| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
name identifies a certificate unambiguously.
(gpgsm_find_cert): Ditto.
* server.c (cmd_listkeys): Check that the data stream is available.
(cmd_listsecretkeys): Ditto.
(has_option): New.
(cmd_sign): Fix ambiguousity in option recognition.
* gpgsm.c (main): Enable --logger-fd.
* encrypt.c (gpgsm_encrypt): Increased buffer size for better
performance.
* call-agent.c (gpgsm_agent_pksign): Check the S-Exp received from
the agent.
* keylist.c (list_cert_colon): Filter out control characters.
|
| |
|
|
|
|
|
|
| |
* server.c (reset_notify): Close input and output FDs.
(cmd_encrypt,cmd_decrypt,cmd_verify,cmd_sign.cmd_import)
(cmd_genkey): Close the FDs and release the recipient list even in
the error case.
|
| | |
|
| |
|
|
|
| |
* Makefile.am (MOSTLYCLEANFILES): New variable.
|
| |
|
|
|
| |
* sign.c (gpgsm_sign): Do not release certificate twice.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* protect.c (agent_private_key_type): New.
* agent.h: Add PRIVATE_KEY_ enums.
* findkey.c (agent_key_from_file): Use it to decide whether we
have to unprotect a key.
(unprotect): Cache the passphrase.
* findkey.c (agent_key_from_file,agent_key_available): The key
files do now require a ".key" suffix to make a script's life
easier.
* genkey.c (store_key): Ditto.
|
| | |
|
| |
|
|
|
|
|
| |
(agent_genkey): Ask for the passphrase.
* findkey.c (unprotect): Actually unprotect the key.
* query.c (agent_askpin): Add an optional start_err_text.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
* keylist.c (list_cert_colon): New arg HAVE_SECRET, print "crs"
when we know that the secret key is available.
(gpgsm_list_keys): New arg MODE, check whether a secret key is
available. Changed all callers.
* gpgsm.c (main): New command --list-secret-keys.
* server.c (cmd_listsecretkeys): New.
(cmd_listkeys): Return secret keys with "crs" record.
|
| |
|
|
|
|
| |
* command.c (cmd_havekey): New.
(register_commands): And register new command.
|
| |
|
|
|
|
|
|
| |
Note, that I have not yet achieved to generate a cert with the
subjectAltName using OpenSSL. It seems that openssl requires the
email address to be part of the subject DN (subjectAltName=email:copy)
but this is something we don't want to do.
|
| | |
|
| |
|
|
|
| |
the gpg-agent.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* sign.c (add_certificate_list): New.
(gpgsm_sign): Add the certificates to the CMS object.
* certpath.c (gpgsm_walk_cert_chain): New.
* gpgsm.h (server_control_s): Add included_certs.
* gpgsm.c: Add option --include-certs.
(gpgsm_init_default_ctrl): New.
(main): Call it.
* server.c (gpgsm_server): Ditto.
(option_handler): Support --include-certs.
|
| | |
|
| |
|
|
|
|
| |
* configure.ac (mkdtemp): See whether we have to provide a
replacement.
|
| |
|
|
|
|
| |
* certdump.c (gpgsm_dump_string): New.
(print_dn): Replaced by above.
|
| |
|
|
|
| |
* assuan-socket-connect.c (LOGERRORX): Reverse arguments to fputs.
|
| |
|
|
|
|
|
| |
(allowed_ca): New.
(gpgsm_validate_path): Check validity, CA attribute, path length
and unknown critical extensions.
|
| |
|
|
|
|
| |
* call-agent.c (start_agent): Implemented socket based access.
* call-dirmngr.c (start_dirmngr): Ditto.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* assuan-pipe-connect.c: this.
(assuan_pipe_disconnect): Removed.
(do_finish, do_deinit): New
(assuan_pipe_connect): and set them into the context.
* assuan-socket-connect.c: New.
* assuan-util.c (_assuan_log_sanitized_string): New.
* assuan-pipe-server.c (assuan_init_pipe_server): Factored most
code out to ...
(_assuan_new_context): new func.
(_assuan_release_context): New
* assuan-connect.c (assuan_pipe_connect): Use the new functions.
|
| |
|
|
|
| |
(gpgsm_server): Register it with assuan.
|
| |
|
|
|
|
|
|
|
| |
* assuan-handler.c (std_handler_option): New.
(std_cmd_tbl): Add OPTION as standard command.
(assuan_register_option_handler): New.
(dispatch_command): Use case insensitive matching as a fallback.
(my_strcasecmp): New.
|
| |
|
|
|
|
| |
* query.c (start_pinentry): Send no-grab option to pinentry
* gpg-agent.c (main): Move variable grab as no_grab to agent.h.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cache.c: New.
* command.c (cmd_get_passphrase): Use the cache.
(cmd_clear_passphrase): Ditto.
* gpg-agent.c: Removed unused cruft and implement the socket
based server.
(my_strusage): Take bug report address from configure.ac.
* command.c (start_command_handler): Add an argument to start as
regular server.
(start_command_handler): Enable Assuan logging.
|
| |
|
|
|
|
| |
the OpenPGP stuff removed.
* sysutils.h: New.
|
| |
|
|
|
|
|
|
|
| |
assuan logging if enabled.
* call-agent.c (inq_ciphertext_cb): Don't show the session key in
an Assuan log file.
* gpgsm.c (my_strusage): Take bugreport address from configure.ac
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(assuan_write_line): Ditto.
(_assuan_cookie_write_data): Ditto.
(_assuan_cookie_write_flush): Ditto.
* assuan-util.c (_assuan_log_print_buffer): New.
(assuan_set_log_stream): New.
(assuan_begin_confidential): New.
(assuan_end_confidential): New.
* assuan-defs.h: Add a few handler variables.
* assuan-pipe-server.c (assuan_deinit_pipe_server): Removed.
(deinit_pipe_server): New.
(assuan_deinit_server): New. Changed all callers to use this.
* assuan-listen.c (assuan_accept): Use the accept handler.
* assuan-handler.c (process_request): Use the close Handler.
* assuan-socket-server.c: New.
|
| |
|
|
|
|
|
|
|
| |
based server.
(my_strusage): Take bug report address from configure.ac.
* command.c (start_command_handler): Add an argument to start as
regular server.
(start_command_handler): Enable Assuan logging.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
storing it.
* certpath.c (gpgsm_basic_cert_check): New.
* keydb.c (keydb_store_cert): New.
* import.c (store_cert): Removed and change all caller to use
the new function.
* verify.c (store_cert): Ditto.
* certlist.c (gpgsm_add_to_certlist): Validate the path
* certpath.c (gpgsm_validate_path): Check the trust list.
* call-agent.c (gpgsm_agent_istrusted): New.
|
| |
|
|
|
| |
(has_fingerprint): Implemented;
|
| | |
|
| |
|
|
|
| |
* command.c (cmd_istrusted, cmd_listtrusted, cmd_marktrusted): New.
|
| |
|
|
|
|
|
|
|
| |
* certlist.c (gpgsm_find_cert): New.
DirMngr should now work. Remember that there is a --disable-crl-check
option in gpgsm to be used when there is a problem with the dirmngr
communication or you want to do faster tests.
|
| |
|
|
|
| |
the keyword.
|
| |
|
|
|
| |
hash after the dot.
|
| |
|
|
|
|
|
| |
* certpath.c (gpgsm_validate_path): Check the CRL here.
* fingerprint.c (gpgsm_get_certid): New.
* gpgsm.c: New options --dirmngr-program and --disable-crl-checks.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
* server.c (cmd_genkey): New.
* certreqgen.c: New. The parameter handling code has been taken
from gnupg/g10/keygen.c version 1.0.6.
* call-agent.c (gpgsm_agent_genkey): New.
|
| | |
|
| |
|
|
|
| |
(process_request): And use it here.
|
| | |
|
| |
|
|
|
|
|
| |
verification. Add OUT_FP arg, initialize a writer and changed all
callers.
* server.c (cmd_verify): Pass an out_fp if one has been set.
|
| |
|
|
|
|
|
| |
parenthesis of the serial number's S-exp.
(_keybox_create_x509_blob): And fixed length calculation.
(create_blob_header): Don't add an offset when writing the serial.
|
| | |
|
