Page MenuHome GnuPG
Projects gnupg gnupg24

gnupg24Project
ActivePublic
Watch Project

Milestones
View All

Members

  • This project does not have any members.
  • View All

Watchers

  • This project does not have any watchers.
  • View All

Details

Description

Things which will go into the 2.4 branch.

Recent Activity
View All

Today

ebo created T7103: Confusing error message when changing passphrase/password of subkey.
Thu, Apr 25, 3:58 PM · gnupg24, gnupg22

Tue, Apr 23

werner triaged T7099: Disable the import of certain card objects as Normal priority.
Tue, Apr 23, 2:54 PM · scd, gnupg24, Restricted Project, Feature Request
werner added a project to T1825: Add a re-encrypt to additional key: Restricted Project.
Tue, Apr 23, 2:10 PM · Restricted Project, gnupg24, Feature Request
werner added a comment to T1825: Add a re-encrypt to additional key.

Another important use-case is to provide a way to migrate to a newer smartcard.

Tue, Apr 23, 2:10 PM · Restricted Project, gnupg24, Feature Request

Mon, Apr 22

gniibe closed T5436: gpg-agent 2.3.1: PIN caching not working for decrypt operations as Resolved.

Please continue on T7041. This ticket is going to be closed (as the problem described was fixed already).

Mon, Apr 22, 8:09 AM · gnupg24, yubikey, Bug Report

Tue, Apr 16

mdawar added a comment to T5436: gpg-agent 2.3.1: PIN caching not working for decrypt operations.

Yes I have pcsc-shared in my scdaemon.conf.
I've just tried removing both pcsc-shared and disable-application piv and PIN caching worked as expected.

Tue, Apr 16, 8:00 AM · gnupg24, yubikey, Bug Report
gniibe added a comment to T5436: gpg-agent 2.3.1: PIN caching not working for decrypt operations.

Are you using PC/SC shared mode? If so, it may be the case of T7041.

Tue, Apr 16, 7:16 AM · gnupg24, yubikey, Bug Report

Mon, Apr 15

werner edited projects for T5436: gpg-agent 2.3.1: PIN caching not working for decrypt operations, added: gnupg24; removed gnupg (gpg23).
Mon, Apr 15, 8:58 PM · gnupg24, yubikey, Bug Report

Tue, Apr 9

werner triaged T7041: Yubikey (PGP + PIV) --pcsc-shared: PIN requires every time as Normal priority.
Tue, Apr 9, 1:42 PM · yubikey, gnupg24, scd, Bug Report

Thu, Apr 4

werner moved T7072: addkey "set your own capabilities" silently sets Restricted Encryption capability from Backlog to QA on the gnupg24 board.
Thu, Apr 4, 4:51 PM · gnupg24
werner changed the status of T7072: addkey "set your own capabilities" silently sets Restricted Encryption capability from Open to Testing.
Thu, Apr 4, 4:50 PM · gnupg24
werner added a comment to T7072: addkey "set your own capabilities" silently sets Restricted Encryption capability.

Pretty obvious. RENC is an allowed usage for an RSA key and thus set in the mask. I restricted this but allowed to set it anyway when using the "=sr" shortcut (here to set as signing and R-enc). Thanks for reporting.

Thu, Apr 4, 4:40 PM · gnupg24
werner triaged T7072: addkey "set your own capabilities" silently sets Restricted Encryption capability as Normal priority.
Thu, Apr 4, 4:09 PM · gnupg24

Wed, Mar 27

ebo triaged T7063: UID origin should change if the key origin was changed by reimporting a key from WKD as Normal priority.
Wed, Mar 27, 4:23 PM · gnupg24

Mar 19 2024

werner added a comment to T7044: Deadlock on Windows in sdaemon.

The reset was due to running gpg-connect-agent reset /bye. I am currently testing something elese will get back as soon as I can turn back to 2.4

Mar 19 2024, 10:22 AM · Bug Report, Windows, gnupg24
gniibe added a comment to T7044: Deadlock on Windows in sdaemon.

There are two locks here; (1) rw_lock for card_top (list of cards) access and (2) individual card lock.
It looks for me that:

  • don't know how/what the thread 7208.2 does
  • the thread 7208.3: KEYINFO, then PKSIGN (gets read lock for card_top, then, individual card lock)
  • the thread 7208.4: SERIALNO --all (and wait for write lock for card_top)
Mar 19 2024, 7:33 AM · Bug Report, Windows, gnupg24

Mar 18 2024

werner moved T6719: Support Proxy-Authorization: Negotiate on Windows from QA to WiP on the gnupg22 board.
Mar 18 2024, 4:22 PM · gnupg24, gnupg22, Feature Request, Restricted Project
werner moved T6719: Support Proxy-Authorization: Negotiate on Windows from WiP to QA on the gnupg22 board.
Mar 18 2024, 4:22 PM · gnupg24, gnupg22, Feature Request, Restricted Project
werner triaged T7044: Deadlock on Windows in sdaemon as High priority.
Mar 18 2024, 8:48 AM · Bug Report, Windows, gnupg24

Mar 7 2024

werner closed T6960: Release GnuPG 2.4.5 as Resolved.
Mar 7 2024, 3:23 PM · gnupg24, Release Info
werner triaged T7030: Release GnuPG 2.4.6 as Low priority.
Mar 7 2024, 3:09 PM · Release Info, gnupg24

Mar 6 2024

werner changed the status of T6719: Support Proxy-Authorization: Negotiate on Windows from Open to Testing.
Mar 6 2024, 11:49 AM · gnupg24, gnupg22, Feature Request, Restricted Project
werner changed the status of T7000: Take derive usage into account for pkcs#15 cards. from Open to Testing.
Mar 6 2024, 11:47 AM · gnupg24 (gnupg-2.4.5), Bug Report, scd

Mar 4 2024

Zymlex added a comment to T3883: Add Win32-OpenSSH support to gpg-agent's ssh-agent.

In case if someone finds it through a search:

Mar 4 2024, 9:51 PM · Not A Bug, workaround, gnupg24, Windows, ssh
werner moved T7025: --trusted-key and --no-options mismatch from Backlog to WiP on the gnupg22 board.
Mar 4 2024, 3:24 PM · gnupg24 (gnupg-2.4.5), Bug Report, gnupg22
werner changed the status of T7025: --trusted-key and --no-options mismatch from Open to Testing.
Mar 4 2024, 3:24 PM · gnupg24 (gnupg-2.4.5), Bug Report, gnupg22
werner moved T7025: --trusted-key and --no-options mismatch from Backlog to WiP on the gnupg24 board.

How to test:

Mar 4 2024, 3:11 PM · gnupg24 (gnupg-2.4.5), Bug Report, gnupg22
werner triaged T7025: --trusted-key and --no-options mismatch as Normal priority.
Mar 4 2024, 1:45 PM · gnupg24 (gnupg-2.4.5), Bug Report, gnupg22

Feb 28 2024

jak added a comment to T6946: gpgv: Help automatic reject too short keys.

So after taking this down to where it was only patching status.h and mainproc.c to add a write_status_output() I realized the whole issue is down to status-codes.h not being updated automatically if you apply a patch to status.h in a released version.

Feb 28 2024, 1:33 PM · gnupg24 (gnupg-2.4.5), Feature Request, gpgv
jak added a comment to T6946: gpgv: Help automatic reject too short keys.

Having looked at the build log again after applying the patch, I see the first test failing is

Feb 28 2024, 12:29 PM · gnupg24 (gnupg-2.4.5), Feature Request, gpgv
ebo removed a project from T6956: GnuPG: Allow import of gpgsk files: gnupg22.
Feb 28 2024, 11:15 AM · Feature Request, gnupg24, Restricted Project

Feb 27 2024

werner added a project to T6678: GPGSM: Add support for cert extension 2.5.29.54 Inhibit anyPolicy: gnupg24.
Feb 27 2024, 3:55 PM · gnupg24, S/MIME, Restricted Project
werner added a project to T6677: GPGSM: Add support for cert extension 2.5.29.36 Policy Constraints: gnupg24.
Feb 27 2024, 3:54 PM · gnupg24, S/MIME, Restricted Project

Feb 21 2024

werner added a comment to T6997: gnupg-2.4.4 breaks dirmngr fetching keys via hkps:// from behind a proxy.

Okay, backported to 2.2.

Feb 21 2024, 3:13 PM · gnupg24 (gnupg-2.4.5), gnupg22, Bug Report

Feb 19 2024

werner added projects to T6986: Refresh OpenPGP keys should check WKD: Feature Request, Bug Report.
Feb 19 2024, 5:03 PM · Bug Report, Feature Request, gnupg24, Restricted Project, kleopatra
werner renamed T6986: Refresh OpenPGP keys should check WKD from Kleopatra: Refresh OpenPGP keys should check WKD to Refresh OpenPGP keys should check WKD.
Feb 19 2024, 5:02 PM · Bug Report, Feature Request, gnupg24, Restricted Project, kleopatra
werner added a project to T6986: Refresh OpenPGP keys should check WKD: gnupg24.

I need to come up with a better strategy here. --refresh-keys is a very useful command and it should do what the user expects. Maybe we can adjust the behaviour iff we detect that there is an LDAP keyserver.

Feb 19 2024, 5:02 PM · Bug Report, Feature Request, gnupg24, Restricted Project, kleopatra
werner added a parent task for T7000: Take derive usage into account for pkcs#15 cards.: T7001: Support D-TRUST ECC cards.
Feb 19 2024, 1:54 PM · gnupg24 (gnupg-2.4.5), Bug Report, scd
werner moved T7000: Take derive usage into account for pkcs#15 cards. from Backlog to WiP on the gnupg24 board.
Feb 19 2024, 1:51 PM · gnupg24 (gnupg-2.4.5), Bug Report, scd
werner triaged T7000: Take derive usage into account for pkcs#15 cards. as Normal priority.
Feb 19 2024, 1:45 PM · gnupg24 (gnupg-2.4.5), Bug Report, scd
Angel added a comment to T5444: "gpg: key generation failed: Unknown elliptic curve" from "Key-Type: default".

Interesting. So the problem is not actually the Key-Type, but that the default key-type requires a Key-Curve parameter which has no value by default

Feb 19 2024, 2:15 AM · gnupg24, gnupg (gpg23)

Feb 16 2024

gniibe added a comment to T6997: gnupg-2.4.4 breaks dirmngr fetching keys via hkps:// from behind a proxy.

I was wrong for the semantics of proxy->outtoken. It is zero when run_proxy_connect is called and enabled during the negotiation.

Feb 16 2024, 8:28 AM · gnupg24 (gnupg-2.4.5), gnupg22, Bug Report
gniibe added a comment to T6997: gnupg-2.4.4 breaks dirmngr fetching keys via hkps:// from behind a proxy.

@hlein Thanks a lot for quick testing.

Feb 16 2024, 8:14 AM · gnupg24 (gnupg-2.4.5), gnupg22, Bug Report
hlein added a comment to T6997: gnupg-2.4.4 breaks dirmngr fetching keys via hkps:// from behind a proxy.

Thank you @gniibe! Applied the rG848546b05ab0: dirmngr: Fix the regression of use of proxy for TLS connection. changes here, and 2.4.4 works here now.

Feb 16 2024, 5:22 AM · gnupg24 (gnupg-2.4.5), gnupg22, Bug Report
gniibe added a comment to T6997: gnupg-2.4.4 breaks dirmngr fetching keys via hkps:// from behind a proxy.

IIUC, the code for keep_alive is for negotiation of proxy. If so, something like this is the fix:

Feb 16 2024, 5:17 AM · gnupg24 (gnupg-2.4.5), gnupg22, Bug Report
gniibe moved T6997: gnupg-2.4.4 breaks dirmngr fetching keys via hkps:// from behind a proxy from WiP to QA on the gnupg24 board.
Feb 16 2024, 3:51 AM · gnupg24 (gnupg-2.4.5), gnupg22, Bug Report
gniibe reassigned T6811: gpgv: Read-only trustedkeys.kbx should not be compressed from gniibe to werner.
Feb 16 2024, 3:45 AM · gnupg24 (gnupg-2.4.5), gnupg22, gpgv, Bug Report
gniibe reassigned T6997: gnupg-2.4.4 breaks dirmngr fetching keys via hkps:// from behind a proxy from gniibe to werner.
Feb 16 2024, 3:44 AM · gnupg24 (gnupg-2.4.5), gnupg22, Bug Report
gniibe added a project to T6997: gnupg-2.4.4 breaks dirmngr fetching keys via hkps:// from behind a proxy: gnupg22.

Right. I was wrong assuming the code in 2.2 branch is stable (that is: well tested).

Feb 16 2024, 3:40 AM · gnupg24 (gnupg-2.4.5), gnupg22, Bug Report

Feb 15 2024

thesamesam added a comment to T6997: gnupg-2.4.4 breaks dirmngr fetching keys via hkps:// from behind a proxy.

Per https://dev.gnupg.org/rG04cbc3074aa98660b513a80f623a7e9f0702c7c9#83517, it looks like the fix might be incomplete?

Feb 15 2024, 10:43 PM · gnupg24 (gnupg-2.4.5), gnupg22, Bug Report