Gnupg-devel Digest, Vol 109, Issue 3
tom m
reven1280 at gmail.com
Mon Oct 15 12:15:58 CEST 2012
Den 11. okt. 2012 21.08 skrev <gnupg-devel-request at gnupg.org> følgende:
>
> Send Gnupg-devel mailing list submissions to
> gnupg-devel at gnupg.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://lists.gnupg.org/mailman/listinfo/gnupg-devel
> or, via email, send a message with subject or body 'help' to
> gnupg-devel-request at gnupg.org
>
> You can reach the person managing the list at
> gnupg-devel-owner at gnupg.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Gnupg-devel digest..."
>
> Today's Topics:
>
> 1. Re: gpgme-tool socket interface (W. Trevor King)
> 2. GPGME install requirements (Roberto Aguilar)
> 3. Re: GnuPG 2.1 - import of secret key fail with IPC error
> (Werner Koch)
> 4. Re: GPGME install requirements (Werner Koch)
> 5. NeuG and FST-01 (NIIBE Yutaka)
> 6. Re: gpgme-tool socket interface (W. Trevor King)
> 7. Re: [PATCH v2] gpgme-tool: escape special characters in
> output XML data (<, >, and &). (Werner Koch)
> 8. Re: gpgme-tool socket interface (Werner Koch)
> 9. Re: gpgme-tool socket interface (Werner Koch)
> 10. Re: gpgme-tool socket interface (W. Trevor King)
>
>
> ---------- Forwarded message ----------
> From: "W. Trevor King" <wking at tremily.us>
> To: gnupg-devel at gnupg.org
> Cc:
> Date: Sun, 07 Oct 2012 19:41:41 -0400
> Subject: Re: gpgme-tool socket interface
> With Python 3.3 officially released, I can now use socket.sendmsg() to
> send FDs to Assuan servers listening on Unix sockets. This means
> pgp-mime can communicate with a persistent gpgme-tool server (sweet!),
> where I used to use subprocess.Popen() to fork/exec a client for every
> transaction and pass the file descriptors via process inheritance
> (yuck!).
>
> This works on my local system, with a patched version of gpgme-tool
> that uses the cues off the existing -s/--server option to run as a
> fork/exec server listening on a Unix socket instead of running as a
> pipe server.
>
> The problem is getting this to a releasable state without forking
> gpgme-tool. We discussed this back in April [1], but I was pushing
> for additional socket-server utility code in libassuan, and that
> didn't seem to be going over very well. I still think that's the best
> way to go, but if changes to GPGME are more likely to be accepted, I
> can go that way instead. I'll volunteer myself to work up patches for
> any of the following:
>
> a) libassuan: Some variation on my original suggestion: a helper
> function to spawn an Assuan server (either pipe or socket) which
> handles all the usual setup/teardown internally. Both gpg-agent
> and gpgme-tool would then use this function, so it would have to be
> sufficiently flexible to handle both cases. API to-be-determined.
>
> b) gpgme: copy gpg-agent's socket handling code into gpgme-tool (with
> copy-paste commits for proper attribution, followed by integration
> commits by me).
>
> c) same as (b), but I'll write up the socket handling from scratch
> (man pages, etc.) to keep the code-base distinct from GnuPG. Since
> I can't look at gpg-agent's code, I'll probably someone else to
> handle the MS Windows side, if people want that to be supported.
> Since we're just adding functionality, I see no reason why Windows
> *must* be supported.
>
> d) Other approaches?
>
> Of course, if someone else wants to do the legwork, I'm happy to sit
> back and use your code ;).
>
> Cheers,
> Trevor
>
> [1]:
http://thread.gmane.org/gmane.comp.encryption.gpg.devel/16843/focus=16865
>
> --
> This email may be signed or encrypted with GnuPG (http://www.gnupg.org).
> For more information, see http://en.wikipedia.org/wiki/Pretty_Good_Privacy
>
>
> ---------- Forwarded message ----------
> From: Roberto Aguilar <roberto.c.aguilar at gmail.com>
> To: gnupg-devel at gnupg.org
> Cc:
> Date: Sun, 7 Oct 2012 16:07:00 -0700
> Subject: GPGME install requirements
> Hello,
>
> I have been struggling to get an OS X application to use GPGME. Per
> the instructions I found on the Internet, I built and installed
> libassuan, libgpg-error, and gpgme. Just those three fail with the
> message "invalid crypto engine".
>
> Further searching suggested installing gpg2, which I did from source,
> but then had trouble with pinentry.
>
> As a last ditch effort, I installed the GPGTools package [1], rebuilt
> gpgme, and now the program that uses gpgme works.
>
> >From here I'm trying to deduce what libraries from within the GPGTools
> package is gpgme requiring.
>
> I've done some cursory tests and confirm that if the binary gpg2 is
> not available GPGME does not work. Does gpgme shell out to gpg2
> internally?
>
> Thanks for the help!
> -Roberto.
>
> [1] http://gpgtools.org/
>
>
>
>
> ---------- Forwarded message ----------
> From: Werner Koch <wk at gnupg.org>
> To: Kristian Fiskerstrand <kristian.fiskerstrand at sumptuouscapital.com>
> Cc: GnuPG Development List <gnupg-devel at gnupg.org>
> Date: Mon, 08 Oct 2012 11:20:04 +0200
> Subject: Re: GnuPG 2.1 - import of secret key fail with IPC error
> On Sun, 7 Oct 2012 15:34, kristian.fiskerstrand at sumptuouscapital.com
> said:
>
> > When trying to import one of my more non-standard (in the sense that it
> > is a 15360 bits RSA/ElGamal key pair) I get "Too much data for IPC
> > layer" as shown in #Snippet 1# below. The key is fully functional in
>
> Well, the error message could be better. At least it detects such DoS
> style keys ;-)
>
>
> Salam-Shalom,
>
> Werner
>
> --
> Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
>
>
>
>
>
> ---------- Forwarded message ----------
> From: Werner Koch <wk at gnupg.org>
> To: Roberto Aguilar <roberto.c.aguilar at gmail.com>
> Cc: gnupg-devel at gnupg.org
> Date: Mon, 08 Oct 2012 14:13:26 +0200
> Subject: Re: GPGME install requirements
> On Mon, 8 Oct 2012 01:07, roberto.c.aguilar at gmail.com said:
>
> > I've done some cursory tests and confirm that if the binary gpg2 is
> > not available GPGME does not work. Does gpgme shell out to gpg2
> > internally?
>
> Sure. GPGME delegates its actual work to a crypto engine, which is
> gpgsm for S/MIME and gpg for OpenPGP. GnuPG 2.x installs by default
> under the name gpg2 and GPGME may or may not know about this - it
> depends on how you built it (cf. configure option --with-gpg=NAME).
>
>
> Shalom-Salam,
>
> Werner
>
> --
> Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
>
>
>
>
>
> ---------- Forwarded message ----------
> From: NIIBE Yutaka <gniibe at fsij.org>
> To: gnupg-devel at gnupg.org
> Cc:
> Date: Tue, 09 Oct 2012 12:44:00 +0900
> Subject: NeuG and FST-01
> Hello,
>
> Version 0.03 of NeuG, a True Random Number Generator Implementation
> (for STM32F103), is released.
>
> While my intention of developing NeuG is for use as part of Gnuk, I
> think that stand alone version of NeuG device (it runs as
> /dev/ttyACM0) is also useful to feed entropy to your computer. For
> example, it is useful when you generate many GnuPG keys.
>
> I wrote a page for NeuG:
>
> http://www.gniibe.org/memo/development/gnuk/rng/neug
>
> Your comments will be appreciated.
>
>
> Besides, the hardware, FST-01 (evaluation board) is available now.
> Last year, I designed this board for Gnuk, and the design of its PCB
> is freely available. So far, only the prototype version of the
> hardware has existed, but now, the mass production version is
> available. Please visit our WiKi page for FST-01.
>
> http://www.seeedstudio.com/wiki/FST-01
>
> Happy Hacking,
> --
>
>
>
>
>
>
>
> ---------- Forwarded message ----------
> From: "W. Trevor King" <wking at tremily.us>
> To: gnupg-devel at gnupg.org
> Cc:
> Date: Wed, 10 Oct 2012 11:22:41 -0400
> Subject: Re: gpgme-tool socket interface
> On Sun, Oct 07, 2012 at 07:41:41PM -0400, W. Trevor King wrote:
> > b) gpgme: copy gpg-agent's socket handling code into gpgme-tool (with
> > copy-paste commits for proper attribution, followed by integration
> > commits by me).
> >
> > c) same as (b), but I'll write up the socket handling from scratch
> > (man pages, etc.) to keep the code-base distinct from GnuPG. Since
> > I can't look at gpg-agent's code, I'll probably someone else to
> > handle the MS Windows side, if people want that to be supported.
> > Since we're just adding functionality, I see no reason why Windows
> > *must* be supported.
>
> A very rough commit along the lines of (c) is in my `socket` branch
> [1], if anyone wants to poke about.
>
> [1]: http://git.tremily.us/?p=gpgme.git
>
> --
> This email may be signed or encrypted with GnuPG (http://www.gnupg.org).
> For more information, see http://en.wikipedia.org/wiki/Pretty_Good_Privacy
>
>
> ---------- Forwarded message ----------
> From: Werner Koch <wk at gnupg.org>
> To: "W. Trevor King" <wking at tremily.us>
> Cc: GnuPG <gnupg-devel at gnupg.org>
> Date: Thu, 11 Oct 2012 17:05:52 +0200
> Subject: Re: [PATCH v2] gpgme-tool: escape special characters in output
XML data (<, >, and &).
> On Sat, 6 Oct 2012 17:30, wking at tremily.us said:
> > src/gpgme-tool.c (result_xml_escape_replacement, result_xml_escape):
> > New.
> > (result_xml_tag_data): Use result_xml_escape() to escape data.
> > (result_add_error): Use unescaped < and >.
>
> Applied. I also commited an additional change to make the code more
> robust.
>
>
> Salam-Shalom,
>
> Werner
>
> --
> Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
>
>
>
>
>
> ---------- Forwarded message ----------
> From: Werner Koch <wk at gnupg.org>
> To: "W. Trevor King" <wking at tremily.us>
> Cc: gnupg-devel at gnupg.org
> Date: Thu, 11 Oct 2012 17:18:30 +0200
> Subject: Re: gpgme-tool socket interface
> On Mon, 8 Oct 2012 01:41, wking at tremily.us said:
>
> > for additional socket-server utility code in libassuan, and that
> > didn't seem to be going over very well. I still think that's the best
>
> Right, it is too hard to get this into Libassuan in a flexible way. You
> would end up with something as complicated as the gpgme event code.
>
> > a) libassuan: Some variation on my original suggestion: a helper
> > function to spawn an Assuan server (either pipe or socket) which
> > handles all the usual setup/teardown internally. Both gpg-agent
>
> If it ever turns out that this is required by a lot of other code, we
> can revisit this then.
>
> > b) gpgme: copy gpg-agent's socket handling code into gpgme-tool (with
> > copy-paste commits for proper attribution, followed by integration
>
> Fine. However, gpg-agent heavily relies on nPth semantics. This is
> probably not what you want.
>
> > c) same as (b), but I'll write up the socket handling from scratch
> > (man pages, etc.) to keep the code-base distinct from GnuPG. Since
> > I can't look at gpg-agent's code, I'll probably someone else to
> > handle the MS Windows side, if people want that to be supported.
>
> Actually we have a platform independent socket abstraction in libassuan
> for that purpose. Check out how it is done in dirmngr or gpg-agent.
>
> > Since we're just adding functionality, I see no reason why Windows
> > *must* be supported.
>
> We can talk about neglecting WindowsCE, but Windows is a/the mainstream
> platform and thus we should support it.
>
>
> Shalom-Salam,
>
> Werner
>
> --
> Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
>
>
>
>
>
> ---------- Forwarded message ----------
> From: Werner Koch <wk at gnupg.org>
> To: "W. Trevor King" <wking at tremily.us>
> Cc: gnupg-devel at gnupg.org
> Date: Thu, 11 Oct 2012 17:20:24 +0200
> Subject: Re: gpgme-tool socket interface
> On Wed, 10 Oct 2012 17:22, wking at tremily.us said:
>
> > A very rough commit along the lines of (c) is in my `socket` branch
>
> Is there a reason why you do not use assuan_sock_new et al?
>
>
> Salam-Shalom,
>
> Werner
>
> --
> Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
>
>
>
>
>
> ---------- Forwarded message ----------
> From: "W. Trevor King" <wking at tremily.us>
> To: gnupg-devel at gnupg.org
> Cc:
> Date: Thu, 11 Oct 2012 15:07:43 -0400
> Subject: Re: gpgme-tool socket interface
> On Thu, Oct 11, 2012 at 05:18:30PM +0200, Werner Koch wrote:
> > > b) gpgme: copy gpg-agent's socket handling code into gpgme-tool (with
> > > copy-paste commits for proper attribution, followed by integration
> >
> > Fine. However, gpg-agent heavily relies on nPth semantics. This is
> > probably not what you want.
>
> The socket setup and teardown shouldn't be too tied up in the
> threading, so I'll take a look.
>
> > > c) same as (b), but I'll write up the socket handling from scratch
> > > (man pages, etc.) to keep the code-base distinct from GnuPG. Since
> > > I can't look at gpg-agent's code, I'll probably someone else to
> > > handle the MS Windows side, if people want that to be supported.
> >
> > Actually we have a platform independent socket abstraction in libassuan
> > for that purpose. Check out how it is done in dirmngr or gpg-agent.
>
> Good point. I'm talking a look at that now.
>
> On Thu, Oct 11, 2012 at 05:20:24PM +0200, Werner Koch wrote:
> > On Wed, 10 Oct 2012 17:22, wking at tremily.us said:
> > > A very rough commit along the lines of (c) is in my `socket` branch
> >
> > Is there a reason why you do not use assuan_sock_new et al?
>
> I didn't read the libassuan manual thoroughly enough ;).
>
> I'm a bit confused about how to handle listen() and accept(), which
> are not wrapped by libassuan. libassuan's test/ce-server.c uses
> SOCKET2HANDLE() and HANDLE2SOCKET() defined in assuan-def.h to convert
> between `assuan_fd_t`s and `int`s, while gpg-agent uses INT2FD() and
> FD2INT() defined in sysutils.h to convert between `gnupg_fd_t`s and
> `int`s. Perhaps I should be using assuan_fdopen() instead of
> INT2FD()? I'm not sure what the most idomatic approach is.
>
> I've rebased my socket branch against the new master, and slacked off
> on commit messages. I'll beat them back into shape once the code gets
> to a merge-able state.
>
> --
> This email may be signed or encrypted with GnuPG (http://www.gnupg.org).
> For more information, see http://en.wikipedia.org/wiki/Pretty_Good_Privacy
>
> _______________________________________________
> Gnupg-devel mailing list
> Gnupg-devel at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20121015/8bcfb76d/attachment-0001.htm>
More information about the Gnupg-devel
mailing list