Gnupg-devel Digest, Vol 159, Issue 22
brian huffman
findaphone40 at gmail.com
Fri Dec 23 18:09:25 CET 2016
If you only knew
On Dec 22, 2016 8:33 AM, <gnupg-devel-request at gnupg.org> wrote:
> Send Gnupg-devel mailing list submissions to
> gnupg-devel at gnupg.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://lists.gnupg.org/mailman/listinfo/gnupg-devel
> or, via email, send a message with subject or body 'help' to
> gnupg-devel-request at gnupg.org
>
> You can reach the person managing the list at
> gnupg-devel-owner at gnupg.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Gnupg-devel digest..."
>
> Today's Topics:
>
> 1. Re: gnupg-2.1.17 test segfaults on i686 (Justus Winter)
> 2. Re: gnupg-2.1.17 test segfaults on i686 (Werner Koch)
> 3. [PATCH GnuPG] gpgscm: Guard use of union member. (Justus Winter)
> 4. Re: gnupg-2.1.17 feedback: list of successes (Werner Koch)
> 5. Re: Problems with pip install gpg (Werner Koch)
> 6. Re: Problems with pip install gpg (Peter Lebbing)
> 7. Re: Problems with pip install gpg (Bjarni Runar Einarsson)
> 8. Re: Problems with pip install gpg (Werner Koch)
>
>
> ---------- Forwarded message ----------
> From: Justus Winter <justus at g10code.com>
> To: Werner Koch <wk at gnupg.org>, Gaetan Bisson <bisson at archlinux.org>
> Cc: gnupg-devel at gnupg.org
> Date: Thu, 22 Dec 2016 11:20:51 +0100
> Subject: Re: gnupg-2.1.17 test segfaults on i686
> Werner Koch <wk at gnupg.org> writes:
>
> > [ Unknown signature status ]
> > On Tue, 20 Dec 2016 21:42, bisson at archlinux.org said:
> >
> >> I'm getting the following error when running the gnupg-2.1.17 testsuite
> >> on 32-bit Arch Linux platforms:
> >
> > I can replicate that on a 32 bit box. The bug is in our test script
> > interpreter and thus is independant of the other gnupg code.
>
> Indeed :( I pushed a fix yesterday. Maybe we should do another release?
>
> > Justus: We better add a 32 bit box to our Jenkins setup.
>
> Yes.
>
>
> Cheers,
> Justus
>
>
> ---------- Forwarded message ----------
> From: Werner Koch <wk at gnupg.org>
> To: Justus Winter <justus at g10code.com>
> Cc: Gaetan Bisson <bisson at archlinux.org>, gnupg-devel at gnupg.org
> Date: Thu, 22 Dec 2016 11:38:17 +0100
> Subject: Re: gnupg-2.1.17 test segfaults on i686
> On Thu, 22 Dec 2016 11:20, justus at g10code.com said:
>
> > Indeed :( I pushed a fix yesterday. Maybe we should do another release?
>
> We have a monthly release schedule but I can imagine to do a fresh
> release earlier in January.
>
> Can you please post the fix here?
>
>
> Salam-Shalom,
>
> Werner
>
> --
> Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
>
>
> ---------- Forwarded message ----------
> From: Justus Winter <justus at g10code.com>
> To: gnupg-devel at gnupg.org
> Cc:
> Date: Thu, 22 Dec 2016 11:46:39 +0100
> Subject: [PATCH GnuPG] gpgscm: Guard use of union member.
> * tests/gpgscm/scheme.c (opexe_5): Check that we have a file port
> before accessing filename. Fixes a crash on 32-bit architectures.
>
> Fixes-commit: e7429b1ced0c69fa7901f888f8dc25f00fc346a4
> Signed-off-by: Justus Winter <justus at g10code.com>
> ---
> tests/gpgscm/scheme.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/tests/gpgscm/scheme.c b/tests/gpgscm/scheme.c
> index a5b7691fb..284454557 100644
> --- a/tests/gpgscm/scheme.c
> +++ b/tests/gpgscm/scheme.c
> @@ -4838,7 +4838,7 @@ static pointer opexe_5(scheme *sc, enum
> scheme_opcodes op) {
> } else {
> sc->nesting_stack[sc->file_i]++;
> #if USE_TAGS && SHOW_ERROR_LINE
> - {
> + if (sc->load_stack[sc->file_i].kind & port_file) {
> const char *filename =
> sc->load_stack[sc->file_i].rep.stdio.filename;
> int lineno =
> --
> 2.11.0
>
>
>
>
>
> ---------- Forwarded message ----------
> From: Werner Koch <wk at gnupg.org>
> To: "Nelson H. F. Beebe" <beebe at math.utah.edu>
> Cc: gnupg-devel at gnupg.org
> Date: Thu, 22 Dec 2016 11:51:11 +0100
> Subject: Re: gnupg-2.1.17 feedback: list of successes
> On Wed, 21 Dec 2016 19:34, beebe at math.utah.edu said:
> > I've now completed 155 build attempts for gnupg-2.1.17 in our test lab
> > on 125+ flavors of Unix(-like) systems. All of those systems are kept
>
> Thanks for the work you are doing for better portability.
>
> > On the latest DragonFlyBSD 4.7, the build completed, but there were 52
> > FAIL reports, so I did not install it.
>
> There is a bug in the test tools which seems to show uop only on 32 bit
> systems. Unfortunately we do not yet have a 32 bit platform in our
> jenkins.
>
> > It is disappointing to me that GnuPG 2.1.x development requires
> > extremely recent versions of the assuan, gcrypt, gpg-error, ksba, and
> > npth libraries. Even the current most-recent STABLE versions of
>
> We decided to do that because 2.1 was anyway a big cut and thus a good
> opportunity to get rid of old compatibility code.
>
> > because the npth-1.3 configure script apparently did not figure out
> > that -lpthread was needed on those systems.
>
> I created bug 2886 to track this.
>
> Regarding all these build failures: Might they be due to a C99
> requirement we now have in dirmngr and wrong flags passed to allow C99
> in cc? It is possible to disable the use of C99 with the
> --disable-libdns configure option.
>
>
> Salam-Shalom,
>
> Werner
>
> --
> Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
>
>
> ---------- Forwarded message ----------
> From: Werner Koch <wk at gnupg.org>
> To: "Bjarni Rúnar Einarsson" <bre at pagekite.net>
> Cc: GnuPG Development List <gnupg-devel at gnupg.org>
> Date: Thu, 22 Dec 2016 12:07:10 +0100
> Subject: Re: Problems with pip install gpg
> On Wed, 21 Dec 2016 19:39, bre at pagekite.net said:
>
> > My point was that if the bindings were more accessible to developers,
> > developers would be more likely to use them. You guys are really
> > close, but
>
> What I don't understand is why a _developer_ has problems to do the
> usual
>
> ./configure && make
>
> followed by a
>
> make install
>
> as user with appropriate permissions. This used to be one of the first
> advanced things you learned as a sysadmin. I can't imagine that a
> Python developer is missing these basic abilities. And if it is about
> the time this takes: reading the manual and come up with an idea on how
> to use a library will for sure take more time. Or are we living in a
> copy+paste examples world now?
>
> But well, I as one of these gray haired Unix folks I have a hard time
> realizing that a shell is not anymore the basic interface for a
> hacker. (cf. today's <https://lwn.net/Articles/709769/>)
>
>
> Salam-Shalom,
>
> Werner
>
> --
> Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
>
>
> ---------- Forwarded message ----------
> From: Peter Lebbing <peter at digitalbrains.com>
> To: "Bjarni Rúnar Einarsson" <bre at pagekite.net>, GnuPG Development List <
> gnupg-devel at gnupg.org>
> Cc:
> Date: Thu, 22 Dec 2016 14:14:23 +0100
> Subject: Re: Problems with pip install gpg
> On 22/12/16 12:07, Werner Koch wrote:
> > What I don't understand is why a _developer_ has problems to do the
> > usual
>
> At the start of the topic, Bjarni wrote:
>
> > Generally, mature python libraries take care to either include
> > logic to build their C dependencies as part of pip install, or
> > the packager provides binaries (or both).
>
> If this is what a Python dev is accustomed to and expects, doesn't it
> make sense for the gpg module to do this as well?
>
> "pip" and a distro package manager solve similar problems (unfortunately
> also running into eachother that way). A distro package manager would
> download and install a library dependency as well, not error out to the
> user to compile a library from source.
>
> I presume the right thing for "pip" to do would be to use an already
> installed library if it can, or automatically install the needed
> version. The state of the computer at the end would be the same as when
> the user downloaded and compiled the library manually, only it was done
> for them automatically.
>
> My 2 cents,
>
> Peter.
>
> --
> I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
> You can send me encrypted mail if you want some privacy.
> My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
>
>
>
>
> ---------- Forwarded message ----------
> From: Bjarni Runar Einarsson <bre at pagekite.net>
> To: Werner Koch <wk at gnupg.org>
> Cc: GnuPG Development List <gnupg-devel at gnupg.org>
> Date: Thu, 22 Dec 2016 12:19:42 -0000
> Subject: Re: Problems with pip install gpg
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi Werner!
>
> Werner Koch <wk at gnupg.org> wrote:
> >
> > What I don't understand is why a _developer_ has problems to do
> > the usual
> >
> > ./configure && make
> >
> > followed by a
> >
> > make install
>
> This is what "pip install" is for. It automates this process, so
> a Python developer doesn't also have to be a C developer.
>
> It (along with virtualenv) also handles scoping of the installed
> libraries, so developers don't have to install (potentially
> conflicting) development libraries system-wide. This involves
> setting a bunch of ./configure arguments (prefix etc.). Getting
> all of those things right, for multiple libraries, is a lot of
> boring, error-prone work. The Python community has decided to
> automate this so developers can focus on other things. It's a
> really nice system.
>
> > I can't imagine that a Python developer is missing these basic
> > abilities.
>
> Many are. It doesn't mean they're bad developers, it just means
> they've been able to specialize in other things because the
> sysadmin crap has been automated away.
>
> > And if it is about the time this takes: reading the
> > manual and come up with an idea on how to use a library will
> > for sure take more time. Or are we living in a copy+paste
> > examples world now?
>
> Please consider that the free software community is much larger
> and more diverse than it used to be. Nobody knows how to use all
> the tools anymore! I am guessing you would be annoyed if you were
> required to learn the entire javascript/nodejs toolchain in order
> to contribute a patch to your favourite C project.
>
> People who are hacking on GnuPG should know how to check out,
> build and configure GnuPG. In my opinion, people hacking on other
> things shouldn't have to.
>
> So if a developer wants to check out Mailpile, change the way
> e-mail addresses are formatted in the user interface and see it
> work, then requiring they know how to build and install GnuPG
> first is a major problem. It's out of scope for what they are
> trying to do and it's a major barrier to entry.
>
> If you think this is unreasonable, then we will just have to
> agree to disagree on that.
>
> The fact remains that I am not going to use GPGME if it means
> losing a large chunk of my contributors and testers. It's just
> not going to happen and I can guarantee that many other projects
> will come to the same conclusion. The GnuPG team has repeatedly
> asked me to use GPGME, and I know some of the people on your team
> are annoyed with me for not doing so. I am trying to explain why
> it's not happening. I would like to use GPGME instead of
> maintaining my own wrapper. But I can't - yet.
>
> I do hope this doesn't sound like I'm making demands. If you guys
> feel this is out of scope or don't have time, that is of course
> your call. I am simply pointing out areas for improvement and
> trying to explain my point of view and that of the Python
> community as I understand it.
>
> Thanks for reading,
> - Bjarni
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
>
> iQEcBAEBAgAGBQJYW8TRAAoJEI4ANxYAz5SRctYH/19bSBtPkgaSROFe1oAMYjVH
> A8PnplMjET7q/4iC+Fpt5nqpJd2XagFQgvP6nFU3eezl+m7+5B2k2iIan3X1gyRz
> Ez9w1AaoqPmZwiB86dDoJn23ica7XOf57sKL4AnFI9NVDGe5bt2HGJppZU62ipFz
> M6Rz1Qf3mHRCI99kr2/depxg9RFjqDtuE3JmD6kM6MD0pvZa0Xm22/tguRwQ9g0Y
> 53VKLSitI+kq9YeuLJmeuIWTfjgcEL9ZyrkKiifcV2KMpXcaGoatufCcVYjkjNEz
> uqF9MxqYgqLD0wGXsDuv2eRQMBJtKMuKgJlUDwTFEVlwW9LIF6+5punf2Yar+bA=
> =amog
> -----END PGP SIGNATURE-----
>
>
> ---------- Forwarded message ----------
> From: Werner Koch <wk at gnupg.org>
> To: Peter Lebbing <peter at digitalbrains.com>
> Cc: "Bjarni Rúnar Einarsson" <bre at pagekite.net>, GnuPG Development List <
> gnupg-devel at gnupg.org>
> Date: Thu, 22 Dec 2016 15:27:14 +0100
> Subject: Re: Problems with pip install gpg
> On Thu, 22 Dec 2016 14:14, peter at digitalbrains.com said:
>
> > If this is what a Python dev is accustomed to and expects, doesn't it
> > make sense for the gpg module to do this as well?
>
> Maybe it was wrong to do that PIP module at all. It was meant to help
> with faster migration to the new gpg module but it seems it has its own
> problems.
>
>
> Shalom-Salam,
>
> Werner
>
> --
> Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
>
> _______________________________________________
> Gnupg-devel mailing list
> Gnupg-devel at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-devel
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20161223/6ce04299/attachment-0001.html>
More information about the Gnupg-devel
mailing list