Tue, Jul 16
It was rG07250279e7ec: * keyedit.c (keyedit_menu): Invisible alias "passwd" as "password". in 2004, which set default to rfc2440-text behavior.
And in 2007, the commit rGb550330067b6: * gpg.c (main): Disable --rfc2440-text and --force-v3-sigs by default. Enable… changed the default to no-rfc2440-text.
Thanks, fixed in master.
Fri, Jul 12
I disabled the dependency rules for the figures (it's only enabled for maintainers).
Wed, Jul 10
We should put it of the agenda od the Brussesl summit in 3 weeks. I have a few ideas what we can do in gpg.
Tue, Jul 9
I pushed my change of rGc51a5685554a: scd: ccid-driver: Initial getting ATR more robustly..
With TTXS, scdaemon correctly recovers from the error.
When the computer is going to suspend, the scdaemon receives a message from USB layer as the interrupt transfer is shutting down, then scdaemon considers it's removal of device/card.
But in case of suspend (and the device does not support USB suspend), USB port is kept with the power.
So, it keeps running actually.
Here are results of my experiment with Intel NUC computer (which supports S4 (and S3)).
Mon, Jul 8
No. I intentionally select: Not-backporting this feature.
The feature is added for Yubikey, in the specification.
Use of the feature by Data-Object is not that so useful.
Fri, Jul 5
I think we should not backport this to 2.2 - okay?
Works for me! :-)
Not sending the user id packet, is just a bad idea because that user id exists and from my understanding they are sending the self-signatures anyway. They should not try to argue with the GDPR here, that is privacy theater. The key itself is a personal data and due to technical reasons this data is required. What they can do is to accept only user ids which carry just only mail address and no comments or name. posteo.de for example requires this for years and the WKD drafts has a feature to support this.
Thu, Jul 4
Just want to weigh in here to say this would be incredibly useful given the shift to the new keyserver model. See T4604 for more context.
Wed, Jul 3
Tue, Jul 2
I cannot do that because all listed above packages are my own products.
Fedora is not execution test suites in more than 90% of all packages so they are not aware of most of the issues exposed by test suites.
Please focus on possible causes of above tests.
I'm opened on any suggestions to make additional diagnostics.
Thanks. You may want to ask on the mailing list gnupg-users to see whether someone else has had problems building on rawhide. Right now we do not have the time for individual support and thus I unfortunately need to prioritize this bug report down.
[tkloczko@barrel SPECS]$ uname -a Linux barrel 5.1.5-300.fc30.x86_64 #1 SMP Sat May 25 18:00:11 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux [tkloczko@barrel SPECS]$ rpm -q libassuan-devel libcurl-devel libgcrypt-devel libgpg-error-devel libksba-devel libusb-devel npth-devel openldap-devel pcsc-lite-libs gnutls-devel sqlite-devel libassuan-devel-2.5.3-2.1.fc31.x86_64 libcurl-devel-7.65.1-2.fc31.x86_64 libgcrypt-devel-1.8.4-4.1.fc31.x86_64 libgpg-error-devel-1.36-2.fc31.x86_64 libksba-devel-1.3.5-10.1.fc31.x86_64 libusb-devel-0.1.5-14.fc30.x86_64 npth-devel-1.6-3.fc31.x86_64 openldap-devel-2.4.47-2.2.fc31.x86_64 pcsc-lite-libs-1.8.25-2.1.fc31.x86_64 gnutls-devel-3.6.8-2.fc31.x86_64 sqlite-devel-3.28.0-2.fc31.x86_64
Still about half of the packages are from Fedora rawhide but rest are mine.
Just checked and the test suite fails exactly the same way even started without palatalisation.
Please share with us the OS used, the versions of the libtaries used and other configuration information.
Also please run again using "make check" without any extra options.
Mon, Jul 1
Werner: I'm assigning this to you. Because the underlying reason is a missing status from gpg. I think we should add that for 2.3 as any new status line tends to break things.
Fri, Jun 28
sorry to keep pinging this, but given the ongoing flooding attacks (e.g. T4591) and how SKS and similar keyservers are unable to safely transmit flooded certificates, i think this kind of fix is urgent if we expect gpg to be able to retrieve revocations safely. What's the status here?
Wed, Jun 26
For the record in my original message I asked about adding self-signatures.
Tue, Jun 25
I'm unlikely to put a windows-specific patch into the debian source, as
i have no good way of testing it, and it wouldn't affect any binary that
Mon, Jun 24
It's been a while, any word on this? I sent the DCO as requested. Are there any technical concerns left to address?
@dkg, for your patch, it can be improved for Windows by using its event mechanism. You can see gnupg/scd/scdaemon.c.
Hm, T4521 suggests that the two different cases should not be treated differently. If you think that they *should* cause distinct behavior, please do mention it over there!
There are two different cases: (1) By SIGTERM and (2) By KILLAGENT. It's true that the agent stops accepting on the listening socket for (1), but it's not the case for (2).
This particular problem is for the case (2).
Fri, Jun 21
@gniibe, thanks for the diagnosis! I agree that restarting or shutting down the backends should be done in the reverse order as a simple workaround.
Correct solution is to implement KILLAGENT synchronously, but it's somehow harder to implement.
Easier workaround is modifying gpgconf like:
I found a race condition between KILLAGENT command and accepting another request.
Here is a patch to replicate the race condition :
Thu, Jun 20
when can we fix it?
Jun 18 2019
Jun 16 2019
@werner, My usual approach for private branches is to prefix with dkg/, but (a) playfair rejects branch names with a /, and (b) i'm not the author of these patches, and i didn't want to claim credit that doesn't belong to me.