aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Release 2.2.22gnupg-2.2.22Werner Koch2020-08-271-3/+47
|
* doc: Fix typosGavin L. Rebeiro2020-08-272-2/+2
| | | | --
* doc: Add a remark about keyservers.Werner Koch2020-08-271-0/+5
| | | | --
* dirmngr: Print the last alert message returned by NTBTLS.Werner Koch2020-08-271-0/+8
| | | | | | * dirmngr/http.c (send_request): Print the last TLS alert. Signed-off-by: Werner Koch <[email protected]>
* scd: Add condition for VERIFY with 0x82.NIIBE Yutaka2020-08-271-4/+9
| | | | | | | | | | | | | | | | * scd/app-openpgp.c (verify_chv2): Check availability of keys in question. -- Backport master commit of: af189be481df02a77e088aa0a60a1fc02dfa12bf With buggy Gnuk (<= 1.2.15), when no encr/auth keys are available, it fails decrementing the signature error counter. This change can avoid the issue. Signed-off-by: NIIBE Yutaka <[email protected]>
* build: Silence gcc warning -Wformat-zero-lengthWerner Koch2020-08-261-0/+1
| | | | | | * configure.ac: Avoid useless gcc warning. We use an empty string quite often, for example in log_printhex. --
* agent: Allow TERM="".NIIBE Yutaka2020-08-261-1/+1
| | | | | | | | | | | * agent/call-pinentry.c (start_pinentry): When TERM is none, don't send OPTION ttytype to pinentry. -- GnuPG-bug-id: 4137 Signed-off-by: NIIBE Yutaka <[email protected]> (cherry picked from commit 0076bef2026a87c4c0e05bad7d322638b1de3f37)
* speedo: Allow customizing the release processWerner Koch2020-08-262-25/+77
| | | | --
* po: Update Russian translation.Ineiev2020-08-251-53/+30
|
* gpg: Set default keysize to rsa3072Werner Koch2020-08-252-6/+4
| | | | | | | | | * g10/keygen.c (DEFAULT_STD_KEY_PARAM): Change. (gen_rsa): Set fallback to 3072. (get_keysize_range): Set default to 3072. * doc/examples/vsnfd.prf: No more need for default-new-key-algo. Signed-off-by: Werner Koch <[email protected]>
* sm: Do not require a default keyring for --gpgconf-list.Werner Koch2020-08-251-0/+1
| | | | | | | | * sm/gpgsm.c (main): No default keyring for gpgconf mode. -- GnuPG-bug-id: 4867 Signed-off-by: Werner Koch <[email protected]>
* agent: Allow using --gogconf-list even if HOME does not exist.Werner Koch2020-08-251-1/+2
| | | | | | | | * agent/gpg-agent.c (main): Do not create directories in gpgconf mode. -- GnuPG-bug-id: 4866 Signed-off-by: Werner Koch <[email protected]>
* Add a new dist signing keyWerner Koch2020-08-241-0/+0
| | | | | | | | | | -- This is pub ed25519 2020-08-24 [SC] [expires: 2030-06-30] 6DAA 6E64 A76D 2840 571B 4902 5288 97B8 2640 3ADA uid Werner Koch (dist signing 2020)
* gpg,gpgsm: Record the creation time of a private key.Werner Koch2020-08-235-12/+43
| | | | | | | | | | | | | | | | | | * sm/call-agent.c (gpgsm_agent_genkey): Pass --timestamp option. (gpgsm_agent_import_key): Ditto. * g10/call-agent.c (agent_genkey): Add arg timestamp and pass it on. (agent_import_key): Ditto. * g10/import.c (transfer_secret_keys): Pass the creation date to the agent. * g10/keygen.c (common_gen): Ditto. -- Having the creation time in the private key file makes it a lot easier to re-create an OpenPGP public keyblock in case it was accidentally lost. Signed-off-by: Werner Koch <[email protected]> Cherry-picked-from-master: 4031c42bfd0135874a5b362df175de93a19f1b51
* agent: Allow to pass a timestamp to genkey and import.Werner Koch2020-08-238-35/+138
| | | | | | | | | | | | | | | | | * agent/command.c (cmd_genkey): Add option --timestamp. (cmd_import_key): Ditto. * agent/genkey.c (store_key): Add arg timestamp and change callers. (agent_genkey): Ditto. * agent/findkey.c (write_extended_private_key): Add args timestamp and newkey to write a Created line. (agent_write_private_key): Add arg timestamp. (agent_write_shadow_key): Ditto. * agent/protect-tool.c (agent_write_private_key): Ditto as dummy arg. -- Signed-off-by: Werner Koch <[email protected]> Backported-from-master: 0da923a1240ac78d60c92cdd8488c4e405c3243b Signed-off-by: Werner Koch <[email protected]>
* agent: Default to extended key format.Werner Koch2020-08-224-15/+34
| | | | | | | | | | | | | | | | | | | | * agent/gpg-agent.c (oDisableExtendedKeyFormat, oNoop): New. (opts): Make --enable-extended-key-format a dummy option. Add disable-extended-key-format. (parse_rereadable_options): Implement oDisableExtendedKeyFormat. * agent/protect.c (agent_protect): Be safe and set use_ocb either to to 1 or 0. -- Extended key format is supported since version 2.1.12 which should have long been replaced by a newer version in all installations. Thus for 2.2.22 we will make use of the extended-key-format by default. This is a backport of the commits: 05eff1f6623c272fcabd4e238842afc832710324 91ae3e7fb66271691f6fe507262a62fc7e2663a3 Signed-off-by: Werner Koch <[email protected]>
* gpgtar,w32: Handle Unicode file names.Werner Koch2020-08-224-10/+68
| | | | | | | | | | | | | | | | | | | | | | * tools/gpgtar.c (oUtf8Strings): New. (opts): Add option --utf8-strings. (parse_arguments): Set option. * tools/gpgtar.h (opt): Add field utf8strings. * tools/gpgtar-create.c (name_to_utf8): New. (fillup_entry_w32): Use that. (scan_directory): Ditto. (scan_directory) [W32]: Convert file name to utf8. (gpgtar_create): Convert pattern. -- Note that this works only with file names read from a file or if the specified files on the command line are plain ascii. When recursing into a directory Unicode file names work again. This limitation is due to main(int, char**) which can't get the wchar version. We could fix that but is needs a bit more work in our init code. GnuPG-bug-id: 4083 Signed-off-by: Werner Koch <[email protected]>
* common: Use gpgrt functions for mkdir and chdir if availableWerner Koch2020-08-221-3/+15
| | | | | | | | | | | | | | | * common/sysutils.c (gnupg_mkdir): Divert to gpgrt_mkdir. (gnupg_chdir): Divert to gpgrt_chdir -- To avoid bumping up the build dependency on libgpg-error 1.28 we use the gpgrt version only if at least this libgpg-error version was used at build time. This won't fix any bugs though and it is in general advisable to use the latest libgpg-error. There are actually a couple of very useful bug fixes for Windows in the upcoming libgpg-error 1.39 but on Unix you can live without them. Signed-off-by: Werner Koch <[email protected]>
* common,w32: Do not assume the ANSI codepage during string conversion.Werner Koch2020-08-221-2/+21
| | | | | | | | | | | | | | * common/utf8conv.c (get_w32_codepage): New. (wchar_to_native): Use instead oc CP_ACP. (native_to_wchar): Ditto. -- This should fix quite some issue; we fixed it when using the iconv based machinery about 14 years ago. At some point we introduced the new conversion functions because Windows started to support UTF-8 natively. The fix comes late but well, it is done. Signed-off-by: Werner Koch <[email protected]>
* common: Strip trailing CR,LF from w32_strerror.Werner Koch2020-08-222-1/+7
| | | | | | | | | | | | | | | | * common/stringhelp.c (w32_strerror): Strip trailing CR,LF. * common/iobuf.c (iobuf_get_filelength): Use -1 and not 0 for the arg to w32_strerror. -- This is in particular annoying since we started to use a string argument sanitizer in the logging code. Before that we just add an extra blank line. The second patch corrects a never yet seen error message. Signed-off-by: Werner Koch <[email protected]>
* gpgtar: Make --files-from and --null work as described.Werner Koch2020-08-206-27/+100
| | | | | | | | | | | | * tools/gpgtar-create.c (gpgtar_create): Add args files_from and null_names. Improve reading from a file. * tools/gpgtar.c: Make global vars static. (main): Remove tests for --files-from and --null option combinations. Pass option variables to gpgtar_create. -- GnuPG-bug-id: 5027 Signed-off-by: Werner Koch <[email protected]>
* build: New configure option --disable-testsWerner Koch2020-08-208-2/+53
| | | | | | | | * configure.ac: Add option --disable-tests. Print warnings in the summary. (DISABLE_TESTS): New am_conditional. -- GnuPG-bug-id: 4960
* doc: Describe the relation between pubring.gpg and pubring.kbxWerner Koch2020-08-201-6/+34
| | | | | -- GnuPG-bug-id: 4958
* gpg: Fix regression for non-default --passphrase-repeat option.Werner Koch2020-08-202-4/+13
| | | | | | | | * agent/command.c (cmd_get_passphrase): Take care of --repeat with --newsymkey. -- GnuPG-bug-id: 4997
* gpg: Ignore personal_digest_prefs for ECDSA keys.Werner Koch2020-08-131-3/+7
| | | | | | | | * g10/sign.c (hash_for): Simplify hash algo selection for ECDSA. -- GnuPG-bug-id: 5021 Signed-off-by: Werner Koch <[email protected]>
* tools: Install gpgsplit againWerner Koch2020-08-131-2/+2
| | | | | | | | | -- We will also set the gpgsplit from 1.4 to noninstall. GnuPG-bug-id: 5023 Signed-off-by: Werner Koch <[email protected]>
* common: Pass the WAYLAND_DISPLAY envvar alongWerner Koch2020-08-121-0/+1
| | | | | | | | * common/session-env.c (stdenvnames): Add WAYLAND_DISPLAY. -- GnuPG-bug-id: 5016 Signed-off-by: Werner Koch <[email protected]>
* build: Remove expired key of David Shaw from distsigkey.gpg.Werner Koch2020-08-061-0/+0
| | | | --
* sm: Also show the SHA-256 fingerprint.Werner Koch2020-08-042-2/+15
| | | | | | | | | | | | * sm/keylist.c (list_cert_colon): Emit a new "fp2" record. (list_cert_raw): Print the SHA2 fingerprint. (list_cert_std): Ditto. -- Signed-off-by: Werner Koch <[email protected]> Backported-from-master: e7d70923901eeb6a2c26445aee9db7e78f6f7f3a Here in 2.2 we keep the string "fingerprint:" and no not change it to "sha1 fpr" as we did in master (2.3).
* tests: Improve handling of spaces in $PATHWerner Koch2020-08-045-14/+14
| | | | | | -- Signed-off-by: Werner Koch <[email protected]>
* speedo: Tie build to libgcrypt 1.8Werner Koch2020-08-041-3/+3
| | | | | | | | | | -- With 2.2 we want to use libgcrypt 1.8 as long as this is maintained. This is in particular necessary for the approved GnuPG VS Desktop release. Signed-off-by: Werner Koch <[email protected]>
* w32: More adding NETLIBS.NIIBE Yutaka2020-07-301-1/+1
| | | | | | | | | | | | * common/Makefile.am (t_common_ldadd): Add $(NETLIBS). -- Cherry-picked master commit of: 5fa4427419c875e46d051ae6ed376d5ad6037401 GnuPG-bug-id: 4994 Signed-off-by: NIIBE Yutaka <[email protected]>
* w32: Add link to $(NETLIB) for -lws2_32.NIIBE Yutaka2020-07-303-3/+3
| | | | | | | | | | | | | | * dirmngr/Makefile.am (dirmngr_LDADD): Add $(NETLIBS). * sm/Makefile.am (gpgsm_LDADD): Ditto. * tools/Makefile.am (gpg_wks_client_LDADD): Ditto. -- Cherry-picked master commit of: d69f5570ee5e1b099e39fdf64e18add23ff5c815 GnuPG-bug-id: 4994 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Do not close stdout after --export-ssh-keyWerner Koch2020-07-161-2/+3
| | | | | | | | | * g10/export.c (export_ssh_key): Do not close stdout. -- stdout should never be closed; this fixes this minor bug. Signed-off-by: Werner Koch <[email protected]>
* tools: Use internal regexp routines.NIIBE Yutaka2020-07-151-2/+2
| | | | | | | | | | | * tools/gpg-check-pattern.c: Use jimregexp.h. -- Backport master commit of: 7ee2a9687da9560a5d17c7046c87c2f7a6733d5c Signed-off-by: NIIBE Yutaka <[email protected]>
* regexp: Import change from JimTcl.NIIBE Yutaka2020-07-152-4/+19
| | | | | | | | | | | | | | | | | | | * regexp/jimregexp.h, regexp/jimregexp.c: Fix from JimTcl. -- Backport master commit of: 91cb46d948db234be1ea8092f5db9e14294f1b79 Apply the change in JimTcl: commit ac35b8a6ec417f75b5ec86ca64ea1614a8170a38 Author: Steve Bennett <[email protected]> Date: Mon May 4 20:43:46 2020 +1000 regexp: Improved error message Signed-off-by: NIIBE Yutaka <[email protected]>
* regexp: Fix generation of _unicode_mapping.c.NIIBE Yutaka2020-07-153-4/+15
| | | | | | | | | | | | | | * configure.ac (AWK_HEX_NUMBER_OPTION): Detect GNU Awk. * regexp/Makefile.am: Use AWK_HEX_NUMBER_OPTION. * regexp/parse-unidata.awk: Don't use strtonum. -- Backport master commit of: 50b320952e99ea20f9b77c6c501280fe37fd2598 GnuPG-bug-id: 4915 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Add regular expression support.NIIBE Yutaka2020-07-1517-91/+36316
| | | | | | | | | | | | | | | | | | | | | | * AUTHORS, COPYING.other: Update. * Makefile.am (SUBDIRS): Add regexp sub directory. * configure.ac (DISABLE_REGEX): Remove. * g10/Makefile.am (needed_libs): Add libregexp.a. * g10/trustdb.c: Remove DISABLE_REGEX support. * regexp/LICENSE, regexp/jimregexp.c, regexp/jimregexp.h, regexp/utf8.c, regexp/utf8.h: New from Jim Tcl. * regexp/UnicodeData.txt: New from Unicode. * regexp/Makefile.am, regexp/parse-unidata.awk: New. * tests/openpgp/Makefile.am: Remove DISABLE_REGEX support. * tools/Makefile.am: Remove DISABLE_REGEX support. -- Backport master commit of: ba247a114c75a84473c11c1484013b09fbb9bcd1 GnuPG-bug-id: 4843 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpgsm: Make rsaPSS a compliant scheme in de-vs mode.Werner Koch2020-07-141-8/+4
| | | | | | | | -- GnuPG-bug-id: 4538 Signed-off-by: Werner Koch <[email protected]> Backported-from-master: 5fe3cdfc7646c2c88beb168ba34fc64f9dd2c156
* agent: Fix regression with --newsymkey in loopback mode.Werner Koch2020-07-131-2/+5
| | | | | | | | | | | | | | | | * agent/command.c (cmd_get_passphrase): Never repeat in loopback mode; same as with !OPT_NEWSYMKEY. -- In loopback mode there shall not be any repeat because the caller is expected to do any confirmation before passing a new passphrase to gpg. Fixes-commit: d9e2dfa4c585de7c261fde13c18bd0f82415d6c3 as unfortunately released with 2.2.21. GnuPG-bug-id: 4991 Signed-off-by: Werner Koch <[email protected]>
* dirmngr: Handle EAFNOSUPPORT at connect_server.NIIBE Yutaka2020-07-131-0/+9
| | | | | | | | | | | | * dirmngr/http.c (connect_server): Skip server with EAFNOSUPPORT. -- Cherry-pick from master commit of: 109d16e8f644da97ed9c00e6f9010a53097f587a GnuPG-bug-id: 4977 Signed-off-by: NIIBE Yutaka <[email protected]>
* Post release updatesWerner Koch2020-07-092-1/+8
| | | | --
* Release 2.2.21gnupg-2.2.21Werner Koch2020-07-091-2/+10
|
* po: Auto updateWerner Koch2020-07-0925-883/+1194
| | | | --
* po: Minor update to the Hungarian translationNagy Ferenc László2020-07-091-10/+6
| | | | --
* po: Update the German translationWerner Koch2020-07-091-37/+49
| | | | | | -- Signed-off-by: Werner Koch <[email protected]>
* gpg: Print a note if no args are given to --delete-keyWerner Koch2020-07-091-1/+4
| | | | | | | | | | | | -- It is a bit surprising that nothing happens if no key is specified to --delete-key et al. Although this is common Unix behaviour the use might have expected that it behaves like --export and deletes all keys. Sure we don't do the latter, so a short notice will help. GnuPG-bug-id: 4959 Signed-off-by: Werner Koch <[email protected]>
* Do not use the pinentry's qualitybarWerner Koch2020-07-083-3/+3
| | | | | | | | | | | | | | | | * agent/genkey.c (agent_ask_new_passphrase): No qualitybar. * g10/call-agent.c (agent_get_passphrase): Ditto. * sm/call-agent.c (gpgsm_agent_ask_passphrase): Ditto. -- The concept of a passphrase quality indicator is anyway questionable because user are smart enough to trick them out and they also tend to limit the actually used entropy. Except for the red/green switching (to show whether constraints are fulfilled) our qualitybar is pretty bad and thus worse than none. Signed-off-by: Werner Koch <[email protected]>
* gpg: Use integrated passphrase repeat entry also for -c.Werner Koch2020-07-083-7/+33
| | | | | | | | * g10/call-agent.c (agent_get_passphrase): Add arg newsymkey. * g10/passphrase.c (passphrase_get): Add arg newsymkey. (passphrase_to_dek): Pass it on. Signed-off-by: Werner Koch <[email protected]>
* agent: New option --newsymkey for GET_PASSPHRASEWerner Koch2020-07-084-97/+354
| | | | | | | | | | | | | | | | * agent/call-pinentry.c (do_getpin): New. (agent_askpin): Use do_getpin. (agent_get_passphrase): Add arg pininfo. Use do_getpin. * agent/genkey.c (check_passphrase_constraints): New arg no_empty. * agent/command.c (reenter_passphrase_cmp_cb): New. (cmd_get_passphrase): Add option --newsymkey. -- This new option allows to present a passphrase with the usual repeat box as it is used by gpg-agent's internal key generation. Signed-off-by: Werner Koch <[email protected]> Backported-from-master: eace4bbe1ded8b01f9ad52ebc1871f2fd13c3a08
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-18 17:30:08 +0000