,
Werner
2006-12-14 Werner Koch [EMAIL PROTECTED]
* http.c (http_wait_response): No more shutdown. Fixes bug#739.
--- util/http.c (revision 4377)
+++ util/http.c (working copy)
@@ -212,8 +212,12 @@
iobuf_ioctl (hd-fp_write, 1, 1, NULL); /* keep the socket open */
iobuf_close (hd
On Wed, 13 Sep 2006 09:12, Oohara Yuuma said:
gnupg segfaults when it encrypts a file with a symmetric cipher:
gpg --symmetric --armor copyright
gpg: Segmentation fault caught ... exiting
Segmentation fault
FWIW, I can't replicate it with a stock 1.4.5 on Sid. What is the
content of your
On Tue, 19 Sep 2006 16:07, Bernhard Reiter said:
I have added a wish for a Debian experimental package
http://bugs.debian.org/388257
I fear that your whish to completly supercede the gnupg package by
gnupg2 is not possible. gnupg2 has a *lot of dependencies* and relies
on the gpg-agent. gpg
On Tue, 19 Sep 2006 20:06, Bernhard Reiter said:
This is for now, but I guess the plan is to have gpg 2 to supercede
gpg 1.4 in the mid run. Packaging for this in experimental seems
Not really. There are many applications of gpg which don't need the
new features of gpg2 and thus we will keep
code is
0 for the same operation.
Sure that this is in 1.4.5? I fixed this the day before the release:
2006-07-31 Werner Koch [EMAIL PROTECTED]
* passphrase.c (agent_open): Use log_info instead of log_error to
allow a fallback without having gpg return an error code. Fixes
Package: texinfo
Version: 4.8.dfsg.1-2
Severity: normal
Tags: patch
The code to read a css file has an obvious bug: A css file:
==
@import url(foo);
==
will end up as
==
@mport url(foo);
==
The fix is easy:
2006-09-20 Werner Koch [EMAIL
On Wed, 20 Sep 2006 15:15, Georg C. F. Greve said:
I wonder: could it ever become possible to build a downsized version
for specific purposes and limited dependencies from the gnupg2 branch?
No.
That might make maintenance of 1.4 unnecessary in the long run.
We will keep 1.4 and maybe even
On Thu, 30 Nov 2006 03:07, [EMAIL PROTECTED] said:
Yes, that's what happened and now when I think about it the behavior is as
documented. But what's the reasoning for not creating ~/.gnupg if it's
still needed?
It is not always needed.
Salam-Shalom,
Werner
--
To UNSUBSCRIBE, email
Hi!
Sorry, I can't replicate that with a stock 1.4.9. Neither with gpg nor
with gpg-zip.
Shalom-Salam,
Werner
--
Linux-Kongress 2008 + Hamburg + October 7-10 + www.linux-kongress.org
Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.
--
To UNSUBSCRIBE, email to
Hi,
this bug is now also tracked as
https://bugs.g10code.com/gnupg/issue942
I should have an account for such a box however I doubt that I can
debug it within the next weeks.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.
--
To
On Wed, 6 Aug 2008 22:59, [EMAIL PROTECTED] said:
| [EMAIL PROTECTED]:~$ gpgv /tmp/blender_2.46+dfsg-3.dsc
| gpgv: keyblock resource `/home/kibi/.gnupg/trustedkeys.gpg': general error
Do you mean the error message which probably should be file not found?
| gpgv: Signature made Mon Jul 14
On Thu, 7 Aug 2008 09:32, [EMAIL PROTECTED] said:
I don't understand why, when the point is about verifying signatures (as
stated in the whatis entry). Why does it have to assume they are
trustworthy and then to use its very own keyring? I'd assume as a first
You need to know whether the key
Hi!
You are mixing up two things:
1. The key derivation function, commonly abbreviated as KDF but in
OpenPGP as S2K (String to Key).
2. The encrytion algorithm.
The first is use to derive a key from a passphrase and the second to do
the actual encryption. The goal of the key derivation is
On Fri, 19 Sep 2008 17:34, [EMAIL PROTECTED] said:
| /bin/sh: line 4: 16160 Bus error ${dir}$tst
| FAIL: basic
We have a similar report in the bug tracker but I am currently missing a
test machine. IIRC the problem is in the AES code. You can do
cd tests
./basic --verbose
On Fri, 19 Sep 2008 18:59, [EMAIL PROTECTED] said:
Completed additional public key checks.
Bus error
Well, the new selftest code (3DES or the driver code). A backtrace
might help but a shell acount on a sparc box would be better. Is it
possible to get an account for Marcus?
Salam-Shalom,
On Sat, 20 Sep 2008 09:12, [EMAIL PROTECTED] said:
Program received signal SIGBUS, Bus error.
0xf7f00af8 in finalize (hd=0x2cec8) at hmac256.c:279
279 X(0);
Interesting:
#ifdef WORDS_BIGENDIAN
#define X(a) do { *(u32*)p = hd-h##a ; p += 4; } while(0)
#else /* little endian */
On Sat, 20 Sep 2008 13:27, [EMAIL PROTECTED] said:
libgcrypt selftest: digest HMAC-SHA256 (8): does not match in second
implementation (data-28 key-4)
Well, there is definitley still a bug in the hmac256 tool. I can't look
at it today anymore, sorry. My only big endian box is a PowerPC64
On Sun, 20 Jan 2008 18:10, [EMAIL PROTECTED] said:
I gues it is not a god idea to share this seed file between multiple
hosts accessing a central mailq queue. Is this this assumption correct?
Yes. You better avoid that if possible.
Shalom-Salam,
Werner
--
Die Gedanken sind frei.
On Thu, 31 Jan 2008 16:28, [EMAIL PROTECTED] said:
now. ldap.h used to globally expose these functions. ldap.h has begun
deprecating old functions, requiring packages to explicitly define
LDAP_DEPRECATED to use them. This seems to be a pretty common practice.
.. for OpenLDAP. We had quite a
On Fri, 4 Jan 2008 13:35, [EMAIL PROTECTED] said:
I think the daemon is there to help libgcrypt maintain randomness state
between invocations of applications that use randomness from libgcrypt.
Right. And it is still flagged as experimental because it lacks any
fair distribution of random to
On Fri, 4 Jan 2008 13:41, [EMAIL PROTECTED] said:
We could consider doing something like that in gnutls too, to help
applications avoid having to do it themselves. However, the
documentation on UPDATE_SEED seems somewhat discouraging. I'm not sure
Let's say this description is very
On Fri, 4 Jan 2008 15:16, [EMAIL PROTECTED] said:
int
gnutls_set_random_seed_file (const char *filename);
I don't think that is a good idea. gnutls does not provide the required
thread hook function for libgcrypt and thus the appliaction needs to do
this. If you want these functions you
On Fri, 4 Jan 2008 15:39, [EMAIL PROTECTED] said:
You mean the problem where one client requests a lot of randomness,
which would hurt the randomness received by other clients?
Right. Though the IPC mechanims allows for several concurrent requests,
the hear of the RNG serializes everything.
On Fri, 4 Jan 2008 17:01, [EMAIL PROTECTED] said:
Right. So what should applications like exim do exactly? Is there
My suggestion is:
int
main ()
{
int rc;
#ifdef WE_USE_PTHREADS
rc = gcry_control (GCRYCTL_SET_THREAD_CBS, gcry_threads_pthread);
if (rc)
error
On Fri, 4 Jan 2008 16:33, [EMAIL PROTECTED] said:
plugin for pidgin: if another plugin (say, Jabber) uses gnutls, which
initializes libgcrypt, and OTR also initializes libgcrypt (perhaps with
custom allocation functions), you can easily cause a crash.
At least we have a way to test whether
On Sat, 5 Jan 2008 14:17, [EMAIL PROTECTED] said:
gnutls-serv reads 3000 times 120 bytes from /dev/urandom, yes, 360
kilobytes!
Run
gcry_control (GCRYCTL_DUMP_RANDOM_STATS);
to get statistics about libgcrypt's RNG.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Auschnahme
On Tue, 8 Jan 2008 11:03, [EMAIL PROTECTED] said:
random usage: poolsize=600 mixed=621 polls=3000/117 added=3588/370308
outmix=3 getlvl1=3/136 getlvl2=0/0
- The random pool has been mixed 621 times.
- The slow random poll function has been called 3000 times to fill and
update
On Tue, 8 Jan 2008 11:59, [EMAIL PROTECTED] said:
Anyway there 3000 calls to /dev/urandom are far too many for an initial
pool filling. I need to check this.
Found it. The bug was introduced with libgcrypt 1.3.1. Here is a patch:
2008-01-08 Werner Koch [EMAIL PROTECTED
On Tue, 8 Jan 2008 17:16, [EMAIL PROTECTED] said:
Still, 3kb per TLS connection is excessive, so I still recommend exim to
set a libgcrypt seeds file to solve the problem.
Yes, definitely.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.
--
On Sat, 17 Nov 2007 00:24, [EMAIL PROTECTED] said:
Were these problems with the compiler being more strict, or with
it being more buggy? They are both inconvenient but they aren't
I can't remember in detail. It was more a problem of changed libraries.
Actually nits but changing this in
On Tue, 27 Nov 2007 15:57, [EMAIL PROTECTED] said:
Severity: serious
I doubt that this is a serious problem. The option to install gpg
suid(root) has been there for nearly a decade. gpg is diligent to drop
suid as soon as possible (after mlock and even before parsing options)
and even checks
On Tue, 11 Dec 2007 20:03, [EMAIL PROTECTED] said:
Upgrading to libgcrypt11 1.4.0 generates a different error. However
I think this one is really a gnupg2 error, not a gcrypt one.
Alright. Thanks for reminding that I need to add support for DSA-2.
Will do this tomorrow so that we can get
On Wed, 12 Dec 2007 13:37, [EMAIL PROTECTED] said:
-signed stuff from stdin, use
-'-'
- as the second filename. For
+signed stuff from stdin, use '-' as the second filename. For
I fixed this too by using the yat2m tool from gnupg-2 where this
formatting problem has been fixed. 1.4.8 will
On Wed, 12 Dec 2007 13:37, [EMAIL PROTECTED] said:
I also took the liberty of fixing a few obvious typos by running aspell on the
man page, e.g. RETURN VAUE should be RETURN VALUE. See the patch for
details.
Thanks. I applied the typo fixes to gpg.texi.
Note that changing the man page is
On Sun, 27 Jan 2008 23:55, [EMAIL PROTECTED] said:
Including a new patch against the source files, with some additional
fixes (manly, be possible). Also some of the original fixes
applied to additional parts.
Thanks. I applied it except for:
--- gnupg2-2.0.8/doc/qualified.txt
+++
On Tue, 29 Jan 2008 15:22, [EMAIL PROTECTED] said:
|Ignore requests to change the current @code{tty} or X
|window system @code{DISPLAY} variable, respectively. This is useful
Right, I got the same hint off-list.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Auschnahme regelt ein
On Mon, 28 Jan 2008 15:27, [EMAIL PROTECTED] said:
All applied.
In ./doc/DETAILS, I'm not sure:
| The default is the standard gpg Web of Trust model respective
| the standard X.509 model. The defined values are
Is this supposed to mean:
| The default is the standard
On Wed, 30 Jan 2008 19:20, [EMAIL PROTECTED] said:
Any obvious breakage? Exim does not use any threading. I have not
included an gcry_check_version(NULL) since I thought gcry_control()
would fail as reliably as gcry_check_version() would, if gcrypt was
Better insert a gcry_check_version
On Thu, 31 Jan 2008 06:21, [EMAIL PROTECTED] said:
Function `ldap_init' implicitly converted to pointer at dirmngr_ldap.c:520
Huh? ldap.h is included and thus I can see no such problem.
The libldap API has been updated and many functions used by the ldap
plugin are now deprecated. This
On Fri, 9 Nov 2007 02:35, [EMAIL PROTECTED] said:
Please add a watch file for gnupg. I have attached one, which may be
useful for you.
The attached one does not work becuase it will fire for gnupg 1.x and
gnupg 2.0 updates. Fix should be trivial.
Salam-Shalom,
Werner
--
Die Gedanken
On Sat, 10 Nov 2007 08:08, [EMAIL PROTECTED] said:
On Fri, Nov 09, 2007 at 05:05:28PM +0100, Werner Koch wrote:
Please add a watch file for gnupg. I have attached one, which may be
useful for you.
The attached one does not work becuase it will fire for gnupg 1.x and
gnupg 2.0 updates
On Thu, 15 Nov 2007 10:55, [EMAIL PROTECTED] said:
The only way forward I can see from here is to refer the issue to the
Technical Committee. If nobody objects or wants to do it themselves
I'll write up a summary when I have some free time.
I still do not understand the problem. Do you say
On Thu, 15 Nov 2007 13:19, [EMAIL PROTECTED] said:
M null c 1 3
which creates /dev/null, but does not contain a line to create
/dev/random. It also contains the comment:
So the fix should be pretty easy:
M random c 1 8
M urandom c 1 9
Shalom-Salam,
Werner
p.s.
Does
On Thu, 15 Nov 2007 15:32, [EMAIL PROTECTED] said:
I oppose this solution, the only devices which *must* be created
statically (and are available in the standard initramfs indeed) are null
and console.
With this reasoning you may also change Linux to allow /dev/random to be
a module. It was
On Fri, 16 Nov 2007 14:09, [EMAIL PROTECTED] said:
Oh. I wasn't aware of an active regression here, but yes, that indeed
seems to be a known issue with 'upgrading' from 3.4 to current 4.x ...
I had already some complaints from folks (cross-)building gnupg and
related stuff with the latest
On Sun, 18 Nov 2007 12:10, [EMAIL PROTECTED] said:
Indeed. And you should call abort() instead of exit() in the library.
I will consider this.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with
[Patrick, there seems to be a problem with gpg and enigmail when using
large keyrings: gpg goes too sleep for a long time. Not sure whether
you can clarify things.]
On Mon, 23 May 2005 19:48:06 +0200, martin f krafft said:
What happens if you just leave it, go an play outside for a while,
On Thu, 26 May 2005 02:22:06 -0700, t takahashi said:
another example of unnecessary accessing of homedir is when you want
to compress a file. when you do gpg --store, homedir access is unnecessary
but gpg tries to access it (perhaps to find preferences?). however, there is
no way to turn
On Fri, 27 May 2005 06:57:23 -0500, Stephen R Marenka said:
This one line patch enables default support for Elgamal E. Maybe there's
a smarter way to do it, but it escaped me.
There is no need for it. Although some algorithm numbers are taken
from OpenPGP, this does not mean that we will
On Tue, 31 May 2005 18:55:19 +0200, Georg Bauhaus said:
If there is a really convincing argument that a tool like
/usr/bin/gpg invented for signing and encrypting files must be aware
Yes there is one: gpg supports smartcards and thus needs access to
smartcard readers. It comes with an
On Thu, 17 Feb 2005 17:43:51 +0100, Markus Schaber said:
GnuPG should be changed to give strong warings whenever SHA-1 is used, and
maybe disable the usage of SHA-1 for new signatures altogether.
No. Broken is used by Bruce in a way cryptographers use it. IT is
far far away from any
On Sun, 20 Feb 2005 15:13:44 +0100, Klaus Ethgen said:
The following text is not localiced (to german) even thought it is in
the de.po file.
But marked as fuzzy. There are a lot of outdated translations. I
don't think that it is a good idea to file a bug for every outdated
language.
For de
On Mon, 21 Feb 2005 13:13:25 +0100, Klaus Ethgen said:
Hmm... But the possition seems to be correct as I looked to the source.
But what do this fuzzy mean concretely in this case?
That is a term from the GNU gettext system. If it dedects changed or
new strings it tries a fuzzy macth to make
On Mon, 21 Mar 2005 15:55:31 +0100, Frans Pop said:
I feel it is not very nice packaging, especially for something like gnupg
that is very general purpose and that is priority standard, to depend on
a hardware specific library.
libusb is by design not hardware dependedn. If USB is not
On Wed, 23 Mar 2005 00:40:23 -0800, Steve Langasek said:
Given that this bug is marked grave, should gnupg 1.4.0-3 be pushed into
testing, or is there another fix we should prefer here?
Although I'd prefer to see 1.4.1 in testing, updating to 1.2.7 would
solve this bug.
Shalom-Salam,
On Sun, 27 Mar 2005 12:13:19 +0200, Rmi Denis-Courmont said:
I think the ask-cert-level option should really be re-enabled by
default.
We changed this on purpose.
The cert levels have never been used in the past and due to the
different intepretation people assign to them, their meaning is
On Sun, 03 Apr 2005 19:13:33 +0100, Oliver Elphick said:
This appears to be related to the contents of my .gnupg, because the
Would you mind to tell us what is special about your gpg.conf? If you
don't want to see this in the BTS, please send it to me by PM.
My guess is that your keyring is
On Mon, 04 Apr 2005 08:07:13 +0100, Oliver Elphick said:
Since I can decrypt stuff, I assume that would be the public keyring?
If so, how can I clean it up?
Restore it from a backup.
I think it is better to continue such a discussion on the gnupg users
mailing list. You need to figure out
On Thu, 14 Apr 2005 07:53:37 +0200, folkert said:
The gpgme in the Debian distribution is very much behind. The current
version of gpgme is 1.0.2. Quiet a bit has changed since the Debian-
0.3 is the old API used by some old software (e.g. sylpheed). You
should use the libgpgme11 package
On Mon, 02 May 2005 12:28:15 +0300, Lars Wirzenius said:
I've no idea what happened. The is supposed to have key id AF79D29E
and importing it from the key server I use works fine.
There is a bad formatted signature in the key:
:signature packet: algo 17, keyid 432843E0AF3C67EA
version
On Wed, 04 May 2005 14:08:05 +, Brian M Carlson said:
* Update to 1.4.1.
I'd really prefer that. 1.4.1 has been released more than 6 weeks ago
and fixes quite some bugs we figured out in 1.4.0. The case with
1.4.0 was that people don't care anymore about RC releases and start
complaining
On Sun, 16 Jan 2005 13:03:47 +0100, Thomas Roessler said:
The problem here is that PGP exit values are nontrivial. To give
just one example, gpg will return exit status 1 when it encounters a
bad signature; I'm not sure right now whether this includes a
Don't rely on that. 1 is usually used
On Mon, 28 Feb 2005 10:12:27 +0100, Sythos said:
missing libpcsclite1 dependencies
Note, that is not a hard dependency because libpcsclite is dlopened
and even not needed if a CCID reader has been setup properly.
Shalom-Salam,
Werner
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with
On Thu, 9 Aug 2007 00:24, [EMAIL PROTECTED] said:
Inspection of the man page source suggests that it should say use - to
specify stdin, but the - has gotten swallowed up somewhere along the
I am nut sure why exactly this happends. However the translation of
@samp{foo} wad anyway wrong. It
On Mon, 10 Sep 2007 17:51, [EMAIL PROTECTED] said:
This breaks existing installations. What about using
Not many; and certianly not seriously.
You know all installations of gpg-agent? I doubt that.
1) The change si limited. It affects only installation that use
--write-env-file with
Hi,
The reason for this is that you did not used --fixed-list-mode:
Do not merge primary user ID and primary key in @option{--with-colon}
listing mode and print all timestamps as seconds since 1970-01-01.
--fixed-list-mode is required to fix a flaw in the original format of
the colon
On Thu, 1 Nov 2007 16:13, [EMAIL PROTECTED] said:
This is causing a problem for Pidgin as well. [0] If there's no entropy
device, then you can't use GnuTLS. However, that shouldn't prevent you
There is a serious problem on your system if gnutls and thus libgcrypt
are available but the system
On Mon, 5 Nov 2007 13:37, [EMAIL PROTECTED] said:
I still do not consider calling exit(2) in a library acceptable under
any condition.
So you want abort () instead? I consider this a bad option in this case
because exit handlers would not be run.
Given the reluctance of many programmers to
On Tue, 6 Nov 2007 06:40, [EMAIL PROTECTED] said:
This is a serious bug that can lock
application forever if such a key gets imported into the keyring.
Well, not forever, it just takes some time. Fixing keysevers is no
wichtery ;-).
We will do a 1.4.8 release candidate in the next days.
On Tue, 6 Nov 2007 15:35, [EMAIL PROTECTED] said:
What I notice is that it contains Czech characters so could that be the
culprit?
No. David already explained the problem. 1.4.8rc1 will be much faster
in trying to cleanup such mangled keys.
Salam-Shalom,
Werner
--
Die Gedanken sind
On Mon, 18 Dec 2006 14:20, [EMAIL PROTECTED] said:
The function _gcry_rndlinux_gather_random() in cipher/rndlinux.c opens
two file handles (fd_random and fd_urandom) which are never closed.
Since it does not apply the FD_CLOEXEC flag, all subprocesses will
inherit these two handles without
Him,
I have just released GPA 0.7.5 which very likely fixes this bug.
This bug is also tracked as bugs.gnupg.org/756.
Salam-Shalom,
Werner
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Hi,
I have just release 0.7.5 with a couple of bug fixes. I presume that
this one is also fixed.
Shalom-Salam,
Werner
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Werner Koch [EMAIL PROTECTED]
* Makefile.am (AM_CPPFLAGS): Define GNUPG_DATADIR.
* openfile.c (copy_options_file): Use log_info and not log_error
to avoid error returns in case of a missing skeleton file.
A new release is due anyway. We hope to get it out by next
On Mon, 5 Mar 2007 19:40, [EMAIL PROTECTED] said:
in this specific case (libnns-ldap failing due to missing
/dev/(u)random devices in early boot when connecting to the ldap
server using a ssl protected session.) the only thing actually using
gcrypt directly is gnutls.
You simply can't use
On Fri, 30 Mar 2007 01:43, [EMAIL PROTECTED] said:
There is a one-line description of each function, but no description of how
things actually work or are intended to be used.
You may want to write such docs and contribute them. In the meantime
GnuPG 2.0 is a good example on how to use
Hi!
I was able to duplicate this after some tries. strace shows that it
hangs in
futex(0xb7ea9880, FUTEX_WAIT, 2, NULL) = -1 EINTR (Interrupted system call)
The EINTR is due to the SIGQUIT. I am running Sid using the same
glibc version but a stock gpg 1.4.5. A quick check of the glibc 2.4
Architecture: amd64 (x86_64)
Well, I am running on i386
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-1-amd64
Stock Linux 2.6.15.2 (not the Debioan package)
Shalom-Salam,
Werner
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble?
On Wed, 6 Jun 2007 22:14, [EMAIL PROTECTED] said:
It does work fine, though, if you have only one private key.
And as long as you don't accidently import another secret key.
I'd like to share gpg.conf between machines; apart from the key IDs, it
seems entirely non-machine-specific. gpg
On Thu, 7 Jun 2007 01:20, [EMAIL PROTECTED] said:
When I do gpg --passphrase foobar file.txt, I get a passphrase entry
window (from pinentry-qt I think).
Doing gpg --no-use-agent --passphrase foobar file.txt works as
expected.
That is as it should be. We can't error out in such a case
On Wed, 25 Apr 2007 07:40, [EMAIL PROTECTED] said:
When decrypting multiple files with --decrypt-files, it is necessary to also
use --allow-multiple-messages, otherwise only the first file will decrypt,
This has recently been fixed in our SVN. Let me know if you need a
patch.
Hi,
running gpg without an explicit --default-key is not suggested as you
don't have any control on what gpg views as its default key. When
adding --default-key it is not much work to also add an --encrypt-to.
Shalom-Salam,
Werner
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a
On Sat, 7 Apr 2007 16:54, [EMAIL PROTECTED] said:
Please mention the --no-tty option in the manpage. It's essential for
writing scripts that use gpg.
We obviously lost this option entry while migrating from sgml to texinfo. I
have just fixed it in my working copy.
* gpg.texi (GPG
On Sat, 16 Jul 2005 12:45:35 +0200, Steinar H Gunderson said:
When encrypting to a master key with multiple encryption subkeys, GPG
currently signs to only the newest one. In my case, one is available on
my home computer (which does not always have a smart card reader
attached), and the other
On Sun, 17 Jul 2005 16:54:44 +0200, Steinar H Gunderson said:
Well, does OpenPGP specify at all which subkeys to encrypt to? Is there a
good reason why GnuPG simply can't encrypt to both by default?
No. Why only to both ot them? There are often more than just 2
non-expired encryption keys.
On Mon, 18 Jul 2005 11:36:20 +0200, Steinar H Gunderson said:
Well, s/both/all/. What is the disadvantage, if any?
Overhead in size and performance.
Does it make much more sense having multiple subkeys, but in reality only use
one of them? I'm not sure if I catch the logic here :-)
The
On Mon, 18 Jul 2005 20:21:38 +0300, Toni Timonen said:
I wrote a patch for gnupg to handle readonly keyrings correctly.
What it does now, is that when you try to modify a key in a keyring
that is not writable it makes a copy of that keyring to a writable one
and modifies it.
That won't work
On Thu, 30 Jun 2005 20:18:27 +0200, Marco d'Itri said:
Any comments? IIRC you wrote that code.
I have not lloked at the context, but ..
From: Joey Hess [EMAIL PROTECTED]
Subject: Re: Bug#316388: still prompts for passphrase with gpg-agent unless
GPG_TTY is set
Maybe the mutt developers
2005-08-30 Werner Koch [EMAIL PROTECTED]
* passphrase.c (agent_open): Print a warning and not an error in
case of a missing agent. Should fix Debian bug #325578.
Index: g10/passphrase.c
===
--- g10/passphrase.c
On Wed, 14 Sep 2005 17:34:38 +0200, Marcus Better said:
I just added the appropriate option to debian/rules, see the patch
below. It would of course be nicer to mark the assembly files manually
with .note.GNU-stack.
I have just added a configure time option --enable-noexecstack to the
claims that the manual is under
the FDL. However:
2003-12-03 Werner Koch [EMAIL PROTECTED]
* gcrypt.texi: Changed license from FDL to GPL because this is a
reference manual only useful along with actual code.
* fdl.texi: Removed.
This was long before the release of 1.2
On Tue, 12 Jul 2005 10:37:41 +0200, Thijs Kinkhorst said:
version of GnuPG in Debian (1.4.1-1). I'm wondering what the stance of
upstream is on this bug: will or won't it be fixed?
I don't see the problem with this. In same cases we could create a
file with the same permissions as the source
On Tue, 12 Jul 2005 14:45:07 +0200, Martin Schulze said:
Err... since it's easy to call isatty() on the input stream to find out
Sure, but what other tool works like this? There are zillion ways to
shoot oneself into the foot; tinkering with the permissions is just one.
if there's an inode
On Wed, 13 Jul 2005 21:54:27 +0200, Thijs Kinkhorst said:
gpg says me, /dev/[EMAIL PROTECTED] isn't a valid eMail address. But it
is conform with rfc822.
Indeed, I can still reproduce this with the current version.
Use --allow-freeform-uid if you really need to use such strange
mailboxes.
On Wed, 13 Jul 2005 22:07:10 +0200, Wolfgang Rohdewald said:
and stderr go to the tty but --no-tty obviously only suppresses
stdout. The man page suggests all tty output (including stderr)
As the name implies, --no-tty suppresses all output send to /dev/tty.
These are for example prompts like
On Wed, 15 Jun 2005 14:29:34 +0200, Kiro Zimmer said:
the library. I could also install libpcsclite1-dev, wich contains the
missing symlink, but i think this is a gpg problem, because other packages
work fine without installing it.
No, it is not. gpg dlopens pscslite.so and provides an
On Wed, 15 Jun 2005 18:23:11 +0200, Kiro Zimmer said:
I searched inside the manual- and info-pages for an solution, but this
option is nowhere explained. Now it works as expected ;)
Ondded, it is missing. This is because the code is actual a backport
from 1.9 and there we got it in the
On Tue, 9 Aug 2005 16:33:25 -0600, s keeling said:
Version: 1.2.2-1woody1
1.2.x is not maintained anymore by upstream. 1.4.x shows expired keys
more clearly.
copy had expired. gpg should notice and go out and check for a new
copy. I did that manually, picked up a new copy, now gpg
Hi!
Let me state it again: There is no IDEA support for GnuPG - there has
never been any support - the reason to write GnuPG was due to the IDEA
and RSA patents. Even after 2010 (or whatever the patent stuff says)
there will be no IDEA support - IDEA is OBSOLETE, it is an old cipher
algorithm
On Fri, 4 Jul 2008 14:53, [EMAIL PROTECTED] said:
When I have a signature made by an expired key, will I get
{GOODSIG,EXPKEYSIG},
or {BADSIG,EXPKEYSIG}?
Only one them:
if( !rc || gpg_err_code (rc) == GPG_ERR_BAD_SIGNATURE ) {
KBNODE un, keyblock;
int count=0, statno;
1 - 100 of 417 matches
Mail list logo
