aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* po: Auto-updateWerner Koch2018-12-1426-318/+472
| | | | --
* New simplified Chinese translationChuhao Li2018-12-141-4271/+2609
| | | | | | | | -- Signed-off-by: Werner Koch <[email protected]> This is a complete rework of the original file from 1.4.
* agent: Make the S2K calibration time runtime configurable.Werner Koch2018-12-114-9/+43
| | | | | | | | | | | | | | | | | | | * agent/protect.c (s2k_calibration_time): New file global var. (calibrate_s2k_count): Use it here. (get_calibrated_s2k_count): Replace function static var by ... (s2k_calibrated_count): new file global var. (set_s2k_calibration_time): New function. * agent/gpg-agent.c (oS2KCalibration): New const. (opts): New option --s2k-calibration. (parse_rereadable_options): Parse that option. -- Note that using an unrelistic high value (like 60000) takes quite some time for calibration. GnuPG-bug-id: 3399 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit cbcc8c19541fe8407f3b6588fce1535c64cf6b25)
* agent: compile-time configuration of s2k calibration.Daniel Kahn Gillmor2018-12-112-4/+12
| | | | | | | | | | | * configure.ac: add --with-agent-s2k-calibration=MSEC, introduces AGENT_S2K_CALIBRATION (measured in milliseconds) * agent/protect.c (calibrate_s2k_count): Calibrate based on AGENT_S2K_CALIBRATION. Signed-off-by: Daniel Kahn Gillmor <[email protected]> GnuPG-bug-id: 3399 (cherry picked from commit 926d07c5fa05de05caef3a72b6fe156606ac0549)
* dirmngr: Retry another server from the pool on 502, 503, 504.Werner Koch2018-12-111-7/+33
| | | | | | | | | | | | | | * dirmngr/ks-engine-hkp.c (handle_send_request_error): Add arg http_status and handle it. (ks_hkp_search): Get http_status froms end_request and pass on to handle_send_request_error. (ks_hkp_get): Ditto. (ks_hkp_put): Ditto. -- GnuPG-bug-id: 4175 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 05ef6282784495a77f4faf76c0de5bc85dfecf06)
* dirmngr: New function http_status2string.Werner Koch2018-12-112-0/+26
| | | | | | | | | | * dirmngr/http.c (http_status2string): New. -- Right now only the standard 5xx codes. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit dc61f4ecea5c9815cb00aeb25439978337c1fd64)
* gpg: In search-keys return "Not found" instead of "No Data".Werner Koch2018-12-111-1/+3
| | | | | | | | | * g10/keyserver.c (keyserver_search): Check for NO_DATA. -- GnuPG-bug-id: 3830 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit e7252ae57f3c9da557f23295268f74dd25fee3a1)
* tools: Use POSIX compatible arguments for findTomi Leppänen2018-12-111-1/+1
| | | | * tools/addgnupghome (filelist): Remove bashism.
* scd: Make "learn" report about KDF data object.NIIBE Yutaka2018-12-062-0/+6
| | | | | | | | | | * scd/app-openpgp.c (do_learn_status): Report KDF attr. * g10/card-util.c (current_card_status): Output KDF for with_colons. -- Backport of master commit: 05d163aebc04db109ec5e004eb04a4b3796f6421 Signed-off-by: NIIBE Yutaka <[email protected]>
* card: Display if KDF is enabled or not.NIIBE Yutaka2018-12-063-2/+12
| | | | | | | | | | | * g10/call-agent.h (kdf_do_enabled): New field. * g10/call-agent.c (learn_status_cb): Set kdf_do_enabled if available. * g10/card-util.c (current_card_status): Inform the availability. -- Cherry pick of master commit: a5542a4a702c2210facf58a98bc8d3d16089b6ab Signed-off-by: NIIBE Yutaka <[email protected]>
* g10: Fix memory leak for --card-status.NIIBE Yutaka2018-12-061-4/+3
| | | | | | | | | * g10/card-util.c (card_status): Release memory of serial number. -- Cherry pick of master commit: fe8b6339542f3b1228b5fd56fc710ea3b07a3a2b Signed-off-by: NIIBE Yutaka <[email protected]>
* g10: Fix print_pubkey_info new line output.NIIBE Yutaka2018-12-051-1/+1
| | | | | | | | | | | | | | | * g10/keylist.c (print_pubkey_info): Reverse the condition. -- This mistakes were introduced when replacing by estream. It resulted 'gpg --card-status' from a process with no controlling terminal fails. Fixes-commit: fb2ba98963beea249474f5d6d7345cf9b4b7f570 Signed-off-by: NIIBE Yutaka <[email protected]> (cherry picked from commit e154fba30ba0d5f29040a33f5c1b5c25b441b69f)
* gpg: New list-option "show-only-fpr-mbox".Werner Koch2018-12-054-1/+65
| | | | | | | | | | | | | | | | * g10/gpg.c (parse_list_options): Add option "show-only-fpr-mbox". * g10/options.h (LIST_SHOW_ONLY_FPR_MBOX): New. * g10/keylist.c (list_keyblock_simple): New. (list_keyblock): Call it. (list_all): Do not print the keyring name in LIST_SHOW_ONLY_FPR_MBOX mode. -- Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 0e8bf204791ebfd0c9a8e4b49fbadf998ec62e49) * g10/keylist.c (list_keyblock_simple): Remove optional arg from mailbox_from_userid
* wks: Fix filter expression syntax flaw.Werner Koch2018-12-051-4/+10
| | | | | | | | | | | | | | * tools/wks-util.c (wks_get_key, wks_filter_uid): The filter expression needs a space before the value. (install_key_from_spec_file): Replace es_getline by es_read_line and remove debug output. -- A value of starting with '<' was considered an invalid operator due to our tokenization method. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 0c36ec241d285545f286069843de4f663cd274a3)
* wks: Allow reading of --install-key arguments from stdin.Werner Koch2018-12-054-10/+81
| | | | | | | | | | * tools/wks-util.c (install_key_from_spec_file): New. (wks_cmd_install_key): Call it. * tools/gpg-wks-client.c (main): Allow --install-key w/o arguments. * tools/gpg-wks-server.c (main): Ditto. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit ba46a359b9d6549b74ec8401ea39bad434d87564)
* wks: Create sub-directoriesWerner Koch2018-12-051-5/+25
| | | | | | | | * tools/wks-util.c (wks_compute_hu_fname): Stat and create directory if needed. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 73e5b0ec9b9ba5e04e55f8c42d81e23df7c3afe0)
* wks: Add new commands --install-key and --remove-key to the client.Werner Koch2018-12-052-0/+68
| | | | | | | | | | | | | | | * tools/gpg-wks-client.c (aInstallKey, aRemoveKey, oDirectory): New. (opts): Add "--install-key", "--remove-key" and "-C". (parse_arguments): Parse them. (main): Check that the given directory exists. Implement the new commands. -- These commands maybe useful to prepare a WKD directory on a non-Unix box using the standard wks client. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 602b1909632925d5a2e0778c102d66109795c627)
* wks: Move a few server functions to wks-util.Werner Koch2018-12-053-309/+317
| | | | | | | | | | | | | | | | * tools/gpg-wks-server.c (write_to_file): Move to ... * tools/wks-util.c: here. * tools/gpg-wks-server.c (compute_hu_fname): Move to ... * tools/wks-util.c (wks_compute_hu_fname): here. * tools/gpg-wks-server.c (fname_from_userid): Move to ... * tools/wks-util.c (wks_fname_from_userid): here. * tools/gpg-wks-server.c (command_install_key): Move to ... * tools/wks-util.c (wks_cmd_install_key): here and change caller. * tools/gpg-wks-server.c (command_remove_key): Move to ... * tools/wks-util.c (wks_cmd_remove_key): here and change callers. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 99094c992c20dd22971beb3527cfda109cd1df89)
* g10/mainproc: disable hash contexts when --skip-verify is usedJussi Kivilinna2018-12-051-3/+8
| | | | | | | | | * g10/mainproc.c (proc_plaintext): Do not enable hash contexts when opt.skip_verify is set. -- Signed-off-by: Jussi Kivilinna <[email protected]> (cherry picked from commit 73e74de0e33bbb76300f96a4174024779047df06)
* common/iobuf: fix memory wiping in iobuf_copyJussi Kivilinna2018-12-051-1/+6
| | | | | | | | | * common/iobuf.c (iobuf_copy): Wipe used area of buffer instead of first sizeof(char*) bytes. -- Signed-off-by: Jussi Kivilinna <[email protected]> (cherry picked from commit 654e353d9b20f10fa275e7ae10cc50480654f079)
* common: Use platform memory zeroing function for wipememoryJussi Kivilinna2018-12-053-21/+30
| | | | | | | | | | | | | | | | | | | | | * common/mischelp.h (wipememory): Replace macro with function prototype. (wipememory2): Remove. * common/mischelp.c (wipememory): New. * configure.ac (AC_CHECK_FUNCS): Check for 'explicit_bzero' and remove duplicated checks. -- In new wipememory function, memory is cleared through platform provided secure memory zeroing function, SecureZeroMemory or explicit_bzero. If none of these is available, memset is called through volatile function pointer to so that compiler won't optimize away the call. Signed-off-by: Jussi Kivilinna <[email protected]> (cherry picked from commit 2a650772b4e1c78a4fd20bc88433930e5551fe9c)
* gpg: Improve error message about failed keygrip computation.Werner Koch2018-12-051-1/+6
| | | | | | | * g10/keyid.c (keygrip_from_pk): Print the fingerprint on failure. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit cd64af003d4b6b46b69dbd575f73d53359ae0bcc)
* dirmngr: Avoid possible CSRF attacks via http redirects.Werner Koch2018-11-237-95/+435
| | | | | | | | | | | | | | | | | | | | | * dirmngr/http.h (parsed_uri_s): Add fields off_host and off_path. (http_redir_info_t): New. * dirmngr/http.c (do_parse_uri): Set new fields. (same_host_p): New. (http_prepare_redirect): New. * dirmngr/t-http-basic.c: New test. * dirmngr/ks-engine-hkp.c (send_request): Use http_prepare_redirect instead of the open code. * dirmngr/ks-engine-http.c (ks_http_fetch): Ditto. -- With this change a http query will not follow a redirect unless the Location header gives the same host. If the host is different only the host and port is taken from the Location header and the original path and query parts are kept. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit fa1b1eaa4241ff3f0634c8bdf8591cbc7c464144)
* doc: Clarify use of clear and nodefault in the AKL.Werner Koch2018-11-212-2/+4
| | | | | | -- (cherry picked from commit e5c3a6999a374813134a9e68744444c25c3017f6)
* tools: Let gpg-zip print a deprecation warning.Werner Koch2018-11-151-0/+3
| | | | | | | -- GnuPG-bug-id: 4251 Signed-off-by: Werner Koch <[email protected]>
* dirmngr: Add FLUSHCRLs commandAndre Heinecke2018-11-122-1/+18
| | | | | | | | | | | | | | | | | Summary: * dirmngr/crlcache.c (crl_cache_flush): Also deinit the cache. * dirmngr/server.c (hlp_flushcrls, cmd_flushcrls): New. (register_commands): Add FLUSHCRLS. -- This allows it to flush the CRL cache of a running dirmngr server. This can be useful to debug / analyze CRL issues. GnuPG-Bug-Id: T3967 Differential Revision: https://dev.gnupg.org/D469 Signed-off-by: Andre Heinecke <[email protected]>
* Post release updates.Werner Koch2018-11-062-1/+5
| | | | --
* Release 2.1.11gnupg-2.2.11Werner Koch2018-11-061-7/+48
| | | | Signed-off-by: Werner Koch <[email protected]>
* po: Update Czech translationPetr Pisar2018-11-061-97/+67
| | | | --
* po: Update German translationWerner Koch2018-11-061-10/+7
| | | | --
* g10: Fix print_keygrip for smartcard.NIIBE Yutaka2018-11-061-1/+1
| | | | | | | | | * g10/card-util.c (print_keygrip): Use tty_fprintf. -- Reported-by: Joey Pabalinas <[email protected]> Signed-off-by: NIIBE Yutaka <[email protected]>
* wks: New option --with-colons for gpg-wks-client.Werner Koch2018-11-054-68/+230
| | | | | | | | | | | | | | | | | | | | * tools/gpg-wks.h (opt): Add field with_colons. * tools/gpg-wks-client.c (oWithColons): New const. (opts, parse_arguments): Add option --with-colons. (main): Change aSupported to take several domains in --with-colons mode. (command_send): Factor policy getting code out to ... (get_policy_and_sa): New function. (command_supported): Make use of new function. -- In addition to this the --create command now also supports a submission address only in the policy file. That means the submission-address file is not anymore required and can be replaced by the policy file. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit e3a1e80d13487c9336640a99b2f6d385d7d6f55c)
* speedo: Remove obsolete configure option of gpgme.Werner Koch2018-11-051-2/+2
| | | | | | | | | | | * build-aux/speedo.mk (speedo_pkg_gpgme_configure): Remove --disable-w32-qt option. -- This option is obsolete since GPGME 1.7 (in 2016) Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit d7323bb2d957fbeb8192c0ecbd99b1d14d302912)
* speedo: Include Windows patch for gpgme 1.12.0Werner Koch2018-11-052-0/+37
| | | | | | | -- We don't want to do a release of gpgme right now, so we include just this minimal but important fix.
* dirmngr: In verbose mode print the OCSP responder id.Werner Koch2018-11-051-0/+27
| | | | | | | * dirmngr/ocsp.c (ocsp_isvalid): Print the responder id. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 0a7f446c189201ca6e527af08b44da756b343209)
* tools: Replace duplicated code in mime-maker.Werner Koch2018-11-053-62/+90
| | | | | | | | | | | | | | | | | | | | | | | | * tools/rfc822parse.c (HEADER_NAME_CHARS): New. Taken from mime-maker.c. (rfc822_valid_header_name_p): New. Based on code from mime-maker.c. (rfc822_capitalize_header_name): New. Copied from mime-maker.c. (capitalize_header_name): Remove. Replace calls by new func. (my_toupper, my_strcasecmp): New. * tools/mime-maker.c: Include rfc822parse.h. (HEADER_NAME_CHARS, capitalize_header_name): Remove. (add_header): Replace check and capitalization by new functions. -- This is a straightforward change with two minor chnages: - In rfc822parse.c the capitalization handles MIME-Version special. - The check in mime-maker bow detects a zero-length name as invalid. my_toupper and my_strcasecmp are introduced to allow standalone use of that file. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit f03928b16c4fb00077d22d8ec141575ef6d26913)
* gpg: Don't take the a TOFU trust model from the trustdb,Werner Koch2018-11-052-5/+27
| | | | | | | | | | | | | | | | | * g10/tdbio.c (tdbio_update_version_record): Never store a TOFU model. (create_version_record): Don't init as TOFU. (tdbio_db_matches_options): Don't indicate a change in case TOFU is stored in an old trustdb file. -- This change allows to switch between a tofu and pgp or tofu+pgp trust model without an auto rebuild of the trustdb. This also requires that the tofu trust model is requested on the command line. If TOFU will ever be the default we need to tweak the model detection via TM_AUTO by also looking into the TOFU data base, GnuPG-bug-id: 4134 (cherry picked from commit 150a33df41944d764621f037038683f3d605aa3f)
* gpg: Add new card vendorWerner Koch2018-11-051-0/+1
| | | | | | -- (cherry picked from commit 3c2ffd27f36dfe77005aa01005145904761d8743)
* dirmngr: Emit SOURCE status also on NO_DATA.Werner Koch2018-11-052-5/+20
| | | | | | | | | | | | | | | | * dirmngr/ks-engine-hkp.c (ks_hkp_search): Send SOURCE status also on NO DATA error. (ks_hkp_get): Ditto. * g10/call-dirmngr.c (gpg_dirmngr_ks_search): Print "data source" info also on error. (gpg_dirmngr_ks_get): Ditto. -- If a keyserver does not return any data it can be useful to know which keyserver out of the pool answered. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit bee65edfbc8cc2c369e5941cc9d1a01a0519b388)
* dirmngr: Fix LDAP port parsing.Werner Koch2018-11-051-1/+1
| | | | | | | | | | | * dirmngr/misc.c (host_and_port_from_url): Fix bad port parsing and a segv for a missing slash after the host name. -- Reportted-by: Tomas Mraz GnuPG-bug-id: 4230 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit a3a5a2451924640588e5ecc03a1d4ba6a6ba94a5)
* build: By default build wks-tools on all Unix platforms.Werner Koch2018-10-261-1/+8
| | | | | Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit b83fed64f8051279a8f36e024c1f12f7f13c4716)
* wkd: Add option --directory to the server.Werner Koch2018-10-262-22/+36
| | | | | | | | | | | | | | * tools/gpg-wks-server.c (opts): Add '--directory', (main): Explain how to set correct permissions. (command_list_domains): Create an empty policy file and remove the warning for an empty policy file. -- Note that a policy file is meanwhile required and thus is is useful to create it. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit f248416bc9792e80bb0785302058131de49d7639)
* speedo: Sign the windows installer with a timestamp.Werner Koch2018-10-251-3/+7
| | | | --
* dirmngr: Fix out of scope use of a var in the keyserver LDAP code.Werner Koch2018-10-251-23/+10
| | | | | | | | | | * dirmngr/ks-engine-ldap.c (extract_attributes): Don't use a variabale out of scope and cleanup the entire pgpKeySize block. -- GnuPG-bug-id: 4229 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 2b57a8159cdc3b212a4efc68787b40cafcd91ebe)
* agent: Fix possible uninitalized use of CTX in simple_pwquery.Werner Koch2018-10-241-0/+1
| | | | | | | | | * common/simple-pwquery.c (agent_open): Clear CTX even on early error. -- GnuPG-bug-id: 4223 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit bafcf7095159493a656382997f8b0d0bb11a20e8)
* agent: Fix possible release of unitialize var in a genkey error case.Werner Koch2018-10-241-1/+1
| | | | | | | | | * agent/command.c (cmd_genkey): Initialize 'value'. -- GnuPG-bug-id: 4222 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 2bdc4b6ed97770ed15ec6c5afa02c2e44568a3bc)
* ssh: Fix possible infinite loop in case of an read error.Werner Koch2018-10-241-3/+4
| | | | | | | | | | * agent/command-ssh.c (ssh_handler_add_identity): Handle other errors than EOF. -- GnuPG-bug-id: 4221 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 7385e1babf6eef586c79ad23f8e541aaf608c4e5)
* tools: Fix FILE memory leak in gpg-connect-agent.Werner Koch2018-10-241-2/+4
| | | | | | | | | * tools/gpg-connect-agent.c (do_open): dup the fileno and close the stream. GnuPG-bug-id: 4220 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 378719f25fe00d46393541f4a4f79e04484c3000)
* sm: Use the correct string in an error message.Werner Koch2018-10-241-1/+1
| | | | | | | | * sm/gpgsm.c (main): Fix error message. -- GnuPG-bug-id: 4219 (cherry picked from commit 793fd8d876777c24c4d5072301fa530333d6e1d9)
* dirmngr: Only print info for no ldapserver fileAndre Heinecke2018-10-241-1/+5
| | | | | | | | | * dirmngr/dirmngr.c (parse_ldapserver_file): Only print info for ENOENT. -- It is very common that there is no ldapserver file. In that case users are confused by an error printed at dirmngr startup.
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-15 02:02:32 +0000