gnupgProject
ActivePublic

Milestones

Subprojects

Members

  • This project does not have any members.

Recent Activity

Tue, Jul 16

gniibe added a comment to T4042: RFC 4880 compliance.

It was rG07250279e7ec: * keyedit.c (keyedit_menu): Invisible alias "passwd" as "password". in 2004, which set default to rfc2440-text behavior.
And in 2007, the commit rGb550330067b6: * gpg.c (main): Disable --rfc2440-text and --force-v3-sigs by default. Enable… changed the default to no-rfc2440-text.

Tue, Jul 16, 10:20 AM · OpenPGP, gnupg
gniibe closed T4105: Inconsistent output for revocation keys in --list-keys --with-colons as Resolved.

Thanks, fixed in master.

Tue, Jul 16, 9:55 AM · Documentation, gnupg, Bug Report
gniibe added a commit to T4105: Inconsistent output for revocation keys in --list-keys --with-colons: rG4195ce15f494: doc: Fix description of the field 11..
Tue, Jul 16, 9:55 AM · Documentation, gnupg, Bug Report

Fri, Jul 12

gniibe changed the status of T4280: gnupg doc doesn't build due to ImageMagick default policy from Open to Testing.

I disabled the dependency rules for the figures (it's only enabled for maintainers).

Fri, Jul 12, 1:34 PM · gnupg, Documentation, Info Needed, Bug Report
gniibe added a commit to T4280: gnupg doc doesn't build due to ImageMagick default policy: rG58bab1a8784b: doc: Dependencies for figures are only for maintainers..
Fri, Jul 12, 10:25 AM · gnupg, Documentation, Info Needed, Bug Report

Wed, Jul 10

Valodim added a comment to T4163: hkps://hkps.pool.sks-keyservers.net has to many bad servers to be a good default.

We should put it of the agenda od the Brussesl summit in 3 weeks. I have a few ideas what we can do in gpg.

Wed, Jul 10, 4:36 PM · gnupg, Keyserver

Tue, Jul 9

werner closed T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32 as Resolved.
Tue, Jul 9, 3:22 PM · gpgagent, gnupg, Bug Report
gniibe added a comment to T4616: Smartcard: Card reset required - It should be automatic.

I pushed my change of rGc51a5685554a: scd: ccid-driver: Initial getting ATR more robustly..
With TTXS, scdaemon correctly recovers from the error.

Tue, Jul 9, 4:02 AM · gnupg, scd
gniibe added a commit to T4616: Smartcard: Card reset required - It should be automatic: rGc51a5685554a: scd: ccid-driver: Initial getting ATR more robustly..
Tue, Jul 9, 4:01 AM · gnupg, scd
gniibe added a comment to T4616: Smartcard: Card reset required - It should be automatic.

When the computer is going to suspend, the scdaemon receives a message from USB layer as the interrupt transfer is shutting down, then scdaemon considers it's removal of device/card.
But in case of suspend (and the device does not support USB suspend), USB port is kept with the power.
So, it keeps running actually.

Tue, Jul 9, 3:07 AM · gnupg, scd
gniibe added a comment to T4616: Smartcard: Card reset required - It should be automatic.

Here are results of my experiment with Intel NUC computer (which supports S4 (and S3)).

Tue, Jul 9, 2:53 AM · gnupg, scd

Mon, Jul 8

aheinecke created T4616: Smartcard: Card reset required - It should be automatic.
Mon, Jul 8, 2:30 PM · gnupg, scd
gniibe added a comment to T4158: UIF (User Interaction Flag) DO support.

No. I intentionally select: Not-backporting this feature.
The feature is added for Yubikey, in the specification.
Use of the feature by Data-Object is not that so useful.

Mon, Jul 8, 9:21 AM · Feature Request, scd, gnupg

Fri, Jul 5

werner added a comment to T4158: UIF (User Interaction Flag) DO support.

I think we should not backport this to 2.2 - okay?

Fri, Jul 5, 11:14 AM · Feature Request, scd, gnupg
aheinecke created T4614: GPG: Cancel on pinpad hangs decryption process for 20 seconds.
Fri, Jul 5, 9:50 AM · scd, gnupg
aheinecke closed T4561: GPG / GPGSM: Pinentry cancels lead to wrong error codes as Resolved.

Works for me! :-)

Fri, Jul 5, 9:44 AM · S/MIME, gnupg
aheinecke merged T3928: canceling password dialog for decrypting is not recognized correctling. into T4561: GPG / GPGSM: Pinentry cancels lead to wrong error codes.
Fri, Jul 5, 9:33 AM · S/MIME, gnupg
gniibe added a commit to T4561: GPG / GPGSM: Pinentry cancels lead to wrong error codes: rG38b9da7de335: sm: Return the last error for pubkey decryption..
Fri, Jul 5, 8:53 AM · S/MIME, gnupg
gniibe added a commit to T4561: GPG / GPGSM: Pinentry cancels lead to wrong error codes: rG6cc4119ec03b: gpg: Return the last error for pubkey decryption..
Fri, Jul 5, 8:18 AM · S/MIME, gnupg
werner added a comment to T4393: GnuPG should always accept key updates even if the update does not contain UIDs.

Not sending the user id packet, is just a bad idea because that user id exists and from my understanding they are sending the self-signatures anyway. They should not try to argue with the GDPR here, that is privacy theater. The key itself is a personal data and due to technical reasons this data is required. What they can do is to accept only user ids which carry just only mail address and no comments or name. posteo.de for example requires this for years and the WKD drafts has a feature to support this.

Fri, Jul 5, 7:58 AM · gnupg (gpg23), Feature Request

Thu, Jul 4

jaymzh added a comment to T4393: GnuPG should always accept key updates even if the update does not contain UIDs.

Just want to weigh in here to say this would be incredibly useful given the shift to the new keyserver model. See T4604 for more context.

Thu, Jul 4, 10:33 PM · gnupg (gpg23), Feature Request

Wed, Jul 3

werner added a parent task for T4595: GPG: auto-key-retrieve should prefer WKD over Keyserver: T4606: Release GnuPG 2.2.17.
Wed, Jul 3, 6:11 PM · gnupg (gpg22), wkd

Tue, Jul 2

kloczek added a comment to T4602: 2.2.16: test suite fails.

I cannot do that because all listed above packages are my own products.
Fedora is not execution test suites in more than 90% of all packages so they are not aware of most of the issues exposed by test suites.
Please focus on possible causes of above tests.
I'm opened on any suggestions to make additional diagnostics.

Tue, Jul 2, 4:02 PM · Fedora, gnupg, Bug Report
werner triaged T4602: 2.2.16: test suite fails as Low priority.

Thanks. You may want to ask on the mailing list gnupg-users to see whether someone else has had problems building on rawhide. Right now we do not have the time for individual support and thus I unfortunately need to prioritize this bug report down.

Tue, Jul 2, 3:43 PM · Fedora, gnupg, Bug Report
kloczek added a comment to T4602: 2.2.16: test suite fails.
[tkloczko@barrel SPECS]$ uname -a
Linux barrel 5.1.5-300.fc30.x86_64 #1 SMP Sat May 25 18:00:11 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
[tkloczko@barrel SPECS]$ rpm -q libassuan-devel libcurl-devel libgcrypt-devel libgpg-error-devel libksba-devel libusb-devel npth-devel openldap-devel pcsc-lite-libs gnutls-devel sqlite-devel
libassuan-devel-2.5.3-2.1.fc31.x86_64
libcurl-devel-7.65.1-2.fc31.x86_64
libgcrypt-devel-1.8.4-4.1.fc31.x86_64
libgpg-error-devel-1.36-2.fc31.x86_64
libksba-devel-1.3.5-10.1.fc31.x86_64
libusb-devel-0.1.5-14.fc30.x86_64
npth-devel-1.6-3.fc31.x86_64
openldap-devel-2.4.47-2.2.fc31.x86_64
pcsc-lite-libs-1.8.25-2.1.fc31.x86_64
gnutls-devel-3.6.8-2.fc31.x86_64
sqlite-devel-3.28.0-2.fc31.x86_64

Still about half of the packages are from Fedora rawhide but rest are mine.
Just checked and the test suite fails exactly the same way even started without palatalisation.

Tue, Jul 2, 3:11 PM · Fedora, gnupg, Bug Report
werner added a comment to T4602: 2.2.16: test suite fails.

Please share with us the OS used, the versions of the libtaries used and other configuration information.
Also please run again using "make check" without any extra options.

Tue, Jul 2, 9:32 AM · Fedora, gnupg, Bug Report
kloczek created T4602: 2.2.16: test suite fails.
Tue, Jul 2, 9:00 AM · Fedora, gnupg, Bug Report

Mon, Jul 1

werner claimed T4599: remap `--search` to `--locate-keys` (with warning).
Mon, Jul 1, 7:31 PM · gnupg (gpg23), dirmngr
dkg created T4599: remap `--search` to `--locate-keys` (with warning).
Mon, Jul 1, 6:16 PM · gnupg (gpg23), dirmngr
t8m added a comment to T1333: GPGSM rejects OCSP responder cert without keyUsage.

Ping?

Mon, Jul 1, 5:40 PM · Bug Report, gnupg
aheinecke created T4595: GPG: auto-key-retrieve should prefer WKD over Keyserver.
Mon, Jul 1, 9:13 AM · gnupg (gpg22), wkd
aheinecke reassigned T4395: Kleopatra: Missing error handling when changing expiry from aheinecke to werner.

Werner: I'm assigning this to you. Because the underlying reason is a missing status from gpg. I think we should add that for 2.3 as any new status line tends to break things.

Mon, Jul 1, 8:45 AM · gpa, gnupg, gpgme, gpg4win, kleopatra
gniibe changed the status of T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32 from Open to Testing.
Mon, Jul 1, 6:14 AM · gpgagent, gnupg, Bug Report
gniibe added a commit to T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32: rG526714806da4: tools: gpgconf: Killing order is children-first..
Mon, Jul 1, 6:14 AM · gpgagent, gnupg, Bug Report
gniibe added a commit to T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32: rG7c877f942a34: tools: gpgconf: Killing order is children-first..
Mon, Jul 1, 6:13 AM · gpgagent, gnupg, Bug Report

Fri, Jun 28

werner added a subtask for T2019: Order of magnitude degradation in performance in gpg2 cf gpg: T4592: gpg takes > 30s to list the keys from a 17MiB `pubring.gpg` that contains a single certificate.
Fri, Jun 28, 12:01 PM · Stalled, Bug Report, gnupg
dkg added a comment to T4393: GnuPG should always accept key updates even if the update does not contain UIDs.

sorry to keep pinging this, but given the ongoing flooding attacks (e.g. T4591) and how SKS and similar keyservers are unable to safely transmit flooded certificates, i think this kind of fix is urgent if we expect gpg to be able to retrieve revocations safely. What's the status here?

Fri, Jun 28, 10:05 AM · gnupg (gpg23), Feature Request

Wed, Jun 26

wiktor-k added a comment to T4584: --quick-sign-key offers no way to override a current certification.

For the record in my original message I asked about adding self-signatures.

Wed, Jun 26, 11:12 AM · gnupg, Feature Request
werner triaged T4584: --quick-sign-key offers no way to override a current certification as Normal priority.
Wed, Jun 26, 7:53 AM · gnupg, Feature Request

Tue, Jun 25

dkg added a comment to T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32.

I'm unlikely to put a windows-specific patch into the debian source, as
i have no good way of testing it, and it wouldn't affect any binary that
we ship.

Tue, Jun 25, 2:57 AM · gpgagent, gnupg, Bug Report

Mon, Jun 24

Valodim added a comment to T4393: GnuPG should always accept key updates even if the update does not contain UIDs.

It's been a while, any word on this? I sent the DCO as requested. Are there any technical concerns left to address?

Mon, Jun 24, 12:48 PM · gnupg (gpg23), Feature Request
gniibe added a comment to T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32.

@dkg, for your patch, it can be improved for Windows by using its event mechanism. You can see gnupg/scd/scdaemon.c.

Mon, Jun 24, 4:00 AM · gpgagent, gnupg, Bug Report
dkg updated subscribers of T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32.

Hm, T4521 suggests that the two different cases should not be treated differently. If you think that they *should* cause distinct behavior, please do mention it over there!

Mon, Jun 24, 2:24 AM · gpgagent, gnupg, Bug Report
gniibe added a comment to T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32.

There are two different cases: (1) By SIGTERM and (2) By KILLAGENT. It's true that the agent stops accepting on the listening socket for (1), but it's not the case for (2).
This particular problem is for the case (2).

Mon, Jun 24, 1:59 AM · gpgagent, gnupg, Bug Report

Fri, Jun 21

dkg added a comment to T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32.

@gniibe, thanks for the diagnosis! I agree that restarting or shutting down the backends should be done in the reverse order as a simple workaround.

Fri, Jun 21, 6:24 PM · gpgagent, gnupg, Bug Report
gniibe added a comment to T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32.

Correct solution is to implement KILLAGENT synchronously, but it's somehow harder to implement.
Easier workaround is modifying gpgconf like:

Fri, Jun 21, 3:47 AM · gpgagent, gnupg, Bug Report
gniibe edited projects for T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32, added: gnupg, gpgagent; removed gnupg (gpg22).

I found a race condition between KILLAGENT command and accepting another request.
Here is a patch to replicate the race condition :

Fri, Jun 21, 2:33 AM · gpgagent, gnupg, Bug Report

Thu, Jun 20

huowen added a comment to T4395: Kleopatra: Missing error handling when changing expiry.

Hello,
when can we fix it?

Thu, Jun 20, 2:12 AM · gpa, gnupg, gpgme, gpg4win, kleopatra

Jun 18 2019

dkg added a comment to T4393: GnuPG should always accept key updates even if the update does not contain UIDs.

we now have a DCO from @Valodim

Jun 18 2019, 2:05 PM · gnupg (gpg23), Feature Request

Jun 16 2019

dkg added a comment to T4393: GnuPG should always accept key updates even if the update does not contain UIDs.

@werner, My usual approach for private branches is to prefix with dkg/, but (a) playfair rejects branch names with a /, and (b) i'm not the author of these patches, and i didn't want to claim credit that doesn't belong to me.

Jun 16 2019, 5:40 PM · gnupg (gpg23), Feature Request