gpgme_op_delete_ext flag GPGME_DELETE_FORCE not working?

2018-06-18 Thread Mike Inman 
Hi,
I've been trying to use the GPGME_DELETE_FORCE flag in gpgme_op_delete_ext,
but I'm still getting not one, but two "Do you really want to delete..."
prompts popping up, one for the secret key, one for the sub-key.  I am
using GPGme version 1.11.1 in combination with gpg 2.2.8 (as confirmed by
runtime query of the versions) built from the git repos by checking out the
following tags:git checkout npth-1.5
git checkout libgpg-error-1.31
git checkout libgcrypt-1.8.2
git checkout libksba-1.3.5
git checkout libassuan-2.5.1
git checkout gnupg-2.2.8
git checkout gpgme-1.11.1

I found this reference in the gpgme 1.10.0 changelog:
*src/engine-gpg.c (gpg_delete): Likewise. Implement GPGME_DELETE_FORCE.*
* the key deletes from the keyring as expected, but the behavior is as if
the flag has not been implemented in 1.11.1.  Should I expect the
GPGME_DELETE_FORCE flag to work as described here?
*gpgme_op_delete_ext* *(gpgme_ctx_t ctx, const gpgme_key_t key,
unsigned int flags)*

SINCE: 1.9.1

The function gpgme_op_delete_ext deletes the key key from the key ring of
the crypto engine used by ctx.

flags can be set to the bit-wise OR of the following flags:
GPGME_DELETE_ALLOW_SECRET

SINCE: 1.9.1

If not set, only public keys are deleted. If set, secret keys are deleted
as well, if that is supported.
GPGME_DELETE_FORCE

SINCE: 1.9.1

If set, the user is not asked to confirm the deletion.


Thanks,
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: gnupg.org Listserver maybe misconfigured?

2018-06-18 Thread Mark Rousell 
On 18/06/2018 18:24, Juergen BRUCKNER wrote:
> Hello Mark!
>
> Thank you very much for your answer and clarificattion.

My  pleasure.

-- 
Mark Rousell

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: gnupg.org Listserver maybe misconfigured?

2018-06-18 Thread Juergen BRUCKNER 
Hello Mark!

Thank you very much for your answer and clarificattion.

Am 2018-06-18 um 19:18 schrieb Mark Rousell:
> I note that your bruckner.tk domain appears to have a p=none policy so,
> if I understand all this correctly, it should not matter to you.
> 
> In short, there is nothing to worry about (as far as I can see).
> Everything is working as it should.

best regards
Juergen
-- 
Juergen M. Bruckner
juer...@bruckner.tk



smime.p7s
Description: S/MIME Cryptographic Signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: gnupg.org Listserver maybe misconfigured?

2018-06-18 Thread Mark Rousell 
On 18/06/2018 17:23, Juergen BRUCKNER wrote:
> Hello guys,
>
> could it be happen that the Server for the GnuPG.org Mailinglists is
> kinda misconfigured?
>
> My weekly DMARC-Report says that gnupg.org sent in sum 477 Mails in the
> name of the Domain 'bruckner.tk' last week.
>
> ---snip---
> gnupg.org 
> 217.69.76.57   
> Total SPF Aligned DKIM Aligned
> 251 0%  0%
>
> 2001:aa8:fff1:2100::57
> 
>
> Total SPF Aligned DKIM Aligned
> 226 0%  0%
> ---snip---
>
> Any Ideas?

Isn't that expected and correct behaviour? You post to the list and the
list server forwards your messages (as well as the messages of all other
posters) to list members. The From address of your forwarded emails is
quite correctly shown as the From address of the emails as you sent them.

This is exactly how mail lists have worked for decades and is entirely
normal and correct.

However, due to problems with domains that advertise p=reject DMARC
policies, more and more mail lists are now choosing to munge From
addresses to show messages as being sent from the list address (e.g.
"From: Juergen BRUCKNER via GnuPG Users " instead
of the correct "From: Juergen BRUCKNER ") but this
list does not do this. If this was done, it would prevent your
list-forwarded emails showing up in your DMARC report.

I note that your bruckner.tk domain appears to have a p=none policy so,
if I understand all this correctly, it should not matter to you.

In short, there is nothing to worry about (as far as I can see).
Everything is working as it should.

-- 
Mark Rousell

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

gnupg.org Listserver maybe misconfigured?

2018-06-18 Thread Juergen BRUCKNER 
Hello guys,

could it be happen that the Server for the GnuPG.org Mailinglists is
kinda misconfigured?

My weekly DMARC-Report says that gnupg.org sent in sum 477 Mails in the
name of the Domain 'bruckner.tk' last week.

---snip---
gnupg.org 
217.69.76.57 
Total   SPF Aligned DKIM Aligned
251 0%  0%

2001:aa8:fff1:2100::57


Total   SPF Aligned DKIM Aligned
226 0%  0%
---snip---

Any Ideas?

best regards
Juergen
-- 
Juergen M. Bruckner
juer...@bruckner.tk



smime.p7s
Description: S/MIME Cryptographic Signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Upgrading 2.0.20 to 2.2.24

2018-06-18 Thread felix 
On Mon, Jun 18, 2018 at 03:19:53PM +0200, Kristian Fiskerstrand wrote:
> On 06/18/2018 03:06 PM, fe...@crowfix.com wrote:
> > Says it imported the secret keys, but doesn't show them.
> 
> Any chance they are expired? Try playing with --list-options, in
> particular the show-unusable-* variants
> 
> Are they listed with --list-keys ?

>From the 2.0.20 machiine:

  $ gpg --list-secret-keys
  /home/felix/.gnupg/secring.gpg
  --
  sec   1024D/182E8151 1999-12-06
  uid  Felix Finch (Scarecrow Repairman) 
  ssb   2048g/A3362105 1999-12-06

  sec   1024D/4D3D351A 1999-12-06
  uid  Felix Finch (Remote Access) 
  ssb   1024g/C2422DAD 1999-12-06

  $ gpg --list-keys
  /home/felix/.gnupg/pubring.gpg
  --
  pub   1024D/182E8151 1999-12-06
  uid  Felix Finch (Scarecrow Repairman) 
  sub   2048g/A3362105 1999-12-06

  pub   1024D/4D3D351A 1999-12-06
  uid  Felix Finch (Remote Access) 
  sub   1024g/C2422DAD 1999-12-06

  $ ls -al .gnupg
  total 38
  drwx--  4 felix users  360 Jun 18 05:48 .
  drwx-- 68 felix users 5744 Jun 18 00:00 ..
  -r  1 felix users   42 Sep  3  2008 gpg-agent.conf
  -r  1 felix users   51 Sep  3  2008 .gpg-agent-info
  -r  1 felix users 2844 Nov 26  2004 options
  drwx--  2 felix users   48 Jun  7  2007 private-keys-v1.d
  -rw---  1 felix users 2088 Jun  7  2012 pubring.gpg
  -rw---  1 felix users 2072 Dec  5  1999 pubring.gpg~
  -rw---  1 felix users  600 Jun 17 15:08 random_seed
  drwx--  2 felix users  152 Sep  3  2008 RCS
  -rw---  1 felix users 2836 Dec  5  1999 secring.gpg
  -rw---  1 felix users 1280 Jun  7  2012 trustdb.gpg
  $

>From the 2.2.24 machine:

  $ gpg --list-secret-keys
  $ gpg --list-keys
  /home/felix/.gnupg/pubring.kbx
  --
  pub   dsa1024 1999-12-06 [SCA]
E9874493C860246C3B1E6477783876E9182E8151
uid   [ unknown] Felix Finch (Scarecrow Repairman) 

sub   elg2048 1999-12-06 [E]

  pub   dsa1024 1999-12-06 [SCA]
7689998F39D1EA2F37AECF5844752F7C4D3D351A
uid   [ unknown] Felix Finch (Remote Access) 

sub   elg1024 1999-12-06 [E]

  $ ls -al .gnupg
  total 192
  drwx--  4 felix felix  4096 Jun 18 05:52 .
  drwx-- 75 felix felix 32768 Jun 17 12:37 ..
  -r  1 felix felix42 Sep  3  2008 gpg-agent.conf
  -r  1 felix felix51 Sep  3  2008 .gpg-agent-info
  -rw---  1 felix felix 0 Jun 18 05:52 .gpg-v21-migrated
  -r  1 felix felix  2844 Nov 26  2004 options
  drwx--  2 felix felix  4096 Oct 22  2017 private-keys-v1.d
  -rw---  1 root  root  12226 Oct 22  2017 pubring.gpg
  -rw---  1 root  root  12226 Oct 22  2017 pubring.gpg~
  -rw---  1 felix felix  2484 Jun 17 13:44 pubring.kbx
  -rw---  1 felix felix  1385 Jun 17 13:44 pubring.kbx~
  -rw---  1 felix felix   600 Jun 17 15:17 random_seed
  drwx--  2 felix felix  4096 Sep  3  2008 RCS
  -rw---  1 felix felix  2836 Dec  5  1999 secring.gpg
  -rw---  1 felix felix  1280 Jun 17 14:54 trustdb.gpg
  $ 

-- 
... _._. ._ ._. . _._. ._. ___ .__ ._. . .__. ._ .. ._.
 Felix Finch: scarecrow repairman & wood chipper / fe...@crowfix.com
  GPG = E987 4493 C860 246C 3B1E  6477 7838 76E9 182E 8151 ITAR license #4933
I've found a solution to Fermat's Last Theorem but I see I've run out of room o

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Upgrading 2.0.20 to 2.2.24

2018-06-18 Thread Kristian Fiskerstrand 
On 06/18/2018 03:06 PM, fe...@crowfix.com wrote:
> Says it imported the secret keys, but doesn't show them.

Any chance they are expired? Try playing with --list-options, in
particular the show-unusable-* variants

Are they listed with --list-keys ?

Try importing the public keyring separately, in case there is sync issue
and that has been updated without secring being updated.
-- 

Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk

Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3

"Excellence is not a singular act but a habit. You are what you do
repeatedly."
(Shaquille O'Neal)



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Upgrading 2.0.20 to 2.2.24

2018-06-18 Thread felix 
On Mon, Jun 18, 2018 at 08:36:38AM +0200, Werner Koch wrote:
> On Mon, 18 Jun 2018 07:44, skqu...@rushpost.com said:
> 
> > The format secret keys are stored in changed between 2.0.x and 2.1.x. It
> > is possible that 2.2.x no longer has the code in it to migrate to the
> 
> 2.2 still has the migration code.  However, once a migration is done it
> will not be done again.  Thus adding a new key with an old version of gpg
> at least the secret key won't show up in a newer gpg version.
> 
> > new format, in which case you might need to import secring.gpg manually
> > and set the trust to ultimate manually as well.
> 
> Right.  The official way to do this is to run 
>   gpg --export-secret-key KEYID >FILE
> using the old version of gpg and then to run
>   gpg --import  using the new version of gpg.  It is also possible to delete the file
> ~/.gnupg/.gpg-v21-migrated so that a migration will be triggered again.

Thanks -- but that didn't do the trick.

  $ gpg --list-secret-keys
  gpg: starting migration from earlier GnuPG versions
  gpg: porting secret keys from '/home/felix/.gnupg/secring.gpg' to gpg-agent
  gpg: key 783876E9182E8151: secret key imported
  gpg: key 44752F7C4D3D351A: secret key imported
  gpg: migration succeeded
  $ gpg --list-secret-keys
  $ 

Says it imported the secret keys, but doesn't show them.  Don't think it's
permissions; the only read-only files are options, gpg-agent.conf, and
.gpg-agent-info.  Killed gpg-agent; it restarted fine, but gpg still doesn't
show the secret keys.

I'll have to try the export-import angle later; the old machine is old enough
that physically copying files requires some legwork.

-- 
... _._. ._ ._. . _._. ._. ___ .__ ._. . .__. ._ .. ._.
 Felix Finch: scarecrow repairman & wood chipper / fe...@crowfix.com
  GPG = E987 4493 C860 246C 3B1E  6477 7838 76E9 182E 8151 ITAR license #4933
I've found a solution to Fermat's Last Theorem but I see I've run out of room o

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Upgrading 2.0.20 to 2.2.24

2018-06-18 Thread Werner Koch 
On Mon, 18 Jun 2018 07:44, skqu...@rushpost.com said:

> The format secret keys are stored in changed between 2.0.x and 2.1.x. It
> is possible that 2.2.x no longer has the code in it to migrate to the

2.2 still has the migration code.  However, once a migration is done it
will not be done again.  Thus adding a new key with an old version of gpg
at least the secret key won't show up in a newer gpg version.

> new format, in which case you might need to import secring.gpg manually
> and set the trust to ultimate manually as well.

Right.  The official way to do this is to run 
  gpg --export-secret-key KEYID >FILE
using the old version of gpg and then to run
  gpg --import 

pgpS16YG0wb2s.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users