aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* sm: Fix compliance checking for ECC signature verification.Werner Koch2023-01-124-7/+34
| | | | | | | | | | | | | | * common/compliance.c (gnupg_pk_is_compliant): Also consider the gcrypt vids for ECDSA et al. (gnupg_pk_is_allowed): Ditto. * sm/verify.c (gpgsm_verify): Consider the curve. Print a compliance notice for a non-compliant key. * sm/certchain.c (gpgsm_validate_chain): Silence the "switching to chain model". -- Backported-from-master: 338a5ecaa1f11abf24514c8df994170bdb1018f4
* dirmngr: Do not check for Tor for --gpgconf-* optionsWerner Koch2023-01-111-4/+15
| | | | | * dirmngr/dirmngr.c (post_option_parsing): Add arg CMD. (main): Pass the current command.
* po: Auto updateWerner Koch2023-01-1125-480/+833
| | | | --
* po: Update German translationWerner Koch2023-01-111-21/+29
| | | | --
* gpg: Remove duplicated diagnostic.Werner Koch2023-01-111-4/+0
| | | | | | -- Fixes-commit: a545e14e8a74453a3110e32533af8858f88492be
* gpg: Add missing space to a diagnostic.Werner Koch2023-01-111-2/+1
| | | | --
* w32: Make sure DEP is enabled.Werner Koch2023-01-111-1/+18
| | | | | | | | * common/init.c (_init_common_subsystems): Test and set the DEP Policy. -- Note that this change will now definitely require Windows XP SP3.
* doc: Minor man page fixes.Werner Koch2023-01-112-4/+3
| | | | --
* Merge branch 'STABLE-BRANCH-2-2.40' into STABLE-BRANCH-2-2Werner Koch2022-12-2345-142/+836
|\ | | | | | | --
| * Post release updatesSTABLE-BRANCH-2-2.40Werner Koch2022-12-092-1/+7
| | | | | | | | --
| * Release 2.2.41gnupg-2.2.41Werner Koch2022-12-091-4/+5
| |
| * po: Auto updateWerner Koch2022-12-0925-0/+250
| | | | | | | | --
| * po: Update German translationWerner Koch2022-12-091-51/+9
| | | | | | | | --
| * scd:p15: Skip deleted records.Werner Koch2022-12-081-8/+37
| | | | | | | | | | | | | | | | | | | | | | | | * scd/app-p15.c (select_and_read_record): Special case deleted records. Support 3 byte TLVs. (read_ef_prkdf): Skip deleted records. (read_ef_pukdf): Ditto. (read_ef_cdf): Ditto. (read_ef_aodf): Ditto. -- This fixes a problem with some CardOS 5 applications.
| * speedo: Support CUSTOM_SWDB builds.Werner Koch2022-12-072-14/+33
| | | | | | | | --
| * speedo: Introduce the OVERRIDE_TARBALLS featureWerner Koch2022-12-061-0/+11
| | | | | | | | --
| * doc: Prepare NEWSWerner Koch2022-12-062-6/+17
| | | | | | | | --
| * wkd: Do not send/install/mirror expired user ids.Werner Koch2022-12-064-8/+72
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * tools/gpg-wks.h (struct uidinfo_list_s): Add fields expired and revoked. * tools/wks-util.c (append_to_uidinfo_list): Add args expired and revoked. (set_expired_revoked): New. (wks_list_key): Set expired and revoked. (wks_cmd_install_key): Skip expired uids. * tools/gpg-wks-client.c (command_check): Print flags. (command_send): Ignore expired keys. (mirror_one_key): Ditto. * g10/export.c (do_export_stream): Silence warning. -- GnuPG-bug-id: 6292 Backported-from-master: 278f85d1bc6cd012b3b2e87536e50954b21d2d91
| * gpgsm: Silence the "non-critical certificate policy not allowed".Werner Koch2022-12-061-2/+3
| | | | | | | | | | | | | | * sm/certchain.c (check_cert_policy): Print non-critical policy warning only in verbose mode. (cherry picked from commit 4f1b9e3abb337470e5e4809b3a7f2df33f5a63a4)
| * wkd: New option --add-revocs and some fixes.Werner Koch2022-11-304-33/+228
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * tools/gpg-wks.h (opt): Add add_revocs. * tools/wks-util.c (wks_get_key): Add arg 'binary'. (wks_armor_key): New. (wks_find_add_revocs): New. (wks_cmd_install_key): Get key in binary mode and add revocations if enabled. * tools/gpg-wks-client.c (oAddRevocs): New. (opts): Add --add-revocs. (parse_arguments): Set option, (command_send): Get key in binary mode, add revocations if enabled, and explictly armor key. Remove kludge to skip the Content-type line in no_encrypt mode. (mirror_one_keys_userid): Always filter the key to get rid of the armor as received from dirmngr. Add revocations from the local keyring. -- Note that this also fixes an oddity of the new mirror command which used to store the keys armored as received from dirmngr.
| * wkd: Make use of --debug extprog.Werner Koch2022-11-301-1/+20
| | | | | | | | | | | | | | | | * tools/wks-util.c (debug_gpg_invocation): New. (get_key_status_cb): Enable debug output. (wks_get_key): Show gpg invocation. (wks_list_key): Ditto. (wks_filter_uid): Ditto.
| * gpg: New export-filter export-revocsWerner Koch2022-11-303-5/+129
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/options.h (EXPORT_REVOCS): New. * g10/export.c (export_select_filter): New. (struct export_filter_attic_s): Add field. (cleanup_export_globals): Cleanup. (parse_export_options): Add option "export-revocs". (parse_and_set_export_filter): Parse the select type. (do_export_revocs): New. (do_export_stream): Add a way to select things for export. -- Backported-from-master: c985b52e71a83d14099f00f80e3588bd3ad28b98
| * gpg: Fix double-free in gpg --card-edit.NIIBE Yutaka2022-11-291-1/+0
| | | | | | | | | | | | | | | | * g10/card-util.c (change_name): Don't free ISONAME here. -- Signed-off-by: NIIBE Yutaka <[email protected]>
| * gpg: use iobuf_read for higher detached signing speedWerner Koch2022-11-291-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/sign.c (sign_file): Use iobuf_read instead of iobuf_get for reading data from detached file. -- This patch reduces iobuf_read per byte processing overhead and speeds up detached signing. Detached signing speed on AMD Ryzen 5800X (4.3GiB file, SHA256): gpg process user time before: 3.951s after: 1.898s (2.0x faster) GnuPG-bug-id: T5826 Signed-off-by: Jussi Kivilinna <[email protected]> Backported-from-master: f8943ce098f6f193da791faf43fff823568697d9 Numbers above are given for the version in master but should be similar for here (2.2).
| * g10/plaintext: do_hash: use iobuf_read for higher performanceJussi Kivilinna2022-11-291-2/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/plaintext.c (do_hash): Use iobuf_read instead of iobuf_get for reading data; Use gcry_md_write instead of gcry_md_putc for hash data. -- This patch reduces iobuf_read per byte processing overhead and speeds up detached signature verifying. Detached verifying speed on AMD Ryzen 5800X (4.3GiB file, SHA256): gpg process user time before: 9.410s after: 1.913s (4.9x faster) GnuPG-bug-id: T5826 Signed-off-by: Jussi Kivilinna <[email protected]> (cherry picked from commit 4e27b9defc608f1fa31ca50f1ed1d5761b73b480)
| * gpg: Make --require-compliance work with out --status-fdWerner Koch2022-11-281-1/+1
| | | | | | | | | | | | | | | | | | * g10/mainproc.c (proc_encrypted): Set complaince_de_vs also if require-compliance is set. -- Without this fix require-compliance would fail if no --status-fd was used.
| * Update NEWS for 2.2.41Werner Koch2022-11-251-0/+15
| | | | | | | | --
| * w32: Fix for make check.NIIBE Yutaka2022-11-251-1/+1
| | | | | | | | | | | | | | | | | | * tests/gpgsm/Makefile.am: Add $(EXEEXT). -- Fixes-commit: a27e6505daabd7ea1405244d128ad3c2ef5bb6f6 Signed-off-by: NIIBE Yutaka <[email protected]>
| * tests: Fix to support --enable-all-tests and variants.NIIBE Yutaka2022-11-258-11/+30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * tests/gpgscm/tests.scm (test::scm): Add VARIANT argument. (tests::new): Likewise. (open-log-file, report): Support VARIANT. * tests/gpgme/all-tests.scm (setup-c, setup-py): Follow the change. * tests/gpgsm/all-tests.scm (setup): Likewise. * tests/gpgsm/run-tests.scm: Likewise. * tests/migrations/all-tests.scm: Likewise. * tests/migrations/run-tests.scm: Likewise. * tests/openpgp/all-tests.scm: Likewise. * tests/openpgp/run-tests.scm: Likewise. -- Fixes-commit: 1c88104a3f00f7ca3790fbaab8f67b2b68cd6e18 Signed-off-by: NIIBE Yutaka <[email protected]>
| * tests:w32: Fix for non-dot file name for Windows.NIIBE Yutaka2022-11-251-1/+1
| | | | | | | | | | | | | | | | | | * tests/migrations/from-classic.scm (assert-migrated): Handle the case on Windows. -- Signed-off-by: NIIBE Yutaka <[email protected]>
| * tests:gpgscm:w32: Fix for GetTempPath.NIIBE Yutaka2022-11-251-0/+5
| | | | | | | | | | | | | | | | * tests/gpgscm/ffi.c (do_get_temp_path): Remove the last backslash. -- Signed-off-by: NIIBE Yutaka <[email protected]>
| * tests: Keep .log files in objdir.NIIBE Yutaka2022-11-251-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | * tests/gpgscm/tests.scm (open-log-file): Keep the log file in objdir. -- Before the change, it is at ephemeral temp directory which is removed. This is not useful at all. Possibly, it was done before the introduce of ephemeral temp directory for each test and not changed. Signed-off-by: NIIBE Yutaka <[email protected]>
| * tests: Use 233 for invalid value of FD.NIIBE Yutaka2022-11-251-1/+1
| | | | | | | | | | | | | | | | | | | | | | * tests/openpgp/issue2941.scm: Use 233. -- On Windows machine (emulated by Wine), 23 may be valid value for handle. Signed-off-by: NIIBE Yutaka <[email protected]>
| * w32: Exclude tests with HOME.NIIBE Yutaka2022-11-251-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | * common/t-session-env.c [HAVE_W32_SYSTEM] (test_all): HOME is not defined, so, exclude the tests. -- Backport master commit of: b47a23f5fac551727d24f65765e21485ed2bb02c Signed-off-by: NIIBE Yutaka <[email protected]>
| * w32: Fix for make check.NIIBE Yutaka2022-11-255-7/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * common/Makefile.am (module_tests): Exclude t-exechelp and t-exectool. * common/t-stringhelp.c (mygetcwd): Convert '\' to '/'. * tests/gpgme/Makefile.am: Add $(EXEEXT). * tests/migrations/Makefile.am: Likewise. * tests/openpgp/Makefile.am: Likewise. -- Backport master commit of: 39d478f5ba5d74cdd1d2e40311ff120c932bac37 Signed-off-by: NIIBE Yutaka <[email protected]>
| * scd: Redact --debug cardio output of a VERIFY APDU.Werner Koch2022-11-251-2/+16
| | | | | | | | | | | | | | | | | | | | * scd/apdu.c (pcsc_send_apdu) [DBG_CARD_IO]: Detect and redact a VERIFY. (send_apdu_ccid): Ditto. -- This should handle the most common case. GnuPG-bug-id: 5085
| * gpg: Add a notation to encryption subkeys in de-vs mode.Werner Koch2022-11-251-3/+57
| | | | | | | | | | | | | | | | | | | | | | * g10/keygen.c (struct opaque_data_usage_and_pk): Add cpl_notation. (do_add_notation): New. (keygen_add_key_flags_and_expire): Set [email protected] notation if requested. (write_keybinding): Request notation for subkeys in de-vs mode. -- GnuPG-bug-id: 6279
| * scd:nks: Fix ECC signing if key not given by keygrip.Werner Koch2022-11-251-0/+2
| | | | | | | | * scd/app-nks.c (keygripstr_from_pk_file): Set r_algo if not in cache.
| * agent: Allow trustlist on Windows in Unicode homedirs.Werner Koch2022-11-252-1/+32
| | | | | | | | * agent/trustlist.c (agent_marktrusted): Use gnupg_access.
| * gpg: Fix trusted introducer for user-ids with only the mbox.Werner Koch2022-11-251-19/+31
| | | | | | | | | | | | | | | | * g10/trustdb.c (check_regexp): Kludge to match user-ids with only an mbox. -- (Also re-indented the function) GnuPG-bug-id: 6238
| * gpg: Import stray revocation certificates.Werner Koch2022-11-253-13/+66
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/kbnode.c (new_kbnode2): New. * g10/import.c (delete_inv_parts): New arg r_otherrevsigs to store misplaced revocations. (import_revoke_cert): Allow to pass an entire list. (import_one): Import revocations found by delete_inv_parts. -- It might be useful to distribute revocations of old keys along with new keys. This is in particicualrr useful for WKD stored keys. This patch allows to put unrelated standalone revocations into a key. For example they can simply appended to a keyblock. Right now it is a bit inaesthetic to see diagnostics about misplaced or bad revocation signatures. Backported-from-master: 7aaedfb10767c74f3e6868dd1563cbbf1282ab2f
| * gpg: Make --list-packets work w/o --no-armor for plain OCB packets.Werner Koch2022-11-251-0/+1
| | | | | | | | | | | | | | | | * g10/armor.c (is_armored): Add PKT_ENCRYPTED_AEAD. -- With this fix it is now possible to feed a vanilla packet of type 20 without first forcing gpg to assume binary mode.
| * gpg: New option --compatibility-flagsWerner Koch2022-11-253-1/+35
| | | | | | | | | | | | | | | | | | | | | | * g10/gpg.c (oCompatibilityFlags): New. (opts): Add option. (compatibility_flags): New list. (main): Set flags and print help. * g10/options.h (opt): Add field compatibility_flags. -- No flags are yet defined but it is good to have the framework.
| * scd:nks: Support non-ESIGN signing with the Signature Card v2Werner Koch2022-11-251-8/+20
| | | | | | | | | | | | | | | | * scd/app-nks.c (do_sign): Handle ECC for NKS cards -- Backported-from-master: 959c627892121ce9707bfa36f2510216b4f6f247 GnuPG-bug-id: 6252
| * scd: Use app_get_slot at more places.Werner Koch2022-11-254-65/+84
| | | | | | | | | | | | -- This is helpful for backporting other changes.
| * scd: Use APP_LEARN_FLAG_KEYPAIRINFO with more apps.Werner Koch2022-11-252-2/+2
| | | | | | | | | | | | | | | | * scd/app-nks.c (do_learn_status_core): Use new flag. * scd/app-sc-hsm.c (do_learn_status): Ditto. -- The flag was already backported to some apps but not to these.
| * doc: Make uploading of 2.2 manuals easierWerner Koch2022-11-251-2/+2
| | | | | | | | --
| * build: Update gpg-error.m4.NIIBE Yutaka2022-11-251-1/+5
| | | | | | | | | | | | | | | | * m4/gpg-error.m4: Update from libgpg-error 1.46. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* | gpgsm: Change default algo to AES-256.Werner Koch2022-11-301-1/+1
| | | | | | | | * sm/gpgsm.c (DEFAULT_CIPHER_ALGO): Change.
* | w32: Fix for make check.NIIBE Yutaka2022-11-251-1/+1
| | | | | | | | | | | | | | | | | | * tests/gpgsm/Makefile.am: Add $(EXEEXT). -- Fixes-commit: a27e6505daabd7ea1405244d128ad3c2ef5bb6f6 Signed-off-by: NIIBE Yutaka <[email protected]>
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-20 09:38:44 +0000