngr: Support the new WKD draft with the openpgpkey subdomain.
Tue, Nov 13, 11:35 AM
werner committed rGb3a70b67f33d: po: Clarify a translator's note. (authored by werner).
po: Clarify a translator's note.
Tue, Nov 13, 9:15 AM

Mon, Nov 12

werner accepted D469: dirmngr: Add FLUSHCRLs command.

I think there are some races in the crl updated code but no real harm.
To improve you patch we could write a wait_for_idle function which counts the active connections and the housekeeping threads. It would also need to block new connections etc.

Mon, Nov 12, 12:27 PM
werner is attending E410: Weekly Standup.
Mon, Nov 12, 8:36 AM
werner committed rG6b9f77291462: common: Prepare for parsing mail sub-addresses. (authored by werner).
common: Prepare for parsing mail sub-addresses.
Mon, Nov 12, 7:45 AM
werner added a commit to T4200: Evaluate sub-addresses in gpg and wkd: rG6b9f77291462: common: Prepare for parsing mail sub-addresses..
Mon, Nov 12, 7:45 AM · gnupg, Feature Request

Sun, Nov 11

werner committed rGbbed4746edcd: gpg: Fix format string in gpgcompose.c (authored by werner).
gpg: Fix format string in gpgcompose.c
Sun, Nov 11, 12:20 PM
werner committed rGb3095c95ef9d: common: Add --filter option to t-mbox-util. (authored by werner).
common: Add --filter option to t-mbox-util.
Sun, Nov 11, 12:02 PM

Fri, Nov 9

werner committed rDca9070dd6f50: web: Release announcement for 2.2.11 (authored by werner).
web: Release announcement for 2.2.11
Fri, Nov 9, 1:45 PM
werner added a comment to T4200: Evaluate sub-addresses in gpg and wkd.

It does not make sense to handle this in the protocol. The client should always ask for joe@example.org and thus keep the whole thing mostly out of gpg. This requires that keys are not created with sub-addresses. However, if someone has a need for this, this strategy should work:

Fri, Nov 9, 12:07 PM · gnupg, Feature Request

Thu, Nov 8

werner created T4246: GnuPG master does not allow decryption with bad usage flags (regression).
Thu, Nov 8, 1:27 PM · Bug Report, gnupg (gpg23)
werner closed T4235: GnuPG doesn't respect key flags when decrypting as Resolved.

Also consider that it is possible to change the key usage flags. Thus it will never be clear whether one has a fixed or unfixed public key. I'd like to close this bug because it is currently also discussed in the IETF WG.

Thu, Nov 8, 1:10 PM · Not A Bug, OpenPGP, gnupg
werner added a comment to T3464: successful decryption with session key reports failure if public key is unknown.

gpgme_op_decrypt_verify can always be used instead of gpgme_op_decrypt. This is an obvious requirement because the signature and the fact that there is a signature is only known after the decryption step. The newer GPGME_DECRYPT_VERIFY of the gpgme_op_decrypt_ext function is basically an alias for gpgme_op_decrypt_verify.
For both functions gpgme employs "gpg --decrypt".

Thu, Nov 8, 8:41 AM · gnupg (gpg22), gpgme, Bug Report

Wed, Nov 7

werner added a comment to T4182: Dirmngr: Keeps files in homedir open on Windows.

The dirmngr may at any time open a file in that directory and thus there is no reliable way to remove the home directory when any gpg tool is running. Daemons need to be stopped before a directory can be deleted. So I think this is a non-issue and brought to the table only because we have that kludge of detecting a n unlinked directory on Unix. But even on Unix this is not possible to get rid of the home directory, for example if you want to umount it.

Wed, Nov 7, 5:26 PM · dirmngr
werner added a comment to D470: Use intptr_t for file/pid handle on Windows.

Using intptr_t works with this particular case but it does not
solve the general problem under Windows. On Windows an integer
may identify a libc file handle, a socket, and some other
objects. Despite that they are integers they are all different objects
and it is hard to distinguish them

Wed, Nov 7, 10:25 AM
werner added a comment to T4243: Test failure in libgcrypt-1.8.4.

Please provide a complete build log or at least the output of the configure run.

Wed, Nov 7, 8:06 AM · Tests, libgcrypt, Bug Report

Tue, Nov 6

werner added a comment to T4175: HTTP 5xx should fail over to the next server.

Sorry, it didn't made it into 2.2.11.

Tue, Nov 6, 12:48 PM · dirmngr, Feature Request
werner added a comment to T4169: --skip-hidden-recipients broken.

I guess we can close that, right?

Tue, Nov 6, 12:48 PM
werner closed T4233: GnuPG 2.2.11 release as Resolved.

Released: https://lists.gnupg.org/pipermail/gnupg-announce/2018q4/000432.html

  • gpgsm: Fix CRL loading when intermediate certicates are not yet trusted.
  • gpgsm: Fix an error message about the digest algo. [T4219]
  • gpg: Fix a wrong warning due to new sign usage check introduced​ with 2.2.9. [T4014]
  • gpg: Print the "data source" even for an unsuccessful keyserver query. ​
  • gpg: Do not store the TOFU trust model in the trustdb. This allows to enable or disable a TOFU model without triggering a trustdb rebuild. [T4134]
  • scd: Fix cases of "Bad PIN" after using "forcesig". [T4177]
  • agent: Fix possible hang in the ssh handler. [T4221]
  • dirmngr: Tack the unmodified mail address to a WKD request. See commit a2bd4a64e5b057f291a60a9499f881dd47745e2f for details.
  • dirmngr: Tweak diagnostic about missing LDAP server file.
  • dirmngr: In verbose mode print the OCSP responder id.
  • dirmngr: Fix parsing of the LDAP port. [T4230]
  • wks: Add option --directory/-C to the server. Always build the​ server on Unix systems.
  • wks: Add option --with-colons to the client. Support sites which​ use the policy file instead of the submission-address file.
  • Fix EBADF when gpg et al. are called by broken CGI scripts.
  • Fix some minor memory leaks and bugs.
Tue, Nov 6, 12:42 PM · gnupg (gpg22), Release Info
werner committed rD8ea539b320dc: swdb: Released GnuPG 2.2.11 (authored by werner).
swdb: Released GnuPG 2.2.11
Tue, Nov 6, 12:30 PM
werner committed rG10157b417932: Post release updates. (authored by werner).
Post release updates.
Tue, Nov 6, 12:24 PM
werner committed rGcb46b787571e: Release 2.1.11 (authored by werner).
Release 2.1.11
Tue, Nov 6, 12:24 PM
werner committed rGe11bab3c1181: po: Update Czech translation (authored by petr_p).
po: Update Czech translation
Tue, Nov 6, 12:24 PM
werner committed rG7e72bb4295e4: po: Update German translation (authored by werner).
po: Update German translation
Tue, Nov 6, 12:24 PM
werner assigned T4242: Improper construction for gpg.constants.import in GPGME python bindings to BenM.
Tue, Nov 6, 9:19 AM · Bug Report

Mon, Nov 5

werner committed rG66e0bd37ee3d: wks: New option --with-colons for gpg-wks-client. (authored by werner).
wks: New option --with-colons for gpg-wks-client.
Mon, Nov 5, 9:00 PM
werner committed rGe3a1e80d1348: wks: New option --with-colons for gpg-wks-client. (authored by werner).
wks: New option --with-colons for gpg-wks-client.
Mon, Nov 5, 8:59 PM
werner committed rG593895a5e495: speedo: Remove obsolete configure option of gpgme. (authored by werner).
speedo: Remove obsolete configure option of gpgme.
Mon, Nov 5, 1:19 PM
werner committed rG62686b56da19: speedo: Include Windows patch for gpgme 1.12.0 (authored by werner).
speedo: Include Windows patch for gpgme 1.12.0
Mon, Nov 5, 1:19 PM
werner committed rGd7323bb2d957: speedo: Remove obsolete configure option of gpgme. (authored by werner).
speedo: Remove obsolete configure option of gpgme.
Mon, Nov 5, 12:48 PM
werner changed the status of T3464: successful decryption with session key reports failure if public key is unknown from Open to Testing.

Looking at the GPGME code the ERROR stati don't matter because they are only used to return a better error code in case an operation failed. The specific ones are not even recognized.

Mon, Nov 5, 10:33 AM · gnupg (gpg22), gpgme, Bug Report
werner committed rMbded8ebc59c7: gpg: Avoid error diagnostics with --override-session-key. (authored by werner).
gpg: Avoid error diagnostics with --override-session-key.
Mon, Nov 5, 10:31 AM
werner added a commit to T3464: successful decryption with session key reports failure if public key is unknown: rMbded8ebc59c7: gpg: Avoid error diagnostics with --override-session-key..
Mon, Nov 5, 10:31 AM · gnupg (gpg22), gpgme, Bug Report
werner edited projects for T3730: Add support to HTTP Basic Auth for Keyservers, added: gnupg (gpg23); removed gnupg (gpg22).
Mon, Nov 5, 10:17 AM · gnupg (gpg23), Feature Request
werner edited projects for T3753: Bad self-signatures and missing subkey usage flags when creating ECDSA/Ed25519 keys in batch mode, added: gnupg (gpg23); removed gnupg (gpg22).
Mon, Nov 5, 10:16 AM · gnupg (gpg23), Bug Report
werner closed T3766: GnuPG should reject keys that are subkeys of itself as Wontfix.
Mon, Nov 5, 10:15 AM · gnupg (gpg22), Feature Request
werner closed T3773: private subkeys are never deleted on non-master instances as Invalid.

No info received.

Mon, Nov 5, 10:12 AM · Info Needed, OpenPGP, gnupg (gpg22), Bug Report
werner edited projects for T3118: gpg --sign --local-user ... fails with smartcard, added: gnupg; removed gnupg (gpg22).
Mon, Nov 5, 9:39 AM · gnupg, Documentation, FAQ
werner edited projects for T3108: gpgconf lists the wrong extra socket path when a path is explicitly configured in gpg-agent.conf, added: gnupg (gpg23); removed gnupg (gpg22).
Mon, Nov 5, 9:38 AM · gnupg (gpg23), gpgagent
werner edited projects for T3101: GnuPG 2.2 cannot import secret keys from 1.4/2.0's secring.gpg directly (if it is expired by original expiration date), added: gnupg (gpg23); removed gnupg (gpg22).
Mon, Nov 5, 9:37 AM · gnupg (gpg23), Bug Report
werner edited projects for T3278: explicit key expiration date/time is interpreted as UTC, is echoed back using local time, confusion ensues, added: gnupg (gpg23); removed gnupg (gpg22).
Mon, Nov 5, 9:36 AM · gnupg (gpg23), Documentation, Bug Report
werner edited projects for T3237: gnupg complies to CO_DE_VS when generating keys non-interactively only by accident, added: gnupg (gpg23); removed gnupg (gpg22).
Mon, Nov 5, 9:34 AM · gnupg (gpg23)
werner edited projects for T3054: dirmngr only using cAcertificate attr type when querying LDAP directory, added: Active Directory; removed gnupg (gpg22).
Mon, Nov 5, 9:33 AM · Active Directory, dirmngr
werner set the icon for Active Directory to Tag.
Mon, Nov 5, 9:32 AM
werner closed T3033: bug: dirmngr latches SRV port cross-scheme as Resolved.

No more complaints thus time to close.

Mon, Nov 5, 9:30 AM · Testing, gnupg (gpg22), Bug Report, dirmngr
werner committed rG50756927ce62: dirmngr: In verbose mode print the OCSP responder id. (authored by werner).
dirmngr: In verbose mode print the OCSP responder id.
Mon, Nov 5, 9:28 AM