From zix_ccbt1 at yahoo.ca Wed Jun 1 17:05:44 2005 From: zix_ccbt1 at yahoo.ca (ssdfsdlfk sldkfjsdlfksjdlfk) Date: Wed Jun 1 18:01:51 2005 Subject: Error while loading shared libraries: libusb-0.1.so.4: cannot open shared object file: No such file or directory Message-ID: <20050601150544.95614.qmail@web60621.mail.yahoo.com> Help! I have installed the GnuPG binary on a Linux machine. Any idea why I would need the library "libusb-0.1.so.4" to run GnuPG 1.4? The following are a set of commands I ran to troubleshoot: [root@blah]# /usr/bin/gpg --homedir /opt/pgp/certdb/ --gen-key /usr/bin/gpg: error while loading shared libraries: libusb-0.1.so.4: cannot open shared object file: No such file or directory [root@blah]# ls -al /usr/bin/gpg -rwxr-xr-x 1 root root 1682239 Jun 1 10:19 /usr/bin/gpg [root@blah]# ls /usr/lib lib libexec [root@blah]# ls /usr/lib/libusb* ls: /usr/lib/libusb*: No such file or directory [root@blah]# ls /usr/lib/libu* /usr/lib/libuser.so.1 /usr/lib/libuser.so.1.1.1 /usr/lib/libutempter.so /usr/lib/libutempter.so.0 /usr/lib/libutempter.so.0.5.2 /usr/lib/libuser: libuser_files.so libuser_ldap.so libuser_shadow.so __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com From marcus.brinkmann at ruhr-uni-bochum.de Fri Jun 3 00:10:38 2005 From: marcus.brinkmann at ruhr-uni-bochum.de (Marcus Brinkmann) Date: Fri Jun 3 00:10:46 2005 Subject: gpgme doesn't seem to return the signatures In-Reply-To: <20050518095823.GQ17168@vanheusden.com> References: <20050518095823.GQ17168@vanheusden.com> Message-ID: <87sm00s941.wl@ulysses.g10code.de> Hi, At Wed, 18 May 2005 11:58:26 +0200, Folkert van Heusden wrote: > (void)gpgme_check_version(NULL); > err = gpgme_new(&ctx); > err = gpgme_op_keylist_start (ctx, NULL, 0); > err = gpgme_op_keylist_next(ctx, &r_key); > gpgme_user_id_t uids = r_key -> uids; > ...for each uid... > gpgme_key_sig_t sigs = uids -> signatures; > > Now sigs in this case is *always* NULL! > And I've verified (with gpg --list-sigs) that *all* keys have one or more signature. You need to set the keylist mode. By default, signatures are not included to speed things up a bit. If you need them, you need to use the keylist mode GPGME_KEYLIST_MODE_SIGS. From the manual (*Key Listing Mode*): @item GPGME_KEYLIST_MODE_SIGS The @code{GPGME_KEYLIST_MODE_SIGS} symbol specifies that the key signatures should be included in the listed keys. From tests/gpg/t-keylist-sig.c: int mode; mode = gpgme_get_keylist_mode (ctx); mode |= GPGME_KEYLIST_MODE_SIGS; err = gpgme_set_keylist_mode (ctx, mode); fail_if_err (err); > Oh, and do I need to free-up something after I do gpgme_op_keylist_next? You need to eventually dereference the key to release its storage. This is done with gpgme_key_unref (). From the manual, (*Manipulating Keys*): @deftypefun void gpgme_key_unref (@w{gpgme_key_t @var{key}}) The function @code{gpgme_key_unref} releases a reference for the key @var{key}. If this was the last reference, the key will be destroyed and all resources associated to it will be released. @end deftypefun Thanks, Marcus From marcus.brinkmann at ruhr-uni-bochum.de Fri Jun 3 00:48:07 2005 From: marcus.brinkmann at ruhr-uni-bochum.de (Marcus Brinkmann) Date: Fri Jun 3 00:45:49 2005 Subject: gpgme_cancel() does not stop gpg process from finishing asynchronous call In-Reply-To: <87pswts98b.fsf@wheatstone.g10code.de> References: <4249E9EF.8050504@katehok.ac93.org> <871x9dwzap.wl@ulysses.g10code.de> <425E5932.7080600@katehok.ac93.org> <425E69C3.90508@katehok.ac93.org> <87r7hdv4w9.wl@ulysses.g10code.de> <425E82E3.5040308@katehok.ac93.org> <425E97EF.9020006@katehok.ac93.org> <87is2ovr1h.wl@ulysses.g10code.de> <42618BBC.8080300@katehok.ac93.org> <87pswts98b.fsf@wheatstone.g10code.de> Message-ID: <87r7fks7dk.wl@ulysses.g10code.de> At Sun, 17 Apr 2005 17:39:48 +0200, Werner Koch wrote: > On Sat, 16 Apr 2005 18:03:40 -0400, Igor Belyi said: > > Additional thought - sending TERM signal should be no worse than a > > user hitting Control-C while working with gpg directly. > > BTW, there is an easy way to tell gpg to stop: Although the status > functions won't return an error code, they may be changed to detect a > write error and call exit() then. The problem here is that this > slightly changes the semantics and some software may fail therefore. > > The only way to implement this in a safe way is by introducing a > new option to gpg to do this. gpgme may then look at the gpg's > versions and decide whether to use this option. Marcus, what do you > think, shall I add such an option to gpg 1.4.2? Sounds like a good idea, if there is still time. Or just to the next version, it doesn't seem to be that urgent to me. However, the real solution of course will be to have some pipe (or signal) that can be used to send asynchronous cancellation requests to gpg, which then processes it and indicates to gpgme on the status fd that the operation was canceled successfully. In server mode that will be incredibly useful, because it makes cancelation a very clean and safe operation. Marcus From marcus.brinkmann at ruhr-uni-bochum.de Fri Jun 3 00:53:44 2005 From: marcus.brinkmann at ruhr-uni-bochum.de (Marcus Brinkmann) Date: Fri Jun 3 00:50:52 2005 Subject: Tricky gpgme_wait bug. In-Reply-To: <426D2E3E.4050803@katehok.ac93.org> References: <426A8523.50304@katehok.ac93.org> <426B15F9.7010904@katehok.ac93.org> <426D2E3E.4050803@katehok.ac93.org> Message-ID: <87psv4s747.wl@ulysses.g10code.de> At Mon, 25 Apr 2005 13:51:58 -0400, Igor Belyi wrote: > > The extra sleep between gpgme_wait causes _gpgme_io_select to get > > signal on more than one file handler for the same context. As a result > > an error reported on the first handle causes all context handlers to > > be closed and the associated data released. When the second selected > > handle get processed it causes segmentation fault. > > And just to reply to myself, attached is a proposed patch fixing the > problem. Hi, I have committed a simpler fix to CVS HEAD and the 1.0 branch: Just break out of the loop, and go to the next iteration of the select() (which will terminate as there are no more fds to select on). I have also added a test case based on the one you sent us, and it does no longer segfault. gpgme/ 2005-06-03 Marcus Brinkmann * wait-global.c (gpgme_wait): Break out of the fd processing loop after an error. Reported by Igor Belyi . tests/ 2005-06-03 Marcus Brinkmann * gpg/Makefile.am (TESTS): Add t-wait. * gpg/t-wait.c (main): New test. Thanks, Marcus From dvgevers at xs4all.nl Fri Jun 3 15:43:31 2005 From: dvgevers at xs4all.nl (dvgevers@xs4all.nl) Date: Fri Jun 3 16:05:46 2005 Subject: gnupg-1.4.2rc1 build problem Message-ID: <23360.213.84.251.186.1117806211.squirrel@213.84.251.186> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 When I use the original tar.gz for a/m version I get an error that line 16 of the specfile ("Copyright: GPL") is illegal on my Mandriva Cooker using rpm-4.4.1. When I changed the line to "License: GPL" the build (with rpm -ta gnupg-1.4.2.rc1.tar.gz) was successful. Ciao, =Dick Gevers= -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Encryption is an envelope - the contents are private. iD4DBQFCoFusDxfV9OHLvssRAh4/AJiiDprBcoRDG0ZqVxtj8c8j10tmAJ93yxPZ WzwN3mrkNx3ushYkKGbZMg== =35rT -----END PGP SIGNATURE----- From patrick at mozilla-enigmail.org Sat Jun 4 17:21:16 2005 From: patrick at mozilla-enigmail.org (Patrick Brunschwig) Date: Sat Jun 4 17:18:14 2005 Subject: [PATCH] Status output for "no card available" Message-ID: Skipped content of type multipart/mixed-------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 254 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20050604/b097c36c/signature.pgp From harob02 at earthlink.net Sat Jun 4 17:43:54 2005 From: harob02 at earthlink.net (Dan Mundy) Date: Sat Jun 4 19:04:19 2005 Subject: [Announce] First release candidate for GnuPG 1.4.2 available In-Reply-To: <873bs360ne.fsf__30182.3318623521$1117544410$gmane$org@wheatstone.g10code.de> References: <873bs360ne.fsf__30182.3318623521$1117544410$gmane$org@wheatstone.g10code.de> Message-ID: <42A1CC3A.3010907@earthlink.net> Werner Koch wrote: > Hi! > > We are pleased to announce the availability of a release candidate for > the forthcoming 1.4.2 version of gnupg: > ... > Please try it out and report any problems to the gnupg-devel or > gnupg-users list (http://www.gnupg.org/documentation/mailing-lists.html). compiled gnupg-1.4.2rc1 under RedHat Linux 9 no problems so far... just waiting for the Windows binary installer! I like the new clean sigs feature. it's very nice. Dan -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 259 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20050604/bed01be0/signature.pgp From harob02 at earthlink.net Sun Jun 5 00:19:47 2005 From: harob02 at earthlink.net (Dan Mundy) Date: Sun Jun 5 00:17:36 2005 Subject: [Announce] First release candidate for GnuPG 1.4.2 available In-Reply-To: <873bs360ne.fsf__30182.3318623521$1117544410$gmane$org@wheatstone.g10code.de> References: <873bs360ne.fsf__30182.3318623521$1117544410$gmane$org@wheatstone.g10code.de> Message-ID: <42A22903.8050003@earthlink.net> Werner Koch wrote: > Hi! > > We are pleased to announce the availability of a release candidate for > the forthcoming 1.4.2 version of gnupg: > > Please try it out and report any problems to the gnupg-devel or > gnupg-users list (http://www.gnupg.org/documentation/mailing-lists.html). Compile and Install successful on RedHat Linux 9, and it is working well so far! I have yet to discover any problems with gnupg-1.4.2-rc1. I especially like the new 'clean sigs' feature when gpg --edit-keys. It's what I've been looking for for a while. Thanks for making gnupg so great! Dan -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 259 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20050604/a52cd743/signature-0001.pgp From harob02 at earthlink.net Sun Jun 5 00:28:19 2005 From: harob02 at earthlink.net (Dan Mundy) Date: Sun Jun 5 00:25:11 2005 Subject: [Announce] First release candidate for GnuPG 1.4.2 available In-Reply-To: <873bs360ne.fsf__30182.3318623521$1117544410$gmane$org@wheatstone.g10code.de> References: <873bs360ne.fsf__30182.3318623521$1117544410$gmane$org@wheatstone.g10code.de> Message-ID: <42A22B03.6030305@earthlink.net> Found a problem!! Weird one though... when setting key trust with enigmail for Thunderbird, the openpgp management gives me an 'undefined error', but after this, it changes the trust as if nothing went wrong. I even was the light flashing on my USB drive, indicating file modification. Weird... So even though it worked, it said it didn't. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 259 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20050604/d6bdf598/signature.pgp From patrick at mozilla-enigmail.org Sun Jun 5 13:31:44 2005 From: patrick at mozilla-enigmail.org (Patrick Brunschwig) Date: Sun Jun 5 13:27:49 2005 Subject: [Announce] First release candidate for GnuPG 1.4.2 available In-Reply-To: <42A22B03.6030305__41333.9098603048$1117924114$gmane$org@earthlink.net> References: <873bs360ne.fsf__30182.3318623521$1117544410$gmane$org@wheatstone.g10code.de> <42A22B03.6030305__41333.9098603048$1117924114$gmane$org@earthlink.net> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dan Mundy wrote: > Found a problem!! Weird one though... > > when setting key trust with enigmail for Thunderbird, the openpgp > management gives me an 'undefined error', but after this, it changes the > trust as if nothing went wrong. I even was the light flashing on my USB > drive, indicating file modification. Weird... So even though it worked, > it said it didn't. This has nothing to do with GnuPG, but rather with Enigmail. I have recently fixed a bug in this area, so you might try the latest nightly build from http://enigmail.mozdev.org/nightly.html - -Patrick -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCouKc2KgHx8zsInsRAlR8AJ9COQQIl4cXMBJ9IwZMBBjrrsN/CwCgu2EQ pTyT9S27BkM7AULGq8eBMKc= =208B -----END PGP SIGNATURE----- From wk at gnupg.org Mon Jun 6 16:29:02 2005 From: wk at gnupg.org (Werner Koch) Date: Mon Jun 6 16:26:04 2005 Subject: [PATCH] Status output for "no card available" In-Reply-To: (Patrick Brunschwig's message of "Sat, 04 Jun 2005 17:21:16 +0200") References: Message-ID: <8764wr7e4x.fsf@wheatstone.g10code.de> On Sat, 04 Jun 2005 17:21:16 +0200, Patrick Brunschwig said: > Here is a small patch to get parseable status output in case accessing a > smartcard fails. It the status does not distinguish if the card reader > is not attached or just the card is missing. I changed it to output $ gpg --card-status --status-fd 2 --batch --no-use-agent gpg: pcsc_establish_context failed: no service (0x8010001d) [GNUPG:] CARDCTRL 5 gpg: card reader not available gpg: OpenPGP card not available: general error with no reader attached and to gpg: apdu_send_simple(0) failed: no card [GNUPG:] CARDCTRL 4 gpg: selecting openpgp failed: no card gpg: OpenPGP card not available: general error if a reader is attached but no card inserted. CARDCTRL [] This is used to control smartcard operations. Defined values for WHAT are: 1 = Request insertion of a card. Serialnumber may be given to request a specific card. 2 = Request removal of a card. 3 = Card with serialnumber detected 4 = No card available. 5 = No card reader available diff -u -p -r1.33 cardglue.c --- g10/cardglue.c 31 May 2005 10:11:01 -0000 1.33 +++ g10/cardglue.c 6 Jun 2005 14:45:57 -0000 @@ -412,6 +412,7 @@ open_card (void) slot = apdu_open_reader (default_reader_port); if (slot == -1) { + write_status_text (STATUS_CARDCTRL, "5"); log_error ("card reader not available\n"); return NULL; } Shalom-Salam, Werner From wk at gnupg.org Thu Jun 9 12:08:26 2005 From: wk at gnupg.org (Werner Koch) Date: Thu Jun 9 12:06:11 2005 Subject: c++ version of gpgme In-Reply-To: <4293BCE20000E4CD@ims5c.cp.tin.it> (ml sergico's message of "Tue, 31 May 2005 10:30:21 +0200") References: <4293BCE20000E4CD@ims5c.cp.tin.it> Message-ID: <87is0nrgf9.fsf@wheatstone.g10code.de> On Tue, 31 May 2005 10:30:21 +0200, ml sergico said: > I was searching around to find if there is some c++ implementation/wrapper > of the gpgme library. Someone know of some project related. I read some > on the mailing list archive but can't find any reference to the project > code page... You may use gpgme directly as we have taken some precautions to make it work with C++. KDE uses a wrapper library (gpgmepp); find attacked the README. Salam-Shalom, Werner -------------- next part -------------- GpgME++ - C++ bindings/wrapper for gpgme ------------------------------------ Version 0.0.1 Copyright (c) 2003, 2004 Klar?lvdalens Datakonsult AB This file is free software; as a special exception the author gives unlimited permission to copy and/or distribute it, with or without modifications, as long as this notice is preserved. This file is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY, to the extent permitted by law; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Overview -------- GpgME++ is a C++ wrapper (or C++ bindings) for the GnuPG project's gpgme (GnuPG Made Easy) library, version 0.4.4 and later. It is fairly complete, with some minor things still missing (in particular, the key edit interface). It is mostly tested using external event loops, for which its design is optimised. The design principles of this library are as follows: 1. A value-based interface (most clases are implicitly shared) 2. Callbacks are replaced by C++ interfaces (classes with only abstract methods). 3. No exceptions are thrown 4. There is (as yet) no explicit support for multi-threaded use (other than what gpgme itself provides; most notably the refcounting for implicit sharing is not thread-safe) 5. To avoid binary incompatible interface changes, we make extensive use of the d-pointer pattern and avoid virtual methods; any polymorphism present is already provided by gpgme itself, anyway (see e.g. Data). A notable exception of the no-virtuals rule is the use of abstract classes to cover C-callbacks. The authors hope that once there are more users of this library, the GnuPG project will include it as the official C++ binding for gpgme. Currently, this is not the case, since it was felt that C++ bindings can be provided with different design decisions, and that it is not clear that the decisions made for GpgME++ are broad enough to be universally applicable (e.g. a pivotal design decision was to not use exceptions to wrap gpgme_error_t). GpgME++ depends on gpgme, which in turn depends on libgpg-error, both of which must be installed correctly before GpgME++ is to be built. Furthermore, GpgME++ should be recompiled if the underlying gpgme is changed. This is to allow closer integration and to abstract away possible interface changes. Therefore, once this libray becomes stable, we intend to follow gpgme's versioning. Currently, we use the KDE CVS repository to develop our code, basically because GpgME++ is used in KMail and Kleopatra. However, the library is in no way dependant on KDE or Qt libraries, and you are free to use it in your own projects, provided you follow the license. If you _do_ want to use GpgME++ in Qt/KDE applications, have a look at QGpgME, which provides integration with QEventLoop and some Qt datatypes (e.g. QByteArray). Mailing List ------------ Discussion of this library and questions regarding it's use and design should happen on gpa-dev@gnupg.org or gnupg-devel@gnupg.org. License ------- This library is licensed under the GNU General Public License (GPL), just as gpgme is. We feel that using a different license than the one gpgme itself uses doesn't make sense. OTOH, we shall relicense this library to the GNU Lesser General Public License (LGPL) should gpgme itself be made available under this license at any time in the future. From patrick at mozilla-enigmail.org Thu Jun 9 17:00:27 2005 From: patrick at mozilla-enigmail.org (Patrick Brunschwig) Date: Thu Jun 9 17:18:51 2005 Subject: Charset encoding of passphrase Message-ID: I'm trying to figure out how I have to encode correctly a passphrase in Enigmail. All commands from Enigmail to gpg include --charset utf8 --passphrase-fd 0 My question is: do I have to encode the passphrase in utf-8 or does it need to be encoded in the charset of the command prompt (in this case Windows-850), or yet something else? When I enter a passphrase with e.g. ? on the Windows command line (no charset in gpg.conf set), I can't find the correct encoding in Enigmail that would gpg make accept passphrase. Thanks, Patrick -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 254 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20050609/63a68a6b/signature.pgp From takemura at pharmaco.crl.hyo-med.ac.jp Sat Jun 11 12:59:39 2005 From: takemura at pharmaco.crl.hyo-med.ac.jp (Motohiko Takemura) Date: Sun Jun 12 01:57:42 2005 Subject: [patch 1.4.1] return uid-8 encoded strings from get_primary_uid() Message-ID: <20050611.195939.96940995.takemura@pharmaco.crl.hyo-med.ac.jp> Hi! In g10/getkey.c: get_primary_uid(), the comment says that the returned value should be in utf-8 encoding. Also, get_user_id() returns user id if one found, which is in utf-8 encoding. The following patch tells gettext() used in these two functions to return a string in utf-8 encoding. With this patch, output of --list-sigs is legible even if i do not have a key used for signing. Please consider for inclusion. Thanks Motohiko Takemura GPG key: 0xb25de95f --- gnupg-1.4.1/g10/getkey.c.ORIG Sat Feb 5 09:00:35 2005 +++ gnupg-1.4.1/g10/getkey.c Sat May 7 19:09:26 2005 @@ -25,6 +25,9 @@ #include #include #include +#ifdef HAVE_LANGINFO_CODESET +#include +#endif #include "util.h" #include "packet.h" #include "memory.h" @@ -172,6 +175,7 @@ { KBNODE k; const char *s; + char *orig_codeset = NULL; for (k=keyblock; k; k=k->next ) { if ( k->pkt->pkttype == PKT_USER_ID @@ -183,7 +187,24 @@ } /* fixme: returning translatable constants instead of a user ID is * not good because they are probably not utf-8 encoded. */ + /* Then, how about using bind_textdomain_codeset ? + copyed from passphrase.c */ +#ifdef ENABLE_NLS + orig_codeset = bind_textdomain_codeset(PACKAGE, NULL); +#ifdef HAVE_LANGINFO_CODESET + if (!orig_codeset) + orig_codeset = nl_langinfo(CODESET); +#endif + if (orig_codeset) { + if (!bind_textdomain_codeset(PACKAGE, "utf-8")) + orig_codeset = NULL; + } +#endif /* ENABLE_NLS */ s = _("[User ID not found]"); +#ifdef ENABLE_NLS + if (orig_codeset) + bind_textdomain_codeset(PACKAGE, orig_codeset); +#endif *uidlen = strlen (s); return s; } @@ -2732,6 +2753,7 @@ user_id_db_t r; char *p; int pass=0; + char *orig_codeset = NULL; /* try it two times; second pass reads from key resources */ do { @@ -2747,7 +2769,22 @@ } } } while( ++pass < 2 && !get_pubkey( NULL, keyid ) ); +#ifdef ENABLE_NLS + orig_codeset = bind_textdomain_codeset(PACKAGE, NULL); +#ifdef HAVE_LANGINFO_CODESET + if (!orig_codeset) + orig_codeset = nl_langinfo(CODESET); +#endif + if (orig_codeset) { + if (!bind_textdomain_codeset(PACKAGE, "utf-8")) + orig_codeset = NULL; + } +#endif /* ENABLE_NLS */ p = m_strdup( _("[User ID not found]") ); +#ifdef ENABLE_NLS + if (orig_codeset) + bind_textdomain_codeset(PACKAGE, orig_codeset); +#endif *rn = strlen(p); return p; } -------------- next part -------------- --- gnupg-1.4.1/g10/getkey.c.ORIG Sat Feb 5 09:00:35 2005 +++ gnupg-1.4.1/g10/getkey.c Sat May 7 19:09:26 2005 @@ -25,6 +25,9 @@ #include #include #include +#ifdef HAVE_LANGINFO_CODESET +#include +#endif #include "util.h" #include "packet.h" #include "memory.h" @@ -172,6 +175,7 @@ { KBNODE k; const char *s; + char *orig_codeset = NULL; for (k=keyblock; k; k=k->next ) { if ( k->pkt->pkttype == PKT_USER_ID @@ -183,7 +187,24 @@ } /* fixme: returning translatable constants instead of a user ID is * not good because they are probably not utf-8 encoded. */ + /* Then, how about using bind_textdomain_codeset ? + copyed from passphrase.c */ +#ifdef ENABLE_NLS + orig_codeset = bind_textdomain_codeset(PACKAGE, NULL); +#ifdef HAVE_LANGINFO_CODESET + if (!orig_codeset) + orig_codeset = nl_langinfo(CODESET); +#endif + if (orig_codeset) { + if (!bind_textdomain_codeset(PACKAGE, "utf-8")) + orig_codeset = NULL; + } +#endif /* ENABLE_NLS */ s = _("[User ID not found]"); +#ifdef ENABLE_NLS + if (orig_codeset) + bind_textdomain_codeset(PACKAGE, orig_codeset); +#endif *uidlen = strlen (s); return s; } @@ -2732,6 +2753,7 @@ user_id_db_t r; char *p; int pass=0; + char *orig_codeset = NULL; /* try it two times; second pass reads from key resources */ do { @@ -2747,7 +2769,22 @@ } } } while( ++pass < 2 && !get_pubkey( NULL, keyid ) ); +#ifdef ENABLE_NLS + orig_codeset = bind_textdomain_codeset(PACKAGE, NULL); +#ifdef HAVE_LANGINFO_CODESET + if (!orig_codeset) + orig_codeset = nl_langinfo(CODESET); +#endif + if (orig_codeset) { + if (!bind_textdomain_codeset(PACKAGE, "utf-8")) + orig_codeset = NULL; + } +#endif /* ENABLE_NLS */ p = m_strdup( _("[User ID not found]") ); +#ifdef ENABLE_NLS + if (orig_codeset) + bind_textdomain_codeset(PACKAGE, orig_codeset); +#endif *rn = strlen(p); return p; } From stephane at sente.ch Sun Jun 12 13:03:52 2005 From: stephane at sente.ch (=?ISO-8859-1?Q?St=E9phane_Corth=E9sy?=) Date: Sun Jun 12 13:00:14 2005 Subject: Embedding signatures Message-ID: <016D8ADB-61BB-44FA-B70F-BEFE4107A2A7@sente.ch> Hi, Has the following subject already been discussed on gnupg/OpenPGP/PGP lists? What about embedding document PGP signatures inside document meta- data, when file system supports it? When user signs a document, she usually creates a detached signature for it, and needs to take care of taking both file and its signature file when moving file or re-distributing it. It could be nicer for the user to have the signature part of the file, without modifying the file's content, this way redistribution would be easier. When file is copied and meta data would be lost, then user could re-detach signature and transmit it separately, and on the other side, user could re-assemble signature and file (this could be done quite transparently by user-level apps: a mail user agent, a web browser, the file system browser, etc.). On some filesystems you can add arbitrary meta data to files; e.g. on BSD there is a function setxattr() to set it. Why not add new options to gpg to support that kind of operations? 'gpg --embed-sign' would embed the signature into file's meta-data 'gpg --embedded-sig --verify' would verify the embedded signature of a file 'gpg --extract-sig' would extract the embedded signature of a file and make it a detached one 'gpg --embed-sig' would embed a detached signature into a file That's an informal request for comments. St?phane From dshaw at jabberwocky.com Sun Jun 12 16:35:00 2005 From: dshaw at jabberwocky.com (David Shaw) Date: Sun Jun 12 17:05:52 2005 Subject: Embedding signatures In-Reply-To: <016D8ADB-61BB-44FA-B70F-BEFE4107A2A7@sente.ch> References: <016D8ADB-61BB-44FA-B70F-BEFE4107A2A7@sente.ch> Message-ID: <20050612143500.GA5257@jabberwocky.com> On Sun, Jun 12, 2005 at 01:03:52PM +0200, St?phane Corth?sy wrote: > On some filesystems you can add arbitrary meta data to files; > e.g. on BSD there is a function setxattr() to set it. Why not add > new options to gpg to support that kind of operations? > > 'gpg --embed-sign' would embed the signature into file's meta-data > 'gpg --embedded-sig --verify' would verify the embedded signature of > a file > 'gpg --extract-sig' would extract the embedded signature of a file > and make it a detached one This is a very interesting idea, but you don't really need support in GnuPG for it. You can do it purely with the regular attribute tools. The "attr" program exists on both IRIX and Linux. I don't know about BSD, but it should be trivial to port since it's mainly a wrapper around getxattr and setxattr. Embed a signature: cat thefile | gpg --detach-sign | attr -q -s sign thefile Verify an embedded signature: attr -q -g sign thefile | gpg --verify - thefile Extract an embedded signature: attr -q -g sign thefile > thefile.sig David From rjh at sixdemonbag.org Mon Jun 13 11:35:44 2005 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon Jun 13 12:36:02 2005 Subject: Redirected I/O with GnuPG? Message-ID: <42AD5370.2030304@sixdemonbag.org> I'm hitting a stumbling block trying to write a small snippet of C# which fetches information about cipher preferences. Since I've not been able to find information about the keyring file format, I'm falling back to using GnuPG to do the keyring parsing. This is a suboptimal solution, but it'll do for reasonably small keyrings. The problem is that for some reason I'm entirely unable to read in anything from GnuPG's output. I'm invoking GnuPG as: gpg --command-fd 0 --status-fd 2 --no-tty --edit-key While I'm able to receive status messages on standard error, any attempt to read any amount of data from standard output will block indefinitely. This is not a Windows-specific problem: I've tried under Win32, OS X and Linux. Is there some magic command-line flag I'm missing here? Has anyone had similar experiences writing code which invokes GnuPG? From dshaw at jabberwocky.com Mon Jun 13 21:42:09 2005 From: dshaw at jabberwocky.com (David Shaw) Date: Mon Jun 13 21:38:20 2005 Subject: Redirected I/O with GnuPG? In-Reply-To: <42AD5370.2030304@sixdemonbag.org> References: <42AD5370.2030304@sixdemonbag.org> Message-ID: <20050613194209.GB14141@jabberwocky.com> On Mon, Jun 13, 2005 at 04:35:44AM -0500, Robert J. Hansen wrote: > I'm hitting a stumbling block trying to write a small snippet of C# > which fetches information about cipher preferences. Since I've not been > able to find information about the keyring file format, http://www.ietf.org/rfc/rfc2440.txt The keyrings are just key packets strung together. > I'm falling back > to using GnuPG to do the keyring parsing. This is a suboptimal > solution, but it'll do for reasonably small keyrings. > > The problem is that for some reason I'm entirely unable to read in > anything from GnuPG's output. I'm invoking GnuPG as: > > gpg --command-fd 0 --status-fd 2 --no-tty --edit-key > > While I'm able to receive status messages on standard error, any attempt > to read any amount of data from standard output will block indefinitely. Try adding --with-colons to your command line. David From prudek at bvx.cz Tue Jun 14 10:40:42 2005 From: prudek at bvx.cz (Milos Prudek) Date: Tue Jun 14 11:13:57 2005 Subject: ftp.gnupg.org down? Message-ID: <42AE980A.70505@bvx.cz> Hi, ftp.gnupg.org does not respond to anonymous login. Is this a known problem? This problem prevents compilation of KDE 3.4.1 from sources using the Konstruct script, and probably other KDE versions. -- Milos Prudek http://www.spoxdesign.com - your web usability testing From zix_ccbt1 at yahoo.ca Wed Jun 15 16:40:12 2005 From: zix_ccbt1 at yahoo.ca (ssdfsdlfk sldkfjsdlfksjdlfk) Date: Wed Jun 15 16:36:18 2005 Subject: Detecting a PGP-Inline encrypted and/or signed message Message-ID: <20050615144012.14748.qmail@web60612.mail.yahoo.com> Hi everyone, I was wondering if anyone knows the general procedure that most PGP applications follow in determining if a message has been PGP-Inline ENCRYPTED and/or SIGNED. I am creating a PGP-Inline detection algorithm, and I am trying to find the lowest common denominator in determining if a message is PGP-Inline encrypted and/or signed. For instance for a PGP-Inline encrypted message, could I just look at the plaintext MIME entity in the message, and look for the "-----BEGIN PGP MESSAGE-----" tag in the content body? Please help. Michael __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com From ahaas at airmail.net Mon Jun 13 22:00:17 2005 From: ahaas at airmail.net (Art Haas) Date: Fri Jun 17 16:58:50 2005 Subject: [PATCH] Add some AC_HELP_STRING macros to configure.ac Message-ID: <20050613200017.GO28962@artsapartment.org> Hi. Here's a small patch adding a couple of AC_HELP_STRING macros to the configure.ac file, and also a trivial change of AM_CONFIG_HEADER to AC_CONFIG_HEADER. Builds of the current CVS code have worked and passed the test suite. I'm building on i586-pc-linux-gnu (Debian Unstable), using the gcc-3.4 and gcc-4.0 packages. My thanks to everyone working on gnupg. Art Haas Index: configure.ac =================================================================== RCS file: /cvs/gnupg/gnupg/configure.ac,v retrieving revision 1.143 diff -u -r1.143 configure.ac --- configure.ac 31 May 2005 12:26:02 -0000 1.143 +++ configure.ac 13 Jun 2005 19:31:50 -0000 @@ -36,7 +36,7 @@ AC_CONFIG_SRCDIR(g10/g10.c) AC_CANONICAL_HOST AM_INIT_AUTOMAKE([std-options]) -AM_CONFIG_HEADER(config.h) +AC_CONFIG_HEADER(config.h) AC_GNU_SOURCE @@ -45,8 +45,9 @@ dnl AC_MSG_CHECKING([which random module to use]) AC_ARG_ENABLE(static-rnd, - [ --enable-static-rnd=[egd|unix|linux|auto] ], -[use_static_rnd=$enableval], [use_static_rnd=default] ) + AC_HELP_STRING([--enable-static-rnd=@<:@egd|unix|linux|auto@:>@], + [enable static random number generator]), + [use_static_rnd=$enableval], [use_static_rnd=default]) if test "$use_static_rnd" = no; then use_static_rnd=default @@ -66,8 +67,9 @@ esac AC_ARG_WITH(egd-socket, - [ --with-egd-socket=NAME use NAME for the EGD socket], - egd_socket_name="$withval", egd_socket_name="" ) + AC_HELP_STRING([--with-egd-socket=NAME], + [use NAME for the EGD socket]), + [egd_socket_name="$withval"], [egd_socket_name=""]) AC_DEFINE_UNQUOTED(EGD_SOCKET_NAME, "$egd_socket_name", [Define if you don't want the default EGD socket name. For details see cipher/rndegd.c]) @@ -89,14 +91,16 @@ AC_MSG_CHECKING([whether assembler modules are requested]) AC_ARG_ENABLE(asm, -[ --disable-asm do not use assembler modules], - try_asm_modules=$enableval, try_asm_modules=yes) + AC_HELP_STRING([--disable-asm], + [do not use assembler modules]), + try_asm_modules=$enableval, try_asm_modules=yes) AC_MSG_RESULT($try_asm_modules) AC_MSG_CHECKING([whether memory guard is requested]) AC_ARG_ENABLE(m-guard, - [ --enable-m-guard enable memory guard facility], - use_m_guard=$enableval, use_m_guard=no) + AC_HELP_STRING([--enable-m-guard], + [enable memory guard facility]), + [use_m_guard=$enableval], [use_m_guard=no]) AC_MSG_RESULT($use_m_guard) if test "$use_m_guard" = yes ; then AC_DEFINE(M_GUARD,1,[Define to use the (obsolete) malloc guarding feature]) @@ -304,7 +308,8 @@ if test "$gnupg_cv_enable_photo_viewers" = yes ; then AC_MSG_CHECKING([whether to use a fixed photo ID viewer]) AC_ARG_WITH(photo-viewer, - [ --with-photo-viewer=FIXED_VIEWER set a fixed photo ID viewer], + AC_HELP_STRING([--with-photo-viewer=FIXED_VIEWER], + [set a fixed photo ID viewer]), [if test "$withval" = yes ; then withval=no elif test "$withval" != no ; then @@ -378,8 +383,9 @@ AC_MSG_CHECKING([whether the included zlib is requested]) AC_ARG_WITH(included-zlib, - [ --with-included-zlib use the zlib code included here], -[g10_force_zlib="$withval"], [g10_force_zlib=no] ) + AC_HELP_STRING([--with-included-zlib], + [use the zlib code included here]), + [g10_force_zlib="$withval"], [g10_force_zlib=no]) AC_MSG_RESULT($g10_force_zlib) dnl @@ -412,8 +418,9 @@ dnl AC_MSG_CHECKING([whether use of capabilities is requested]) AC_ARG_WITH(capabilities, - [ --with-capabilities use linux capabilities [default=no]], -[use_capabilities="$withval"],[use_capabilities=no]) + AC_HELP_STRING([--with-capabilities], + [use linux capabilities @<:@default=no@:>@]), + [use_capabilities="$withval"], [use_capabilities=no]) AC_MSG_RESULT($use_capabilities) # To avoid double inclusion of config.h which might happen at some -- Man once surrendering his reason, has no remaining guard against absurdities the most monstrous, and like a ship without rudder, is the sport of every wind. -Thomas Jefferson to James Smith, 1822 From k.bube at web.de Fri Jun 17 11:25:43 2005 From: k.bube at web.de (Kevin Bube) Date: Fri Jun 17 16:58:52 2005 Subject: Gnupg or keyserver bug? Message-ID: Hi all, yesterday I encountered a gpg error while I tried to import a key from a keyserver. This is the first key where I saw this. ,---- | kevin@leibnitz:~/tmp $ gpg --keyserver blackhole.pca.dfn.de --homedir /tmp --recv-key EAE8EB6A | gpg: keyring `/tmp/secring.gpg' created | gpg: keyring `/tmp/pubring.gpg' created | gpg: requesting key EAE8EB6A from hkp server blackhole.pca.dfn.de | | gpg: Ohhhh jeeee: mpi crosses packet border | secmem usage: 0/0 bytes in 0/0 blocks of pool 0/32768 | Aborted | kevin@leibnitz:~/tmp $ gpg --version | gpg (GnuPG) 1.4.1 | Copyright (C) 2005 Free Software Foundation, Inc. | This program comes with ABSOLUTELY NO WARRANTY. | This is free software, and you are welcome to redistribute it | under certain conditions. See the file COPYING for details. | | Home: ~/.gnupg | Supported algorithms: | Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA | Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH | Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512 | Compression: Uncompressed, ZIP, ZLIB, BZIP2 `---- However if I use another keyserver this works: ,---- | kevin@leibnitz:~/tmp $ gpg --keyserver subkeys.pgp.net --homedir /tmp --recv-key EAE8EB6A | gpg: requesting key EAE8EB6A from hkp server subkeys.pgp.net | gpg: /tmp/trustdb.gpg: trustdb created | gpg: key EAE8EB6A: public key "Malte S. Stretz " imported | gpg: no ultimately trusted keys found | gpg: Total number processed: 1 | gpg: imported: 1 `---- Is this a GnuPG problem or one of the keyserver? Regards, Kevin P.S. Please CC: me as I am not on the list. -- publickey 2048R/0AFDFB19: http://www.icbm.de/~bube/publickey.asc fingerprint: 542B 1378 04AA AF1F 572E 78BF 1BF5 5C71 0AFD FB19 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 480 bytes Desc: not available Url : /pipermail/attachments/20050617/7cfc041d/attachment.pgp From jharris at widomaker.com Fri Jun 17 18:24:57 2005 From: jharris at widomaker.com (Jason Harris) Date: Fri Jun 17 18:58:28 2005 Subject: Gnupg or keyserver bug? In-Reply-To: References: Message-ID: <20050617162456.GY356@wilma.widomaker.com> Skipped content of type multipart/mixed-------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 309 bytes Desc: not available Url : /pipermail/attachments/20050617/5ec0026b/attachment.pgp From wk at gnupg.org Fri Jun 17 19:02:44 2005 From: wk at gnupg.org (Werner Koch) Date: Fri Jun 17 19:01:11 2005 Subject: [PATCH] Add some AC_HELP_STRING macros to configure.ac In-Reply-To: <20050613200017.GO28962@artsapartment.org> (Art Haas's message of "Mon, 13 Jun 2005 15:00:17 -0500") References: <20050613200017.GO28962@artsapartment.org> Message-ID: <87ekb0hq6j.fsf@wheatstone.g10code.de> On Mon, 13 Jun 2005 15:00:17 -0500, Art Haas said: > Here's a small patch adding a couple of AC_HELP_STRING macros to the > configure.ac file, and also a trivial change of AM_CONFIG_HEADER to > AC_CONFIG_HEADER. Thanks for preparing th patch. However we can't apply it because we would first need to exchange legal papers. For that cosmetic thing it is not really justified to go into these troubles. Shalom-Salam, Werner From wk at gnupg.org Fri Jun 17 19:06:35 2005 From: wk at gnupg.org (Werner Koch) Date: Fri Jun 17 19:06:08 2005 Subject: Gnupg or keyserver bug? In-Reply-To: (Kevin Bube's message of "Fri, 17 Jun 2005 11:25:43 +0200") References: Message-ID: <87aclohq04.fsf@wheatstone.g10code.de> On Fri, 17 Jun 2005 11:25:43 +0200, Kevin Bube said: > | kevin@leibnitz:~/tmp $ gpg --keyserver blackhole.pca.dfn.de --homedir /tmp --recv-key EAE8EB6A > | gpg: keyring `/tmp/secring.gpg' created > | gpg: keyring `/tmp/pubring.gpg' created > | gpg: requesting key EAE8EB6A from hkp server blackhole.pca.dfn.de > | > | gpg: Ohhhh jeeee: mpi crosses packet border This is due to a corrupted key received from that server. 1.4.2 will print a more friendly diagnostic in such cases. > | kevin@leibnitz:~/tmp $ gpg --keyserver subkeys.pgp.net --homedir /tmp --recv-key EAE8EB6A Better keyservers remove such cruft before processing such keys. This is the reason why you don't get the problem here. Old key server software (hkp or keyserver.net stuff) can't cope with OpenPGP and mangle keys. Don't use them. Salam-Shalom, Werner From k.bube at web.de Fri Jun 17 22:43:20 2005 From: k.bube at web.de (Kevin Bube) Date: Fri Jun 17 22:39:05 2005 Subject: Gnupg or keyserver bug? In-Reply-To: <20050617162456.GY356@wilma.widomaker.com> (Jason Harris's message of "Fri, 17 Jun 2005 12:24:57 -0400") References: <20050617162456.GY356@wilma.widomaker.com> Message-ID: Jason Harris writes: > blackhole.pca.dfn.de needs to be upgraded to the latest version of SKS. Ah, okay. So it's a server problem then. Thanks, Kevin -- publickey 2048R/0AFDFB19: http://www.icbm.de/~bube/publickey.asc fingerprint: 542B 1378 04AA AF1F 572E 78BF 1BF5 5C71 0AFD FB19 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 480 bytes Desc: not available Url : /pipermail/attachments/20050617/84ce3df4/attachment.pgp From t.schorpp at gmx.de Sun Jun 19 10:37:28 2005 From: t.schorpp at gmx.de (thomas schorpp) Date: Sun Jun 19 11:33:53 2005 Subject: fingerprint colorcode, copyright correction In-Reply-To: <4106DE03.2070900@gmx.de> References: <40F7F4A5.4000109@gmx.de> <20040716155249.GC13525@jabberwocky.com> <20040717004649.M26762@willy_wonka> <20040718140614.GE18366@jabberwocky.com> <4104275B.8060902@gmx.de> <20040725173638.K326@willy_wonka> <4105FB54.9070600@gmx.de> <20040727171322.N45133@willy_wonka> <4106DE03.2070900@gmx.de> Message-ID: <42B52EC8.2050403@gmx.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Thomas Schorpp wrote: hm, why does no one want to implement this? > > yes, sure, this is all free software here, as i understood, nobody needs > to wait for my implementations, im only holding the basic "idea". oh dear. i think, ive set copyright to proprietary here. that was NOT my intention. i hereby release all under latest GPL. im sorry for this, i was too new to oss that time and im no copyright-/patentlawyer. and it cant be "patented" since i published it that time on your list :D its "state of the art" since. > y > tom > p.s.: im on holidays from 3rd of august (if no wireless ap is in range, > at least ;) > > _______________________________________________ Gnupg-devel mailing list Gnupg-devel@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-devel Yours, Thomas Schorpp - -- - ---------------------------------------- Elektronische Unterschrift ist rechtsg?ltig gem?? RICHTLINIE 1999/93/EG DES EUROP?ISCHEN PARLAMENTS UND DES RATES vom 13. Dezember 1999 ?ber gemeinschaftliche Rahmenbedingungen f?r elektronische Signaturen Artikel 5 Abs. 2 i.V.m. ?23 SigG "ausl?ndische Produkte". Stammzertifikat ist bei http://www.thawte.com , http://www.cacert.org und subkeys.pgp.net verf?gbar. Digital Signature is lawful by DIRECTIVE 1999/93/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 13 December 1999 on a Community framework for electronic signatures Code 5 Part 2. Root Certificate is available from http://www.thawte.com , http://www.cacert.org and subkeys.pgp.net. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iQCVAwUBQrUuxGqsze5HSzyoAQM2/gP9HAFJ13YHzSLAj44T7LcktqM11HSrf3/Y +xP9jrA2UqeEYaydZREGQlVjSAmB0Ow4Me1pVnyjvJX3T9BWyYdHSpcwRgWa435a 0AaHNPgGoj2p6pQnezdPFLeRGCLx1dkve9kZ14RWB+qdMFTsDoLb4Gym39grAGr4 6Yr/fWNhVFc= =qlzI -----END PGP SIGNATURE----- -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3220 bytes Desc: S/MIME Cryptographic Signature Url : /pipermail/attachments/20050619/8810702b/smime.bin From marcus.brinkmann at ruhr-uni-bochum.de Mon Jun 20 21:34:22 2005 From: marcus.brinkmann at ruhr-uni-bochum.de (Marcus Brinkmann) Date: Mon Jun 20 21:30:21 2005 Subject: gpgme test fail (more info) In-Reply-To: <200501112121.45727.ryan@ostrich-emulators.com> References: <200501112121.45727.ryan@ostrich-emulators.com> Message-ID: <87ll54bz5t.wl@ulysses.g10code.de> Hi, sorry for the late reply. At Tue, 11 Jan 2005 21:21:45 -0500, ryan p bobko wrote: > I previously posted about some trouble I'm having running the tests from the > gpgme /tests/gpg directory. I've now confirmed this problem on another > system, so I thought I'd post more details. Basically, all of the tests > appear to fail even though the compilation and linking and whatnot seem to > succeed flawlessly. When reporting specific problems, please always include a log. If you can still reproduce this with the latest CVS versions, please give us the output of the failing tests (and for a single test, it is useful to see srcdir=. GNUPGHOME=. GPGME_DEBUG=3 ./t-decrypt [note: if you build in a separate directory from the source, set the source directory appropriately]). > with GCC 3.3.4. Also, the error seems to come from the call to > _gpgme_wait_on_condition (gpgme_ctx_t ctx, volatile int *cond) > in wait-private.c. I stuck a couple debug statements in there, and it looks > like it goes through the while loop several times before bombing on > err = item->handler (item->handler_value, ctx->fdt.fds[i].fd); > (about line 120). You should specify what you mean by "bombing". Does it segfault? Or does it just return an error here? If it segfaults, include a backtrace. If you get an error, that may or may not be correct, depending on which error occurs where. Some tests are designed to test the failing case, so an error here would be natural for them (but the actual test should succeed of course!). > Interestingly, the error value returned is 117440664, which > seems unusual to me. No, that's fine: $ gpg-error 117440664 117440664 = (7, 152) = (GPG_ERR_SOURCE_GPGME, GPG_ERR_DECRYPT_FAILED) = (GPGME, Decryption failed) > The handler_value is 134528664, which also seems a bit > odd to my mind. This is also fine: $ bc bc 1.06 Copyright 1991-1994, 1997, 1998, 2000 Free Software Foundation, Inc. This is free software with ABSOLUTELY NO WARRANTY. For details type `warranty'. obase=16 134528664 804BE98 0x804BE98 is likely very well within the data area of your application. So that's just a normal pointer. > Any ideas on what is causing this? I'm not well versed in the code, but the > values I just quoted seem like gibberish you might get from corrupted memory > or an overflowing uint or something. One needs more information to say more. Thanks, Marcus From wk at gnupg.org Mon Jun 20 21:58:24 2005 From: wk at gnupg.org (Werner Koch) Date: Mon Jun 20 22:13:37 2005 Subject: [Announce] GnuPG 1.9.17 (S/MIME and gpg-agent) released Message-ID: <87ll5494wv.fsf@wheatstone.g10code.de> Skipped content of type multipart/signed-------------- next part -------------- _______________________________________________ Gnupg-announce mailing list Gnupg-announce@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce From clbianco at tiscalinet.it Tue Jun 21 01:22:02 2005 From: clbianco at tiscalinet.it (Carlo Luciano Bianco) Date: Tue Jun 21 01:18:23 2005 Subject: BZip2 sources and GnuPG tarball Message-ID: Dear all, I was just wondering why BZip2 sources are not (yet?) inserted into the GnuPG tarball like zlib, gettext, regexp, etc. Is such inclusion planned, or are there some technical (or maybe legal) reasons preventing to do so? This is of course not a key issue for GnuPG development, but having BZip2 sources included in the GnuPG tarball can make life a bit easier, e.g. when cross-compiling GnuPG... Best regards, Carlo Luciano -- | Carlo Luciano Bianco | ICQ UIN: 109517158 | |______________________| Home page: | |GPG DSA/ElG 1024/4096:|_________________________________________________| |KeyID:0x5324A0DA - Fingerprint:8B00C61034120506111B143DEDBF71B45324A0DA | From dshaw at jabberwocky.com Tue Jun 21 03:58:58 2005 From: dshaw at jabberwocky.com (David Shaw) Date: Tue Jun 21 03:55:26 2005 Subject: BZip2 sources and GnuPG tarball In-Reply-To: References: Message-ID: <20050621015857.GA6289@jabberwocky.com> On Tue, Jun 21, 2005 at 01:22:02AM +0200, Carlo Luciano Bianco wrote: > Dear all, > > I was just wondering why BZip2 sources are not (yet?) inserted into the > GnuPG tarball like zlib, gettext, regexp, etc. > > Is such inclusion planned, or are there some technical (or maybe legal) > reasons preventing to do so? It is not planned. GnuPG can make use of many libraries, such as libcurl, libusb, libreadline, and yes, libbz2. It is just not possible for GnuPG to include all of them - it defeats the point of libraries. The included copies would inevitably fall out of date, they would have to be actively watched for new versions of security updates, and so on. GnuPG does include the zip library, since it is nearly impossible to interoperate between PGP and GnuPG without it, but that's a special case. Best to keep such special cases to a minimum. David From twoaday at gmx.net Tue Jun 21 07:59:41 2005 From: twoaday at gmx.net (Timo Schulz) Date: Tue Jun 21 08:55:24 2005 Subject: BZip2 sources and GnuPG tarball In-Reply-To: <20050621015857.GA6289@jabberwocky.com> References: <20050621015857.GA6289@jabberwocky.com> Message-ID: <20050621055941.GC350@daredevil.joesixpack.net> On Mon Jun 20 2005; 21:58, David Shaw wrote: > libcurl, libusb, libreadline, and yes, libbz2. It is just not > possible for GnuPG to include all of them - it defeats the point of > libraries. The included copies would inevitably fall out of date, > they would have to be actively watched for new versions of security And IIRC, zlib is just included to build the W32 binary without the dependency to have an external zlib lib (DLL) somewhere to provide basic OpenPGP functions. Timo From t.schorpp at gmx.de Tue Jun 21 11:06:56 2005 From: t.schorpp at gmx.de (thomas schorpp) Date: Tue Jun 21 11:03:22 2005 Subject: GnuPG 1.9.16/17 (S/MIME and gpg-agent) , importing pkcs12 fails: Invalid digest algorithm In-Reply-To: <87ll5494wv.fsf@wheatstone.g10code.de> References: <87ll5494wv.fsf@wheatstone.g10code.de> Message-ID: <42B7D8B0.4030404@gmx.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 hello, Werner Koch wrote: > Hello! > > We are pleased to announce the availability of GnuPG 1.9.17 > Happy hacking, > > Werner > me too :) 1. verifying telesec/regTP signed t-com bills works. 2. importing mozilla certmngr exported CACert.org cert doesnt work: (gdb) run Starting program: /usr/local/bin/gpgsm --import cacert-schorpp.p12 gpgsm: NOTE: THIS IS A DEVELOPMENT VERSION! gpgsm: It is only intended for test purposes and should NOT be gpgsm: used in a production environment or with production keys! gpgsm: gpgsm: GPG_TTY has not been set - using maybe bogus default gpgsm: gpg-protect-tool: gpg-agent is not available in this session gpgsm: gpg-protect-tool: error while asking for the passphrase: Invalid digest algorithm xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx gpgsm: error running `/usr/local/libexec/gpg-protect-tool': exit status 2 gpgsm: total number processed: 0 random usage: poolsize=600 mixed=0 polls=0/0 added=0/0 outmix=0 getlvl1=0/0 getlvl2=0/0 secmem usage: 0/16384 bytes in 0 blocks Program exited with code 02. (gdb) schorpp@tom1:~/data/tcom$ gpgsm --import thawte-schorpp.p12 gpgsm: NOTE: THIS IS A DEVELOPMENT VERSION! gpgsm: It is only intended for test purposes and should NOT be gpgsm: used in a production environment or with production keys! gpgsm: gpgsm: GPG_TTY has not been set - using maybe bogus default gpgsm: gpg-protect-tool: gpg-agent is not available in this session gpgsm: gpg-protect-tool: error while asking for the passphrase: Invalid digest algorithm gpgsm: error running `/usr/local/libexec/gpg-protect-tool': exit status 2 gpgsm: total number processed: 0 random usage: poolsize=600 mixed=0 polls=0/0 added=0/0 outmix=0 getlvl1=0/0 getlvl2=0/0 secmem usage: 0/16384 bytes in 0 blocks schorpp@tom1:~/data/tcom$ tom1:/home/schorpp/data/tcom# ldd /usr/local/bin/gpgsm libgcrypt.so.11 => /usr/lib/libgcrypt.so.11 (0xb7f7b000) libgpg-error.so.0 => /usr/lib/libgpg-error.so.0 (0xb7f76000) libksba.so.8 => /usr/local/lib/libksba.so.8 (0xb7f43000) libpth.so.20 => /usr/lib/libpth.so.20 (0xb7f30000) libdl.so.2 => /lib/tls/libdl.so.2 (0xb7f2d000) libz.so.1 => /usr/lib/libz.so.1 (0xb7f1b000) libc.so.6 => /lib/tls/libc.so.6 (0xb7de6000) libnsl.so.1 => /lib/tls/libnsl.so.1 (0xb7dd1000) /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0xb7fea000) tom1:/home/schorpp/data/tcom# bug? workaround? ideas? thx y tom -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iQCVAwUBQrfYrGqsze5HSzyoAQNTAwP/WUK8WtVzYwPqRJBEsUh8+WXszzyDx5p/ Tu5R/qpTxMDhQ97Wo8r0x17oJs7ql+CUcqjPL86wlzypu3kviqEuZnw3hxFek3mc VmILSWHEBDfpF/j5NcGyYxMnEvgrikMCGtqp4OAd86B5i9ZgPgf0lD9puO7q4hJ/ u5gjA+KUEK8= =B3uk -----END PGP SIGNATURE----- From wk at gnupg.org Tue Jun 21 11:23:39 2005 From: wk at gnupg.org (Werner Koch) Date: Tue Jun 21 11:21:15 2005 Subject: BZip2 sources and GnuPG tarball In-Reply-To: <20050621055941.GC350@daredevil.joesixpack.net> (Timo Schulz's message of "Tue, 21 Jun 2005 07:59:41 +0200") References: <20050621015857.GA6289@jabberwocky.com> <20050621055941.GC350@daredevil.joesixpack.net> Message-ID: <87zmtkxdus.fsf@wheatstone.g10code.de> On Tue, 21 Jun 2005 07:59:41 +0200, Timo Schulz said: > And IIRC, zlib is just included to build the W32 binary without the > dependency to have an external zlib lib (DLL) somewhere to provide > basic OpenPGP functions. and because zlib was not generally available back in 1998. Shalom-Salam, Werner From wk at gnupg.org Tue Jun 21 11:40:34 2005 From: wk at gnupg.org (Werner Koch) Date: Tue Jun 21 11:41:13 2005 Subject: GnuPG 1.9.16/17 (S/MIME and gpg-agent) , importing pkcs12 fails: Invalid digest algorithm In-Reply-To: <42B7D8B0.4030404@gmx.de> (thomas schorpp's message of "Tue, 21 Jun 2005 11:06:56 +0200") References: <87ll5494wv.fsf@wheatstone.g10code.de> <42B7D8B0.4030404@gmx.de> Message-ID: <87vf48xd2l.fsf@wheatstone.g10code.de> On Tue, 21 Jun 2005 11:06:56 +0200, thomas schorpp said: > 1. verifying telesec/regTP signed t-com bills works. Good to hear. > 2. importing mozilla certmngr exported CACert.org cert doesnt work: How do you export it from Mozilla? > gpgsm: gpg-protect-tool: gpg-agent is not available in this session start gpg-agent first (see "info gnupg"). Salam-Shalom, Werner From t.schorpp at gmx.de Tue Jun 21 12:17:37 2005 From: t.schorpp at gmx.de (thomas schorpp) Date: Tue Jun 21 12:13:56 2005 Subject: GnuPG 1.9.16/17 (S/MIME and gpg-agent) , importing pkcs12 fails: Invalid digest algorithm In-Reply-To: <87vf48xd2l.fsf@wheatstone.g10code.de> References: <87ll5494wv.fsf@wheatstone.g10code.de> <42B7D8B0.4030404@gmx.de> <87vf48xd2l.fsf@wheatstone.g10code.de> Message-ID: <42B7E941.4010406@gmx.de> Werner Koch wrote: > On Tue, 21 Jun 2005 11:06:56 +0200, thomas schorpp said: > > >>2. importing mozilla certmngr exported CACert.org cert doesnt work: > > > How do you export it from Mozilla? using the certmngr, only one way with button "backup", a passphrase to encrypt the private key must be supplied then. a pkcs12 file is created. > > >>gpgsm: gpg-protect-tool: gpg-agent is not available in this session > > > start gpg-agent first (see "info gnupg"). yes. readme states it too.. schorpp@tom1:~/data/tcom$ gpg-agent --daemon GPG_AGENT_INFO=/tmp/gpg-xXQRRa/S.gpg-agent:14368:1; export GPG_AGENT_INFO; schorpp@tom1:~/data/tcom$ schorpp@tom1:~/data/tcom$ schorpp@tom1:~/data/tcom$ gpgsm --import cacert-schorpp.p12 gpgsm: NOTE: THIS IS A DEVELOPMENT VERSION! gpgsm: It is only intended for test purposes and should NOT be gpgsm: used in a production environment or with production keys! gpgsm: gpgsm: GPG_TTY has not been set - using maybe bogus default gpgsm: gpg-protect-tool: gpg-agent is not available in this session <---??? gpgsm: gpg-protect-tool: error while asking for the passphrase: Invalid digest algorithm gpgsm: error running `/usr/local/libexec/gpg-protect-tool': exit status 2 gpgsm: total number processed: 0 random usage: poolsize=600 mixed=0 polls=0/0 added=0/0 outmix=0 getlvl1=0/0 getlvl2=0/0 secmem usage: 0/16384 bytes in 0 blocks schorpp@tom1:~/data/tcom$ schorpp@tom1:~/data/tcom$ ps -Af|grep gpg-agent schorpp 14368 1 0 12:00 ? 00:00:00 gpg-agent --daemon schorpp 14383 17431 0 12:01 pts/6 00:00:00 grep gpg-agent schorpp@tom1:~/data/tcom$ schorpp@tom1:~/data/tcom$ it cant connect to agent? ... From wk at gnupg.org Tue Jun 21 14:05:39 2005 From: wk at gnupg.org (Werner Koch) Date: Tue Jun 21 14:06:49 2005 Subject: GnuPG 1.9.16/17 (S/MIME and gpg-agent) , importing pkcs12 fails: Invalid digest algorithm In-Reply-To: <42B7E941.4010406@gmx.de> (thomas schorpp's message of "Tue, 21 Jun 2005 12:17:37 +0200") References: <87ll5494wv.fsf@wheatstone.g10code.de> <42B7D8B0.4030404@gmx.de> <87vf48xd2l.fsf@wheatstone.g10code.de> <42B7E941.4010406@gmx.de> Message-ID: <87hdfrykx8.fsf@wheatstone.g10code.de> On Tue, 21 Jun 2005 12:17:37 +0200, thomas schorpp said: > using the certmngr, only one way with button "backup", a passphrase to > encrypt the private key must be supplied then. > a pkcs12 file is created. Ah you were talking about a private key - I have not checked this for a long time. Will do so later. > schorpp@tom1:~/data/tcom$ gpg-agent --daemon > GPG_AGENT_INFO=/tmp/gpg-xXQRRa/S.gpg-agent:14368:1; export GPG_AGENT_INFO; @noindent The usual way to run the agent is from the @code{~/.xsession} file: @example eval `gpg-agent --daemon` @end example Note, the eval to get the stuff into your environment. Another and probably more elegant way is by using a new option: gpg-agent --daemon --write-env-file $HOME/.gpg-agent-info and then sourcing this file. This makes it pretty easy to carry the information to other sessions by adding for example [ -f "$HOME/.gpg-agent-info" ] && . "$HOME/.gpg-agent-info" to your .bashrc or .profile. While we are at it: What I am using is a script named ssh-agent: #!/bin/sh exec /usr/local/bin/gpg-agent --daemon \ --write-env-file $HOME/.gpg-agent-info \ --enable-ssh-support "$@" which replaces the orginal ssh-agent. The only drawback is that it won't work with ssh 1 keys - but I doubt that they are still in wide use. Salam-Shalom, Werner From t.schorpp at gmx.de Tue Jun 21 14:47:55 2005 From: t.schorpp at gmx.de (thomas schorpp) Date: Tue Jun 21 14:44:22 2005 Subject: GnuPG 1.9.16/17 (S/MIME and gpg-agent) , importing pkcs12 fails: Invalid digest algorithm In-Reply-To: <87hdfrykx8.fsf@wheatstone.g10code.de> References: <87ll5494wv.fsf@wheatstone.g10code.de> <42B7D8B0.4030404@gmx.de> <87vf48xd2l.fsf@wheatstone.g10code.de> <42B7E941.4010406@gmx.de> <87hdfrykx8.fsf@wheatstone.g10code.de> Message-ID: <42B80C7B.1070404@gmx.de> Werner Koch wrote: > On Tue, 21 Jun 2005 12:17:37 +0200, thomas schorpp said: > > Ah you were talking about a private key - I have not checked this for > a long time. Will do so later. ok > > >>schorpp@tom1:~/data/tcom$ gpg-agent --daemon >>GPG_AGENT_INFO=/tmp/gpg-xXQRRa/S.gpg-agent:14368:1; export GPG_AGENT_INFO; > > > @noindent > The usual way to run the agent is from the @code{~/.xsession} file: > > @example > eval `gpg-agent --daemon` > @end example > > Note, the eval to get the stuff into your environment. Another and > probably more elegant way is by using a new option: > > gpg-agent --daemon --write-env-file $HOME/.gpg-agent-info yes, tried this sooner, file is there this time again, result: schorpp@tom1:~/data/tcom$ gpgsm --import cacert-schorpp.p12 gpgsm: NOTE: THIS IS A DEVELOPMENT VERSION! gpgsm: It is only intended for test purposes and should NOT be gpgsm: used in a production environment or with production keys! gpgsm: gpgsm: GPG_TTY has not been set - using maybe bogus default gpgsm: gpg-protect-tool: gpg-agent is not available in this session gpgsm: gpg-protect-tool: error while asking for the passphrase: Invalid digest algorithm gpgsm: error running `/usr/local/libexec/gpg-protect-tool': exit status 2 gpgsm: total number processed: 0 random usage: poolsize=600 mixed=0 polls=0/0 added=0/0 outmix=0 getlvl1=0/0 getlvl2=0/0 secmem usage: 0/16384 bytes in 0 blocks schorpp@tom1:~/data/tcom$ socket is there in /tmp and listening: schorpp@tom1:~/data/tcom$ netstat -ap|grep gpg-agent (Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.) unix 2 [ ACC ] STREAM LISTENING 92640 16531/gpg-agent /tmp/gpg-jZ9CUq/S.gpg-agent schorpp@tom1:~/data/tcom$ > > and then sourcing this file. This makes it pretty easy to carry the > information to other sessions by adding for example > > [ -f "$HOME/.gpg-agent-info" ] && . "$HOME/.gpg-agent-info" > > to your .bashrc or .profile. While we are at it: What I am using is > a script named ssh-agent: > > #!/bin/sh > exec /usr/local/bin/gpg-agent --daemon \ > --write-env-file $HOME/.gpg-agent-info \ > --enable-ssh-support "$@" > > which replaces the orginal ssh-agent. The only drawback is that it > won't work with ssh 1 keys - but I doubt that they are still in wide > use. > ok schorpp@tom1:~$ /usr/local/bin/gpg-agent --daemon --write-env-file $HOME/.gpg-agent-info --enable-ssh-support can't connect to `/home/schorpp/.gnupg/log-socket': Connection refused GPG_AGENT_INFO=/tmp/gpg-Rs2cfT/S.gpg-agent:16862:1; export GPG_AGENT_INFO; SSH_AUTH_SOCK=/tmp/gpg-mFO8pC/S.gpg-agent.ssh; export SSH_AUTH_SOCK; SSH_AGENT_PID=16862; export SSH_AGENT_PID; no go: schorpp@tom1:~/data/tcom$ gpgsm --import cacert-schorpp.p12 gpgsm: NOTE: THIS IS A DEVELOPMENT VERSION! gpgsm: It is only intended for test purposes and should NOT be gpgsm: used in a production environment or with production keys! gpgsm: gpgsm: GPG_TTY has not been set - using maybe bogus default gpgsm: gpg-protect-tool: gpg-agent is not available in this session gpgsm: signal Segmentation fault caught ... exiting Segmentation fault XXXX reproducible at first call after starting agent XXX gpgsm: used in a production environment or with production keys! gpgsm: gpgsm: GPG_TTY has not been set - using maybe bogus default gpgsm: gpg-protect-tool: gpg-agent is not available in this session Program received signal SIGSEGV, Segmentation fault. 0xb7f39ad1 in pth_key_getdata () from /usr/lib/libpth.so.20 (gdb) (gdb) bt #0 0xb7f39ad1 in pth_key_getdata () from /usr/lib/libpth.so.20 #1 0xb7f38e97 in pth_event () from /usr/lib/libpth.so.20 #2 0xb7f3bcd1 in pth_waitpid () from /usr/lib/libpth.so.20 #3 0x0806e401 in gnupg_wait_process (pgmname=0x8073e60 "/usr/local/libexec/gpg-protect-tool", pid=16959) at exechelp.c:448 #4 0x08062861 in parse_p12 (ctrl=0x0, reader=0x0, retfp=0xbffff678, stats=0xbffff6c0) at import.c:637 #5 0x080621a6 in import_one (ctrl=0xbffff7a0, stats=0xbffff6c0, in_fd=0) at import.c:335 #6 0x08062553 in gpgsm_import_files (ctrl=0xbffff7a0, nfiles=1, files=0xbffff8cc, of=0x804eae0 ) at import.c:441 #7 0x0804d868 in main (argc=1, argv=0xbffff8cc) at gpgsm.c:1536 (gdb) schorpp@tom1:~/data/tcom$ schorpp@tom1:~/data/tcom$ gpgsm --import cacert-schorpp.p12 gpgsm: NOTE: THIS IS A DEVELOPMENT VERSION! gpgsm: It is only intended for test purposes and should NOT be gpgsm: used in a production environment or with production keys! gpgsm: gpgsm: GPG_TTY has not been set - using maybe bogus default gpgsm: gpg-protect-tool: gpg-agent is not available in this session gpgsm: gpg-protect-tool: error while asking for the passphrase: Invalid digest algorithm gpgsm: error running `/usr/local/libexec/gpg-protect-tool': exit status 2 gpgsm: total number processed: 0 random usage: poolsize=600 mixed=0 polls=0/0 added=0/0 outmix=0 getlvl1=0/0 getlvl2=0/0 secmem usage: 0/16384 bytes in 0 blocks schorpp@tom1:~/data/tcom$ btw, 1.9.15 debian packs are failing same way. y tom From t.schorpp at gmx.de Tue Jun 21 15:11:16 2005 From: t.schorpp at gmx.de (thomas schorpp) Date: Tue Jun 21 15:07:37 2005 Subject: GnuPG 1.9.16/17 (S/MIME and gpg-agent) , importing pkcs12 fails: Invalid digest algorithm In-Reply-To: <87hdfrykx8.fsf@wheatstone.g10code.de> References: <87ll5494wv.fsf@wheatstone.g10code.de> <42B7D8B0.4030404@gmx.de> <87vf48xd2l.fsf@wheatstone.g10code.de> <42B7E941.4010406@gmx.de> <87hdfrykx8.fsf@wheatstone.g10code.de> Message-ID: <42B811F4.1000206@gmx.de> Werner Koch wrote: > On Tue, 21 Jun 2005 12:17:37 +0200, thomas schorpp said: > > >>schorpp@tom1:~/data/tcom$ gpg-agent --daemon >>GPG_AGENT_INFO=/tmp/gpg-xXQRRa/S.gpg-agent:14368:1; export GPG_AGENT_INFO; > > > @noindent > The usual way to run the agent is from the @code{~/.xsession} file: > > @example > eval `gpg-agent --daemon` > @end example > schorpp@tom1:~/data/tcom$ /usr/local/bin/gpg-agent --daemon --write-env-file $HOME/.gpg-agent-info --enable-ssh-support can't connect to `/home/schorpp/.gnupg/log-socket': Connection refused GPG_AGENT_INFO=/tmp/gpg-Ugm3lS/S.gpg-agent:17174:1; export GPG_AGENT_INFO; XXX nothing gets exported here! XXXX SSH_AUTH_SOCK=/tmp/gpg-qebPDA/S.gpg-agent.ssh; export SSH_AUTH_SOCK; SSH_AGENT_PID=17174; export SSH_AGENT_PID; schorpp@tom1:~/data/tcom$ export GPG_AGENT_INFO=/tmp/gpg-Ugm3lS/S.gpg-agent gpgsm: used in a production environment or with production keys! gpgsm: gpgsm: GPG_TTY has not been set - using maybe bogus default gpgsm: gpg-protect-tool: malformed GPG_AGENT_INFO environment variable ??? gpgsm: gpg-protect-tool: error while asking for the passphrase: Invalid digest algorithm XXX catch all error message? XXX From t.schorpp at gmx.de Tue Jun 21 15:27:20 2005 From: t.schorpp at gmx.de (thomas schorpp) Date: Tue Jun 21 15:23:45 2005 Subject: GnuPG 1.9.16/17 (S/MIME and gpg-agent) , importing pkcs12 fails: Invalid digest algorithm In-Reply-To: <42B811F4.1000206@gmx.de> References: <87ll5494wv.fsf@wheatstone.g10code.de> <42B7D8B0.4030404@gmx.de> <87vf48xd2l.fsf@wheatstone.g10code.de> <42B7E941.4010406@gmx.de> <87hdfrykx8.fsf@wheatstone.g10code.de> <42B811F4.1000206@gmx.de> Message-ID: <42B815B8.50208@gmx.de> thomas schorpp wrote: > Werner Koch wrote: > >>On Tue, 21 Jun 2005 12:17:37 +0200, thomas schorpp said: >> >> > > >>>schorpp@tom1:~/data/tcom$ gpg-agent --daemon >>>GPG_AGENT_INFO=/tmp/gpg-xXQRRa/S.gpg-agent:14368:1; export GPG_AGENT_INFO; >> >> >> @noindent >> The usual way to run the agent is from the @code{~/.xsession} file: >> >> @example >> eval `gpg-agent --daemon` >> @end example >> > > > schorpp@tom1:~/data/tcom$ /usr/local/bin/gpg-agent --daemon > --write-env-file $HOME/.gpg-agent-info --enable-ssh-support > can't connect to `/home/schorpp/.gnupg/log-socket': Connection refused > GPG_AGENT_INFO=/tmp/gpg-Ugm3lS/S.gpg-agent:17174:1; export > GPG_AGENT_INFO; XXX nothing gets exported here! XXXX > SSH_AUTH_SOCK=/tmp/gpg-qebPDA/S.gpg-agent.ssh; export SSH_AUTH_SOCK; > SSH_AGENT_PID=17174; export SSH_AGENT_PID; > > schorpp@tom1:~/data/tcom$ export GPG_AGENT_INFO=/tmp/gpg-Ugm3lS/S.gpg-agent > > gpgsm: used in a production environment or with production keys! > gpgsm: gpgsm: GPG_TTY has not been set - using maybe bogus default > gpgsm: gpg-protect-tool: malformed GPG_AGENT_INFO environment variable ??? > gpgsm: gpg-protect-tool: error while asking for the passphrase: Invalid > digest algorithm XXX catch all error message? XXX > > > http://lists.debian.org/debian-devel-announce/2005/03/msg00020.html Package: gnupg-agent (debian/main) Maintainer: Matthias Urlichs 300128 [ ] [X] gnupg-agent: gpg-agent doesn't set environment variable $GPG_AGENT_INFO aha ;) anyway.. doesnt solve the problem. From t.schorpp at gmx.de Tue Jun 21 15:46:25 2005 From: t.schorpp at gmx.de (thomas schorpp) Date: Tue Jun 21 15:42:45 2005 Subject: GnuPG 1.9.16/17 (S/MIME and gpg-agent) , importing pkcs12 fails: Invalid digest algorithm In-Reply-To: <42B815B8.50208@gmx.de> References: <87ll5494wv.fsf@wheatstone.g10code.de> <42B7D8B0.4030404@gmx.de> <87vf48xd2l.fsf@wheatstone.g10code.de> <42B7E941.4010406@gmx.de> <87hdfrykx8.fsf@wheatstone.g10code.de> <42B811F4.1000206@gmx.de> <42B815B8.50208@gmx.de> Message-ID: <42B81A31.7020907@gmx.de> thomas schorpp wrote: > thomas schorpp wrote: > >>Werner Koch wrote: >> >> >>>On Tue, 21 Jun 2005 12:17:37 +0200, thomas schorpp said: >>> >>> >> >> >>>>schorpp@tom1:~/data/tcom$ gpg-agent --daemon >>>>GPG_AGENT_INFO=/tmp/gpg-xXQRRa/S.gpg-agent:14368:1; export GPG_AGENT_INFO; >>> >>> >>> @noindent >>> The usual way to run the agent is from the @code{~/.xsession} file: >>> >>> @example >>> eval `gpg-agent --daemon` >>> @end example >>> >> >> >>schorpp@tom1:~/data/tcom$ /usr/local/bin/gpg-agent --daemon >>--write-env-file $HOME/.gpg-agent-info --enable-ssh-support >>can't connect to `/home/schorpp/.gnupg/log-socket': Connection refused >>GPG_AGENT_INFO=/tmp/gpg-Ugm3lS/S.gpg-agent:17174:1; export >>GPG_AGENT_INFO; XXX nothing gets exported here! XXXX >>SSH_AUTH_SOCK=/tmp/gpg-qebPDA/S.gpg-agent.ssh; export SSH_AUTH_SOCK; >>SSH_AGENT_PID=17174; export SSH_AGENT_PID; >> >>schorpp@tom1:~/data/tcom$ export GPG_AGENT_INFO=/tmp/gpg-Ugm3lS/S.gpg-agent >> >>gpgsm: used in a production environment or with production keys! >>gpgsm: gpgsm: GPG_TTY has not been set - using maybe bogus default >>gpgsm: gpg-protect-tool: malformed GPG_AGENT_INFO environment variable ??? >>gpgsm: gpg-protect-tool: error while asking for the passphrase: Invalid >>digest algorithm XXX catch all error message? XXX >> >> >> > > > http://lists.debian.org/debian-devel-announce/2005/03/msg00020.html > > Package: gnupg-agent (debian/main) > Maintainer: Matthias Urlichs > 300128 [ ] [X] gnupg-agent: gpg-agent doesn't set environment > variable $GPG_AGENT_INFO > > aha ;) > > anyway.. doesnt solve the problem. > schorpp@tom1:~/data/tcom$ export GPG_AGENT_INFO=/tmp/gpg-Ugm3lS/S.gpg-agent:17174:1 schorpp@tom1:~/data/tcom$ schorpp@tom1:~/data/tcom$ gpgsm --import cacert-schorpp.p12 gpgsm: NOTE: THIS IS A DEVELOPMENT VERSION! gpgsm: It is only intended for test purposes and should NOT be gpgsm: used in a production environment or with production keys! gpgsm: gpgsm: GPG_TTY has not been set - using maybe bogus default gpgsm: gpg-protect-tool: problem with the agent gpgsm: gpg-protect-tool: error while asking for the passphrase: Invalid public key algorithm gpgsm: error running `/usr/local/libexec/gpg-protect-tool': exit status 2 gpgsm: total number processed: 0 random usage: poolsize=600 mixed=0 polls=0/0 added=0/0 outmix=0 getlvl1=0/0 getlvl2=0/0 secmem usage: 0/16384 bytes in 0 blocks schorpp@tom1:~/data/tcom$ ok, checking pinentry ant then giving up. From wk at gnupg.org Tue Jun 21 16:01:06 2005 From: wk at gnupg.org (Werner Koch) Date: Tue Jun 21 16:01:17 2005 Subject: GnuPG 1.9.16/17 (S/MIME and gpg-agent) , importing pkcs12 fails: Invalid digest algorithm In-Reply-To: <42B811F4.1000206@gmx.de> (thomas schorpp's message of "Tue, 21 Jun 2005 15:11:16 +0200") References: <87ll5494wv.fsf@wheatstone.g10code.de> <42B7D8B0.4030404@gmx.de> <87vf48xd2l.fsf@wheatstone.g10code.de> <42B7E941.4010406@gmx.de> <87hdfrykx8.fsf@wheatstone.g10code.de> <42B811F4.1000206@gmx.de> Message-ID: <87mzpjx10d.fsf@wheatstone.g10code.de> Hi! that's all very strange. I am leaving for the LinuxTag early tomorrow and have to prepare sme things first. If your are too coming to Karlsruhe we can meet at the FSFE booth and check what's going on. Salam-Shalom, Werner From t.schorpp at gmx.de Tue Jun 21 16:08:32 2005 From: t.schorpp at gmx.de (thomas schorpp) Date: Tue Jun 21 16:04:54 2005 Subject: GnuPG 1.9.16/17 (S/MIME and gpg-agent) , importing pkcs12 fails: Invalid digest algorithm In-Reply-To: <42B815B8.50208@gmx.de> References: <87ll5494wv.fsf@wheatstone.g10code.de> <42B7D8B0.4030404@gmx.de> <87vf48xd2l.fsf@wheatstone.g10code.de> <42B7E941.4010406@gmx.de> <87hdfrykx8.fsf@wheatstone.g10code.de> <42B811F4.1000206@gmx.de> <42B815B8.50208@gmx.de> Message-ID: <42B81F60.50409@gmx.de> thomas schorpp wrote: > thomas schorpp wrote: > >>Werner Koch wrote: >> >> >>>On Tue, 21 Jun 2005 12:17:37 +0200, thomas schorpp said: >>> >>> >> >> >>>>schorpp@tom1:~/data/tcom$ gpg-agent --daemon >>>>GPG_AGENT_INFO=/tmp/gpg-xXQRRa/S.gpg-agent:14368:1; export GPG_AGENT_INFO; >>> >>> >>> @noindent >>> The usual way to run the agent is from the @code{~/.xsession} file: >>> >>> @example >>> eval `gpg-agent --daemon` >>> @end example >>> >> >> >>schorpp@tom1:~/data/tcom$ /usr/local/bin/gpg-agent --daemon >>--write-env-file $HOME/.gpg-agent-info --enable-ssh-support >>can't connect to `/home/schorpp/.gnupg/log-socket': Connection refused >>GPG_AGENT_INFO=/tmp/gpg-Ugm3lS/S.gpg-agent:17174:1; export >>GPG_AGENT_INFO; XXX nothing gets exported here! XXXX >>SSH_AUTH_SOCK=/tmp/gpg-qebPDA/S.gpg-agent.ssh; export SSH_AUTH_SOCK; >>SSH_AGENT_PID=17174; export SSH_AGENT_PID; >> >>schorpp@tom1:~/data/tcom$ export GPG_AGENT_INFO=/tmp/gpg-Ugm3lS/S.gpg-agent >> >>gpgsm: used in a production environment or with production keys! >>gpgsm: gpgsm: GPG_TTY has not been set - using maybe bogus default >>gpgsm: gpg-protect-tool: malformed GPG_AGENT_INFO environment variable ??? >>gpgsm: gpg-protect-tool: error while asking for the passphrase: Invalid >>digest algorithm XXX catch all error message? XXX >> >> >> > > > http://lists.debian.org/debian-devel-announce/2005/03/msg00020.html > > Package: gnupg-agent (debian/main) > Maintainer: Matthias Urlichs > 300128 [ ] [X] gnupg-agent: gpg-agent doesn't set environment > variable $GPG_AGENT_INFO > > aha ;) > > anyway.. doesnt solve the problem. > > _______________________________________________ > Gnupg-devel mailing list > Gnupg-devel@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-devel > > ok, pointing the right pinentry is ok: schorpp@tom1:~/data/tcom$ /usr/local/bin/gpg-agent --daemon --write-env-file $HOME/.gpg-agent-info --enable-ssh-support --verbose --pinentry-program /usr/bin/pinentry GPG_AGENT_INFO=/tmp/gpg-JRoQxZ/S.gpg-agent:18107:1; export GPG_AGENT_INFO; SSH_AUTH_SOCK=/tmp/gpg-okoL0O/S.gpg-agent.ssh; export SSH_AUTH_SOCK; SSH_AGENT_PID=18107; export SSH_AGENT_PID; schorpp@tom1:~/data/tcom$ schorpp@tom1:~/data/tcom$ schorpp@tom1:~/data/tcom$ schorpp@tom1:~/data/tcom$ export GPG_AGENT_INFO=/tmp/gpg-JRoQxZ/S.gpg-agent:18107:1 schorpp@tom1:~/data/tcom$ schorpp@tom1:~/data/tcom$ schorpp@tom1:~/data/tcom$ gpgsm --import cacert-schorpp.p12 gpgsm: NOTE: THIS IS A DEVELOPMENT VERSION! gpgsm: It is only intended for test purposes and should NOT be gpgsm: used in a production environment or with production keys! gpgsm: gpgsm: GPG_TTY has not been set - using maybe bogus default gpgsm: gpg-protect-tool: error at "bags", offset 24 XXXXXXXXXXXXXXXXX gpgsm: gpg-protect-tool: error parsing or decrypting the PKCS-12 file gpgsm: error running `/usr/local/libexec/gpg-protect-tool': exit status 2 gpgsm: total number processed: 0 random usage: poolsize=600 mixed=0 polls=0/0 added=0/0 outmix=0 getlvl1=0/0 getlvl2=0/0 secmem usage: 0/16384 bytes in 0 blocks schorpp@tom1:~/data/tcom$ From wk at gnupg.org Tue Jun 21 16:44:35 2005 From: wk at gnupg.org (Werner Koch) Date: Tue Jun 21 16:49:22 2005 Subject: [Announce] Second release candidate for GnuPG 1.4.2 available Message-ID: <87d5qfwyzw.fsf@wheatstone.g10code.de> Skipped content of type multipart/signed-------------- next part -------------- _______________________________________________ Gnupg-announce mailing list Gnupg-announce@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce From gpg at tec4you.net Tue Jun 21 17:40:09 2005 From: gpg at tec4you.net (Raphael Lechner) Date: Tue Jun 21 18:36:09 2005 Subject: Build error gnupg-1.9.17 on Debian Message-ID: <42B834D9.6020700@tec4you.net> Hello I have trouble to build the gnupg-1.9.17 on a Debian Sarge Machine. First i have installed libassuan-0.6.10 without problem but when i build gnupg the compiler exists with errors: if i386-linux-gcc -DHAVE_CONFIG_H -I. -I. -I.. -I../gl -I../common - -I../intl -DLOCALEDIR=\"/usr/share/locale\" - -DGNUPG_BINDIR="\"/usr/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/libexec\"" - -DGNUPG_LIBDIR="\"/usr/lib/gnupg\"" - -DGNUPG_DATADIR="\"/usr/share/gnupg\"" -I/usr/include -Wall -g - -O2 -Wall -MT call-scd.o -MD -MP -MF ".deps/call-scd.Tpo" -c -o call-scd.o call-scd.c; \ then mv -f ".deps/call-scd.Tpo" ".deps/call-scd.Po"; else rm -f ".deps/call-scd.Tpo"; exit 1; fi call-scd.c: In Function ?agent_scd_check_aliveness?: call-scd.c:409: Warning: implicit declaration of function `assuan_set_flag' call-scd.c:409: error: `ASSUAN_NO_WAITPID' undeclared (first use in this function) call-scd.c:409: error: (Each undeclared identifier is reported only once call-scd.c:409: error: for each function it appears in.) make[3]: *** [call-scd.o] Fehler 1 make[3]: Leaving directory `gnupg-1.9.17/agent' make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory `gnupg-1.9.17' make[1]: *** [all] Error 2 make[1]: Leaving directory `gnupg-1.9.17' make: *** [build-stamp] Error 2 Always the same error with gcc-2,95,gcc3.3,gcc3,4 What can i do ? Thank you Raphael Lechner From t.schorpp at gmx.de Tue Jun 21 22:04:38 2005 From: t.schorpp at gmx.de (thomas schorpp) Date: Tue Jun 21 22:01:11 2005 Subject: GnuPG 1.9.15/16/17 (S/MIME and gpg-agent) , gpg-protect-tool: error at "bags", offset 24 In-Reply-To: <42B81F60.50409@gmx.de> References: <87ll5494wv.fsf@wheatstone.g10code.de> <42B7D8B0.4030404@gmx.de> <87vf48xd2l.fsf@wheatstone.g10code.de> <42B7E941.4010406@gmx.de> <87hdfrykx8.fsf@wheatstone.g10code.de> <42B811F4.1000206@gmx.de> <42B815B8.50208@gmx.de> <42B81F60.50409@gmx.de> Message-ID: <42B872D6.9000908@gmx.de> > schorpp@tom1:~/data/tcom$ gpgsm --import cacert-schorpp.p12 > gpgsm: NOTE: THIS IS A DEVELOPMENT VERSION! > gpgsm: It is only intended for test purposes and should NOT be > gpgsm: used in a production environment or with production keys! > gpgsm: gpgsm: GPG_TTY has not been set - using maybe bogus default > gpgsm: gpg-protect-tool: error at "bags", offset 24 XXXXXXXXXXXXXXXXX > gpgsm: gpg-protect-tool: error parsing or decrypting the PKCS-12 file > gpgsm: error running `/usr/local/libexec/gpg-protect-tool': exit status 2 > gpgsm: total number processed: 0 > random usage: poolsize=600 mixed=0 polls=0/0 added=0/0 > outmix=0 getlvl1=0/0 getlvl2=0/0 > secmem usage: 0/16384 bytes in 0 blocks > schorpp@tom1:~/data/tcom$ > ti = {class = 0, is_constructed = 0, tag = 4, length = 1, nhdr = 2, ndef = 0} where = "bags"; if (parse_tag (&p, &n, &ti)) goto bailout; if (ti.class != UNIVERSAL || ti.tag != TAG_SEQUENCE) goto bailout; xxxx kickout xxx dont know why, yet... From t.schorpp at gmx.de Tue Jun 21 22:12:36 2005 From: t.schorpp at gmx.de (thomas schorpp) Date: Tue Jun 21 22:09:04 2005 Subject: Build error gnupg-1.9.17 on Debian In-Reply-To: <42B834D9.6020700@tec4you.net> References: <42B834D9.6020700@tec4you.net> Message-ID: <42B874B4.8090904@gmx.de> Raphael Lechner wrote: > call-scd.c:409: Warning: implicit declaration of function `assuan_set_flag' > call-scd.c:409: error: `ASSUAN_NO_WAITPID' undeclared (first use in this > function) > call-scd.c:409: error: (Each undeclared identifier is reported only once > call-scd.c:409: error: for each function it appears in.) > make[3]: *** [call-scd.o] Fehler 1 > make[3]: Leaving directory `gnupg-1.9.17/agent' > make[2]: *** [all-recursive] Error 1 > make[2]: Leaving directory `gnupg-1.9.17' > make[1]: *** [all] Error 2 > make[1]: Leaving directory `gnupg-1.9.17' > make: *** [build-stamp] Error 2 > > Always the same error with gcc-2,95,gcc3.3,gcc3,4 > > What can i do ? > youve a header hell here and will get a lib hell on linking later. dpkg -r (--force-depends) libassuan(-dev)... { all gnupg2 related packs } dont forget latest libksba configure with prefix /usr/local From clbianco at tiscalinet.it Wed Jun 22 11:59:39 2005 From: clbianco at tiscalinet.it (Carlo Luciano Bianco) Date: Wed Jun 22 11:56:58 2005 Subject: BZip2 sources and GnuPG tarball References: <20050621015857.GA6289@jabberwocky.com> Message-ID: Il /21 giu 2005/, *David Shaw* ha scritto: > On Tue, Jun 21, 2005 at 01:22:02AM +0200, Carlo Luciano Bianco wrote: >> I was just wondering why BZip2 sources are not (yet?) inserted into the >> GnuPG tarball like zlib, gettext, regexp, etc. >> >> Is such inclusion planned, or are there some technical (or maybe legal) >> reasons preventing to do so? > > It is not planned. OK, perfect... ;-) > GnuPG can make use of many libraries, such as > libcurl, libusb, libreadline, and yes, libbz2. It is just not > possible for GnuPG to include all of them - it defeats the point of > libraries. The included copies would inevitably fall out of date, > they would have to be actively watched for new versions of security > updates, and so on. I fully agree with your point. That's why on my page I focus on using external libraries to build GnuPG, even in the case of zlib and libintl. > GnuPG does include the zip library, since it is nearly impossible to > interoperate between PGP and GnuPG without it, but that's a special > case. Best to keep such special cases to a minimum. Again, I fully agree. I will then have to add to my page the instructions on how to download and build libbz2, if the compatibility problems with the pre- built files on GnuWin32 page will not be solved soon... Thank you (and of course Timo and Werner) for the replies! Carlo Luciano -- | Carlo Luciano Bianco | ICQ UIN: 109517158 | |______________________| Home page: | |GPG DSA/ElG 1024/4096:|_________________________________________________| |KeyID:0x5324A0DA - Fingerprint:8B00C61034120506111B143DEDBF71B45324A0DA | From wk at gnupg.org Wed Jun 22 07:59:12 2005 From: wk at gnupg.org (Werner Koch) Date: Wed Jun 22 13:34:10 2005 Subject: GnuPG 1.9.15/16/17 (S/MIME and gpg-agent) , gpg-protect-tool: error at "bags", offset 24 In-Reply-To: <42B872D6.9000908@gmx.de> (thomas schorpp's message of "Tue, 21 Jun 2005 22:04:38 +0200") References: <87ll5494wv.fsf@wheatstone.g10code.de> <42B7D8B0.4030404@gmx.de> <87vf48xd2l.fsf@wheatstone.g10code.de> <42B7E941.4010406@gmx.de> <87hdfrykx8.fsf@wheatstone.g10code.de> <42B811F4.1000206@gmx.de> <42B815B8.50208@gmx.de> <42B81F60.50409@gmx.de> <42B872D6.9000908@gmx.de> Message-ID: <87zmtjlyof.fsf@wheatstone.g10code.de> On Tue, 21 Jun 2005 22:04:38 +0200, thomas schorpp said: > ti = {class = 0, is_constructed = 0, tag = 4, length = 1, nhdr = 2, ndef > = 0} Okay, this is a STRING and not a SEQUENCE. I need to look at the whole context to fix this. Getting all variants, wrong and correct ASN.1 encodings of PKCS#12 right isn't a tricial task. Frankly, there is a reason that it is called minip12.c. Salam-Shalom, Werner From wk at gnupg.org Wed Jun 22 08:02:42 2005 From: wk at gnupg.org (Werner Koch) Date: Wed Jun 22 13:34:18 2005 Subject: Build error gnupg-1.9.17 on Debian In-Reply-To: <42B834D9.6020700@tec4you.net> (Raphael Lechner's message of "Tue, 21 Jun 2005 17:40:09 +0200") References: <42B834D9.6020700@tec4you.net> Message-ID: <87vf47lyil.fsf@wheatstone.g10code.de> On Tue, 21 Jun 2005 17:40:09 +0200, Raphael Lechner said: > I have trouble to build the gnupg-1.9.17 on a Debian Sarge Machine. > First i have installed libassuan-0.6.10 without problem but when i build > gnupg the compiler exists with errors: sure that you installed libassuan correctly? What does libassuan-config --versions; libassuan-config --cflags tell you? > if i386-linux-gcc -DHAVE_CONFIG_H -I. -I. -I.. -I../gl -I../common > - -I../intl -DLOCALEDIR=\"/usr/share/locale\" > - -DGNUPG_BINDIR="\"/usr/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/libexec\"" > - -DGNUPG_LIBDIR="\"/usr/lib/gnupg\"" > - -DGNUPG_DATADIR="\"/usr/share/gnupg\"" -I/usr/include -Wall -g > - -O2 -Wall -MT call-scd.o -MD -MP -MF ".deps/call-scd.Tpo" -c -o I general I would expect to see a /usr/local/include here. Is there another version of libassuan installed. Shalom-Salam, Werner From wk at gnupg.org Wed Jun 22 08:04:55 2005 From: wk at gnupg.org (Werner Koch) Date: Wed Jun 22 13:34:27 2005 Subject: Build error gnupg-1.9.17 on Debian In-Reply-To: <42B874B4.8090904@gmx.de> (thomas schorpp's message of "Tue, 21 Jun 2005 22:12:36 +0200") References: <42B834D9.6020700@tec4you.net> <42B874B4.8090904@gmx.de> Message-ID: <87r7evlyew.fsf@wheatstone.g10code.de> On Tue, 21 Jun 2005 22:12:36 +0200, thomas schorpp said: > dpkg -r (--force-depends) libassuan(-dev)... > { all gnupg2 related packs } You might want to use equivs for all gnupg packages to tell dpkg that your care for yourself about them, Salam-Shalom, Werner From folkert at vanheusden.com Wed Jun 22 14:01:13 2005 From: folkert at vanheusden.com (Folkert van Heusden) Date: Wed Jun 22 13:56:50 2005 Subject: gpgme: retrieving a key with its signatures takes a long time Message-ID: <20050622120113.GY29979@vanheusden.com> Hi, Can someone explain me why it takes such a (relatively) long time to retrieve a key with it's signatures from a (public) keyring? Did a little profiling and found out that aprox 90% of the cpu-time was used for math-operations (that large number library). Are the signatures also checked for validity or so? If so: can I disable this check? I'm writing a keyring statistics program for keyserver-keyrings and with such large keyrings (2.8 milion keys) all this match makes things to slow (it would take months to process on a 1GHz P3). Folkert van Heusden -- Auto te koop, zie: http://www.vanheusden.com/daihatsu.php Op zoek naar een IT of Finance baan? Mail me voor de mogelijkheden. -------------------------------------------------------------------- UNIX admin? Then give MultiTail (http://vanheusden.com/multitail/) a try, it brings monitoring logfiles to a different level! See http://vanheusden.com/multitail/features.html for a feature-list. -------------------------------------------------------------------- Phone: +31-6-41278122, PGP-key: 1F28D8AE Get your PGP/GPG key signed at www.biglumber.com! From gpg at tec4you.net Wed Jun 22 14:19:22 2005 From: gpg at tec4you.net (Raphael Lechner) Date: Wed Jun 22 14:15:15 2005 Subject: Build error gnupg-1.9.17 on Debian In-Reply-To: <87vf47lyil.fsf@wheatstone.g10code.de> References: <42B834D9.6020700@tec4you.net> <87vf47lyil.fsf@wheatstone.g10code.de> Message-ID: <42B9574A.4000101@tec4you.net> >Werner Koch schrieb: >> On Tue, 21 Jun 2005 17:40:09 +0200, Raphael Lechner said: >>I have trouble to build the gnupg-1.9.17 on a Debian Sarge Machine. >>First i have installed libassuan-0.6.10 without problem but when i build >>gnupg the compiler exists with errors: > I general I would expect to see a /usr/local/include here. > Is there another version of libassuan installed. OK.I rebuild libassuan(0.6.10) with the prefix /usr/local. I have removed all libksba Versions and installed the version 0.9.11(prefix /usr/local). This solve all my Problems.;-) Thank you for the help Raphael Lechner From beebe at math.utah.edu Wed Jun 22 14:20:55 2005 From: beebe at math.utah.edu (Nelson H. F. Beebe) Date: Wed Jun 22 14:36:18 2005 Subject: gnupg-1.4.2rc2 and SGI IRIX 6.5 Message-ID: A build of gnupg-1.4.2rc2 on SGI IRIX 6.5 failed with native compilers, and there are many warnings that indicate logical errors in the code, or the need for suitable type casts or type matching. Here is a summary of the compiler complaints: ======================================================================== Machinetype: SGI Origin/200-4 (180 MHz) (4 CPUs); IRIX 6.5 Remote cc version: MIPSpro Compilers: Version 7.3.1.3m Configure environment: CC=cc CFLAGS=-I/usr/local/include CXX=CC CXXFLAGS=-I/usr/local/include LDFLAGS=-Wl,-rpath,/usr/local/lib cc -DHAVE_CONFIG_H -I. -I. -I.. -I.. -I../include -I../intl -I/usr/local/include -I/usr/local/include -c miscutil.c cc-1164 cc: WARNING File = miscutil.c, Line = 255 Argument of type "const byte *" is incompatible with parameter of type "const char *". buf = utf8_to_native ( p, n, delim ); ^ cc -DHAVE_CONFIG_H -I. -I. -I.. -I.. -I../include -I../intl -I/usr/local/include -I/usr/local/include -c strgutil.c cc-1515 cc: WARNING File = strgutil.c, Line = 291 A value of type "const char *" cannot be assigned to an entity of type "const byte *". for( t=buf, n=buflen, s=sub ; n ; t++, n-- ) ^ cc-1515 cc: WARNING File = strgutil.c, Line = 291 A value of type "const char *" cannot be assigned to an entity of type "const byte *". for( t=buf, n=buflen, s=sub ; n ; t++, n-- ) ^ cc-1515 cc: WARNING File = strgutil.c, Line = 293 A value of type "const byte *" cannot be assigned to an entity of type "const char *". for( buf=t++, buflen = n--, s++; ^ cc-1515 cc: WARNING File = strgutil.c, Line = 298 A value of type "const char *" cannot be assigned to an entity of type "const byte *". t = buf; n = buflen; s = sub ; ^ cc-1515 cc: WARNING File = strgutil.c, Line = 298 A value of type "const char *" cannot be assigned to an entity of type "const byte *". t = buf; n = buflen; s = sub ; ^ cc-1515 cc: WARNING File = strgutil.c, Line = 310 A value of type "const char *" cannot be assigned to an entity of type "const byte *". for( t=buf, n=buflen, s=sub ; n ; t++, n-- ) ^ cc-1515 cc: WARNING File = strgutil.c, Line = 310 A value of type "const char *" cannot be assigned to an entity of type "const byte *". for( t=buf, n=buflen, s=sub ; n ; t++, n-- ) ^ cc-1515 cc: WARNING File = strgutil.c, Line = 312 A value of type "const byte *" cannot be assigned to an entity of type "const char *". for( buf=t++, buflen = n--, s++; ^ cc-1515 cc: WARNING File = strgutil.c, Line = 317 A value of type "const char *" cannot be assigned to an entity of type "const byte *". t = buf; n = buflen; s = sub ; ^ cc-1515 cc: WARNING File = strgutil.c, Line = 317 A value of type "const char *" cannot be assigned to an entity of type "const byte *". t = buf; n = buflen; s = sub ; ^ cc-1515 cc: WARNING File = strgutil.c, Line = 685 A value of type "const char *" cannot be assigned to an entity of type "const byte *". for(s=string; *s; s++ ) ^ cc-1515 cc: WARNING File = strgutil.c, Line = 692 A value of type "char *" cannot be assigned to an entity of type "byte *". for(p=buffer, s=string; *s; s++ ) ^ cc-1515 cc: WARNING File = strgutil.c, Line = 692 A value of type "const char *" cannot be assigned to an entity of type "const byte *". for(p=buffer, s=string; *s; s++ ) ^ cc-1515 cc: WARNING File = strgutil.c, Line = 719 A value of type "const char *" cannot be assigned to an entity of type "const byte *". for (s=string; *s; s++ ) ^ cc-1515 cc: WARNING File = strgutil.c, Line = 808 A value of type "const char *" cannot be assigned to an entity of type "const byte *". for( slen=length, nleft=encidx=0, n=0, s=string; slen; s++, slen-- ) { ^ cc-1164 cc: WARNING File = strgutil.c, Line = 813 Argument of type "byte *" is incompatible with parameter of type "char *". sprintf(p, "\\x%02x", *s ); ^ cc-1164 cc: WARNING File = strgutil.c, Line = 839 Argument of type "byte *" is incompatible with parameter of type "char *". sprintf( p, "x%02x", *s ); ^ cc-1164 cc: WARNING File = strgutil.c, Line = 882 Argument of type "byte *" is incompatible with parameter of type "char *". sprintf(p, "\\x%02x", *s ); ^ cc-1164 cc: WARNING File = strgutil.c, Line = 892 Argument of type "byte *" is incompatible with parameter of type "char *". sprintf(p, "\\x%02x", encbuf[i] ); ^ cc-1164 cc: WARNING File = strgutil.c, Line = 895 Argument of type "byte *" is incompatible with parameter of type "char *". sprintf(p, "\\x%02x", *s ); ^ cc-1164 cc: WARNING File = strgutil.c, Line = 952 Argument of type "byte *" is incompatible with parameter of type "char *". sprintf(p, "\\x%02x", encbuf[i] ); ^ cc-1164 cc: WARNING File = strgutil.c, Line = 968 Argument of type "byte *" is incompatible with parameter of type "char *". sprintf(p, "\\x%02x", encbuf[i] ); ^ cc-1515 cc: WARNING File = strgutil.c, Line = 1005 A value of type "byte *" cannot be assigned to an entity of type "const char *" . inptr = buffer; ^ cc-1119 cc: WARNING File = strgutil.c, Line = 1040 The "return" expression type differs from the function return type. return buffer; ^ cc -DHAVE_CONFIG_H -I. -I. -I.. -I.. -I../include -I../intl -I/usr/local/include -I/usr/local/include -c ttyio.c cc-1164 cc: WARNING File = ttyio.c, Line = 354 Argument of type "const byte *" is incompatible with parameter of type "const char *". buf = utf8_to_native( p, n, 0 ); ^ cc -DHAVE_CONFIG_H -I. -I. -I.. -I.. -I../include -I../intl -I/usr/local/include -I/usr/local/include -c argparse.c cc-1164 cc: WARNING File = argparse.c, Line = 869 Argument of type "const byte *" is incompatible with parameter of type "const char *". fputs( (const byte*)s, stdout); ^ cc -DHAVE_CONFIG_H -I. -I. -I.. -I.. -I../include -I../intl -I/usr/local/include -I/usr/local/include -c iobuf.c cc-1515 cc: WARNING File = iobuf.c, Line = 630 A value of type "byte *" cannot be assigned to an entity of type "char *". p = buf; ^ cc-1164 cc: WARNING File = iobuf.c, Line = 709 Argument of type "char *" is incompatible with parameter of type "byte *". c = iobuf_read( chain, p, needed ); ^ cc-1515 cc: WARNING File = iobuf.c, Line = 740 A value of type "byte *" cannot be assigned to an entity of type "char *". p = buf; ^ cc-1164 cc: WARNING File = iobuf.c, Line = 755 Argument of type "char *" is incompatible with parameter of type "byte *". if( iobuf_write(chain, a->buffer, n ) ) ^ cc-1164 cc: WARNING File = iobuf.c, Line = 762 Argument of type "char *" is incompatible with parameter of type "byte *". if( n && iobuf_write(chain, p, n ) ) ^ cc-1164 cc: WARNING File = iobuf.c, Line = 828 Argument of type "char *" is incompatible with parameter of type "byte *". rc = iobuf_write(chain, a->buffer, len ); ^ cc-1515 cc: WARNING File = iobuf.c, Line = 1592 A value of type "char *" cannot be assigned to an entity of type "byte *". a->d.buf = newbuf; ^ cc-1140 cc: WARNING File = iobuf.c, Line = 2079 A value of type "byte *" cannot be used to initialize an entity of type "char *". char *buffer = *addr_of_buffer; ^ cc-1515 cc: WARNING File = iobuf.c, Line = 2088 A value of type "char *" cannot be assigned to an entity of type "byte *". *addr_of_buffer = buffer; ^ cc-1515 cc: WARNING File = iobuf.c, Line = 2108 A value of type "char *" cannot be assigned to an entity of type "byte *". *addr_of_buffer = buffer; ^ cc -DHAVE_CONFIG_H -I. -I. -I.. -I.. -I../include -I../intl -I/usr/local/include -I/usr/local/include -c http.c cc-1164 cc: WARNING File = http.c, Line = 349 Argument of type "char *" is incompatible with parameter of type "byte *". if( (n = remove_escapes( uri->host )) < 0 ) ^ cc-1164 cc: WARNING File = http.c, Line = 368 Argument of type "char *" is incompatible with parameter of type "byte *". if( (n = remove_escapes( p )) < 0 ) ^ cc-1164 cc: WARNING File = http.c, Line = 384 Argument of type "char *" is incompatible with parameter of type "byte *". if( !(elem = parse_tuple( p )) ) ^ cc-1164 cc: WARNING File = http.c, Line = 451 Argument of type "const byte *" is incompatible with parameter of type "const char *". && !strchr( special, *string ) ) { ^ cc-1164 cc: WARNING File = http.c, Line = 458 Argument of type "byte *" is incompatible with parameter of type "char *". sprintf( buffer, "%%%02X", *string ); ^ cc-1164 cc: WARNING File = http.c, Line = 476 Argument of type "byte *" is incompatible with parameter of type "const char *" . if( (p2 = strchr( p, '=' )) ) ^ cc-1515 cc: WARNING File = http.c, Line = 476 A value of type "char *" cannot be assigned to an entity of type "byte *". if( (p2 = strchr( p, '=' )) ) ^ cc-1164 cc: WARNING File = http.c, Line = 480 Argument of type "byte *" is incompatible with parameter of type "const char *" . if( n != strlen( p ) ) ^ cc-1515 cc: WARNING File = http.c, Line = 483 A value of type "byte *" cannot be assigned to an entity of type "const char *" . tuple->name = p; ^ cc-1164 cc: WARNING File = http.c, Line = 486 Argument of type "byte *" is incompatible with parameter of type "const char *" . tuple->value = p + strlen(p); ^ cc-1515 cc: WARNING File = http.c, Line = 486 A value of type "byte *" cannot be assigned to an entity of type "char *". tuple->value = p + strlen(p); ^ cc-1515 cc: WARNING File = http.c, Line = 494 A value of type "byte *" cannot be assigned to an entity of type "char *". tuple->value = p2; ^ cc-1515 cc: WARNING File = http.c, Line = 514 A value of type "char *" cannot be assigned to an entity of type "const byte *" . server = *hd->uri->host? hd->uri->host : "localhost"; ^ cc-1164 cc: WARNING File = http.c, Line = 532 Argument of type "char *" is incompatible with parameter of type "const byte *" . char *x=make_radix64_string(uri->auth,strlen(uri->auth)); ^ cc-1164 cc: WARNING File = http.c, Line = 542 Argument of type "const byte *" is incompatible with parameter of type "const char *". hd->sock = connect_server( server, port, hd->flags, hd->uri->scheme ); ^ cc-1164 cc: WARNING File = http.c, Line = 545 Argument of type "char *" is incompatible with parameter of type "const byte *" . char *x=make_radix64_string(hd->uri->auth,strlen(hd->uri->auth)); ^ cc-1164 cc: WARNING File = http.c, Line = 557 Argument of type "const byte *" is incompatible with parameter of type "const char *". request=m_alloc(strlen(server)*2 + strlen(p) + (auth?strlen(auth):0) + 65); ^ cc-1164 cc: WARNING File = http.c, Line = 557 Argument of type "byte *" is incompatible with parameter of type "const char *" . request=m_alloc(strlen(server)*2 + strlen(p) + (auth?strlen(auth):0) + 65); ^ cc-1164 cc: WARNING File = http.c, Line = 559 Argument of type "byte *" is incompatible with parameter of type "char *". sprintf( request, "%s http://%s:%hu%s%s HTTP/1.0\r\n%s", ^ cc-1164 cc: WARNING File = http.c, Line = 571 Argument of type "byte *" is incompatible with parameter of type "char *". sprintf( request, "%s %s%s HTTP/1.0\r\nHost: %s%s\r\n%s", ^ cc-1164 cc: WARNING File = http.c, Line = 581 Argument of type "byte *" is incompatible with parameter of type "const char *" . rc = write_server( hd->sock, request, strlen(request) ); ^ cc-1164 cc: WARNING File = http.c, Line = 581 Argument of type "byte *" is incompatible with parameter of type "const char *" . rc = write_server( hd->sock, request, strlen(request) ); ^ cc-1164 cc: WARNING File = http.c, Line = 601 Argument of type "char *" is incompatible with parameter of type "const byte *" . n = insert_escapes( NULL, uri->path, "%;?&" ); ^ cc-1164 cc: WARNING File = http.c, Line = 605 Argument of type "const char *" is incompatible with parameter of type "const byte *". n += insert_escapes( NULL, r->name, "%;?&=" ); ^ cc-1164 cc: WARNING File = http.c, Line = 607 Argument of type "char *" is incompatible with parameter of type "const byte *" . n += insert_escapes( NULL, r->value, "%;?&=" ); ^ cc-1164 cc: WARNING File = http.c, Line = 613 Argument of type "char *" is incompatible with parameter of type "const byte *" . n = insert_escapes( p, uri->path, "%;?&" ); ^ cc-1164 cc: WARNING File = http.c, Line = 618 Argument of type "const char *" is incompatible with parameter of type "const byte *". n = insert_escapes( p, r->name, "%;?&=" ); ^ cc-1164 cc: WARNING File = http.c, Line = 622 Argument of type "char *" is incompatible with parameter of type "const byte *" . n = insert_escapes( p, r->value, "%;?&=" ); ^ cc-1164 cc: WARNING File = http.c, Line = 653 Argument of type "byte *" is incompatible with parameter of type "const char *" . if( (p = strchr( line, '/')) ) ^ cc-1515 cc: WARNING File = http.c, Line = 653 A value of type "char *" cannot be assigned to an entity of type "byte *". if( (p = strchr( line, '/')) ) ^ cc-1164 cc: WARNING File = http.c, Line = 655 Argument of type "byte *" is incompatible with parameter of type "const char *" . if( !p || strcmp( line, "HTTP" ) ) ^ cc-1164 cc: WARNING File = http.c, Line = 658 Argument of type "byte *" is incompatible with parameter of type "const char *" . if( (p2 = strpbrk( p, " \t" ) ) ) { ^ cc-1515 cc: WARNING File = http.c, Line = 658 A value of type "char *" cannot be assigned to an entity of type "byte *". if( (p2 = strpbrk( p, " \t" ) ) ) { ^ cc-1164 cc: WARNING File = http.c, Line = 660 Argument of type "byte *" is incompatible with parameter of type "const char *" . p2 += strspn( p2, " \t" ); ^ cc-1164 cc: WARNING File = http.c, Line = 666 Argument of type "byte *" is incompatible with parameter of type "const char *" . if( (p2 = strpbrk( p, " \t" ) ) ) ^ cc-1515 cc: WARNING File = http.c, Line = 666 A value of type "char *" cannot be assigned to an entity of type "byte *". if( (p2 = strpbrk( p, " \t" ) ) ) ^ cc-1164 cc: WARNING File = http.c, Line = 674 Argument of type "byte *" is incompatible with parameter of type "const char *" . hd->status_code = atoi( p ); ^ cc -DHAVE_CONFIG_H -I. -I. -I.. -I.. -I../include -I../intl -I/usr/local/include -I/usr/local/include -c assuan-buffer.c cc-1185 cc: WARNING File = assuan-buffer.c, Line = 226 An enumerated type is mixed with another type. err = _assuan_read_line (ctx); ^ cc-1185 cc: WARNING File = assuan-buffer.c, Line = 294 An enumerated type is mixed with another type. return rc; ^ cc-1185 cc: WARNING File = assuan-buffer.c, Line = 472 An enumerated type is mixed with another type. return ctx->outbound.data.error; ^ cc-1185 cc: WARNING File = assuan-buffer.c, Line = 480 An enumerated type is mixed with another type. return ctx->outbound.data.error; ^ cc-1185 cc: WARNING File = assuan-buffer.c, Line = 483 An enumerated type is mixed with another type. return 0; ^ cc -DHAVE_CONFIG_H -I. -I. -I.. -I.. -I../include -I../intl -I/usr/local/include -I/usr/local/include -c assuan-client.c cc-1185 cc: WARNING File = assuan-client.c, Line = 52 An enumerated type is mixed with another type. rc = _assuan_read_line (ctx); ^ cc-1185 cc: WARNING File = assuan-client.c, Line = 173 An enumerated type is mixed with another type. return rc; ^ cc-1185 cc: WARNING File = assuan-client.c, Line = 176 An enumerated type is mixed with another type. return 0; /* Don't expect a response for a comment line. */ ^ cc-1185 cc: WARNING File = assuan-client.c, Line = 181 An enumerated type is mixed with another type. return rc; /* error reading from server */ ^ cc-1515 cc: WARNING File = assuan-client.c, Line = 183 A value of type "char *" cannot be assigned to an entity of type "unsigned char *". line = ctx->inbound.line + off; ^ cc-1164 cc: WARNING File = assuan-client.c, Line = 188 Argument of type "unsigned char *" is incompatible with parameter of type "const char *". rc = atoi (line); ^ cc-1164 cc: WARNING File = assuan-client.c, Line = 196 Argument of type "unsigned char *" is incompatible with parameter of type "const char *". rc = okay_cb (okay_cb_arg, line); ^ cc-1164 cc: WARNING File = assuan-client.c, Line = 215 Argument of type "unsigned char *" is incompatible with parameter of type "const char *". memset (line, 0, strlen (line)); ^ cc-1164 cc: WARNING File = assuan-client.c, Line = 254 Argument of type "unsigned char *" is incompatible with parameter of type "const char *". rc = inquire_cb (inquire_cb_arg, line); ^ cc-1164 cc: WARNING File = assuan-client.c, Line = 264 Argument of type "unsigned char *" is incompatible with parameter of type "const char *". rc = status_cb (status_cb_arg, line); ^ cc-1185 cc: WARNING File = assuan-client.c, Line = 280 An enumerated type is mixed with another type. return rc; ^ cc -DHAVE_CONFIG_H -I. -I. -I.. -I.. -I../include -I../intl -I/usr/local/include -I/usr/local/include -c assuan-socket-connect.c cc-1185 cc: WARNING File = assuan-socket-connect.c, Line = 132 An enumerated type is mixed with another type. err = _assuan_new_context (&ctx); ^ cc-1185 cc: WARNING File = assuan-socket-connect.c, Line = 190 An enumerated type is mixed with another type. return 0; ^ cc -DHAVE_CONFIG_H -I. -I. -I.. -I.. -I../include -I../intl -I/usr/local/include -I/usr/local/include -c assuan-util.c cc-1185 cc: WARNING File = assuan-util.c, Line = 42 An enumerated type is mixed with another type. ctx->err_no = err; ^ cc-1140 cc: WARNING File = assuan-util.c, Line = 122 A value of type "const char *" cannot be used to initialize an entity of type "const unsigned char *". const unsigned char *s = string; ^ cc -DHAVE_CONFIG_H -I. -I. -I.. -I.. -I../include -I../intl -I/usr/local/include -I/usr/local/include -c mkdtemp.c cc-1515 cc: WARNING File = mkdtemp.c, Line = 60 A value of type "char *" cannot be assigned to an entity of type "byte *". ch=&template[idx]; ^ cc-1140 cc: WARNING File = mkdtemp.c, Line = 66 A value of type "byte *" cannot be used to initialize an entity of type "char *". char *marker=ch; ^ cc -DHAVE_CONFIG_H -I. -I. -I.. -I.. -I../include -I../intl -I/usr/local/include -I/usr/local/include -c memrchr.c cc-3316 cc: ERROR File = memrchr.c, Line = 36 The expression must be a pointer to a complete object type. const unsigned char *start=s,*end=s+n-1; ^ 1 error detected in the compilation of "memrchr.c". ------------------------------------------------------------------------------- - Nelson H. F. Beebe Tel: +1 801 581 5254 - - University of Utah FAX: +1 801 581 4148 - - Department of Mathematics, 110 LCB Internet e-mail: beebe@math.utah.edu - - 155 S 1400 E RM 233 beebe@acm.org beebe@computer.org - - Salt Lake City, UT 84112-0090, USA URL: http://www.math.utah.edu/~beebe - ------------------------------------------------------------------------------- From dshaw at jabberwocky.com Wed Jun 22 14:57:43 2005 From: dshaw at jabberwocky.com (David Shaw) Date: Wed Jun 22 14:53:56 2005 Subject: gnupg-1.4.2rc2 and SGI IRIX 6.5 In-Reply-To: References: Message-ID: <20050622125743.GB18314@jabberwocky.com> On Wed, Jun 22, 2005 at 06:20:55AM -0600, Nelson H. F. Beebe wrote: > cc -DHAVE_CONFIG_H -I. -I. -I.. -I.. -I../include -I../intl -I/usr/local/include -I/usr/local/include -c memrchr.c > cc-3316 cc: ERROR File = memrchr.c, Line = 36 > The expression must be a pointer to a complete object type. > > const unsigned char *start=s,*end=s+n-1; > ^ > 1 error detected in the compilation of "memrchr.c". I'll have a look at the other errors, but this one is the same error that you reported when building with (I think) Sun's compiler. Can you try this patch? David -------------- next part -------------- Index: memrchr.c =================================================================== RCS file: /cvs/gnupg/gnupg/util/memrchr.c,v retrieving revision 1.2 diff -u -r1.2 memrchr.c --- memrchr.c 31 May 2005 08:38:45 -0000 1.2 +++ memrchr.c 31 May 2005 21:46:16 -0000 @@ -33,7 +33,9 @@ void * memrchr(const void *s, int c, size_t n) { - const unsigned char *start=s,*end=s+n-1; + const unsigned char *start=s,*end=s; + + end+=n-1; while(end>=start) { From gpg at tec4you.net Wed Jun 22 16:03:31 2005 From: gpg at tec4you.net (Raphael Lechner) Date: Wed Jun 22 15:59:21 2005 Subject: Build error gnupg-1.9.17 on Debian In-Reply-To: <42B9574A.4000101@tec4you.net> References: <42B834D9.6020700@tec4you.net> <87vf47lyil.fsf@wheatstone.g10code.de> <42B9574A.4000101@tec4you.net> Message-ID: <42B96FB3.20307@tec4you.net> I have another build Problem.The Build without "--enable-gpg" works. But i need the gpg program too. (i have a openpgp card and want use the card for encryption and logins trought ssh). i have tried to build with LIBGCRYPT version 1.2.0-11.1 and 1.2.0-11.1 Always the same errors. Error: DIR="\"/usr/local/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/share/gnupg\"" -I/usr/local/include -Wall -g -O2 -Wall -MT progress.o -MD -MP -MF ".deps/progress.Tpo" -c -o progress.o progress.c; \ then mv -f ".deps/progress.Tpo" ".deps/progress.Po"; else rm -f ".deps/progress.Tpo"; exit 1; fi if i386-linux-gcc -DHAVE_CONFIG_H -I. -I. -I.. -I../gl -I../common -I../include -I../intl -DLOCALEDIR=\"/usr/local/share/locale\" -DGNUPG_BINDIR="\"/usr/local/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/share/gnupg\"" -I/usr/local/include -Wall -g -O2 -Wall -MT misc.o -MD -MP -MF ".deps/misc.Tpo" -c -o misc.o misc.c; \ then mv -f ".deps/misc.Tpo" ".deps/misc.Po"; else rm -f ".deps/misc.Tpo"; exit 1; fi misc.c:250:2: Warning: #warning need to handle the usage here? misc.c: In Function \uffffmpi_print\uffff: misc.c:992: error: invalid lvalue in unary `&' make[3]: *** [misc.o] Error 1 make[3]: Leaving directory `gnupg2-1.9.17/g10' make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory `gnupg2-1.9.17' make[1]: *** [all] Error 2 make[1]: Leaving directory `gnupg2-1.9.17' make: *** [build-stamp] Error 2 $libassuan-config --cflags -I/usr/local/include checking dependency style of i386-linux-gcc... gcc3 checking for LIBGCRYPT - version >= 1.1.94... yes checking for LIBASSUAN - version >= 0.6.10... yes checking for KSBA - version >= 0.9.11... yes Thank you Raphael Lechner From alex at bofh.net.pl Wed Jun 22 15:14:02 2005 From: alex at bofh.net.pl (Janusz A. Urbanowicz) Date: Wed Jun 22 16:07:49 2005 Subject: gpgme: retrieving a key with its signatures takes a long time In-Reply-To: <20050622120113.GY29979@vanheusden.com> References: <20050622120113.GY29979@vanheusden.com> Message-ID: <20050622131401.GT4571@syjon.fantastyka.net> On Wed, Jun 22, 2005 at 02:01:13PM +0200, Folkert van Heusden wrote: > Hi, > > Can someone explain me why it takes such a (relatively) long time to > retrieve a key with it's signatures from a (public) keyring? Did a After the import, a key validity is calculated using the trustdb. This is a heavy task. Alex -- mors ab alto 0x46399138 From rdieter at math.unl.edu Wed Jun 22 15:55:33 2005 From: rdieter at math.unl.edu (Rex Dieter) Date: Wed Jun 22 16:29:55 2005 Subject: gnupg-1.9.17 build failure: misc.c:992: error: invalid lvalue in unary `&' Message-ID: <42B96DD5.9080505@math.unl.edu> I'm seeing a build failure trying to build gnupg-1.9.17 on rh90(gcc-3.2.2), rhel3(gcc-3.2.3), rhel4(gcc-3.4.3): make[2]: Entering directory `/var/tmp/BUILD/gnupg-1.9.17/g10' if gcc -DHAVE_CONFIG_H -I. -I. -I.. -I../gl -I../common -I../include -I../intl -DLOCALEDIR=\"/usr/share/locale\" -DGNUPG_BINDIR="\"/usr/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/libexec\"" -DGNUPG_LIBDIR="\"/usr/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/share/gnupg\"" -O2 -pipe -m32 -march=i386 -mtune=pentium4 -fPIE -Wall -MT misc.o -MD -MP -MF ".deps/misc.Tpo" -c -o misc.o misc.c; \ then mv -f ".deps/misc.Tpo" ".deps/misc.Po"; else rm -f ".deps/misc.Tpo"; exit 1; fi misc.c:250:2: warning: #warning need to handle the usage here? misc.c: In function `mpi_print': misc.c:992: error: invalid lvalue in unary `&' make[2]: *** [misc.o] Error 1 From info at tec4you.net Tue Jun 21 11:12:45 2005 From: info at tec4you.net (Raphael Lechner) Date: Wed Jun 22 16:33:49 2005 Subject: Build error gnupg-1.9.17 on Debian Message-ID: <42B7DA0D.4030702@tec4you.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello I have trouble to build the gnupg-1.9.17 on a Debian Sarge Machine. First i have installed libassuan-0.6.10 without problem but when i build gnupg the compiler exists with errors: if i386-linux-gcc -DHAVE_CONFIG_H -I. -I. -I.. -I../gl -I../common - -I../intl -DLOCALEDIR=\"/usr/share/locale\" - -DGNUPG_BINDIR="\"/usr/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/libexec\"" - -DGNUPG_LIBDIR="\"/usr/lib/gnupg\"" - -DGNUPG_DATADIR="\"/usr/share/gnupg\"" -I/usr/include -Wall -g - -O2 -Wall -MT call-scd.o -MD -MP -MF ".deps/call-scd.Tpo" -c -o call-scd.o call-scd.c; \ then mv -f ".deps/call-scd.Tpo" ".deps/call-scd.Po"; else rm -f ".deps/call-scd.Tpo"; exit 1; fi call-scd.c: In Function ?agent_scd_check_aliveness?: call-scd.c:409: Warning: implicit declaration of function `assuan_set_flag' call-scd.c:409: error: `ASSUAN_NO_WAITPID' undeclared (first use in this function) call-scd.c:409: error: (Each undeclared identifier is reported only once call-scd.c:409: error: for each function it appears in.) make[3]: *** [call-scd.o] Fehler 1 make[3]: Leaving directory `gnupg-1.9.17/agent' make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory `gnupg-1.9.17' make[1]: *** [all] Error 2 make[1]: Leaving directory `gnupg-1.9.17' make: *** [build-stamp] Error 2 Always the same error with gcc-2,95,gcc3.3,gcc3,4 What can i do ? Thank you Raphael Lechner From info at tec4you.net Tue Jun 21 11:13:11 2005 From: info at tec4you.net (Raphael Lechner) Date: Wed Jun 22 16:33:53 2005 Subject: Build error gnupg-1.9.17 on Debian Message-ID: <42B7DA27.5020201@tec4you.net> Hello I have trouble to build the gnupg-1.9.17 on a Debian Sarge Machine. First i have installed libassuan-0.6.10 without problem but when i build gnupg the compiler exists with errors: if i386-linux-gcc -DHAVE_CONFIG_H -I. -I. -I.. -I../gl -I../common - -I../intl -DLOCALEDIR=\"/usr/share/locale\" - -DGNUPG_BINDIR="\"/usr/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/libexec\"" - -DGNUPG_LIBDIR="\"/usr/lib/gnupg\"" - -DGNUPG_DATADIR="\"/usr/share/gnupg\"" -I/usr/include -Wall -g - -O2 -Wall -MT call-scd.o -MD -MP -MF ".deps/call-scd.Tpo" -c -o call-scd.o call-scd.c; \ then mv -f ".deps/call-scd.Tpo" ".deps/call-scd.Po"; else rm -f ".deps/call-scd.Tpo"; exit 1; fi call-scd.c: In Function ?agent_scd_check_aliveness?: call-scd.c:409: Warning: implicit declaration of function `assuan_set_flag' call-scd.c:409: error: `ASSUAN_NO_WAITPID' undeclared (first use in this function) call-scd.c:409: error: (Each undeclared identifier is reported only once call-scd.c:409: error: for each function it appears in.) make[3]: *** [call-scd.o] Fehler 1 make[3]: Leaving directory `gnupg-1.9.17/agent' make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory `gnupg-1.9.17' make[1]: *** [all] Error 2 make[1]: Leaving directory `gnupg-1.9.17' make: *** [build-stamp] Error 2 Always the same error with gcc-2,95,gcc3.3,gcc3,4 What can i do ? Thank you Raphael Lechner From info at tec4you.net Wed Jun 22 15:55:17 2005 From: info at tec4you.net (Raphael Lechner) Date: Wed Jun 22 16:33:57 2005 Subject: Build error gnupg-1.9.17 on Debian In-Reply-To: <42B9574A.4000101@tec4you.net> References: <42B834D9.6020700@tec4you.net> <87vf47lyil.fsf@wheatstone.g10code.de> <42B9574A.4000101@tec4you.net> Message-ID: <42B96DC5.50809@tec4you.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I have another build Problem.The Build without "--enable-gpg" works. But i need the gpg program too. (i have a openpgp card and want use the card for encryption and logins trought ssh). i have tried to build with LIBGCRYPT version 1.2.0-11.1 and 1.2.0-11.1 Always the same errors. Error: DIR="\"/usr/local/lib/gnupg\"" - -DGNUPG_DATADIR="\"/usr/local/share/gnupg\"" -I/usr/local/include -Wall -g -O2 -Wall -MT progress.o -MD -MP -MF ".deps/progress.Tpo" -c - -o progress.o progress.c; \ then mv -f ".deps/progress.Tpo" ".deps/progress.Po"; else rm -f ".deps/progress.Tpo"; exit 1; fi if i386-linux-gcc -DHAVE_CONFIG_H -I. -I. -I.. -I../gl -I../common - -I../include -I../intl -DLOCALEDIR=\"/usr/local/share/locale\" - -DGNUPG_BINDIR="\"/usr/local/bin\"" - -DGNUPG_LIBEXECDIR="\"/usr/local/libexec\"" - -DGNUPG_LIBDIR="\"/usr/local/lib/gnupg\"" - -DGNUPG_DATADIR="\"/usr/local/share/gnupg\"" -I/usr/local/include -Wall -g -O2 -Wall -MT misc.o -MD -MP -MF ".deps/misc.Tpo" -c -o misc.o misc.c; \ then mv -f ".deps/misc.Tpo" ".deps/misc.Po"; else rm -f ".deps/misc.Tpo"; exit 1; fi misc.c:250:2: Warning: #warning need to handle the usage here? misc.c: In Function \uffffmpi_print\uffff: misc.c:992: error: invalid lvalue in unary `&' make[3]: *** [misc.o] Error 1 make[3]: Leaving directory `gnupg2-1.9.17/g10' make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory `gnupg2-1.9.17' make[1]: *** [all] Error 2 make[1]: Leaving directory `gnupg2-1.9.17' make: *** [build-stamp] Error 2 $libassuan-config --cflags - -I/usr/local/include checking dependency style of i386-linux-gcc... gcc3 checking for LIBGCRYPT - version >= 1.1.94... yes checking for LIBASSUAN - version >= 0.6.10... yes checking for KSBA - version >= 0.9.11... yes Thank you Raphael Lechner -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iQCVAwUBQrltw97Wr3T0BHoEAQIEqwP/YoxCMZVDObfGkoV732RlMkESCM2RN9Cj 5YIikdsvfrxR1BfB5+0+o3uvO9Po3bmx5ITSu223MmGWG7eJRkrZxtxFuda9bVXV /tCoWeK1c2RrLc61ImZFcTIVj6ciIM02YUflx2CUvnrWLHcbcCWnOtcbAXH+egVU kQnEfQxr3fM= =a4GT -----END PGP SIGNATURE----- From beebe at math.utah.edu Wed Jun 22 20:30:35 2005 From: beebe at math.utah.edu (Nelson H. F. Beebe) Date: Wed Jun 22 20:26:14 2005 Subject: gnupg-1.4.2rc2 and SGI IRIX 6.5 Message-ID: David Shaw kindly provided a quick patch to util/memrchr.c in the gnupg-1.4.2rc2 distribution to fix the compilation error in the declaration const unsigned char *start=s,*end=s+n-1; I've just applied that to the SGI IRIX 6.5 build, and the build is now successful, and all tests pass. ------------------------------------------------------------------------------- - Nelson H. F. Beebe Tel: +1 801 581 5254 - - University of Utah FAX: +1 801 581 4148 - - Department of Mathematics, 110 LCB Internet e-mail: beebe@math.utah.edu - - 155 S 1400 E RM 233 beebe@acm.org beebe@computer.org - - Salt Lake City, UT 84112-0090, USA URL: http://www.math.utah.edu/~beebe - ------------------------------------------------------------------------------- From beebe at math.utah.edu Wed Jun 22 22:15:45 2005 From: beebe at math.utah.edu (Nelson H. F. Beebe) Date: Wed Jun 22 22:11:30 2005 Subject: gnupg-1.4.2rc2 and Sun Solaris 7 Message-ID: The patch from David Shaw to util/memrchr.c in the gnupg-1.4.2rc2 distribution also fixed the build problem on Sun Solaris 7 with native cc: all 25 tests passed. ------------------------------------------------------------------------------- - Nelson H. F. Beebe Tel: +1 801 581 5254 - - University of Utah FAX: +1 801 581 4148 - - Department of Mathematics, 110 LCB Internet e-mail: beebe@math.utah.edu - - 155 S 1400 E RM 233 beebe@acm.org beebe@computer.org - - Salt Lake City, UT 84112-0090, USA URL: http://www.math.utah.edu/~beebe - ------------------------------------------------------------------------------- From wk at gnupg.org Thu Jun 23 09:53:51 2005 From: wk at gnupg.org (Werner Koch) Date: Thu Jun 23 09:51:12 2005 Subject: gnupg-1.9.17 build failure: misc.c:992: error: invalid lvalue in unary `&' In-Reply-To: <42B96DD5.9080505@math.unl.edu> (Rex Dieter's message of "Wed, 22 Jun 2005 08:55:33 -0500") References: <42B96DD5.9080505@math.unl.edu> Message-ID: <87aclhcxv4.fsf@wheatstone.g10code.de> On Wed, 22 Jun 2005 08:55:33 -0500, Rex Dieter said: > make[2]: Entering directory `/var/tmp/BUILD/gnupg-1.9.17/g10' Don't use --enable-gpg - the code is far too old and I have not synced it with the other changes. We will replace the code anyway. Use gnupg 1.4.x for OpenPGP. Shalom-Salam, Werner From folkert at vanheusden.com Thu Jun 23 13:49:12 2005 From: folkert at vanheusden.com (Folkert van Heusden) Date: Thu Jun 23 13:44:43 2005 Subject: gpgme: retrieving a key with its signatures takes a long time In-Reply-To: <20050622131401.GT4571@syjon.fantastyka.net> References: <20050622120113.GY29979@vanheusden.com> <20050622131401.GT4571@syjon.fantastyka.net> Message-ID: <20050623114911.GM22878@vanheusden.com> > > Can someone explain me why it takes such a (relatively) long time to > > retrieve a key with it's signatures from a (public) keyring? Did a > After the import, a key validity is calculated using the trustdb. This is a > heavy task. Can I disable that behaviour in gpgme somehow? Folkert van Heusden -- Auto te koop, zie: http://www.vanheusden.com/daihatsu.php Op zoek naar een IT of Finance baan? Mail me voor de mogelijkheden. -------------------------------------------------------------------- UNIX admin? Then give MultiTail (http://vanheusden.com/multitail/) a try, it brings monitoring logfiles to a different level! See http://vanheusden.com/multitail/features.html for a feature-list. -------------------------------------------------------------------- Phone: +31-6-41278122, PGP-key: 1F28D8AE Get your PGP/GPG key signed at www.biglumber.com! From wk at gnupg.org Fri Jun 24 16:51:09 2005 From: wk at gnupg.org (Werner Koch) Date: Fri Jun 24 20:25:28 2005 Subject: Build error gnupg-1.9.17 on Debian In-Reply-To: <42B96DC5.50809@tec4you.net> (Raphael Lechner's message of "Wed, 22 Jun 2005 15:55:17 +0200") References: <42B834D9.6020700@tec4you.net> <87vf47lyil.fsf@wheatstone.g10code.de> <42B9574A.4000101@tec4you.net> <42B96DC5.50809@tec4you.net> Message-ID: <87r7er3j1e.fsf@wheatstone.g10code.de> On Wed, 22 Jun 2005 15:55:17 +0200, Raphael Lechner said: > But i need the gpg program too. > (i have a openpgp card and want use the card for encryption and logins > trought ssh). Please read the docs. at several places it has been mentioned that 1.4.x and 1.9.x may be installed together without problems. Actually it is suggested to do this. Add use-agent to your gpg.conf. Salam-Shalom, Werner From wk at gnupg.org Fri Jun 24 16:53:05 2005 From: wk at gnupg.org (Werner Koch) Date: Fri Jun 24 20:25:37 2005 Subject: gpgme: retrieving a key with its signatures takes a long time In-Reply-To: <20050623114911.GM22878@vanheusden.com> (Folkert van Heusden's message of "Thu, 23 Jun 2005 13:49:12 +0200") References: <20050622120113.GY29979@vanheusden.com> <20050622131401.GT4571@syjon.fantastyka.net> <20050623114911.GM22878@vanheusden.com> Message-ID: <87mzpf3iy6.fsf@wheatstone.g10code.de> On Thu, 23 Jun 2005 13:49:12 +0200, Folkert van Heusden said: > Can I disable that behaviour in gpgme somehow? Put no-auto-check-trustdb into your gpg.conf. Shalom-Salam, Werner From marcus.brinkmann at ruhr-uni-bochum.de Sun Jun 26 15:58:18 2005 From: marcus.brinkmann at ruhr-uni-bochum.de (Marcus Brinkmann) Date: Sun Jun 26 15:55:10 2005 Subject: gpgme test fail (more info) In-Reply-To: <200506260930.32652.ryan@ostrich-emulators.com> References: <200501112121.45727.ryan@ostrich-emulators.com> <87ll54bz5t.wl@ulysses.g10code.de> <200506260930.32652.ryan@ostrich-emulators.com> Message-ID: <874qbljk3p.wl@ulysses.g10code.de> At Sun, 26 Jun 2005 09:30:32 -0400, Ryan P Bobko wrote: > > Hi Marcus, > Thanks for the reply. It seems that adding > -D_FILE_OFFSET_BITS=64 > -DLARGEFILE_SOURCE > to my compile step fixed the problem. Ah, ok. > All the documentation I could find said > that's not necessary, but it worked like a charm. The GPGME documentation is very explicit about it that you must define this. See node "Largefile Support (LFS)" in the docs. If you found something that contradicts that, please file a bug report. Happy hacking, Marcus From marcus.brinkmann at ruhr-uni-bochum.de Sun Jun 26 17:20:27 2005 From: marcus.brinkmann at ruhr-uni-bochum.de (Marcus Brinkmann) Date: Sun Jun 26 17:20:07 2005 Subject: gpgme test fail (more info) In-Reply-To: <200506261034.37919.ryan@ostrich-emulators.com> References: <200501112121.45727.ryan@ostrich-emulators.com> <200506260930.32652.ryan@ostrich-emulators.com> <874qbljk3p.wl@ulysses.g10code.de> <200506261034.37919.ryan@ostrich-emulators.com> Message-ID: <87k6khb0w4.wl@ulysses.g10code.de> At Sun, 26 Jun 2005 10:34:37 -0400, Ryan P Bobko wrote: > > I guess we have different ideas of "explicit," then. The info page says: > > "You can enable largefile support, if it is different from the default > on the system the application is compiled on, by using the Autoconf > macro `AC_SYS_LARGEFILE'. If you do this, then you don't need to worry > about anything else: It will just work." Well, how is that for explicit: "For you as the user of the library, this means that your program must be compiled in the same file size mode as the library." The above quoted paragraph is not about if you must enable large file support or not. It is about _how_ to enable it, if you must. One option to do this is to use the autotools. Another option to do this is to do it manually. Now, you say: > I am using autoconf, and included AC_SYS_LARGEFILE to my configure.in, but I > also had to add _FILE_OFFSET_BITS and LARGEFILE_SOURCE to my Makefile before > it worked. In that case either your autoconf is broken (unlikely in this case), or you are not using it correctly. If you are using a config.h file, you must include that. Otherwise, you must make sure that your Makefile.in correctly get the CPPFLAGS from the configure run when the Makefile files are built. Please verify the autoconf setup in your source. If such a simple test as AC_SYS_LARGEFILE does not work, there are good chances that a lot of tests are broken for you. Or just use automake, and forget about hacking Makefiles. Thanks, Marcus From marcus.brinkmann at ruhr-uni-bochum.de Mon Jun 27 00:18:37 2005 From: marcus.brinkmann at ruhr-uni-bochum.de (Marcus Brinkmann) Date: Mon Jun 27 00:15:05 2005 Subject: gpgme test fail (more info) In-Reply-To: <200506261154.19915.ryan@ostrich-emulators.com> References: <200501112121.45727.ryan@ostrich-emulators.com> <200506261034.37919.ryan@ostrich-emulators.com> <87k6khb0w4.wl@ulysses.g10code.de> <200506261154.19915.ryan@ostrich-emulators.com> Message-ID: <87is00bw3m.wl@ulysses.g10code.de> At Sun, 26 Jun 2005 11:54:19 -0400, Ryan P Bobko wrote: > I really appreciate all the help, but I think we might be missing the point of > my original email. You are right, sorry. At some point I shifted and started to think that we are talking about one of your own programs using GPGME! My bad. > At least I know I am! On my slackware and FC2 systems, > compiling the GPGME libraries straight from the tarball created the libraries > and a couple test programs. This happens when I take all the defaults for > compiling and don't change anything. Compiles fine. Tests fail. I > assume--since I haven't modified anything--that these test programs are > compiled in the same file size mode as the library. Please send me the config.log files, so I have some more information about how the autoconf tests do on those systems. > At this point, I'm perfectly happy with the library, and it does what I want > it to do. But it took me a long time to get there. It's not supposed to be that rocky, but we can only test on a few systems, so it's possible that you had some bad luck. I am definitely interested in fixing GPGME so that the tests compile and run out of the box. So, to get back on the track from that I slipped off, let me summarize: To compile and run the tests successfully, you had to add the file offset bits symbol to the Makefile of GPGME, right? To proceed, I need at the very least the config.log file from that compilation, to see how the tests work out. If you could provide that, I hope that will shed some light on this issue. Thanks for the patience! Marcus From stefan at hinker.net Wed Jun 22 22:36:17 2005 From: stefan at hinker.net (Stefan Hinker) Date: Tue Jun 28 21:32:56 2005 Subject: gnupg2: gpg-protect-tool fails to decrypt PKCS-12 files Message-ID: <200506222236.18250.stefan@hinker.net> Package: gnupg2 Version: 1.9.15-3ubuntu5 Severity: important Tags: patch pgp-protect-tool is not able to decrypt PKCS-12 files. Therefore, you can not use gpgsm to import and use your own certificates. Here's an example: /usr/lib/gnupg2/gpg-protect-tool --p12-import certs.p12 gpg-protect-tool: error at "bags", offset 24 gpg-protect-tool: error parsing or decrypting the PKCS-12 file This was already reported at: http://lists.gnupg.org/pipermail/gnupg-users/2005-April/025414.html with a patch described here: http://lists.gnupg.org/pipermail/gnupg-users/2005-April/025491.html Thanks for fixing this! Stefan -- System Information: Debian Release: 3.1 Architecture: i386 (i686) Kernel: Linux 2.6.10-5-686 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages gnupg2 depends on: ii libc6 2.3.2.ds1-20ubuntu13 GNU C Library: Shared libraries an ii libgcrypt11 1.2.0-11 LGPL Crypto library - runtime libr ii libgpg-error0 1.0-1 library for common error values an ii libksba8 0.9.9-2 X.509 and CMS support library ii makedev 2.3.1-75ubuntu1 Creates device files in /dev ii zlib1g 1:1.2.2-4ubuntu1 compression library - runtime -- no debconf information -- Stefan Hinker email: stefan@hinker.net PGP public key @ http://www.hinker.net/ ------------ This is Unix-Land. In quiet nights, you can hear the Windows machines reboot. From ryan at ostrich-emulators.com Sun Jun 26 16:34:37 2005 From: ryan at ostrich-emulators.com (Ryan P Bobko) Date: Tue Jun 28 21:32:59 2005 Subject: gpgme test fail (more info) In-Reply-To: <874qbljk3p.wl@ulysses.g10code.de> References: <200501112121.45727.ryan@ostrich-emulators.com> <200506260930.32652.ryan@ostrich-emulators.com> <874qbljk3p.wl@ulysses.g10code.de> Message-ID: <200506261034.37919.ryan@ostrich-emulators.com> I guess we have different ideas of "explicit," then. The info page says: "You can enable largefile support, if it is different from the default on the system the application is compiled on, by using the Autoconf macro `AC_SYS_LARGEFILE'. If you do this, then you don't need to worry about anything else: It will just work." I am using autoconf, and included AC_SYS_LARGEFILE to my configure.in, but I also had to add _FILE_OFFSET_BITS and LARGEFILE_SOURCE to my Makefile before it worked. What threw me is that I took all the defaults for compiling GPGME, and I still got the errors from my previous email. ry On Sunday 26 June 2005 09:58 am, Marcus Brinkmann wrote: > At Sun, 26 Jun 2005 09:30:32 -0400, > > Ryan P Bobko wrote: > > Hi Marcus, > > Thanks for the reply. It seems that adding > > -D_FILE_OFFSET_BITS=64 > > -DLARGEFILE_SOURCE > > to my compile step fixed the problem. > > Ah, ok. > > > All the documentation I could find said > > that's not necessary, but it worked like a charm. > > The GPGME documentation is very explicit about it that you must define > this. See node "Largefile Support (LFS)" in the docs. If you found > something that contradicts that, please file a bug report. > > Happy hacking, > Marcus -- Health nuts are going to feel stupid someday, lying in hospitals dying of nothing. -- Redd Foxx From ryan at ostrich-emulators.com Sun Jun 26 15:30:32 2005 From: ryan at ostrich-emulators.com (Ryan P Bobko) Date: Tue Jun 28 21:33:01 2005 Subject: gpgme test fail (more info) In-Reply-To: <87ll54bz5t.wl@ulysses.g10code.de> References: <200501112121.45727.ryan@ostrich-emulators.com> <87ll54bz5t.wl@ulysses.g10code.de> Message-ID: <200506260930.32652.ryan@ostrich-emulators.com> Hi Marcus, Thanks for the reply. It seems that adding -D_FILE_OFFSET_BITS=64 -DLARGEFILE_SOURCE to my compile step fixed the problem. All the documentation I could find said that's not necessary, but it worked like a charm. ry On Monday 20 June 2005 03:34 pm, Marcus Brinkmann wrote: > Hi, > > sorry for the late reply. > > At Tue, 11 Jan 2005 21:21:45 -0500, > > ryan p bobko wrote: > > I previously posted about some trouble I'm having running the tests from > > the gpgme /tests/gpg directory. I've now confirmed this problem on > > another system, so I thought I'd post more details. Basically, all of the > > tests appear to fail even though the compilation and linking and whatnot > > seem to succeed flawlessly. > > When reporting specific problems, please always include a log. If you > can still reproduce this with the latest CVS versions, please give us > the output of the failing tests (and for a single test, it is useful to see > > srcdir=. GNUPGHOME=. GPGME_DEBUG=3 ./t-decrypt > > [note: if you build in a separate directory from the source, set the > source directory appropriately]). > > > with GCC 3.3.4. Also, the error seems to come from the call to > > _gpgme_wait_on_condition (gpgme_ctx_t ctx, volatile int *cond) > > in wait-private.c. I stuck a couple debug statements in there, and it > > looks like it goes through the while loop several times before bombing on > > err = item->handler (item->handler_value, ctx->fdt.fds[i].fd); > > (about line 120). > > You should specify what you mean by "bombing". Does it segfault? Or > does it just return an error here? If it segfaults, include a > backtrace. If you get an error, that may or may not be correct, > depending on which error occurs where. Some tests are designed to > test the failing case, so an error here would be natural for them (but > the actual test should succeed of course!). > > > Interestingly, the error value returned is 117440664, which > > seems unusual to me. > > No, that's fine: > > $ gpg-error 117440664 > 117440664 = (7, 152) = (GPG_ERR_SOURCE_GPGME, GPG_ERR_DECRYPT_FAILED) = > (GPGME, Decryption failed) > > > The handler_value is 134528664, which also seems a bit > > odd to my mind. > > This is also fine: > > $ bc > bc 1.06 > Copyright 1991-1994, 1997, 1998, 2000 Free Software Foundation, Inc. > This is free software with ABSOLUTELY NO WARRANTY. > For details type `warranty'. > obase=16 > 134528664 > 804BE98 > > 0x804BE98 is likely very well within the data area of your > application. So that's just a normal pointer. > > > Any ideas on what is causing this? I'm not well versed in the code, but > > the values I just quoted seem like gibberish you might get from corrupted > > memory or an overflowing uint or something. > > One needs more information to say more. > > Thanks, > Marcus -- Health nuts are going to feel stupid someday, lying in hospitals dying of nothing. -- Redd Foxx From ryan at ostrich-emulators.com Sun Jun 26 17:54:19 2005 From: ryan at ostrich-emulators.com (Ryan P Bobko) Date: Tue Jun 28 21:33:06 2005 Subject: gpgme test fail (more info) In-Reply-To: <87k6khb0w4.wl@ulysses.g10code.de> References: <200501112121.45727.ryan@ostrich-emulators.com> <200506261034.37919.ryan@ostrich-emulators.com> <87k6khb0w4.wl@ulysses.g10code.de> Message-ID: <200506261154.19915.ryan@ostrich-emulators.com> I really appreciate all the help, but I think we might be missing the point of my original email. At least I know I am! On my slackware and FC2 systems, compiling the GPGME libraries straight from the tarball created the libraries and a couple test programs. This happens when I take all the defaults for compiling and don't change anything. Compiles fine. Tests fail. I assume--since I haven't modified anything--that these test programs are compiled in the same file size mode as the library. Of course, the reason I'm compiling GPGME in the first place is that I want to use it for an app I maintain. In order for that to work, I had to do all the other stuff I mentioned. I'm happy to report that I wasn't including config.h where I needed it, so you're right on the money there! (This thread is a few months old, and my memory is hazy ;) At this point, I'm perfectly happy with the library, and it does what I want it to do. But it took me a long time to get there. ry On Sunday 26 June 2005 11:20 am, Marcus Brinkmann wrote: > At Sun, 26 Jun 2005 10:34:37 -0400, > > Ryan P Bobko wrote: > > I guess we have different ideas of "explicit," then. The info page says: > > > > "You can enable largefile support, if it is different from the default > > on the system the application is compiled on, by using the Autoconf > > macro `AC_SYS_LARGEFILE'. If you do this, then you don't need to worry > > about anything else: It will just work." > > Well, how is that for explicit: "For you as the user of the library, > this means that your program must be compiled in the same file size > mode as the library." > > The above quoted paragraph is not about if you must enable large file > support or not. It is about _how_ to enable it, if you must. One > option to do this is to use the autotools. Another option to do this > is to do it manually. > > Now, you say: > > I am using autoconf, and included AC_SYS_LARGEFILE to my configure.in, > > but I also had to add _FILE_OFFSET_BITS and LARGEFILE_SOURCE to my > > Makefile before it worked. > > In that case either your autoconf is broken (unlikely in this case), > or you are not using it correctly. If you are using a config.h file, > you must include that. Otherwise, you must make sure that your > Makefile.in correctly get the CPPFLAGS from the configure run when the > Makefile files are built. > > Please verify the autoconf setup in your source. If such a simple > test as AC_SYS_LARGEFILE does not work, there are good chances that a > lot of tests are broken for you. > > Or just use automake, and forget about hacking Makefiles. > > Thanks, > Marcus -- My earthly possessions consist of six spinning wheels, prison dishes, a can of goat's milk, six homespun loin cloths and towels, and my reputation, which cannot be worth much. --Mohandas Gandhi From bwaters at theory.Stanford.EDU Thu Jun 30 19:16:01 2005 From: bwaters at theory.Stanford.EDU (Brent Waters) Date: Fri Jul 1 10:17:07 2005 Subject: Possible chosen-ciphertext attack on receiver anonymity Message-ID: Hi, I thought that there might be a chosen-ciphertext attack on receiver anonymity for a message to multiple recipients. I wanted to check my understanding of how GPG handles a certain case to see if this is a problem. The specific case I am worried about is when the "throw-keyid" option is used to encrypt a message to multiple recipients. My understanding is that the throw-keyid option should hide the identity of the a receiver of the message (by throwing away the key-id) even from other receivers of a message. Suppose I made such an encryption of M to Alice and Bob, then the hybrid encryption (at a high level) would look something like this: 1)Choose random symmetric key key K 2)Ciphertext: (C1,C2,C')=E_{KeyAlice}(K)E_{KeyBob}(K),E_K(Message) where C1,C2 are asymmetric encryption and C' is a symmetric key encryption. At this point Alice and Bob can both decrypt the message, but neither can tell if the other was the other receiver. Suppose Bob suspects Alice was the other receiver. Then he can create a ciphertext: (C1,C'')=E_{KeyAlice}(K)E_K(NewMessage) and send this to Alice, if Alice responds to this in a meaningful way she was the other receiver. NewMessage could be something simple like "Do you want to go to lunch?" which would likely elicit a response. Note, this can be a problem even if the ciphers are CCA-secure. Anyway, I wanted to see if my understanding of how this was implemented was correct. Can anyone comment on this? -Brent From bwaters at theory.Stanford.EDU Thu Jun 30 21:35:12 2005 From: bwaters at theory.Stanford.EDU (Brent Waters) Date: Fri Jul 1 10:17:12 2005 Subject: Possible chosen-ciphertext attack on receiver anonymity Message-ID: Hi, I thought that there might be a chosen-ciphertext attack on receiver anonymity for a message to multiple recipients. I wanted to check my understanding of how GPG handles a certain case to see if this is a problem. The specific case I am worried about is when the "throw-keyid" option is used to encrypt a message to multiple recipients. My understanding is that the throw-keyid option should hide the identity of the a receiver of the message (by throwing away the key-id) even from other receivers of a message. Suppose I made such an encryption of M to Alice and Bob, then the hybrid encryption (at a high level) would look something like this: 1)Choose random symmetric key key K 2)Ciphertext: (C1,C2,C')=E_{KeyAlice}(K)E_{KeyBob}(K),E_K(Message) where C1,C2 are asymmetric encryption and C' is a symmetric key encryption. At this point Alice and Bob can both decrypt the message, but neither can tell if the other was the other receiver. Suppose Bob suspects Alice was the other receiver. Then he can create a ciphertext: (C1,C'')=E_{KeyAlice}(K)E_K(NewMessage) and send this to Alice, if Alice responds to this in a meaningful way she was the other receiver. NewMessage could be something simple like "Do you want to go to lunch?" which would likely elicit a response. Note, this can be a problem even if the ciphers are CCA-secure. Anyway, I wanted to see if my understanding of how this was implemented was correct. Can anyone comment on this? -Brent