| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
| |
--
|
| |
|
|
| |
--
|
| |
|
|
|
| |
--
Fixes-commit: 89dc9f1e6916ebd123852534b8cada2fc3555688
|
| |
|
|
|
|
|
| |
--
Reviewed-by: NIIBE Yutaka <[email protected]>
Signed-off-by: bobwxc <[email protected]>
|
| |
|
|
| |
--
|
| |
|
|
|
|
| |
* dirmngr/Makefile.am: Tweak library order.
--
(cherry picked from commit 3c79ff34c417bfc392008eca1970b86bec54d6c3)
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/gpg.c (main): Set LOG_NO_REGISTRY.
* sm/gpgsm.c (main): Ditto.
* tools/gpg-connect-agent.c (main): Ditto.
* tools/gpgconf.c (main): Ditto.
(show_other_registry_entries): Print "DefaultLogFile".
--
The intention of this mostly forgotten registry entry was to allow for
easy debugging of the tools. However, with the global config file
common.conf things are anyway better. We disable the use for the
commonly used tools so that it does not look like calling gpg on the
command line seems to block with no output if the log
server (e.g. tcp://1.2.3.4:11111) is not reachable.
|
| |
|
|
|
|
| |
* g10/build-packet.c (do_signature): Use log_fatal.
--
GnuPG-bug-id: 5809
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* agent/command-ssh.c (SSH_OPT_CONSTRAIN_MAXSIGN): New.
(SSH_OPT_CONSTRAIN_EXTENSION): New.
(ssh_handler_add_identity): Ignore them.
(ssh_handler_extension): Take success for session-bind.
--
OpenSSH 8.9 does not gracefully allow communication with older agent
implementations. Until this new OpenSSH feature has been settled we
return a faked response.
Code has not yet been tested.
GnuPG-bug-id: 5931
|
| |
|
|
|
|
|
| |
* scd/ccid-driver.c (MAX_DEVICE): Rename to CCID_MAX_DEVICE.
--
Just for documentation reasons.
|
| |
|
|
|
| |
* scd/ccid-driver.c: Move struct defines to the top.
--
|
| |
|
|
|
|
|
|
|
|
|
| |
* scd/ccid-driver.c (ccid_dev_scan): Use loop var and not the count.
--
Due to an assignment out of bounds this might lead to a crash if there
are more than 15 readers. In any case it fixes a memory leak.
Kudos to the friendly auditor who found that bug.
Fixes-commit: 8a41e73c31adb86d4a7dca4da695e5ad1347811f
|
| |
|
|
|
|
|
|
| |
* common/t-ssh-utils.c (main): Remove continue.
--
Obvious c+p bug.
Fixes-commit: 5e508ffcab185eb8149e2fb2833ce15820140368
|
| |
|
|
|
|
|
|
| |
--
* agent/command-ssh.c (add_control_entry): Ignore failure of the MD5
digest
Signed-off-by: Jakub Jelen <[email protected]>
|
| |
|
|
|
|
|
|
| |
* common/t-ssh-utils.c (main): Accept an error with MD5 in_fips_mode.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* common/t-ssh-utils.c (FLAGS_NOFIPS): New.
(sample_keys): Add flags member.
(main): Detect if libgcrypt is in FIPS mode, try SHA256 fingerprints
first and expect the MD5 ones will fail.
--
Signed-off-by: Jakub Jelen <[email protected]>
|
| |
|
|
|
|
|
| |
* scd/app-p15.c (CARD_PRODUCT_GENUA): New.
(cardproduct2str): Add it.
(read_p15_info): Detect and set GENUA
(make_pin_prompt): Take holder string from the AODF.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* dirmngr/crlfetch.c (crl_fetch, crl_fetch_default)
(ca_cert_fetch, start_cert_fetch): Factor Tor error out to ...
(no_crl_due_to_tor): new. Print status note.
* dirmngr/ks-engine-ldap.c (ks_ldap_get)
(ks_ldap_search, ks_ldap_put): Factor Tor error out to ...
(no_ldap_due_to_tor): new. Print status note.
* dirmngr/ocsp.c (do_ocsp_request): Print status note.
* sm/misc.c (gpgsm_print_further_info): New.
* sm/call-dirmngr.c (warning_and_note_printer): New.
(isvalid_status_cb): Call it.
(lookup_status_cb): Ditto.
(run_command_status_cb): Ditto.
* common/asshelp2.c (vprint_assuan_status): Strip a possible trailing
LF.
--
|
| |
|
|
|
| |
* scd/app-p15.c (read_p15_info): Disable extended mode for Genua
cards.
|
| |
|
|
| |
--
|
| |
|
|
|
|
| |
--
Fixes-commit: 18eff31496a34156d58d757a2a110bcfde6c9908
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* g10/keygen.c (ask_user_id): Allow for the name to start with a
digit. Allow names shorter than 5.
--
The reason for this change is that we don't enforce these constraints
in the --quick-gen-key interface. I added the constraints right in the
beginning of gnupg to make sure that we have a uniform style for
user-ids. However, this is all problematic with non-Latin names
and we prefer to use mail addresses anyway.
|
| |
|
|
|
|
|
|
|
|
|
| |
* agent/command-ssh.c (start_command_handler_ssh): Use es_sysopen.
--
With new (not-yet-released) libgpg-error, gpg-agent should be able to
handle connection from Cygwin version of OpenSSH.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* common/t-session-env.c [HAVE_W32_SYSTEM] (test_all): HOME is not
defined, so, exclude the tests.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* common/Makefile.am (module_tests): Exclude t-exechelp and
t-exectool.
* common/t-stringhelp.c (mygetcwd): Convert '\' to '/'.
* tests/cms/Makefile.am: Add $(EXEEXT).
* tests/gpgme/Makefile.am: Likewise.
* tests/migrations/Makefile.am: Likewise.
* tests/openpgp/Makefile.am: Likewise.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* agent/command-ssh.c (get_client_info): Use type gnupg_fd_t for
socket, until call of socket API.
(start_command_handler_ssh): Don't convert here.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* scd/command.c (scd_command_handler): Use gnupg_fd_t for the argument
but no INT2FD to listen. Use GNUPG_INVALID_FD.
* tpm2d/command.c (tpm2d_command_handler): Likewise.
* scd/scdaemon.c (start_connection_thread): Follow the change.
* tpm2d/tpm2daemon.c (start_connection_thread): Likewise.
* scd/scdaemon.h (scd_command_handler): Use gnupg_fd_t.
* tpm2d/tpm2daemon.h (tpm2d_command_handler): Likewise.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* dirmngr/http.c (connect_with_timeout): Use FD2INT to unwrap SOCK.
--
GnuPG-bug-id: 5899
Reported-by: Eli Zaretskii
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* tpm2d/tpm2daemon.c (main): Use gnupg_fd_t for socket, and use
assuan_sock_close for the socket allocated by assuan_sock_new.
(handle_connections): Use gnupg_fd_t for listen_fd.
Use assuan_sock_close for the socket by npth_accept.
--
Apply the same change of scdaemon to tpm2daemon.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* common/exechelp-w32.c (handle_to_fd): Use intptr_t.
(gnupg_wait_processes): Fix to use pid_to_handle.
--
Both of original MinGW and MinGW-W64 use intptr_t for the first
argument of _open_osfhandle. So, intptr_t is better here.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* dirmngr/Makefile.am (dirmngr_SOURCES): Remove w32-ldap-help.h.
* dirmngr/cdblib.c (cdb_init): Remove for __MINGW32CE__.
* dirmngr/w32-ldap-help.h: Remove.
--
Fixes-commit: 4c295646ba0e175743e6be13457308c1e6d21dd3
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* g10/compress.c: Don't use zlib-riscos.h.
* tools/gpgsplit.c: Likewise.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* scd/scdaemon.c (main): Use gnupg_fd_t for socket, and use
assuan_sock_close for the socket allocated by assuan_sock_new.
(handle_connections): Use gnupg_fd_t for listen_fd.
Use assuan_sock_close for the socket by npth_accept.
--
GnuPG-bug-id: 5029
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
| |
* dirmngr/server.c (proc_wkd_get): Also escape '#' and '+'
--
GnuPG-bug-id: 5902
|
| |
|
|
|
|
|
|
|
|
| |
* g10/gpg.c (main): Remove note about rfc4880bis.
* g10/keygen.c (keygen_set_std_prefs): Use only OCB in the AEAD
preference list.
--
It is more than unlikely that EAX will ever be used in practice and
thus we remove it from the preference list.
|
| |
|
|
|
|
|
|
|
|
| |
* agent/command.c (cmd_keytocard): Timestamp at "Created:" field is
only used when time is not specified.
--
Fixes-commit: c795be79c14fac01b984bdc2e2041d2141f27612
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* dirmngr/ldap.c (url_fetch_ldap): Detect and replace.
--
The actual URL causing this is
ldap://ldap.dgnservice.de:389/CN=CRL-1,O=DGN%20Service%20GmbH,\
C=DE?certificateRevocationList?base?objectClass=cRLDistributionPoint
It is actually not very helpful because I had problems finding the
issuer cert:
CN=dgnservice CRL2101 13:PN,O=DGN Deutsches Gesundheitsnetz \
Service GmbH,C=DE
|
| |
|
|
|
|
|
|
| |
* common/homedir.c (w32_try_mkdir): Remove.
(standard_homedir): Call gnupg_mkdir directly.
(_gnupg_socketdir_internal): Ditto.
--
GnuPG-bug-id: 5895
|
| |
|
|
|
|
|
|
|
|
|
| |
* tools/gpgconf-comp.c [!BUILD_WITH_TPM2D] (gc_component): Add a dummy
entry.
--
GnuPG-bug-id: 5701
Reported-by: Adriaan de Groot
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* agent/agent.h (agent_key_from_file): Change the declaration.
* agent/findkey.c (agent_key_from_file): Return timestamp.
* agent/pkdecrypt.c (agent_pkdecrypt): Follow the change.
* agent/pksign.c (agent_pkdecrypt): Likewise.
* agent/command.c (cmd_passwd, cmd_export_key): Likewise.
(cmd_keytocard): Use timestamp in private key file in "Created:".
--
GnuPG-bug-id: 5538
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* dirmngr/dirmngr-client.c (read_pem_certificate): Add NO_ERRMSG
argument to suppress the error message.
(read_certificate, squid_loop_body): Follow the change.
--
GnuPG-bug-id: 5531
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* dirmngr/dirmngr-client.c (read_certificate): Call
log_get_errorcount.
--
GnuPG-bug-id: 5531
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* kbx/keybox-search.c (blob_cmp_fpr_part): Don't change FPROFF, since
it's caller which tweaks the offset.
(has_short_kid, has_long_kid): Examine the key flags to determine if
fingerprint 32 or 20.
--
GnuPG-bug-id: 5888
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* tools/gpgtar.c: New option --with-log.
* tools/gpgtar.h (opt): Add field with_log.
* tools/gpgtar-extract.c (gpgtar_extract): Move directory string
building up. Add option --log-file if needed.
* tools/gpgtar-create.c (gpgtar_create): Make tmpbuf static becuase it
is used outside of its scope.
* tools/gpgtar-list.c (gpgtar_list): Ditto.
|
| |
|
|
|
|
|
|
|
|
|
| |
* dirmngr/server.c (proc_wkd_get): Take care of DNS server failures
--
Unfortunately there are resolver setups which don't handle SRV records
but return a server error. We let a not found error pass, because
that merely means the domain does not exists.
GnuPG-bug-id: 4729
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tools/gpgtar.h (opt): Add new flags.
* tools/gpgtar.c: new options --batch, --yes, --no, --status-fd, and
--require-compliance.
(main): Init signals.
* tools/gpgtar-create.c: Add new header files.
(gpgtar_create): Rework to use a pipe for encryption and signing.
* tools/gpgtar-list.c: Add new header files.
(gpgtar_list): Rework to use a pipe for decryption.
* tools/gpgtar-extract.c: Add new header files.
(gpgtar_extract): Rework to use a pipe for decryption.
--
Fixes-commit: 40dbee86f3043aff8a8c2055521e270318e33068
|
| |
|
|
|
|
|
|
|
|
| |
* common/dotlock.c (dotlock_take_unix): Do same when same PID
process detects stale lockfile. Add comment.
--
GnuPG-bug-id: 5884
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* g10/sign.c (update_keysig_packet): Make sure sig->version >= 4.
--
GnuPG-bug-id: 5809
Signed-off-by: NIIBE Yutaka <[email protected]>
|
