| Author |
Mail2news code updated
|
|
|
| -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
http://www.bananasplit.info/m2n
Have updated the mail2news code to provide more flexibility in how
emails are passed to the program. Previously it relied on the MTA to
pass the message along with details of the recipient. Now the recipient
is extracted from headers within the message if none is passed from the
MTA.
A bug has been fixed where post-validation left no newsgroups in the
distribution. This resulted in an untrapped exception.
Log messages have been cleaned up and hopefully make more sense. Debug
level is now quite noisy but is (hopefully) useful during setup and
problem determination.
Comments welcomed.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
iQEVAwUBRET/TmoLu9HNUqmMAQqqFAf8C9IH/7GxQ6ROJg5PZqAiTZoarAB6YQZV
rnJH/ qM8tJBgt384bZf1C+7+3bg2zLHXdZLj6TnPxfon1
wXQRnoZjTxfwwGlaYFJ
I/tMvVv+oCg9jv/ 4DPb4+80NC8KOt0BRLYiigjN1l+1aY6vCvlG5dhQ
URzI9zoNT
uVyQe56+CqxGTlVII2cpQ556eHg1V8iS40pdykTk
o0Qi7JZlr9x2YbpekPEi/Nfa
bKqnTfWf/ 7HgrhAMooHV+EJWhmmskr5izLhg193NCKw3yECWH
I3hg3+XKSGCnHXF
7jBK1Ad3vCk4uX446thDIr00islNT84o5KhdJt79
3g+C7XEX3i0P0g==
=tHaA
-----END PGP SIGNATURE-----
--
pub 1024D/8ED57743 2003-07-08 Bananasplit Operator
Key fingerprint = 796F 67E0 E890 A0BB BDAE EBB4 94A6 7A09 8ED5 7743
uid Admin <admin.bananasplit.info>
| |
| E. Nigma 2006-04-20, 7:05 pm |
| In article <e22v0e$h44$1@bananasplit.info>
Zax <fleegle@bananasplit.info> wrote:
|
| -----BEGIN PGP SIGNED MESSAGE-----
| Hash: SHA512
|
| http://www.bananasplit.info/m2n
|
| Have updated the mail2news code to provide more flexibility in how
| emails are passed to the program. Previously it relied on the MTA to
| pass the message along with details of the recipient. Now the recipient
| is extracted from headers within the message if none is passed from the
| MTA.
|
| A bug has been fixed where post-validation left no newsgroups in the
| distribution. This resulted in an untrapped exception.
|
| Log messages have been cleaned up and hopefully make more sense. Debug
| level is now quite noisy but is (hopefully) useful during setup and
| problem determination.
|
| Comments welcomed.
|
| -----BEGIN PGP SIGNATURE-----
| Version: GnuPG v1.4.2.2 (GNU/Linux)
|
| iQEVAwUBRET/TmoLu9HNUqmMAQqqFAf8C9IH/7GxQ6ROJg5PZqAiTZoarAB6YQZV
| rnJH/ qM8tJBgt384bZf1C+7+3bg2zLHXdZLj6TnPxfon1
wXQRnoZjTxfwwGlaYFJ
| I/tMvVv+oCg9jv/ 4DPb4+80NC8KOt0BRLYiigjN1l+1aY6vCvlG5dhQ
URzI9zoNT
| uVyQe56+CqxGTlVII2cpQ556eHg1V8iS40pdykTk
o0Qi7JZlr9x2YbpekPEi/Nfa
| bKqnTfWf/ 7HgrhAMooHV+EJWhmmskr5izLhg193NCKw3yECWH
I3hg3+XKSGCnHXF
| 7jBK1Ad3vCk4uX446thDIr00islNT84o5KhdJt79
3g+C7XEX3i0P0g==
| =tHaA
| -----END PGP SIGNATURE-----
|
| --
| pub 1024D/8ED57743 2003-07-08 Bananasplit Operator
| Key fingerprint = 796F 67E0 E890 A0BB BDAE EBB4 94A6 7A09 8ED5 7743
| uid Admin <admin.bananasplit.info>
-----BEGIN PGP SIGNED MESSAGE-----
Hi Zax:
When I tried,(using PGP Personal Privacy 6.5.3), to decrypt and
verify your PGP Signature on this message, I received a PGP error
- ---cannot hash message. Is my version too old, or do I require a
hash to match yours (Hash: SHA512) or is there keys that I haven't
downloaded yet?
Please excuse my ignorance, I'm not sure what's happening here. This
is the first time I've experienced this PGP error.
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.3
iQEVAwUBREZniNAqdZr/ mrO9AQHWzwgAvs8KzHHlbgK13i5jvYfHbsGUkQXj
soew
D+o6f8aulKgN3jNxEdQx5GAUyNjE+SqaSZVqSNj6
HmhOz/0cJisfc+WBuPx7eGHg
4tFPXTvQ4uJcL2JLkzybNYU9C18zRsTdZ8eo0J1c
HLm74t4kiOBCXA0eMOZBcN1o
aNwZYmDiXqwP6w6Z9cpuS9aaUwLiT4yQqeiSyIbu
q9ql0MTXKP4yJHLvUuqSiUiB
V/ AQA9R+eN7NCN62g4m6vnInnUCFYE0ifonwHoheq+
KLV1TGtZiPUCgbPcLGJhNr
r8RDh1HBo+hpRTdokjpDAe014RDyigFiju/27XrRGv4O1xSuljjhJQ==
=o8ge
-----END PGP SIGNATURE-----
| |
|
| -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 19 Apr 2006 17:41:13 -0000, E Nigma wrote in
Message-Id: <LMXSKCJ838827.0702893519@reece.net.au>:
> When I tried,(using PGP Personal Privacy 6.5.3), to decrypt and
> verify your PGP Signature on this message, I received a PGP error
> - ---cannot hash message. Is my version too old, or do I require a
> hash to match yours (Hash: SHA512) or is there keys that I haven't
> downloaded yet?
I think it must be that your version of PGP is too old to understand
SHA512. When it comes to encryption, PGP (beyond 2.x) has intelligence
within the key that says I shouldn't encrypt a message using a cipher
that isn't in your key's preferences. For signing this can't happen as
I'm not signing the message for a specific user to verify it.
You might want to try GnuPG in combination with Gpg4Win which was just
released this month. The community would probably benefit from some
trusted members giving it a road test. 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
iQEVAwUBREarK2oLu9HNUqmMAQodhwgAqjFNPxeq
ejb64qfTYSIS9ffet5wsRpuc
avqmxrOaH1vaFp9+VnlQjyeybA0HbVHhDOg6vYU7
/tjYWe8stVklhECKqbdVjmoB
8k6z9XkOJeZ39u1O3r05ZIXU2WnpBpAPhZZ0Mh7m
GM7a/3+c4/QwgFpPN9Z/VYgv
kRslyS2sMRaNAZ5UFa0VfC96oyhUjoQP64Y+IGtn
MWEePEGFjyIeUkx091z3Zl/r
xMOkld/9FSe/ I5Inygwewqra9fXTSNKA09aVPY61RHOprC9TBcPN
Anw7p3PBj/9b
LuMDC80j5OModVZi7aC7XI0TLVMexfotkaQD49Jq
cmW0Q5JS9ee2sQ==
=fRc3
-----END PGP SIGNATURE-----
--
pub 1024D/8ED57743 2003-07-08 Bananasplit Operator
Key fingerprint = 796F 67E0 E890 A0BB BDAE EBB4 94A6 7A09 8ED5 7743
uid Admin <admin.bananasplit.info>
| |
| E. Nigma 2006-04-20, 7:05 pm |
| In article <e269vb$3pf$1@bananasplit.info>
Zax <fleegle@bananasplit.info> wrote:
|
| -----BEGIN PGP SIGNED MESSAGE-----
| Hash: SHA512
|
| On 19 Apr 2006 17:41:13 -0000, E Nigma wrote in
| Message-Id: <LMXSKCJ838827.0702893519@reece.net.au>:
|
| > When I tried,(using PGP Personal Privacy 6.5.3), to decrypt and
| > verify your PGP Signature on this message, I received a PGP error
| > - ---cannot hash message. Is my version too old, or do I require a
| > hash to match yours (Hash: SHA512) or is there keys that I haven't
| > downloaded yet?
|
| I think it must be that your version of PGP is too old to understand
| SHA512. When it comes to encryption, PGP (beyond 2.x) has intelligence
| within the key that says I shouldn't encrypt a message using a cipher
| that isn't in your key's preferences. For signing this can't happen as
| I'm not signing the message for a specific user to verify it.
|
| You might want to try GnuPG in combination with Gpg4Win which was just
| released this month. The community would probably benefit from some
| trusted members giving it a road test.
|
(snip)
-----BEGIN PGP SIGNED MESSAGE-----
Thanks Zax. I'll give them a try.
E.
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.3
iQEVAwUBREbIx9AqdZr/mrO9AQFHMQgApOLkTR4RhedAd/U3llsv7EnNHE4W2TfS
1L9Vb5skxoT9U7PJqmvmJa/ e6w5J5LUjD6dsSyubj4ZFWiPMa2RZVmQZ0pLn5Mx
s
1EzlRqsnPFzTpdiAgZ8lNmwBiXYByyS04G/twYbwjtHqpUfVym53v65mNv3zK0py
NxaDkqa8NyL0xVlHR91f5CynQ1C8Icv/ynMWAsvez8u4KZ7YYVB3sAuuOu07eeJq
7/ s8s07+y18WshxwREOj+jQbK8nY5kqGjlY74yO3HO
ay7hTHG4PkBQLMWGuLW6xb
C1BMtIcZDKNgFLSPZgvkHHkPo+ztJDkXoOTHytBN
CB+UsIg/wsNPyA==
=L7dx
-----END PGP SIGNATURE-----
| |
| unknown 2006-04-20, 7:05 pm |
| On Wed, 19 Apr 2006 21:27:07 +0000 (UTC), Zax
<fleegle@bananasplit.info> wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA512
>
>On 19 Apr 2006 17:41:13 -0000, E Nigma wrote in
>Message-Id: <LMXSKCJ838827.0702893519@reece.net.au>:
>
>
>I think it must be that your version of PGP is too old to understand
>SHA512. When it comes to encryption, PGP (beyond 2.x) has intelligence
>within the key that says I shouldn't encrypt a message using a cipher
>that isn't in your key's preferences. For signing this can't happen as
>I'm not signing the message for a specific user to verify it.
>
>You might want to try GnuPG in combination with Gpg4Win which was just
>released this month. The community would probably benefit from some
>trusted members giving it a road test.
>
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1.4.2.2 (GNU/Linux)
>
> iQEVAwUBREarK2oLu9HNUqmMAQodhwgAqjFNPxeq
ejb64qfTYSIS9ffet5wsRpuc
> avqmxrOaH1vaFp9+VnlQjyeybA0HbVHhDOg6vYU7
/tjYWe8stVklhECKqbdVjmoB
> 8k6z9XkOJeZ39u1O3r05ZIXU2WnpBpAPhZZ0Mh7m
GM7a/3+c4/QwgFpPN9Z/VYgv
> kRslyS2sMRaNAZ5UFa0VfC96oyhUjoQP64Y+IGtn
MWEePEGFjyIeUkx091z3Zl/r
>xMOkld/9FSe/ I5Inygwewqra9fXTSNKA09aVPY61RHOprC9TBcPN
Anw7p3PBj/9b
> LuMDC80j5OModVZi7aC7XI0TLVMexfotkaQD49Jq
cmW0Q5JS9ee2sQ==
>=fRc3
>-----END PGP SIGNATURE-----
I also get a bad signature from this message and i use pgp 8.1
| |
|
| -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On Thu, 20 Apr 2006 03:59:46 -0700, unknown wrote in
Message-Id: <nbqe429a8u4pe50n97d6m5hvdk8qqhjkh7@4ax.com>:
> I also get a bad signature from this message and i use pgp 8.1
That surprises me, I thought PGPv8 would certainly handle it. The
message is signed using a subkey:
sub 2048R/CD52A98C 2005-03-16 [expires: 2007-03-16]
Can you check this is included under that main key of:
pub 1024D/8ED57743 2003-07-08
uid Bananasplit Operator
uid Admin <admin@bananasplit.info>
Some PGP keyservers don't handle subkeys properly and they get left out.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
iQEVAwUBREdxzmoLu9HNUqmMAQonywgAmA1OCfrx
8MMsSmpbkg8R82l/eZmWz//e
Mhf1UgY06qkgIL/ QWe2kEOHz8FgnxNCqNt7ezytLeURsoWluzEUW+DU
bnpGqWtyD
Z6SqiDxKzClv7wh9nHmL89Jo7fA8A6P/No4Zcl2LRzwRyCrwYVAgPh/60O8nTWR2
Gid9b8BbcZY1szhRGmLtCbCBbnaOqeEr4aXACS6m
qZ12v2IZY6sdeyV+VFH1TV16
Nf0zvRll1rfar5GQ7uCXHGEon9omH1uD6G0o0wRh
h5vb9RWc127i92xWmPb8EHCV
YjFSpKs8FPPH+N4hr2FK30erRGj8rLY15DichWwq
1vbGTn7+jD3kEA==
=LbiR
-----END PGP SIGNATURE-----
--
pub 1024D/8ED57743 2003-07-08 Bananasplit Operator
Key fingerprint = 796F 67E0 E890 A0BB BDAE EBB4 94A6 7A09 8ED5 7743
uid Admin <admin.bananasplit.info>
| |
|
| -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 20 Apr 2006 00:00:44 -0000, E Nigma wrote in
Message-Id: <XR3VFR1938827.3338425926@reece.net.au>:
>| I think it must be that your version of PGP is too old to understand
>| SHA512. When it comes to encryption, PGP (beyond 2.x) has intelligence
>| within the key that says I shouldn't encrypt a message using a cipher
>| that isn't in your key's preferences. For signing this can't happen as
>| I'm not signing the message for a specific user to verify it.
>|
>| You might want to try GnuPG in combination with Gpg4Win which was just
>| released this month. The community would probably benefit from some
>| trusted members giving it a road test.
>|
> (snip)
>
>
> Thanks Zax. I'll give them a try.
I've just tested this using GnuPG and Gpg4Win. It works fine and the
key verifies correctly. The GUI frontend is nice and appears to work
very well. Only two complaints from me:-
It tries to force me into having a secring, even though I just want to
verify signatures. I ended up having to create a dummy keypair.
When trying to verify a signature made with a public key that's not in
my keyring, it corrupts the keyid in the resulting error message. This
makes it tricky to know what to import.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
iQEVAwUBREdzrWoLu9HNUqmMAQoRNgf+O1Io0jrD
8xPy+5lLEsEMi/EJOCz3EJq0
cADGeUG/ ILjaBhDbZfraO9udkermX17cdhCqgt3MVeAwHiGO
7SjPT8QzSNEuw7z8
w/ NH+EhPFLOLT9TvzaRWJNlz7pHHbLg9nYmw9n9VVP
G84/mgzej4ait3WLqPdDJf
TeOyxAA1vqCVg1AveO2Xqg4KqEJRBDMemEXjw4Iv
efZdfpXqwHmQYR51MwEXOkqI
/b16mkFwAxgAhh4IrsA9/ iTAcr6esBqiPXSzB4PBHa9k9HlJ0c5e6i5uV8U0Q
ATc
q/vLybU3vohovTa+/Hj3M5H0qcNl5mjSgskHJ4B7vkjZLriHIcR8Bg==
=gvoV
-----END PGP SIGNATURE-----
--
pub 1024D/8ED57743 2003-07-08 Bananasplit Operator
Key fingerprint = 796F 67E0 E890 A0BB BDAE EBB4 94A6 7A09 8ED5 7743
uid Admin <admin.bananasplit.info>
| |
| Borked Pseudo Mailed 2006-04-20, 7:05 pm |
| Zax wrote:
> On Thu, 20 Apr 2006 03:59:46 -0700, unknown wrote in Message-Id:
> <nbqe429a8u4pe50n97d6m5hvdk8qqhjkh7@4ax.com>:
>
>
> That surprises me, I thought PGPv8 would certainly handle it. The message
> is signed using a subkey:
> sub 2048R/CD52A98C 2005-03-16 [expires: 2007-03-16]
<snip>
[censored]$ gpg --verify -v bsplit.txt
gpg: armor header: Hash: SHA512
gpg: armor header: Version: GnuPG v1.4.2.2 (GNU/Linux)
gpg: original file name=''
gpg: Signature made Thu 20 Apr 2006 07:34:38 AM EDT using RSA key ID CD52A98C
gpg: using subkey CD52A98C instead of primary key 8ED57743
gpg: using classic trust model
gpg: BAD signature from "Bananasplit Operator"
gpg: textmode signature, digest algorithm SHA512
GnuPG 1.4.2.2 on a *nix box. Same with GnuPG 1.9.20 FWIW.
Wrapping or something silly like that??
| |
| Thomas J. Boschloo 2006-04-20, 7:05 pm |
| -----BEGIN PGP SIGNED MESSAGE-----
Borked Pseudo Mailed wrote:
> Zax wrote:
>
>
> <snip>
>
> [censored]$ gpg --verify -v bsplit.txt
> gpg: armor header: Hash: SHA512
> gpg: armor header: Version: GnuPG v1.4.2.2 (GNU/Linux)
> gpg: original file name=''
> gpg: Signature made Thu 20 Apr 2006 07:34:38 AM EDT using RSA key ID CD52A98C
> gpg: using subkey CD52A98C instead of primary key 8ED57743
> gpg: using classic trust model
> gpg: BAD signature from "Bananasplit Operator"
> gpg: textmode signature, digest algorithm SHA512
>
> GnuPG 1.4.2.2 on a *nix box. Same with GnuPG 1.9.20 FWIW.
>
> Wrapping or something silly like that??
Verifies for me (GPG 1.4.3 + Thunderbird 1.5 + Windows 98SE + Enigmail 0.94)
Thomas
- --
Robert Heinlein: "When in danger or in doubt, run in circles, scream and
shout"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQB5AwUBREgHIAEP2l8iXKAJAQEx0AMgs6puNpm2
JUVhibVXyfSwjjhmdZi/MbsM
ZJMWFwbEgjbRPQWsB2SVHBy3ph+1PhNF6FFuT4px
jnDaYN33Nozjq2oQaX5hUWAn
U83Afjvqu9iSIfx/qR0Fw8wmwMQ7LChJR+4kHQ==
=K3Hh
-----END PGP SIGNATURE-----
| |
| Borked Pseudo Mailed 2006-04-24, 8:05 am |
| Thomas J. Boschloo wrote:
[....][vbcol=seagreen]
>
> Verifies for me (GPG 1.4.3 + Thunderbird 1.5 + Windows 98SE + Enigmail
> 0.94)
Well THAT's bizarre. Won't verify using the same version it's signed with,
but will with a different (minor) version on a different platform all
together.
Your signature verified for me just fine though.
| |
| TwistyCreek 2006-04-24, 8:05 am |
| On Thu, 20 Apr 2006 03:59:46 -0700
unknown <unknown@unknown.org> wrote:
>
> I also get a bad signature from this message and i use pgp 8.1
I get good sig using pgp 6.5.8ckt or gpg4win.
| |
| Thrasher Remailer 2006-04-24, 8:05 am |
| On Thu, 20 Apr 2006 03:59:46 -0700
unknown <unknown@unknown.org> wrote:
>
> I also get a bad signature from this message and i use pgp 8.1
I get good signature with pgp 6.5 or gpg4win
| |
| Thrasher Remailer 2006-04-24, 8:05 am |
| In article <nbqe429a8u4pe50n97d6m5hvdk8qqhjkh7@4ax.com>
unknown <unknown@unknown.org> wrote:
>
> I also get a bad signature from this message and i use pgp 8.1
Delete the offending key and get a new one and import again. I have found
this works if you or the signer have changed PGP/GPG versions. I have no
idea why because it shouldn't make any difference.
| |
|
| -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 21 Apr 2006 06:23:28 -0000, Thrasher Remailer wrote in
Message-Id: <YNF0UI9L38828.5996296296@reece.net.au>:
> In article <nbqe429a8u4pe50n97d6m5hvdk8qqhjkh7@4ax.com>
> unknown <unknown@unknown.org> wrote:
>
> Delete the offending key and get a new one and import again. I have found
> this works if you or the signer have changed PGP/GPG versions. I have no
> idea why because it shouldn't make any difference.
I think this is almost certainly a problem with some keyservers not
handling subkeys properly. No doubt different versions of PGP and GnuPG
specify different default keyservers, some of them good, some of them
not so good. It's likely that some versions of PGP and GnuPG also
handle subkeys with varying degrees of correctness.
I'd suggest people look at using one of the newer breed of SKS
keyservers to download from. A complete list of these can be found at:
http://www.pramberger.at/peter/serv...server/network/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
iQEVAwUBREiy2WoLu9HNUqmMAQrJAAf+J/Mdg1Hqk7Yx61X/8PcsS7Efeii6ne6g
qLS/ PJspgE+z5gbXia2JK7LJBKZeOUiyn1JgY5uM5kcA
PQ9GgUuhMTF2pRw8XXSW
9zRF8O0d9THxiY8voVuP1Rozv3T7oivlWOwvyzoP
HUYxSxljUZXBAxeLADB+d8EQ
SudrhjNas+cjDNvnrUYgo6y3+wDm/9Az3d6a80LRs/sAN2CSXEMAXUA+a8r7aQsX
jomjLB/ux92c6B+dIpPhECy/dIf7ma97N3Ke5XJFfQFLjVfyl/VTHbqy9xMrPc72
PV+ZIVviYDo7hbUQnLEzGYPIE1Sv98NCnWxTy5th
xeJHjhxrFy6L2A==
=GbyY
-----END PGP SIGNATURE-----
--
pub 1024D/8ED57743 2003-07-08 Bananasplit Operator
Key fingerprint = 796F 67E0 E890 A0BB BDAE EBB4 94A6 7A09 8ED5 7743
uid Admin <admin.bananasplit.info>
| |
| George Orwell 2006-04-24, 8:05 am |
| Zax wrote:
>
> I think this is almost certainly a problem with some keyservers not
> handling subkeys properly.
Nope.
I loaded the post that I previously could not verify using the same GnuPG
version you're using and a fresh key, in a second client. The difference
is immediately apparent, and in the alternate news client it verifies
smashingly.
This is a wrapping problem, as I said, albeit apparent only on the client
side. My knee jerk guess would be something to do with the translation
of CR/LF and CR line breaks, but that's just an off the wall assumption.
Given the subject, are you posting these messages through "Mail2news"? If
so, I'd wager the problem lies somewhere in that utility.
FWIW, the post I'm replying to now exhibits the exact same problem. In
one client it verifies, in another it does not. I don't believe this is a
problem particular to a single client, as I'm at a *nix box and another
reader was having trouble (I believe) at a Windows box. And yet another
Windows user had no problems at all.
|
|
|
|