Re: dirmngr cygwin resolv.conf
On 7/4/2018 4:05 AM, NIIBE Yutaka wrote: Werner Koch wrote: ... on Windows. Actually I developed the fallback on Windows becuase there it is easier to install the Tor browser. Anyway, Gniibe probably found and fixed the problem in our DNS resolver. I suggest to wait for the next release - probably next week. That's not for Cygwin on Windows, but for GNU/Linux. In dirmngr, the DNS resolver using Tor assumes that it returns ECONNREFUSED when Tor doesn't run at 9050, then, it tries to the port 9150. There was a bug of the DNS resolver. When there are multiple "nameserver" in /etc/resolv.conf, it should try all. It was fixed, but this fix had a side effect for ECONNREFUSED fallback mechanism for using Tor. This was fixed on Monday. For the particular issue for Cygwin, it seems that connect(2) in Cygwin environment may return EPERM instead of ECONNREFUSED. I suspect this. I'm willing to confirm that but I'm not sure how I would do that!? -- John Doe ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: dirmngr cygwin resolv.conf
Werner Koch wrote: > ... on Windows. Actually I developed the fallback on Windows becuase > there it is easier to install the Tor browser. Anyway, Gniibe probably > found and fixed the problem in our DNS resolver. I suggest to wait for > the next release - probably next week. That's not for Cygwin on Windows, but for GNU/Linux. In dirmngr, the DNS resolver using Tor assumes that it returns ECONNREFUSED when Tor doesn't run at 9050, then, it tries to the port 9150. There was a bug of the DNS resolver. When there are multiple "nameserver" in /etc/resolv.conf, it should try all. It was fixed, but this fix had a side effect for ECONNREFUSED fallback mechanism for using Tor. This was fixed on Monday. For the particular issue for Cygwin, it seems that connect(2) in Cygwin environment may return EPERM instead of ECONNREFUSED. I suspect this. We can add the case of EPERM for Cygwin for workaround... -- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Pinentry: Inappropriate ioctl for device when getting smartcard PIN
On 06/29/2018 07:45 PM, Jacob Adams wrote: > On 06/27/2018 04:50 PM, Jacob Adams wrote: >> I've got another pinentry problem unfortunately. >> The tty is owned by the correct user this time and $GPG_TTY is set >> correctly. >> >> I have two gpgme contexts, one for openpgp and another for assuan >> commands to the smartcard. Pinentry triggered by the openpgp context >> works perfectly, but any pinentry launched in service of the assuan >> context fails with the error in the subject. They're both using the same >> gpg-agent launched shortly after the creation of the openpgp context >> with gpgconf --launch gpg-agent. >> >> The relevant logs are available at: >> https://salsa.debian.org/tookmund-guest/pgpcr/issues/10 >> > It appears that tty_name is not being set, despite the fact that GPG_TTY > is set and thus gpg-agent has this information from the previous Context. > >> I'm really not sure what's going wrong here and any insight would be >> much appreciated. I have a solution for this but it's definitely the wrong solution. I've applied the following patch to pinentry to fix this problem: --- a/pinentry/pinentry-curses.c +++ b/pinentry/pinentry-curses.c @@ -1187,7 +1187,8 @@ alarm (pinentry->timeout); } #endif - + if (pinentry->ttyname == NULL) +pinentry->ttyname = getenv("GPG_TTY"); rc = dialog_run (pinentry, pinentry->ttyname, pinentry->ttytype); do_touch_file (pinentry); return rc; Clearly this is not the right approach as it appears that gpg-agent is supposed to handle the GPG_TTY variable. For some reason, it is simply not passing it on to pinentry in this one case. I've tried to reproduce this issue in a separate program but have been unsuccessful. However it's consistently reproducible without this patch in my program. Does anyone have an insight into why this patch would be required? Thanks, Jacob signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Generating NIST/Brainpool subkeys with GPGME
On Mon, 2 Jul 2018 18:03, tookm...@gmail.com said: > Should I file a bug against GPGME? GPG? Not really sure where the > problem is here. Against gpg. I won't assign it a high priority, though. Shalom-Salam, Werner -- # Please read: Daniel Ellsberg - The Doomsday Machine # Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. pgpJjhMEGMK8J.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpg2 --refresh-keys does not talk to dirmngr?
On Mon, 2 Jul 2018 21:22, dirk.gottschalk1...@googlemail.com said: > localhost. This is not my intention. I have a running server in my > network which rund Suid/Provoxy/TOR. Is it possible to connect to this > tor server on the socks port for doing LDAP, WKD, or DANE Lookups? No, this is currently not possible. I can imagine an option or even envvar to give the IP address of the Tor server. An envvar would have the advantage that it can all be handled in Libassuan without any new code in GnuPG. Please open a feature request on dev.gnupg.org Salam-Shalom, Werner -- # Please read: Daniel Ellsberg - The Doomsday Machine # Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. pgpMck630wBWL.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: dirmngr cygwin resolv.conf
On Mon, 2 Jul 2018 20:46, johndoe65...@mail.com said: > It looks like the code that is responsible for falling back to port > 9150 when port 5090 is not available is somehow failing. ... on Windows. Actually I developed the fallback on Windows becuase there it is easier to install the Tor browser. Anyway, Gniibe probably found and fixed the problem in our DNS resolver. I suggest to wait for the next release - probably next week. Shalom-Salam, Werner -- # Please read: Daniel Ellsberg - The Doomsday Machine # Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. pgp_GbRca69Mp.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users