| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
| |
* scd/scdaemon.c (opts): Add --homedir.
--
Without that entry the homedir setting won't work.
GnuPG-bug-id: 2386
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
| |
--
As long as a current swdb.lst is available and all directories below
~/b carry the appropriate tarballs this target can be used to build a
w32-installer w/0 any network access.
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/tdbio.c (create_version_record): Call create_hashtable to always
make hashtable, together with the version record.
(get_trusthashrec): Remove call to create_hashtable.
--
GnuPG-bug-id: 1675
Thanks to Scott Moser for a reproducible script and patience.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| | |
| |
| |
| | |
--
|
| | | |
|
| | |
| |
| |
| | |
--
|
| | | |
|
| | | |
|
| | |
| |
| |
| | |
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| | |
--
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* tests/openpgp/Makefile.am (CLEANFILES): Add created file
"passphrases".
* tools/Makefile.am (EXTRA_DIST): Add no-libgcrypt.c.
--
dirmngr/Makefile uses a copy no-libgcrypt.c from tools/. tools/ does
not anymore require no-libgcrypt.c but we keep it there in case we
eventually make use of it again.
Signed-off-by: Werner Koch <[email protected]>
|
| |/
|
|
|
|
|
|
| |
* tools/symcryptrun.c (main): Fix typo.
--
Fixes-commit: 36550dde998fa1d497098050ca2d4e1a952ed6b6
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
| |
* g10/keylist.c (list_keyblock_colon): Use PK2 for the subkey's curve.
--
Reported-by: mantorix at vollbio punkt de
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
| |
* dirmngr/dirmngr_ldap.c (fetch_ldap): Do not use log_debug in an
unprotected section. Replace log_debug by log_info in verbose mode.
--
GnuPG-bug-id: 2376
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* dirmngr/dirmngr_ldap.c (fetch_ldap): Try V3 Protocol in case
default Protocol gives error.
--
Servers may have blocked V2 Protocol, in which case the
bind will result in a Protocol Error. In that case we try
again with v3 Protocol if the ldap libarary used to compile
dirmngr supports V3.
Signed-off-by: Andre Heinecke <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* dirmngr/dirmngr_ldap.c (fetch_ldap): Use ldap_err2string on bind
return.
--
ldap_simple_bind_s does not set errno.
Signed-off-by: Andre Heinecke <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* sm/gpgsm.c (main): Add AES192 cipher. Allow SERPENT256.
--
Note that currently released Libcgrypt versions miss OIDs for Serpent
and thus Serpent can only be used with tye forthcoming Libgcrypt
1.7.1.
GnuPG-bug-id: 2273
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
| |
* doc/gnupg.texi: Define new index "ef".
(Environment Index): New.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
| |
* g10/tofu.c (get_trust): Do not jump to out.
--
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* g10/tofu.c (get_trust): Factor code out to ...
(format_conflict_msg_part1): new and to ...
(ask_about_binding): new.
--
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
| |
--
GnuPG-bug-id: 2383
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
| |
--
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* g10/gpg.c (main): Remove deprecation warning.
--
Most options for the keyserver have been moved to dirmngr and thus it
does not make sense to favor "--keyserver-options auto-key-retrieve"
over the direct options --auto-key-retrieve and --no-auto-key-retrieve.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/gpg.c (oDisableSignerUID): New.
(opts): New option '--disable-signer-uid'.
(main): Set option.
* g10/options.h (opt): Add field flags.disable_signer_uid.
* g10/sign.c: Include mbox-util.h.
(mk_notation_policy_etc): Embed the signer's uid.
* g10/mainproc.c (check_sig_and_print): Do not use WKD for auto key
retrieval if --disable-signer-uid is used.
--
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/packet.h (PKT_signature): Add field 'signers_uid'.
* g10/parse-packet.c (parse_signature): Set this field.
* g10/free-packet.c (free_seckey_enc): Free field.
(copy_signature): Copy field.
* g10/mainproc.c (akl_has_wkd_method): New.
(check_sig_and_print): Extend NEWSIG status. If WKD is enabled try to
locate a missing key via the signature's Signer's User ID sub-packet.
Do this right before trying a keyserver lookup.
--
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
| |
--
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/call-agent.c (struct keyinfo_data): Rename to
keyinfo_data_parm_s.
(agent_get_keyinfo): Replace C-99 style init.
(keyinfo_status_cb): Use new fucntion split_fields.
* g10/export.c (match_curve_skey_pk): Add missings returns error
cases.
(cleartext_secret_key_to_openpgp): Better clear PK->PKEY first.
--
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* common/stringhelp.c (split_fields): New.
* common/t-stringhelp.c: Include assert.h.
(test_split_fields): New.
(main): Call test.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/export.c (do_export_stream): If a key is stored by the agent in
cleartext, then try to export it as cleartext.
* tests/openpgp/export.test: For secret keys that are stored in
cleartext, test should try to export without pinentry interaction.
--
This restores the behavior of GnuPG 2.0 and 1.4 when exporting
passphraseless secret keys, and fixes the test suite accordingly.
GnuPG-bug-id: 2070, 2324
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/export.c (match_curve_skey_pk): New function, testing whether an
OpenPGP public key and an S-expression use the same curve.
* g10/export.c (cleartext_secret_key_to_openpgp): New function,
filling in the secret key parameters of a PKT_public_key object from
a corresponding cleartext S-expression.
* g10/export.c, g10/main.h (receive_seckey_from_agent): Add cleartext
parameter, enabling retrieval of the secret key, unlocked.
* g10/export.c (do_export_stream): Send cleartext as 0, keeping current
behavior.
* g10/keygen.c (card_store_key_with_backup): Use cleartext=0 to ensure
that smartcard backups are all passphrase-locked.
--
This sets up internal functionality to be capable of exporting
cleartext secret keys, but does not change any existing behavior.
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/call-agent.c, g10/call-agent.h (agent_export_key): Add
openpgp_protected flag.
* g10/export.c (receive_seckey_from_agent): Request openpgp_protected
secret keys from agent.
* agent/command.c (hlp_export_key): EXPORT_KEY help text: add a
brief description of the effect of --openpgp.
--
The --openpgp flag for gpg-agent's EXPORT_KEY actually forces
encryption in a certain (RFC 4880-compatible format). This changeset
exposes that functionality in internal functions, and clarifies
functionality in the agent's help text.
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/call-agent.c, g10/call-agent.h (agent_get_keyinfo): add
r_cleartext parameter to report whether a key is stored without
passphrase protection.
* g10/gpgv.c, g10/test-stubs.c: augment dummy agent_get_keyinfo to
match new API.
* g10/export.c, g10/keyedit.c, g10/keygen.c, g10/keylist.c,
g10/sign.c: pass NULL to agent_get_keyinfo since we do not yet
need to know whether agent is passphrase-protected.
--
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
|
| |
|
|
|
|
| |
--
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* agent/gpg-agent.c (create_server_socket): Call chmod before listen.
* scd/scdaemon.c (create_server_socket): Ditto.
* dirmngr/dirmngr.c (main): Ditto.
--
This is just in case of a improperly set umask. Note that a connect
requires a write permissions.
|
| |
|
|
|
|
|
|
|
|
|
| |
* common/homedir.c (_gnupg_socketdir_internal) [W32]: Add definition
for NAME.
* g10/gpg.c (main) [W32]: Fix use og gnupg_homedir.
* agent/gpg-agent.c (remove_socket): Remove unused var P.
* scd/scdaemon.c (cleanup): Ditto.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* tools/gpgconf.c: Include unistd.h.
(aCreateSocketDir, aRemoveSocketDir): New.
(opts): Add --create-socketdir and --remove-socketdir.
(main): Implement them.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* common/homedir.c: Include sys/stat.h and zb32.h.
(w32_portable_app, w32_bin_is_bin): Change type from int to byte.
(non_default_homedir): New.
(is_gnupg_default_homedir): New.
(default_homedir): Set non_default_homedir.
(gnupg_set_homedir): Set non_default_homedir and make
the_gnupg_homedir and absolute directory name.
(gnupg_homedir): Return an absolute directory name.
(_gnupg_socketdir_internal): New.
(gnupg_socketdir): Implement /run/user/ based sockets.
* tools/gpg-connect-agent.c (get_var_ext): Replace now obsolete
make_filename by xstrdup.
* tools/gpgconf.c (main): Sue gnupg_homedir for the "homedir:" output.
--
If a [/var]/run/user/$(id -u)/ directory exists, a gnupg subdir is
created as needed and the permissions of the directories are checked.
If that all matches that directory name is returned instead of the
homedir.
To cope with non standard homedirs (via GNUPGHOME or --homedir) the
SHA-1 hash of the homedir is computed, left truncated to 120 bits,
zBase-32 encoded, prefixed with "d.", and appended to
"[/var]/run/user/$(id -u)/gnupg/". If that directory exists and has
proper permissions it is returned as socket dir - if not the homedir
is used. Due to cleanup issues, this directory will not be
auto-created but needs to be created by the user in advance.
The required permissions are: directory owned by the user, group and
others bits not set.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
| |
* tools/gpgconf.c (opts): Add --homedir.
(main): Set homedir.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tools/Makefile.am (gpgconf_SOURCES): Remove no-libgcrypt.c.
(gpgconf_LDADD): Add LIBGCRYPT_LIBS.
(gpg_connect_agent_LDADD): Ditto.
(gpgtar_LDADD): Ditto.
* dirmngr/Makefile.am (dirmngr_client_LDADD): Ditto.
(t_common_ldadd): Ditto. Remove no-libgcrypt.o.
--
We need this change so that a future code in common/ can use Libgcrypt
functions; in particular hashing.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* agent/gpg-agent.c (remove_socket): Do not remove the enclosing
directory.
* scd/scdaemon.c (cleanup): Ditto.
--
The socket directory is now below /run or at ~/.gnupg. Thus we should
not try to remove the directory of the socket. The auto-removal was
introduced at a time we used a temporary directory for the sockets.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* common/homedir.c (gnupg_socketdir): New.
* agent/gpg-agent.c (create_socket_name): Use new function instead of
gnupg_homedir.
(check_own_socket): Ditto.
(check_for_running_agent): Ditto.
* agent/preset-passphrase.c (main): Ditto.
* common/asshelp.c (start_new_gpg_agent): Ditto.
* scd/scdaemon.c (create_socket_name): Ditto.
* tools/gpgconf.c (main): Ditto.
* tools/symcryptrun.c (main): Ditto.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* common/asshelp.c (start_new_gpg_agent): Remove arg 'homedir' in
favor of gnupg_homedir (). Change all callers.
(start_new_dirmngr): Ditto.
* common/get-passphrase.c (gnupg_prepare_get_passphrase): Remove arg
'homedir'.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* common/homedir.c (the_gnupg_homedir): New var.
(gnupg_set_homedir): New.
(gnupg_homedir): New.
* g10/options.h (struct opt): Remove 'homedir' and replace all users
by the new accessor functions.
* g13/g13-common.h (struct opt): Ditto.
* scd/scdaemon.h (struct opt): Ditto.
* sm/gpgsm.h (struct opt): Ditto.
* dirmngr/dirmngr.h (struct opt): Ditto.
* agent/preset-passphrase.c (opt_homedir): Ditto.
* agent/protect-tool.c (opt_homedir): Ditto.
--
This will make detection of a non-default homedir easier.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
| |
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
| |
* g10/gpg.c (main): Compose a block by curly braces.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* g10/gpg.c (main): Init keyid_format to KF_NONE.
* g10/keyid.c (format_keyid): Ditto.
(keystrlen): Ditto.
--
GnuPG-bug-id: 2379
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* g10/gpg.c (oWithSubkeyFingerprint): New.
(opts): Add --with-subkey-fingerprint[s].
(main): Set that option.
* g10/options.h (struct opt): Add 'with_subkey_fingerprint'.
* g10/keylist.c (list_keyblock_print): Print subkey fingerprint.
(print_fingerprint): Tweak printing to use compact format if
desirable.
Signed-off-by: Werner Koch <[email protected]>
|
