Page MenuHome GnuPG
Projects gnupg

gnupgProject
ActivePublic
Watch Project

Milestones
View All

Subprojects
View All

Members

  • This project does not have any members.
  • View All

Watchers (2)

Details

Description

Bugs, feature requests, memos, and support related to GnuPG.

Note that the tags gnug24, gnupg26 etc are used to indicate that a certain task is scheduled to be fixed in that version. This tag here is used if there is no concrete version affected or a schedule has not yet been set.

Recent Activity
View All

Yesterday

andreasstieger added a comment to T7605: [PATCH] mail-to-translators, gpg-authcode-sign.sh: convert legacy egrep.

POSIX specifies and requires grep -E, but only mentions egrep as old.

Tue, Apr 15, 9:51 AM · gnupg, Bug Report
werner triaged T7605: [PATCH] mail-to-translators, gpg-authcode-sign.sh: convert legacy egrep as Low priority.

Removing egrep from a Unix system will break all kind of stuff. I am not even sure whether old Unices support grep -E.

Tue, Apr 15, 9:06 AM · gnupg, Bug Report

Mon, Apr 14

andreasstieger updated the task description for T7605: [PATCH] mail-to-translators, gpg-authcode-sign.sh: convert legacy egrep.
Mon, Apr 14, 9:23 PM · gnupg, Bug Report
andreasstieger created T7605: [PATCH] mail-to-translators, gpg-authcode-sign.sh: convert legacy egrep.
Mon, Apr 14, 9:22 PM · gnupg, Bug Report

Wed, Apr 9

werner changed the status of T7547: signatures from revoked or expired keys show up as missing keys, a subtask of T7527: Keyring/keybox denial of service, from Open to Testing.
Wed, Apr 9, 1:54 PM · OpenPGP, gnupg, Bug Report
werner changed the status of T7544: Kleopatra (gnupg, gpgsm) hang on key-creation when x.509 certs are in keystore from Open to Testing.

There is no well defined pripority for the CRL DPs. The code enumarates the DP and tries one after the other until it founds one. If you use --ignore-http_dp http DPs are skipped and with --ignore-ldap-dp LDAP DPs are ignored.

Wed, Apr 9, 1:50 PM · gnupg, kleopatra, Bug Report

Tue, Apr 8

werner moved T7478: _gpg_close_all_fds hangs on nwer Linux systems in a simple chroot w/o /proc/self/fd from Backlog to QA on the gpgrt board.
Tue, Apr 8, 8:44 AM · Linux, gnupg, gpgrt, Bug Report

Mon, Apr 7

gniibe changed the status of T4021: dirmngr: dirmngr/dns.c issue with 127.0.0.1 from Open to Testing.

Fix pushed by: rG1ed8b0e7b403: dirmngr: Fix libdns with 127.0.0.1.

Mon, Apr 7, 4:45 AM · gnupg24, dirmngr
gniibe added a comment to T4021: dirmngr: dirmngr/dns.c issue with 127.0.0.1.

For Linux kernel, once, it was proposed:
https://patchwork.ozlabs.org/project/netdev/patch/1490748756.24891.27.camel@edumazet-glaptop3.roam.corp.google.com/

Mon, Apr 7, 4:10 AM · gnupg24, dirmngr
gniibe added a comment to T4021: dirmngr: dirmngr/dns.c issue with 127.0.0.1.

Another problem with same cause (possibly) is reported: https://lists.gnupg.org/pipermail/gnupg-devel/2025-April/035845.html

Mon, Apr 7, 3:56 AM · gnupg24, dirmngr

Sun, Apr 6

ametzler1 added a comment to T7071: gpg: Support of No CRC in ASCII armor.

this marked as fixed in 2.4.7. However afaict only one of the two patches made it to STABLE-BRANCH-2-4, b1857a2836c9a91ef4e359ef7ba949b54c77219d did not.

Sun, Apr 6, 6:33 PM · gnupg, Bug Report

Wed, Apr 2

werner edited projects for T7328: Add Kleopatra configs to gpgconf -X, added: gnupg, Windows; removed gnupg22.
Wed, Apr 2, 11:31 AM · Windows, gnupg, Feature Request

Wed, Mar 26

gniibe changed the status of T7576: keyboxd: Searching <email@Example.COM> from Open to Testing.
Wed, Mar 26, 8:20 AM · gnupg, Bug Report
gniibe added a comment to T7576: keyboxd: Searching <email@Example.COM>.

OK. Relying on SQLite semantics for COLLATE NOCASE would not be good.
Exactly same existing semantics (only care about ASCII uppercase characters) is good.

Wed, Mar 26, 6:26 AM · gnupg, Bug Report

Tue, Mar 25

werner updated the task description for T7530: Release GnuPG 2.5.5.
Tue, Mar 25, 9:35 AM · Release Info, gnupg
werner triaged T7586: Release GnuPG 2.5.6 as Normal priority.
Tue, Mar 25, 9:35 AM · gnupg, Release Info

Mon, Mar 24

ikloecker added a comment to T7583: 2.5.5 removes sig on clean that 2.5.4 and earlier kept.

I noticed that the signing key B0D589D46708EC99 is a certify-only key. That signatures made with this key are dropped could be another regression of the fix for dkj's DoS bug.

Mon, Mar 24, 10:50 PM · gnupg, Bug Report
ametzler1 added a comment to T7583: 2.5.5 removes sig on clean that 2.5.4 and earlier kept.

Taking a bigger sample of keys from the same domain and doing the same testing shows that the signature by B0D589D46708EC99 is removed on all keys.

Mon, Mar 24, 6:32 PM · gnupg, Bug Report
werner added a comment to T7576: keyboxd: Searching <email@Example.COM>.

You mean this would be better becuase it is not clear how we handle X.509 addrsppec (see override_mbox arg of store_into_userid)? I guess COLLATE NOCASE does it the standard way by folding all uppercase characters and not just the ASCII characters as we do in GnuPG. This would be a problem.

Mon, Mar 24, 9:45 AM · gnupg, Bug Report

Sun, Mar 23

ametzler1 renamed T7583: 2.5.5 removes sig on clean that 2.5.4 and earlier kept from 2.5.5 remves sig on clean that 2.5.4 and earlier kept to 2.5.5 removes sig on clean that 2.5.4 and earlier kept.
Sun, Mar 23, 12:49 PM · gnupg, Bug Report
ametzler1 created T7583: 2.5.5 removes sig on clean that 2.5.4 and earlier kept.
Sun, Mar 23, 12:49 PM · gnupg, Bug Report

Fri, Mar 21

werner triaged T7577: GnuPG could not work when TCP congestion provider is set to BBR2 in Windows as Normal priority.

Indeed, GnuPG's IPC uses TCP connections from 127.0.0.1 to 127.0.0.1 taking the destination port (and a cookie) from a file. We can't change that easily to the new Unix socket implementation Windows recently introduced. I hope there is a way to exclude localhost->localhost from congestion control.

Fri, Mar 21, 8:43 PM · Support, Not A Bug, gnupg, Bug Report
gniibe added a comment to T7576: keyboxd: Searching <email@Example.COM>.

I changed my mind. SQLite specific patch might be better:

diff --git a/kbx/backend-sqlite.c b/kbx/backend-sqlite.c
index 4c67c3ef7..1db2f2c8d 100644
--- a/kbx/backend-sqlite.c
+++ b/kbx/backend-sqlite.c
@@ -154,7 +154,7 @@ static struct
      /* The full user id - for X.509 the Subject or altSubject.  */
      "uid  TEXT NOT NULL,"
      /* The mail address if available or NULL.  */
-     "addrspec TEXT,"
+     "addrspec TEXT COLLATE NOCASE,"
      /* The type of the public key: 1 = openpgp, 2 = X.509.  */
      "type  INTEGER NOT NULL,"
      /* The order number of the user id within the keyblock or
Fri, Mar 21, 8:50 AM · gnupg, Bug Report
gniibe added a comment to T7576: keyboxd: Searching <email@Example.COM>.

I changed my mind. SQLite specific patch might be better:

diff --git a/kbx/backend-sqlite.c b/kbx/backend-sqlite.c
index 4c67c3ef7..1db2f2c8d 100644
--- a/kbx/backend-sqlite.c
+++ b/kbx/backend-sqlite.c
@@ -154,7 +154,7 @@ static struct
      /* The full user id - for X.509 the Subject or altSubject.  */
      "uid  TEXT NOT NULL,"
      /* The mail address if available or NULL.  */
-     "addrspec TEXT,"
+     "addrspec TEXT COLLATE NOCASE,"
      /* The type of the public key: 1 = openpgp, 2 = X.509.  */
      "type  INTEGER NOT NULL,"
      /* The order number of the user id within the keyblock or
Fri, Mar 21, 8:36 AM · gnupg, Bug Report
gniibe updated the task description for T7576: keyboxd: Searching <email@Example.COM>.
Fri, Mar 21, 8:27 AM · gnupg, Bug Report
gniibe claimed T7576: keyboxd: Searching <email@Example.COM>.

Here is a possible change:

Fri, Mar 21, 8:15 AM · gnupg, Bug Report

Mon, Mar 17

werner closed T7569: `gpgconf --homedir $x --kill keyboxd` doesn't appear to terminate a running keyboxd as Resolved.
Mon, Mar 17, 10:12 AM · gnupg, keyboxd, Bug Report
werner added a comment to T7569: `gpgconf --homedir $x --kill keyboxd` doesn't appear to terminate a running keyboxd.

FWIW: It does works when using GNUPGHOME instead.

Mon, Mar 17, 9:46 AM · gnupg, keyboxd, Bug Report
werner closed T7570: `gpg --trust-model always --verify` produces incongruous warning "Using untrusted key!" as Resolved.

This has always been the case. git blame shows for check_signatures_trust:

Mon, Mar 17, 9:39 AM · Not A Bug, gnupg

Mar 14 2025

dkg added a comment to T7570: `gpg --trust-model always --verify` produces incongruous warning "Using untrusted key!".

This seems to be the case on 2.2.46 as well, fwiw. i don't think it's new in 2.4.7.

Mar 14 2025, 8:07 PM · Not A Bug, gnupg
dkg created T7570: `gpg --trust-model always --verify` produces incongruous warning "Using untrusted key!".
Mar 14 2025, 8:04 PM · Not A Bug, gnupg
dkg added a comment to T7569: `gpgconf --homedir $x --kill keyboxd` doesn't appear to terminate a running keyboxd.

similarly, gpgconf --homedir /tmp/gg --kill all does not terminate keyboxd, despite the fact that gpgconf(1) says:

Mar 14 2025, 7:27 PM · gnupg, keyboxd, Bug Report
dkg created T7569: `gpgconf --homedir $x --kill keyboxd` doesn't appear to terminate a running keyboxd.
Mar 14 2025, 7:24 PM · gnupg, keyboxd, Bug Report

Mar 13 2025

werner triaged T7560: GnuPG should learn the certificates when a new card has been seen as Normal priority.
Mar 13 2025, 11:43 AM · scd, Feature Request, gnupg
vitusb added a comment to T7544: Kleopatra (gnupg, gpgsm) hang on key-creation when x.509 certs are in keystore.

Hello Eva,

Mar 13 2025, 12:04 AM · gnupg, kleopatra, Bug Report

Mar 12 2025

ebo added a comment to T7544: Kleopatra (gnupg, gpgsm) hang on key-creation when x.509 certs are in keystore.

The beta145 Werner talks about can be found here: https://www.gpg4win.org/version5.html
It is from our master branch which is not de-vs capable at this time.

Mar 12 2025, 5:48 PM · gnupg, kleopatra, Bug Report
vitusb added a comment to T7544: Kleopatra (gnupg, gpgsm) hang on key-creation when x.509 certs are in keystore.

Hello Werner,
thank you for your support ...

Mar 12 2025, 3:36 PM · gnupg, kleopatra, Bug Report

Mar 11 2025

werner added a comment to T7544: Kleopatra (gnupg, gpgsm) hang on key-creation when x.509 certs are in keystore.

Please test using the latest gpg4win installer (beta145).

Mar 11 2025, 5:17 PM · gnupg, kleopatra, Bug Report
werner added a comment to T7560: GnuPG should learn the certificates when a new card has been seen.

The problem is that it may take really long to read the certificates form a card and some card applications even require to give a PIN for reading the certs. A background operation may thus surprisingly lock up the box

Mar 11 2025, 5:15 PM · scd, Feature Request, gnupg
ikloecker created T7560: GnuPG should learn the certificates when a new card has been seen.
Mar 11 2025, 4:57 PM · scd, Feature Request, gnupg
werner changed the status of T7547: signatures from revoked or expired keys show up as missing keys, a subtask of T7527: Keyring/keybox denial of service, from Testing to Open.
Mar 11 2025, 11:00 AM · OpenPGP, gnupg, Bug Report

Mar 10 2025

calvin added a comment to T7541: libassuan AC_DEFINE_UNQUOTED m4 fix needs propagating to pinentry and gnupg2.

This was using GCC to build, but on AIX. I believe support for dollar signs in identifiers are platform specific.

Mar 10 2025, 12:47 PM · gpgme, gnupg, pinentry
gniibe added a comment to T7541: libassuan AC_DEFINE_UNQUOTED m4 fix needs propagating to pinentry and gnupg2.

GCC allows dollars in identifier, that's the reason why we haven't encountered this issue, I suppose.

Mar 10 2025, 10:32 AM · gpgme, gnupg, pinentry
gniibe changed the status of T7541: libassuan AC_DEFINE_UNQUOTED m4 fix needs propagating to pinentry and gnupg2 from Open to Testing.
Mar 10 2025, 3:50 AM · gpgme, gnupg, pinentry
gniibe triaged T7541: libassuan AC_DEFINE_UNQUOTED m4 fix needs propagating to pinentry and gnupg2 as Normal priority.
Mar 10 2025, 3:49 AM · gpgme, gnupg, pinentry
gniibe added a project to T7541: libassuan AC_DEFINE_UNQUOTED m4 fix needs propagating to pinentry and gnupg2: gpgme.

Thank you for your report.

Mar 10 2025, 3:47 AM · gpgme, gnupg, pinentry

Mar 7 2025

dkg added a comment to T7550: master branch fails to build without `./configure --disable-ldap`.

thanks for the fix in f29c8dba743eb7574399345ce341bbfb1f8f9bee !

Mar 7 2025, 7:40 PM · gnupg
werner closed T7530: Release GnuPG 2.5.5 as Resolved.
Mar 7 2025, 3:37 PM · Release Info, gnupg
werner updated the task description for T7530: Release GnuPG 2.5.5.
Mar 7 2025, 3:09 PM · Release Info, gnupg

Mar 6 2025

werner changed the status of T7547: signatures from revoked or expired keys show up as missing keys, a subtask of T7527: Keyring/keybox denial of service, from Open to Testing.
Mar 6 2025, 5:58 PM · OpenPGP, gnupg, Bug Report