gnupg (gpg22)Milestone
ActivePublic

Members

  • This project does not have any members.

Watchers

  • This project does not have any watchers.

Recent Activity

Yesterday

jackalope added a comment to T3972: 100% CPU usage endles loop of gpg --list-keys.

I've encountered the same problems that the original poster has described; the problems started suddenly on June 24, not prompted by any related updates as far as I can tell. The problems occur with both gpg 2.1.18 installed from the official Debian Stretch package and 2.2.12 installed from stretch-backports.

Wed, Jun 26, 9:51 PM · gnupg (gpg22)

Tue, Jun 25

dkg created T4584: --quick-sign-key offers no way to override a current certification.
Tue, Jun 25, 5:52 PM · gnupg, Feature Request

Fri, Jun 21

gniibe claimed T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32.

I took this task as it has errors of gpg-connect-agent scd killscd. But, it seems for me that it's not the direct cause.
Anyway, I investigate the bug.

Fri, Jun 21, 1:45 AM · gpgagent, gnupg, Bug Report

Wed, Jun 19

dkg added a comment to T3464: successful decryption with session key reports failure if public key is unknown.

without feedback, i have no idea what you want to do here as upstream. I believe this issue has identified a specific failing use case, and it has a patch that fixes the problem. if there's a problem, please let me know what it is. If there's no problem, please consider merging.

Wed, Jun 19, 11:21 PM · gnupg (gpg22), gpgme, Bug Report
dkg added a comment to T4566: dirmngr fails with HTTP 302 redirection to hkps.

Any word on this? i've pushed a fix for this into debian experimental as a part of 2.2.16-2, but i am concerned that there's no adoption from upstream. If there's a reason that this is the wrong fix, please do let me know!

Wed, Jun 19, 7:06 PM · gnupg (gpg22), dirmngr, Bug Report
werner triaged T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32 as Normal priority.
Wed, Jun 19, 5:01 PM · gpgagent, gnupg, Bug Report
dkg created T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32.
Wed, Jun 19, 3:54 PM · gpgagent, gnupg, Bug Report
mrdave19 renamed T4573: Files encrypted on another platform using password based encryption (-c) intermittently fail to decrypt on Kleopatra from Files encrypted on another platform using password base encryption (-c) intermittently fail to decrypt on Kleopatra to Files encrypted on another platform using password based encryption (-c) intermittently fail to decrypt on Kleopatra.
Wed, Jun 19, 3:40 PM · kleopatra, gnupg (gpg22), Bug Report

Tue, Jun 18

dkg added a comment to T4512: gpg's --keyserver option should be more robustly deprecated.

If we only need it for backward compatibility, then the configuration in gpg.conf should *not* be overriding the preferred, forward-looking form of the configuration (in dirmngr.conf). If it is low priority to fix this, then there will be a generation of GnuPG users and toolchains which deliberately configure the value in gpg.conf instead of dirmngr.conf because they'll know that's the more robust way to do it.

Tue, Jun 18, 2:56 AM · Documentation, gnupg (gpg22), Keyserver, dirmngr, Bug Report

Fri, Jun 14

werner added projects to T4573: Files encrypted on another platform using password based encryption (-c) intermittently fail to decrypt on Kleopatra: gnupg (gpg22), kleopatra.
Fri, Jun 14, 11:52 AM · kleopatra, gnupg (gpg22), Bug Report

Tue, Jun 11

dkg added a comment to T4566: dirmngr fails with HTTP 302 redirection to hkps.

@gouttegd good catch!

Tue, Jun 11, 9:41 AM · gnupg (gpg22), dirmngr, Bug Report

Sat, Jun 8

werner removed a project from T4566: dirmngr fails with HTTP 302 redirection to hkps: ntbtls.

I just assumed that is an ntbtls problem.

Sat, Jun 8, 10:26 PM · gnupg (gpg22), dirmngr, Bug Report
gouttegd added a comment to T4566: dirmngr fails with HTTP 302 redirection to hkps.

If I understand correctly, this is exactly the same problem that the one we encountered some time ago in the code dealing with fetching keys from HTTP (--fetch-keys), and that we fixed with this patch.

Sat, Jun 8, 10:17 PM · gnupg (gpg22), dirmngr, Bug Report
dkg added a comment to T4566: dirmngr fails with HTTP 302 redirection to hkps.

fwiw, the bug looks like it's in send_request in ks-engine-hkp.c, which re-uses the http_session object without re-initializing its tls_session member.

Sat, Jun 8, 4:16 PM · gnupg (gpg22), dirmngr, Bug Report
dkg updated subscribers of T4566: dirmngr fails with HTTP 302 redirection to hkps.

thanks for the triage, @werner!

Sat, Jun 8, 2:20 PM · gnupg (gpg22), dirmngr, Bug Report
werner triaged T4512: gpg's --keyserver option should be more robustly deprecated as Low priority.

We need --keyserver in gpg for just one reason: backward compatibility.

Sat, Jun 8, 10:40 AM · Documentation, gnupg (gpg22), Keyserver, dirmngr, Bug Report
werner added a project to T4566: dirmngr fails with HTTP 302 redirection to hkps: gnupg (gpg22).
Sat, Jun 8, 10:38 AM · gnupg (gpg22), dirmngr, Bug Report
dkg reopened T4512: gpg's --keyserver option should be more robustly deprecated as "Open".

thanks for fixing that error message, @werner. As @Valodim points out in discusson about hagrid, a gpg.conf keyserver option (deprecated according to the documentation) overrides the dirmngr.conf keyserver option (not deprecated according to the documentation.

Sat, Jun 8, 5:29 AM · Documentation, gnupg (gpg22), Keyserver, dirmngr, Bug Report

Fri, Jun 7

werner reopened T3972: 100% CPU usage endles loop of gpg --list-keys as "Open".

I received an strace for a similar case by PM.

Fri, Jun 7, 7:40 PM · gnupg (gpg22)

Wed, Jun 5

dkg added a comment to T3464: successful decryption with session key reports failure if public key is unknown.

any feedback on this proposed patch?

Wed, Jun 5, 3:56 AM · gnupg (gpg22), gpgme, Bug Report

Fri, May 31

werner triaged T4547: improve error message ("Not enabled") when using Tor network and standard resolver as Normal priority.
Fri, May 31, 9:19 AM · dirmngr, gnupg (gpg22), Bug Report

Thu, May 30

dkg added a comment to T3464: successful decryption with session key reports failure if public key is unknown.

I've pushed fa0a5ffd4997c2ca38a1dd2d89459b6b1f18ad99 to the branch dkg/fix-T3464, which i think solves the problem i was seeing without reintroducing any new problems.

Thu, May 30, 1:58 AM · gnupg (gpg22), gpgme, Bug Report
dkg added a comment to T3464: successful decryption with session key reports failure if public key is unknown.

I can confirm that this is actually a problem now :( gpgme_op_decrypt_verify returns a status with GPG_ERR_MISSING_KEY set when a session-key is used.

Thu, May 30, 12:20 AM · gnupg (gpg22), gpgme, Bug Report

Wed, May 29

werner added a comment to T4536: dirmngr fails to find OCSP signer certificate when responder is identified with key ID.

Thanks, the mentioned OpenSSL option should be helpful.

Wed, May 29, 9:19 AM · S/MIME, gnupg (gpg22), Bug Report
misterzed88 added a comment to T4536: dirmngr fails to find OCSP signer certificate when responder is identified with key ID.

A high level test description is:

  1. Configure both gpgsm and dirmngr to use OCSP.
  2. Use a certificate with OCSP responder extension present, or configure a default OCSP responder in dirmngr.
  3. Configure your OCSP responder to identify itself with key ID (and not subject name)
  4. Attempt to sign or verify with gpgsm.
  5. You should get an error, with dirmngr logs showing that the responder certificate could not be found.
Wed, May 29, 9:11 AM · S/MIME, gnupg (gpg22), Bug Report
misterzed88 added a comment to T4535: gpgsm --sign prints misleading error message when using default key.

Thank you for a quick fix (despite this being a minor problem).

Wed, May 29, 8:51 AM · gnupg (gpg22), S/MIME, Bug Report
werner set External Link to https://lists.gnupg.org/pipermail/gnupg-announce/2019q2/000438.html on T4509: Release GnuPG 2.2.16.
Wed, May 29, 8:15 AM · Release Info, gnupg (gpg22)

Tue, May 28

werner closed T4509: Release GnuPG 2.2.16 as Resolved.
Tue, May 28, 6:14 PM · Release Info, gnupg (gpg22)
werner updated the task description for T4509: Release GnuPG 2.2.16.
Tue, May 28, 5:08 PM · Release Info, gnupg (gpg22)
werner closed T4510: Update our copy of SQLite to 3.28, a subtask of T4509: Release GnuPG 2.2.16, as Resolved.
Tue, May 28, 5:04 PM · Release Info, gnupg (gpg22)

May 28 2019

werner added a comment to T4536: dirmngr fails to find OCSP signer certificate when responder is identified with key ID.

Do you have any test cases? Note that T3966 is due to missing support for SHA-256.

May 28 2019, 12:36 PM · S/MIME, gnupg (gpg22), Bug Report
werner added a commit to T4536: dirmngr fails to find OCSP signer certificate when responder is identified with key ID: rG4699e294cc9e: dirmngr: Improve finding OCSP cert..
May 28 2019, 12:31 PM · S/MIME, gnupg (gpg22), Bug Report

May 27 2019

werner triaged T4536: dirmngr fails to find OCSP signer certificate when responder is identified with key ID as Normal priority.
May 27 2019, 3:57 PM · S/MIME, gnupg (gpg22), Bug Report
werner closed T4535: gpgsm --sign prints misleading error message when using default key as Resolved.

Thanks to your very good analysis, this was easy to fix.

May 27 2019, 3:49 PM · gnupg (gpg22), S/MIME, Bug Report
werner added a commit to T4535: gpgsm --sign prints misleading error message when using default key: rG32210e855c46: sm: Avoid confusing diagnostic for the default key..
May 27 2019, 3:49 PM · gnupg (gpg22), S/MIME, Bug Report
werner added a commit to T4535: gpgsm --sign prints misleading error message when using default key: rG521e7d4644ed: sm: Avoid confusing diagnostic for the default key..
May 27 2019, 3:48 PM · gnupg (gpg22), S/MIME, Bug Report
werner triaged T4535: gpgsm --sign prints misleading error message when using default key as Low priority.
May 27 2019, 3:29 PM · gnupg (gpg22), S/MIME, Bug Report
werner closed T4457: Improve deletion of secret subkeys (don't delete primary key when subkey deletion is requested), a subtask of T4509: Release GnuPG 2.2.16, as Resolved.
May 27 2019, 12:57 PM · Release Info, gnupg (gpg22)

May 23 2019

wheelerlaw reopened T3065: dirmngr: proxy issues with dnslookup causing failure as "Open".

Are you not reading what I am saying to you?? Once again, your explanation is INVALID because that would mean that gnupg would be BROKEN, because it would be a NON-COMPLIANT http client according to the RFC I quoted.

May 23 2019, 1:58 PM · gnupg (gpg22), dns, dirmngr
werner closed T3065: dirmngr: proxy issues with dnslookup causing failure as Wontfix.

I explained why the keyserver access requires access to the DNS. If that is not possible the keyserver code will not work. If you don't allow DNS to work you either have to use Tor (which we use to also tunnel DNS requests) or get your keys from elsewhere. Also note that the keyserver network is current several broken and under DoS and thus it is unlikely that it can be operated in the future.

May 23 2019, 9:42 AM · gnupg (gpg22), dns, dirmngr

May 21 2019

werner added a commit to T4532: Creating a key with a long userid succeeds, but corrupts the keyring: rGd32963eeb33f: gpg: Do not allow creation of user ids larger than our parser allows..
May 21 2019, 4:29 PM · gnupg (gpg22), Bug Report
werner closed T4532: Creating a key with a long userid succeeds, but corrupts the keyring as Resolved.

Thanks. Fixed in master and 2.2.

May 21 2019, 4:29 PM · gnupg (gpg22), Bug Report
werner added a subtask for T4509: Release GnuPG 2.2.16: T4457: Improve deletion of secret subkeys (don't delete primary key when subkey deletion is requested).
May 21 2019, 7:55 AM · Release Info, gnupg (gpg22)

May 17 2019

werner closed T4500: Option --use-embedded-filename does not work as expect as Resolved.

Fix will go into 2.2.16 to be release this month.

May 17 2019, 1:45 PM · gnupg (gpg22), Bug Report
werner closed T4500: Option --use-embedded-filename does not work as expect, a subtask of T4509: Release GnuPG 2.2.16, as Resolved.
May 17 2019, 1:45 PM · Release Info, gnupg (gpg22)
werner added a commit to T4500: Option --use-embedded-filename does not work as expect: rG1702179d91b7: gpg: Fix using --decrypt along with --use-embedded-filename..
May 17 2019, 1:44 PM · gnupg (gpg22), Bug Report
werner added a parent task for T4500: Option --use-embedded-filename does not work as expect: T4509: Release GnuPG 2.2.16.
May 17 2019, 1:44 PM · gnupg (gpg22), Bug Report
werner added a subtask for T4509: Release GnuPG 2.2.16: T4500: Option --use-embedded-filename does not work as expect.
May 17 2019, 1:44 PM · Release Info, gnupg (gpg22)
werner added a commit to T4500: Option --use-embedded-filename does not work as expect: rG386bacd97416: gpg: Fix using --decrypt along with --use-embedded-filename..
May 17 2019, 1:42 PM · gnupg (gpg22), Bug Report
werner closed T4334: gpg "showphoto" not creating temp file on Windows 10 as Resolved.

There will be no full solution for this. However, the next release should in general work due to a 400ms delay we use after spawning the viewer. This is configurable; see rG7e5847da0f3d715cb59d05adcd9107b460b6411b.

May 17 2019, 12:52 PM · gpg4win, Windows, gnupg (gpg22), Bug Report