| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
used and divert the operation in this case.
* pkdecrypt.c (agent_pkdecrypt): Likewise
* findkey.c (agent_key_from_file): Add optional arg shadow_info
and have it return information about a shadowed key.
* protect.c (agent_get_shadow_info): New.
* protect.c (snext,sskip,smatch): Moved to
* sexp-parse.h: new file.
* divert-scd.c: New.
|
| | |
|
| |
|
|
|
| |
no real code yet.
|
| |
|
|
|
|
|
| |
support status lines. Passing NULL yields the old behaviour.
* assuan-handler.c (process_request): Flush data lines send
without using the data fp.
|
| |
|
|
|
|
|
| |
except the root cert".
* sign.c (add_certificate_list): Implement it here.
* certpath.c (gpgsm_is_root_cert): New.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
because mail addresses are in general case insensitive (well
RFC2822 allows for case sensitive mailbox parts, but this is in
general considired a Bad Thing). Add additional substr parameter
to allow for substring matches within the mail address. Change
all callers to pass this along.
(blob_cmp_name): Likewise but do the case-insensitive search only
in sub string mode.
(keybox_search): Implement MAILSUB and SUBSTR mode.
* stringhelp.c (ascii_memcasemem): New.
|
| |
|
|
|
|
|
|
| |
(gpgsm_validate_path): And call it from here.
* gpgsm.c (main): New options --policy-file,
--disable-policy-checks and --enable-policy-checks.
* gpgsm.h (opt): Added policy_file, no_policy_checks.
|
| | |
|
| |
|
|
|
|
| |
certificate into the trusted list.
* call-agent.c (gpgsm_agent_marktrusted): New.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
* trustlist.c (agent_marktrusted): New.
(open_list): Add APPEND arg.
* query.c (agent_get_confirmation): New.
|
| |
|
|
|
|
|
|
| |
* vasprintf.c: New. Taken from binutils-2.9.1 and dropped all non
ANSI-C stuff. Merged with asprintf version.
* no-pth.c: New.
|
| |
|
|
|
| |
* assuan-socket-server.c (accept_connection) [USE_GNU_PTH]: Ditto.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
name identifies a certificate unambiguously.
(gpgsm_find_cert): Ditto.
* server.c (cmd_listkeys): Check that the data stream is available.
(cmd_listsecretkeys): Ditto.
(has_option): New.
(cmd_sign): Fix ambiguousity in option recognition.
* gpgsm.c (main): Enable --logger-fd.
* encrypt.c (gpgsm_encrypt): Increased buffer size for better
performance.
* call-agent.c (gpgsm_agent_pksign): Check the S-Exp received from
the agent.
* keylist.c (list_cert_colon): Filter out control characters.
|
| |
|
|
|
|
|
|
| |
* server.c (reset_notify): Close input and output FDs.
(cmd_encrypt,cmd_decrypt,cmd_verify,cmd_sign.cmd_import)
(cmd_genkey): Close the FDs and release the recipient list even in
the error case.
|
| | |
|
| |
|
|
|
| |
* Makefile.am (MOSTLYCLEANFILES): New variable.
|
| |
|
|
|
| |
* sign.c (gpgsm_sign): Do not release certificate twice.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* protect.c (agent_private_key_type): New.
* agent.h: Add PRIVATE_KEY_ enums.
* findkey.c (agent_key_from_file): Use it to decide whether we
have to unprotect a key.
(unprotect): Cache the passphrase.
* findkey.c (agent_key_from_file,agent_key_available): The key
files do now require a ".key" suffix to make a script's life
easier.
* genkey.c (store_key): Ditto.
|
| | |
|
| |
|
|
|
|
|
| |
(agent_genkey): Ask for the passphrase.
* findkey.c (unprotect): Actually unprotect the key.
* query.c (agent_askpin): Add an optional start_err_text.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
* keylist.c (list_cert_colon): New arg HAVE_SECRET, print "crs"
when we know that the secret key is available.
(gpgsm_list_keys): New arg MODE, check whether a secret key is
available. Changed all callers.
* gpgsm.c (main): New command --list-secret-keys.
* server.c (cmd_listsecretkeys): New.
(cmd_listkeys): Return secret keys with "crs" record.
|
| |
|
|
|
|
| |
* command.c (cmd_havekey): New.
(register_commands): And register new command.
|
| |
|
|
|
|
|
|
| |
Note, that I have not yet achieved to generate a cert with the
subjectAltName using OpenSSL. It seems that openssl requires the
email address to be part of the subject DN (subjectAltName=email:copy)
but this is something we don't want to do.
|
| | |
|
| |
|
|
|
| |
the gpg-agent.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* sign.c (add_certificate_list): New.
(gpgsm_sign): Add the certificates to the CMS object.
* certpath.c (gpgsm_walk_cert_chain): New.
* gpgsm.h (server_control_s): Add included_certs.
* gpgsm.c: Add option --include-certs.
(gpgsm_init_default_ctrl): New.
(main): Call it.
* server.c (gpgsm_server): Ditto.
(option_handler): Support --include-certs.
|
| | |
|
| |
|
|
|
|
| |
* configure.ac (mkdtemp): See whether we have to provide a
replacement.
|
| |
|
|
|
|
| |
* certdump.c (gpgsm_dump_string): New.
(print_dn): Replaced by above.
|
| |
|
|
|
| |
* assuan-socket-connect.c (LOGERRORX): Reverse arguments to fputs.
|
| |
|
|
|
|
|
| |
(allowed_ca): New.
(gpgsm_validate_path): Check validity, CA attribute, path length
and unknown critical extensions.
|
| |
|
|
|
|
| |
* call-agent.c (start_agent): Implemented socket based access.
* call-dirmngr.c (start_dirmngr): Ditto.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* assuan-pipe-connect.c: this.
(assuan_pipe_disconnect): Removed.
(do_finish, do_deinit): New
(assuan_pipe_connect): and set them into the context.
* assuan-socket-connect.c: New.
* assuan-util.c (_assuan_log_sanitized_string): New.
* assuan-pipe-server.c (assuan_init_pipe_server): Factored most
code out to ...
(_assuan_new_context): new func.
(_assuan_release_context): New
* assuan-connect.c (assuan_pipe_connect): Use the new functions.
|
| |
|
|
|
| |
(gpgsm_server): Register it with assuan.
|
| |
|
|
|
|
|
|
|
| |
* assuan-handler.c (std_handler_option): New.
(std_cmd_tbl): Add OPTION as standard command.
(assuan_register_option_handler): New.
(dispatch_command): Use case insensitive matching as a fallback.
(my_strcasecmp): New.
|
| |
|
|
|
|
| |
* query.c (start_pinentry): Send no-grab option to pinentry
* gpg-agent.c (main): Move variable grab as no_grab to agent.h.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cache.c: New.
* command.c (cmd_get_passphrase): Use the cache.
(cmd_clear_passphrase): Ditto.
* gpg-agent.c: Removed unused cruft and implement the socket
based server.
(my_strusage): Take bug report address from configure.ac.
* command.c (start_command_handler): Add an argument to start as
regular server.
(start_command_handler): Enable Assuan logging.
|
| |
|
|
|
|
| |
the OpenPGP stuff removed.
* sysutils.h: New.
|
| |
|
|
|
|
|
|
|
| |
assuan logging if enabled.
* call-agent.c (inq_ciphertext_cb): Don't show the session key in
an Assuan log file.
* gpgsm.c (my_strusage): Take bugreport address from configure.ac
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(assuan_write_line): Ditto.
(_assuan_cookie_write_data): Ditto.
(_assuan_cookie_write_flush): Ditto.
* assuan-util.c (_assuan_log_print_buffer): New.
(assuan_set_log_stream): New.
(assuan_begin_confidential): New.
(assuan_end_confidential): New.
* assuan-defs.h: Add a few handler variables.
* assuan-pipe-server.c (assuan_deinit_pipe_server): Removed.
(deinit_pipe_server): New.
(assuan_deinit_server): New. Changed all callers to use this.
* assuan-listen.c (assuan_accept): Use the accept handler.
* assuan-handler.c (process_request): Use the close Handler.
* assuan-socket-server.c: New.
|
| |
|
|
|
|
|
|
|
| |
based server.
(my_strusage): Take bug report address from configure.ac.
* command.c (start_command_handler): Add an argument to start as
regular server.
(start_command_handler): Enable Assuan logging.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
storing it.
* certpath.c (gpgsm_basic_cert_check): New.
* keydb.c (keydb_store_cert): New.
* import.c (store_cert): Removed and change all caller to use
the new function.
* verify.c (store_cert): Ditto.
* certlist.c (gpgsm_add_to_certlist): Validate the path
* certpath.c (gpgsm_validate_path): Check the trust list.
* call-agent.c (gpgsm_agent_istrusted): New.
|
