S/MIMEProject
ActivePublic

Members

  • This project does not have any members.

Watchers

  • This project does not have any watchers.

Recent Activity

Sat, Dec 7

werner updated the task description for T4696: Fresh certificate get's pulled into certificate chain with expired root certificate.
Sat, Dec 7, 4:28 PM · gnupg (gpg22), S/MIME, Bug Report
werner changed the visibility for T4696: Fresh certificate get's pulled into certificate chain with expired root certificate.
Sat, Dec 7, 4:28 PM · gnupg (gpg22), S/MIME, Bug Report
werner updated the task description for T4696: Fresh certificate get's pulled into certificate chain with expired root certificate.
Sat, Dec 7, 4:26 PM · gnupg (gpg22), S/MIME, Bug Report
werner closed T4696: Fresh certificate get's pulled into certificate chain with expired root certificate as Resolved.
Sat, Dec 7, 1:15 PM · gnupg (gpg22), S/MIME, Bug Report
werner added a commit to T4696: Fresh certificate get's pulled into certificate chain with expired root certificate: rG8c167febc0ab: sm: Add special case for expired intermediate certificates..
Sat, Dec 7, 12:51 PM · gnupg (gpg22), S/MIME, Bug Report

Fri, Dec 6

werner added a commit to T4696: Fresh certificate get's pulled into certificate chain with expired root certificate: rGd246f317c048: sm: Add special case for expired intermediate certificates..
Fri, Dec 6, 8:31 PM · gnupg (gpg22), S/MIME, Bug Report
werner moved T4696: Fresh certificate get's pulled into certificate chain with expired root certificate from For next release to Ready for release on the gnupg (gpg22) board.
Fri, Dec 6, 8:30 PM · gnupg (gpg22), S/MIME, Bug Report
werner added a comment to T4696: Fresh certificate get's pulled into certificate chain with expired root certificate.

I found a solution for master and 2.1.19 which minimizes the risk of regressions:

Fri, Dec 6, 8:29 PM · gnupg (gpg22), S/MIME, Bug Report

Thu, Dec 5

aheinecke closed T3961: GpgOL: Add option to prefer S/MIME over OpenPGP in autoresolution as Resolved.

I think this is now resolved.

Thu, Dec 5, 1:16 PM · S/MIME, gpgol

Wed, Dec 4

werner triaged T4767: gpgme_signature_t exp_timestamp behaves differently for OpenPGP vs. CMS as Low priority.
Wed, Dec 4, 10:43 AM · OpenPGP, S/MIME, gpgme, Bug Report
dkg added a comment to T4767: gpgme_signature_t exp_timestamp behaves differently for OpenPGP vs. CMS.

Very few OpenPGP data signatures have an expiration time either, fwiw. I have never actually seen one in the wild, and no one that i know uses --ask-sig-expire or --default-sig-expire (it shows up in the cupt test suite and the apt test suite, but doesn't appear to be actually used by anything).

Wed, Dec 4, 10:03 AM · OpenPGP, S/MIME, gpgme, Bug Report
werner added a comment to T4767: gpgme_signature_t exp_timestamp behaves differently for OpenPGP vs. CMS.

CMS signatures do not have a expiration time. Further the meaning of the expiration time of one of the certificates also depends on the validation model (shell or chain); thus a one-to-one relationship between these times is not possible.

Wed, Dec 4, 8:56 AM · OpenPGP, S/MIME, gpgme, Bug Report
werner triaged T4765: gpgsm --import should not try to invoke dirmngr if it is not necessary as Low priority.
Wed, Dec 4, 8:47 AM · gnupg (gpg23), S/MIME, Bug Report
dkg created T4767: gpgme_signature_t exp_timestamp behaves differently for OpenPGP vs. CMS.
Wed, Dec 4, 8:02 AM · OpenPGP, S/MIME, gpgme, Bug Report

Tue, Dec 3

dkg created T4765: gpgsm --import should not try to invoke dirmngr if it is not necessary.
Tue, Dec 3, 10:26 PM · gnupg (gpg23), S/MIME, Bug Report
werner added a comment to T4696: Fresh certificate get's pulled into certificate chain with expired root certificate.

Thank you.

Tue, Dec 3, 3:00 PM · gnupg (gpg22), S/MIME, Bug Report
destogl added a comment to T4696: Fresh certificate get's pulled into certificate chain with expired root certificate.

I uploaded the certificate files. For a test please do the following:

Tue, Dec 3, 2:31 PM · gnupg (gpg22), S/MIME, Bug Report
destogl changed the visibility for T4696: Fresh certificate get's pulled into certificate chain with expired root certificate.
Tue, Dec 3, 2:28 PM · gnupg (gpg22), S/MIME, Bug Report

Wed, Nov 27

werner added a comment to T4696: Fresh certificate get's pulled into certificate chain with expired root certificate.

Sorry, a fix didn't made it into 2.2.18.

Wed, Nov 27, 8:19 AM · gnupg (gpg22), S/MIME, Bug Report

Tue, Nov 26

werner triaged T4756: gpgsm --list-keys behaves differently than gpg when --passphrase is supplied as Normal priority.
Tue, Nov 26, 4:52 PM · Feature Request, S/MIME

Mon, Nov 25

werner triaged T4757: gpgsm --import --quiet is not quiet as Low priority.
Mon, Nov 25, 10:19 PM · S/MIME, Bug Report
dkg created T4757: gpgsm --import --quiet is not quiet.
Mon, Nov 25, 8:43 PM · S/MIME, Bug Report
dkg created T4756: gpgsm --list-keys behaves differently than gpg when --passphrase is supplied.
Mon, Nov 25, 7:06 PM · Feature Request, S/MIME

Thu, Nov 21

werner triaged T4751: gpgsm unable to import a PKCS12 file with a NULL password as Normal priority.
Thu, Nov 21, 8:13 AM · gnupg, Feature Request, S/MIME
dkg created T4751: gpgsm unable to import a PKCS12 file with a NULL password.
Thu, Nov 21, 4:22 AM · gnupg, Feature Request, S/MIME

Nov 11 2019

aheinecke added a commit to T4543: GpgOL: Moved S/MIME mails can no longer be read by other clients: rOb05416e7bc41: Restore S/MIME class after close.
Nov 11 2019, 4:06 PM · g10code, S/MIME, gpg4win, gpgol

Nov 7 2019

werner lowered the priority of T4696: Fresh certificate get's pulled into certificate chain with expired root certificate from High to Normal.
Nov 7 2019, 3:18 PM · gnupg (gpg22), S/MIME, Bug Report

Oct 4 2019

aheinecke moved T4543: GpgOL: Moved S/MIME mails can no longer be read by other clients from Backlog to In Progress on the g10code board.
Oct 4 2019, 4:34 PM · g10code, S/MIME, gpg4win, gpgol
aheinecke added a project to T4543: GpgOL: Moved S/MIME mails can no longer be read by other clients: g10code.
Oct 4 2019, 4:31 PM · g10code, S/MIME, gpg4win, gpgol
aheinecke added a commit to T4543: GpgOL: Moved S/MIME mails can no longer be read by other clients: rOee6c1cb59204: Restore msg class for S/MIME after move.
Oct 4 2019, 4:19 PM · g10code, S/MIME, gpg4win, gpgol
aheinecke renamed T4543: GpgOL: Moved S/MIME mails can no longer be read by other clients from GpgOL: Moved S/MIME mails with attachments can no longer be read by other clients to GpgOL: Moved S/MIME mails can no longer be read by other clients.
Oct 4 2019, 4:14 PM · g10code, S/MIME, gpg4win, gpgol

Sep 9 2019

aheinecke claimed T4699: X.509 certificate request more comfortable.

I give this normal priority even if it is a whish because I have the same whish and already have some code around that would make it more comfortable, especially if it is used directly in GpgOL.

Sep 9 2019, 11:26 AM · kleopatra, S/MIME, gpg4win, Feature Request
werner added projects to T4699: X.509 certificate request more comfortable: gpg4win, S/MIME.
Sep 9 2019, 7:40 AM · kleopatra, S/MIME, gpg4win, Feature Request

Sep 5 2019

werner triaged T4696: Fresh certificate get's pulled into certificate chain with expired root certificate as High priority.

Thanks for the sample certs. I noticed the posts but had not the time to look into them.

Sep 5 2019, 3:56 PM · gnupg (gpg22), S/MIME, Bug Report

Aug 22 2019

gniibe added a comment to T4480: GPGSM: Duplicated IMPORT_OK status lines emitted.

It appears (for me) correct behavior.

Aug 22 2019, 3:52 AM · S/MIME

Jul 5 2019

aheinecke closed T4561: GPG / GPGSM: Pinentry cancels lead to wrong error codes as Resolved.

Works for me! :-)

Jul 5 2019, 9:44 AM · S/MIME, gnupg
aheinecke merged T3928: canceling password dialog for decrypting is not recognized correctling. into T4561: GPG / GPGSM: Pinentry cancels lead to wrong error codes.
Jul 5 2019, 9:33 AM · S/MIME, gnupg
gniibe added a commit to T4561: GPG / GPGSM: Pinentry cancels lead to wrong error codes: rG38b9da7de335: sm: Return the last error for pubkey decryption..
Jul 5 2019, 8:53 AM · S/MIME, gnupg
gniibe added a commit to T4561: GPG / GPGSM: Pinentry cancels lead to wrong error codes: rG6cc4119ec03b: gpg: Return the last error for pubkey decryption..
Jul 5 2019, 8:18 AM · S/MIME, gnupg

Jun 13 2019

werner added a comment to T4257: GPGME: op_verify failes for S/MIME with EBADF in multithreaded signature verification.

I have a larger change for the wait code in the works. This will go into 1.14.0 but not in 1.13.1

Jun 13 2019, 9:06 AM · S/MIME, gpgme

Jun 7 2019

aheinecke created T4561: GPG / GPGSM: Pinentry cancels lead to wrong error codes.
Jun 7 2019, 9:56 AM · S/MIME, gnupg

Jun 6 2019

werner added a comment to T4257: GPGME: op_verify failes for S/MIME with EBADF in multithreaded signature verification.

I had to patch strace to follow threads but not forks (P8) and then when built with support for -k I tracked it down: In the inbound handler we close the fd immediately on EOF. However the upper layers don't know about it and a select fails with EBADF. Of course we could ignore the EBADF, figure out the closed fd and restart. The problem is that another thread may have opened a new oobject and that will get the last closed fd assigned - bummer.

Jun 6 2019, 5:08 PM · S/MIME, gpgme
aheinecke added a comment to T4257: GPGME: op_verify failes for S/MIME with EBADF in multithreaded signature verification.

Just noticed that due to me failing to properly understand re-entrant locks the run-thread test is broken at least on windows in that it never waits for completion. So running out of filedescriptors is to expect. I'll fix the test.

Jun 6 2019, 9:44 AM · S/MIME, gpgme
aheinecke added a comment to T4257: GPGME: op_verify failes for S/MIME with EBADF in multithreaded signature verification.

My observation from running the verify threaded test on windows is that it does behave differently. The EBADF does not occur.

Jun 6 2019, 8:51 AM · S/MIME, gpgme

Jun 5 2019

werner added a comment to T4257: GPGME: op_verify failes for S/MIME with EBADF in multithreaded signature verification.

Something(tm) closes an arbitrary file descriptor behind our back. Not easy to track down because strace can not trace only threads - it always wants to trace all children as well - which is a bit too much and leads to other problems.

Jun 5 2019, 9:03 PM · S/MIME, gpgme
werner raised the priority of T4257: GPGME: op_verify failes for S/MIME with EBADF in multithreaded signature verification from Normal to High.
Jun 5 2019, 9:00 PM · S/MIME, gpgme

Jun 4 2019

werner claimed T4257: GPGME: op_verify failes for S/MIME with EBADF in multithreaded signature verification.
Jun 4 2019, 11:42 AM · S/MIME, gpgme
werner moved T4257: GPGME: op_verify failes for S/MIME with EBADF in multithreaded signature verification from Backlog to For next release on the gpgme board.
Jun 4 2019, 11:03 AM · S/MIME, gpgme
werner removed a project from T4379: Invalid crypto engine importing a certificate: gpgme.
Jun 4 2019, 10:17 AM · S/MIME, Bug Report

Jun 3 2019

aheinecke added a commit to T4555: GpgSM: BER Error / Invalid radix64 character 2d skipped if newline is missing at EOF: rGTO1c5ebfb3b2bf: Fix BER Error when importing by adding \n.
Jun 3 2019, 6:14 PM · Bug Report, S/MIME