libksbaProject
ActivePublic

Members

  • This project does not have any members.

Recent Activity

Jun 1 2019

ametzler1 added a comment to T4487: libksba: please refresh ASN.1 components from more recent RFCs with BSD licensing.

gniibe wrote:

Jun 1 2019, 6:09 PM · libksba, Feature Request

May 31 2019

gniibe added a comment to T4487: libksba: please refresh ASN.1 components from more recent RFCs with BSD licensing.

RFC 5280 only addresses about BCP78 and not about TLP, while RFC 5652, RFC 5755, RFC 5911 and RFC 5912 address explicitly about TLP. In this situation, I wonder if it's better to take the definitions of Extensions, UniqueIdentifier, and GeneralNames from RFC 5280. To be conservative, I don't include them now.

May 31 2019, 7:32 AM · libksba, Feature Request
gniibe added a comment to T4487: libksba: please refresh ASN.1 components from more recent RFCs with BSD licensing.

I pushed more changes to include modules in RFC 5911 and RFC 5912.

May 31 2019, 5:50 AM · libksba, Feature Request
gniibe added a comment to T4487: libksba: please refresh ASN.1 components from more recent RFCs with BSD licensing.

Comparing old cms.asn and new cms.asn, now I understand how RFC 3370 matters. I added those things back from RFC 5911 (which cites RFC 3370) which comes with BSD license for code.

May 31 2019, 4:52 AM · libksba, Feature Request

May 30 2019

dkg added a comment to T4487: libksba: please refresh ASN.1 components from more recent RFCs with BSD licensing.

@gniibe thank you!

May 30 2019, 10:53 PM · libksba, Feature Request
gniibe added a comment to T4487: libksba: please refresh ASN.1 components from more recent RFCs with BSD licensing.

I did some work (since Debian is important for us).
Please have a look at my topic branch: gniibe/fix-4487
or:
https://dev.gnupg.org/source/libksba/history/gniibe%252Ffix-4487/
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=shortlog;h=refs/heads/gniibe/fix-4487

May 30 2019, 10:18 AM · libksba, Feature Request

May 29 2019

dkg added a comment to T4487: libksba: please refresh ASN.1 components from more recent RFCs with BSD licensing.

Perhaps i wasn't clear enough in the earlier messages on this thread. The inclusion of restrictively-licensed code in a file that also claims LGPL/GPL appears to be an unredistributable license. Could you please clarify why the GPL or LGPL applies to libksba while it contains src/cms.asn in its current form?

May 29 2019, 7:52 PM · libksba, Feature Request

May 24 2019

werner added a comment to T4538: Support PSS signed CRLs.

Interesting tinge: The main CRL of the dgn.de CA uses a nextUpdate in the year 2034 (15 years in the future) which would force dirmngr to cache the CRL until then. However, the CRL of the intermediate certificate has a nextUpdate only one month in the future. There is currently no entry in that second level CRL, so their idea might be that an updated second level CRL will also trigger a reload of the main CRL. I have not checked how we implement that in Dirmngr but I doubt that such a thing will work for us and that it is in any way standard compliant.

May 24 2019, 11:59 AM · dirmngr, S/MIME, libksba
werner added a subtask for T4538: Support PSS signed CRLs: T4523: Gpg4win: Multiple problems reported 05-2019.
May 24 2019, 9:10 AM · dirmngr, S/MIME, libksba
werner removed a parent task for T4538: Support PSS signed CRLs: T4523: Gpg4win: Multiple problems reported 05-2019.
May 24 2019, 9:10 AM · dirmngr, S/MIME, libksba
werner added a parent task for T4538: Support PSS signed CRLs: T4523: Gpg4win: Multiple problems reported 05-2019.
May 24 2019, 9:08 AM · dirmngr, S/MIME, libksba
werner created T4538: Support PSS signed CRLs.
May 24 2019, 8:58 AM · dirmngr, S/MIME, libksba

May 8 2019

aheinecke added a comment to T4487: libksba: please refresh ASN.1 components from more recent RFCs with BSD licensing.

Thanks for the explanation.

May 8 2019, 3:14 PM · libksba, Feature Request
dkg reopened T4487: libksba: please refresh ASN.1 components from more recent RFCs with BSD licensing as "Open".

If the ASN.1 is not from an RFC, then the AUTHORS file should not claim that it is from an RFC.

May 8 2019, 1:42 PM · libksba, Feature Request

May 7 2019

aheinecke closed T4487: libksba: please refresh ASN.1 components from more recent RFCs with BSD licensing as Wontfix.

As I want to keep this tracker clean I would say this is a Wontfix at least until someone (DKG?) provides an argument what would be gained and why we should do this.

May 7 2019, 9:30 AM · libksba, Feature Request
werner triaged T4487: libksba: please refresh ASN.1 components from more recent RFCs with BSD licensing as Wishlist priority.

That is not a functional feature request and I see no value in chnaging data structures just for being up to the latest RFC. Actually the ASN.1 is not from an RFC but from a specific X.509 profile. For CMS most parsing is anyway done with handcrafted code.

May 7 2019, 8:54 AM · libksba, Feature Request

May 6 2019

dkg created T4487: libksba: please refresh ASN.1 components from more recent RFCs with BSD licensing.
May 6 2019, 11:53 PM · libksba, Feature Request

Feb 27 2019

gniibe added a commit to T4104: gpgsm/ksba removes leading zeros from signature byte array: rK9fea74575085: Don't remove leading zero byte..
Feb 27 2019, 3:18 AM · Testing, libksba, S/MIME, Bug Report
gniibe claimed T4104: gpgsm/ksba removes leading zeros from signature byte array.

We also need to fix for encryption and signature in CSR.

Feb 27 2019, 3:17 AM · Testing, libksba, S/MIME, Bug Report

Feb 19 2019

gniibe closed T4217: {libksba,libgcrypt,ntbtls,libassuan,npth}.m4, {libksba,libgcrypt,ntbtls,libassuan}-config script and gpg-error-config as Resolved.
Feb 19 2019, 2:48 AM · npth, libassuan, ntbtls, libgcrypt, libksba

Feb 18 2019

gniibe added a commit to T4013: Certificate requests generated from Ed25519 keys are not compliant with draft-ietf-curdle-pkix: rG3cbdf896e691: sm: Support generation of card-based ed25519 CSR..
Feb 18 2019, 3:37 AM · S/MIME, Feature Request, libksba

Jan 17 2019

gniibe abandoned D473: Introducing LDADD_FOR_TESTS_KLUDGE to enable 'make check' with LD_LIBRARY_PATH.

Applied.

Jan 17 2019, 1:00 AM · gpgme, libksba, libgcrypt, ntbtls, libassuan, gpgrt

Jan 16 2019

gniibe removed a project from T4298: 'make check' with uninstalled library, which is building now (even if rpath doesn't work well): gpgme.

Done for gpgme.

Jan 16 2019, 3:03 AM
gniibe added a commit to T4298: 'make check' with uninstalled library, which is building now (even if rpath doesn't work well): rM66bcb8acb245: build: With LD_LIBRARY_PATH defined, use --disable-new-dtags..
Jan 16 2019, 3:02 AM

Jan 15 2019

gniibe removed a project from T4298: 'make check' with uninstalled library, which is building now (even if rpath doesn't work well): libgcrypt.

Done for libgcrypt.

Jan 15 2019, 8:53 AM
gniibe added a commit to T4298: 'make check' with uninstalled library, which is building now (even if rpath doesn't work well): rCe5c2f8a2cd2b: build: With LD_LIBRARY_PATH defined, use --disable-new-dtags..
Jan 15 2019, 8:18 AM

Jan 14 2019

aheinecke triaged T4298: 'make check' with uninstalled library, which is building now (even if rpath doesn't work well) as Normal priority.

I give this normal priority to move it out of the "Needs Triage" queue.

Jan 14 2019, 10:31 AM

Jan 10 2019

gniibe renamed T4298: 'make check' with uninstalled library, which is building now (even if rpath doesn't work well) from Use uninstalled library, which is building now (even if rpath doesn't work well) to 'make check' with uninstalled library, which is building now (even if rpath doesn't work well).
Jan 10 2019, 2:33 AM
gniibe added a commit to T4298: 'make check' with uninstalled library, which is building now (even if rpath doesn't work well): rE1fd997231b71: build: Build with LD_LIBRARY_PATH, use of DT_RPATH (2/2)..
Jan 10 2019, 2:33 AM
gniibe removed a project from T4298: 'make check' with uninstalled library, which is building now (even if rpath doesn't work well): gpgrt.

Done for libgpg-error.

Jan 10 2019, 2:32 AM
gniibe added a comment to T4298: 'make check' with uninstalled library, which is building now (even if rpath doesn't work well).

Topic branch of libgpg-error is not good to show changes (for other libraries).
So, I made D473: Introducing LDADD_FOR_TESTS_KLUDGE to enable 'make check' with LD_LIBRARY_PATH.
Appliying to libgpg-error.

Jan 10 2019, 2:31 AM
gniibe added a project to D473: Introducing LDADD_FOR_TESTS_KLUDGE to enable 'make check' with LD_LIBRARY_PATH: gpgme.
Jan 10 2019, 2:28 AM · gpgme, libksba, libgcrypt, ntbtls, libassuan, gpgrt
gniibe created D473: Introducing LDADD_FOR_TESTS_KLUDGE to enable 'make check' with LD_LIBRARY_PATH.
Jan 10 2019, 2:28 AM · gpgme, libksba, libgcrypt, ntbtls, libassuan, gpgrt

Jan 8 2019

gniibe added a comment to T4298: 'make check' with uninstalled library, which is building now (even if rpath doesn't work well).

For other distros, it seems it's quite old issue: https://sourceware.org/ml/binutils/2012-05/msg00037.html

Jan 8 2019, 2:50 AM
gniibe added a comment to T4298: 'make check' with uninstalled library, which is building now (even if rpath doesn't work well).

My patches on the topic branch: https://dev.gnupg.org/source/libgpg-error/history/gniibe%252Fdisable-new-dtags/

Jan 8 2019, 2:49 AM

Jan 7 2019

gniibe added a comment to T4298: 'make check' with uninstalled library, which is building now (even if rpath doesn't work well).

My tentative conclusion: When (GNU) ld supports --disable-new-dtags, add it to LDADD in tests/Makefile.am.

Jan 7 2019, 8:08 AM

Dec 20 2018

gniibe added a comment to T4298: 'make check' with uninstalled library, which is building now (even if rpath doesn't work well).

Reading this discussion: http://lists.gnu.org/archive/html/bug-libtool/2018-01/msg00014.html
It seems that it could be fixed if we care about the order of libraries.
And it's not the issue for libgpg-error, which doesn't require external libraries.

Dec 20 2018, 4:01 AM
gniibe updated the task description for T4298: 'make check' with uninstalled library, which is building now (even if rpath doesn't work well).
Dec 20 2018, 3:42 AM
gniibe updated the task description for T4298: 'make check' with uninstalled library, which is building now (even if rpath doesn't work well).
Dec 20 2018, 3:40 AM
gniibe added a comment to T4298: 'make check' with uninstalled library, which is building now (even if rpath doesn't work well).

For binutils, in Stretch, Debian specific patch was introduced.
Then, upstream introduced --enable-new-dtags option for configure to build binutils.
Now, Debian uses --enable-new-dtags option (at build time).

Dec 20 2018, 3:38 AM
gniibe set External Link to https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859732 on T4298: 'make check' with uninstalled library, which is building now (even if rpath doesn't work well).
Dec 20 2018, 3:11 AM
gniibe updated the task description for T4298: 'make check' with uninstalled library, which is building now (even if rpath doesn't work well).
Dec 20 2018, 3:08 AM
gniibe updated the task description for T4298: 'make check' with uninstalled library, which is building now (even if rpath doesn't work well).
Dec 20 2018, 3:07 AM
gniibe updated the task description for T4298: 'make check' with uninstalled library, which is building now (even if rpath doesn't work well).
Dec 20 2018, 3:07 AM
gniibe renamed T4298: 'make check' with uninstalled library, which is building now (even if rpath doesn't work well) from Use uninstalled library, which is building now to Use uninstalled library, which is building now (even if rpath doesn't work well).
Dec 20 2018, 3:05 AM
gniibe created T4298: 'make check' with uninstalled library, which is building now (even if rpath doesn't work well).
Dec 20 2018, 2:51 AM

Dec 17 2018

werner closed T3982: libgcrypt.m4 is not multilib friendly, a subtask of T4217: {libksba,libgcrypt,ntbtls,libassuan,npth}.m4, {libksba,libgcrypt,ntbtls,libassuan}-config script and gpg-error-config, as Resolved.
Dec 17 2018, 9:57 AM · npth, libassuan, ntbtls, libgcrypt, libksba

Dec 13 2018

gniibe closed T4232: gpgrt-config Gentoo/Fedora/Arch/Slackware-style multilib support, a subtask of T4217: {libksba,libgcrypt,ntbtls,libassuan,npth}.m4, {libksba,libgcrypt,ntbtls,libassuan}-config script and gpg-error-config, as Resolved.
Dec 13 2018, 3:38 PM · npth, libassuan, ntbtls, libgcrypt, libksba
werner claimed T4013: Certificate requests generated from Ed25519 keys are not compliant with draft-ietf-curdle-pkix.
Dec 13 2018, 9:38 AM · S/MIME, Feature Request, libksba

Oct 29 2018

gniibe changed the status of T4217: {libksba,libgcrypt,ntbtls,libassuan,npth}.m4, {libksba,libgcrypt,ntbtls,libassuan}-config script and gpg-error-config from Open to Testing.

New gpg-error.m4 detects gpgrt-config, too.
And configure supplies --libdir when it invokes gpgrt-config.
For other *.m4 (libassuan, ksba, libgcrypt, ntbtls), it is possible for them to check GPGRT_CONFIG to use gpgrt-config if any.
For npth.m4, it can do that too, with no hard dependency to libgpg-error.

Oct 29 2018, 5:57 AM · npth, libassuan, ntbtls, libgcrypt, libksba