Projects gpgv

gpgvProject
ActivePublic
Watch Project

Members
View All

  • This project does not have any members.

Watchers
View All

  • This project does not have any watchers.

Recent Activity
View All

Jul 4 2019

werner triaged T4608: gpgv --enable-special-filenames documentation appears to claim that it works for keyrings, but it does not as Low priority.

Because we use dot-locking in GnuPG and copy-update-write for keyrings. Granted: For gpgv this is not required but the code is identical to the gpg code and adding new code does not make much sense. After all gpgv is a stripped down version of gpg I once wrote for Debian. I see your use case but tehre are other ways to do this and thus anthing here has low priority.

Jul 4 2019, 8:41 AM · gpgv, Bug Report

Jul 3 2019

dkg added a comment to T4608: gpgv --enable-special-filenames documentation appears to claim that it works for keyrings, but it does not.

out of curiosity, why does gpgv need the name of the file?

Jul 3 2019, 9:30 PM · gpgv, Bug Report
dkg renamed T4608: gpgv --enable-special-filenames documentation appears to claim that it works for keyrings, but it does not from gpgv --enable-special-filenames does not appear to work for keyrings passed as file descriptors to gpgv --enable-special-filenames documentation appears to claim that it works for keyrings, but it does not.
Jul 3 2019, 9:17 PM · gpgv, Bug Report
dkg reopened T4608: gpgv --enable-special-filenames documentation appears to claim that it works for keyrings, but it does not as "Open".

In that case, you can treat this ticket as a bug in the documentation, which still needs to be resolved.

Jul 3 2019, 9:07 PM · gpgv, Bug Report
werner closed T4608: gpgv --enable-special-filenames documentation appears to claim that it works for keyrings, but it does not as Invalid.

We need random access and the name of the file. Thus a file descriptor is not sufficient.

Jul 3 2019, 9:06 PM · gpgv, Bug Report
dkg created T4608: gpgv --enable-special-filenames documentation appears to claim that it works for keyrings, but it does not.
Jul 3 2019, 9:02 PM · gpgv, Bug Report

Mar 7 2019

werner closed T4386: Improve documentation about gpgv keyring selection as Resolved.

Applied to 2.2 and master. Thanks.

Mar 7 2019, 7:56 AM · gpgv

Mar 3 2019

dkg added a commit to T4386: Improve documentation about gpgv keyring selection: rG145987238e7e: gpgv: Improve documentation for keyring choices.
Mar 3 2019, 4:29 PM · gpgv
dkg created T4386: Improve documentation about gpgv keyring selection.
Mar 3 2019, 4:28 PM · gpgv

Oct 22 2018

werner closed T4014: when verifying signatures, gpg and gpgv should ensure signing capabilities as Resolved.
Oct 22 2018, 7:32 PM · gpgv, gnupg, Bug Report
werner added a commit to T4014: when verifying signatures, gpg and gpgv should ensure signing capabilities: rGb0d6e26bf3c8: gpg: Fix extra check for sign usage of a data signature..
Oct 22 2018, 7:29 PM · gpgv, gnupg, Bug Report

Oct 8 2018

werner added a comment to T4014: when verifying signatures, gpg and gpgv should ensure signing capabilities.

Editor fault. The browser's editor is not like Emacs and here o my laptop the backspace key does not work as intended. I guess I was about to write ".. a back signature's usage flag".

Oct 8 2018, 11:49 PM · gpgv, gnupg, Bug Report
dkg added a comment to T4014: when verifying signatures, gpg and gpgv should ensure signing capabilities.

what does "back signature's usage tool" mean? can we make an addition to the test suite that ensures that bad signatures will be rejected?

Oct 8 2018, 5:07 PM · gpgv, gnupg, Bug Report
werner reopened T4014: when verifying signatures, gpg and gpgv should ensure signing capabilities as "Testing".

The fix was not fully correct because it considered a back signature's usage tool.

Oct 8 2018, 4:26 PM · gpgv, gnupg, Bug Report
werner added a commit to T4014: when verifying signatures, gpg and gpgv should ensure signing capabilities: rGb6275f3bda8e: gpg: Fix extra check for sign usage of a data signature..
Oct 8 2018, 4:24 PM · gpgv, gnupg, Bug Report

Jul 12 2018

werner closed T4036: gnupg 2.2.9 release, a subtask of T4014: when verifying signatures, gpg and gpgv should ensure signing capabilities, as Resolved.
Jul 12 2018, 4:54 PM · gpgv, gnupg, Bug Report

Jul 4 2018

werner added a subtask for T4014: when verifying signatures, gpg and gpgv should ensure signing capabilities: T4036: gnupg 2.2.9 release.
Jul 4 2018, 9:16 AM · gpgv, gnupg, Bug Report
werner added a commit to T4014: when verifying signatures, gpg and gpgv should ensure signing capabilities: rG214b0077264e: gpg: Extra check for sign usage when verifying a data signature..
Jul 4 2018, 9:11 AM · gpgv, gnupg, Bug Report
werner added a commit to T4014: when verifying signatures, gpg and gpgv should ensure signing capabilities: rGef50fdf82a45: gpg: Extra check for sign usage when verifying a data signature..
Jul 4 2018, 9:11 AM · gpgv, gnupg, Bug Report
werner closed T4014: when verifying signatures, gpg and gpgv should ensure signing capabilities as Resolved.

Fix will also go into 2.2.9

Jul 4 2018, 9:10 AM · gpgv, gnupg, Bug Report

Jun 9 2018

dkg created T4014: when verifying signatures, gpg and gpgv should ensure signing capabilities.
Jun 9 2018, 12:33 AM · gpgv, gnupg, Bug Report

Sep 13 2017

werner closed T3404: gpgv warns about "--compliance=gnupg mode" but does not support --compliance=gnupg as an argument as Resolved.

The new unified compliance checker was not initialized. Fixed in the 2.2 branch.

Sep 13 2017, 9:23 AM · gnupg (gpg22), gpgv, Bug Report
werner added a commit to T3404: gpgv warns about "--compliance=gnupg mode" but does not support --compliance=gnupg as an argument: rG006ca124ed95: gpgv: Initialize compliance checker..
Sep 13 2017, 9:23 AM · gnupg (gpg22), gpgv, Bug Report

Sep 12 2017

werner triaged T3404: gpgv warns about "--compliance=gnupg mode" but does not support --compliance=gnupg as an argument as Normal priority.
Sep 12 2017, 9:27 AM · gnupg (gpg22), gpgv, Bug Report

Sep 9 2017

dkg created T3404: gpgv warns about "--compliance=gnupg mode" but does not support --compliance=gnupg as an argument.
Sep 9 2017, 7:20 PM · gnupg (gpg22), gpgv, Bug Report

Aug 21 2017

justus triaged T3350: gpgv should emit a status line with full issuer fingerprint, if it is present in the key. as Wishlist priority.
Aug 21 2017, 11:33 AM · gpgv, Feature Request

Aug 15 2017

guillem added a comment to T3350: gpgv should emit a status line with full issuer fingerprint, if it is present in the key..

As part of switching debsig-verify from using --list-packets to gpg with --list-keys --with-colons and gpgv, it would be helpful to eventually be able to get the fingerprint instead of the keyid. This is needed because debsig-verify uses the keyid to select which one of its policy files it has to load, to apply for the subsequent actual verification of the .deb package.

Aug 15 2017, 8:12 PM · gpgv, Feature Request
dkg created T3350: gpgv should emit a status line with full issuer fingerprint, if it is present in the key..
Aug 15 2017, 6:30 PM · gpgv, Feature Request

Jun 19 2017

justus added a commit to T3210: assertion failure in compliance.c when using gpgv: rG6e23416fe61d: gpg: Disable compliance module for other GnuPG components..
Jun 19 2017, 11:31 AM · gpgv, Bug Report
justus closed T3210: assertion failure in compliance.c when using gpgv as Resolved.

Fixed in 6e23416fe61d4130918f2d1bf6e1f98d102c4610.

Jun 19 2017, 11:08 AM · gpgv, Bug Report
justus claimed T3210: assertion failure in compliance.c when using gpgv.
Jun 19 2017, 10:08 AM · gpgv, Bug Report

Jun 17 2017

werner triaged T3210: assertion failure in compliance.c when using gpgv as Unbreak Now! priority.
Jun 17 2017, 10:46 AM · gpgv, Bug Report
werner created T3210: assertion failure in compliance.c when using gpgv.
Jun 17 2017, 10:45 AM · gpgv, Bug Report

Mar 30 2017

admin created gpgv.
Mar 30 2017, 6:42 PM

Feb 13 2017

werner added a comment to T2932: gpgv error messages are confusing.

I understand, So this is another special case like the one when a keyring has
permissions which don't allow it to be read.

Feb 13 2017, 4:33 PM · Bug Report, gnupg, gpgv

Feb 4 2017

dkg added a comment to T2932: gpgv error messages are confusing.

the reason "no public key" is confusing is because gpgv already knows that there
can be no public key. So the message that the naive user needs to see in this
case is "no keyring available".

If there is at least one keyring available, then saying something like "no
public key found in keyrings X and Y and Z" is reasonable. but if there are no
keyrings at all, the message should just be something like "no keyring found to
validate signature against".

Feb 4 2017, 8:01 AM · Bug Report, gnupg, gpgv

Jan 25 2017

werner added a comment to T2932: gpgv error messages are confusing.

I agree on the first part. This needs to be fixed.

I do not understand wht you think "no public key" is the wrong message. We have
always used this message if the public key is not available for verification.
Do you think the text should be changed to "public key not found" ? That would
be a simple change in libgpg-error.

Libgpg-error has a GPG_ERR_MISSING_KEY but that code indicates wrong usage of
functions or bad data structures.

Jan 25 2017, 9:13 AM · Bug Report, gnupg, gpgv
dkg added projects to T2932: gpgv error messages are confusing: gpgv, gnupg, Bug Report.
Jan 25 2017, 12:19 AM · Bug Report, gnupg, gpgv