aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* g10: Add openpgp_protected flag to agent secret key export functionsDaniel Kahn Gillmor2016-06-114-9/+18
| | | | | | | | | | | | | | | | | * g10/call-agent.c, g10/call-agent.h (agent_export_key): Add openpgp_protected flag. * g10/export.c (receive_seckey_from_agent): Request openpgp_protected secret keys from agent. * agent/command.c (hlp_export_key): EXPORT_KEY help text: add a brief description of the effect of --openpgp. -- The --openpgp flag for gpg-agent's EXPORT_KEY actually forces encryption in a certain (RFC 4880-compatible format). This changeset exposes that functionality in internal functions, and clarifies functionality in the agent's help text. Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* g10: report whether key in agent is passphrase-protected or notDaniel Kahn Gillmor2016-06-119-31/+60
| | | | | | | | | | | | | | | * g10/call-agent.c, g10/call-agent.h (agent_get_keyinfo): add r_cleartext parameter to report whether a key is stored without passphrase protection. * g10/gpgv.c, g10/test-stubs.c: augment dummy agent_get_keyinfo to match new API. * g10/export.c, g10/keyedit.c, g10/keygen.c, g10/keylist.c, g10/sign.c: pass NULL to agent_get_keyinfo since we do not yet need to know whether agent is passphrase-protected. -- Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* speedo,w32: Distribute gpg-preset-passphrase.Werner Koch2016-06-111-0/+1
| | | | | | -- Signed-off-by: Werner Koch <[email protected]>
* Explicitly restrict socket permissions.Werner Koch2016-06-084-1/+13
| | | | | | | | | | * agent/gpg-agent.c (create_server_socket): Call chmod before listen. * scd/scdaemon.c (create_server_socket): Ditto. * dirmngr/dirmngr.c (main): Ditto. -- This is just in case of a improperly set umask. Note that a connect requires a write permissions.
* w32: Fix recent build regression.Werner Koch2016-06-084-4/+3
| | | | | | | | | | | * common/homedir.c (_gnupg_socketdir_internal) [W32]: Add definition for NAME. * g10/gpg.c (main) [W32]: Fix use og gnupg_homedir. * agent/gpg-agent.c (remove_socket): Remove unused var P. * scd/scdaemon.c (cleanup): Ditto. Signed-off-by: Werner Koch <[email protected]>
* gpgconf: New commands --create-socketdir and --remove-socketdir.Werner Koch2016-06-082-0/+78
| | | | | | | | | * tools/gpgconf.c: Include unistd.h. (aCreateSocketDir, aRemoveSocketDir): New. (opts): Add --create-socketdir and --remove-socketdir. (main): Implement them. Signed-off-by: Werner Koch <[email protected]>
* Implement /run/user/UID/gnupg based sockets.Werner Koch2016-06-085-26/+228
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * common/homedir.c: Include sys/stat.h and zb32.h. (w32_portable_app, w32_bin_is_bin): Change type from int to byte. (non_default_homedir): New. (is_gnupg_default_homedir): New. (default_homedir): Set non_default_homedir. (gnupg_set_homedir): Set non_default_homedir and make the_gnupg_homedir and absolute directory name. (gnupg_homedir): Return an absolute directory name. (_gnupg_socketdir_internal): New. (gnupg_socketdir): Implement /run/user/ based sockets. * tools/gpg-connect-agent.c (get_var_ext): Replace now obsolete make_filename by xstrdup. * tools/gpgconf.c (main): Sue gnupg_homedir for the "homedir:" output. -- If a [/var]/run/user/$(id -u)/ directory exists, a gnupg subdir is created as needed and the permissions of the directories are checked. If that all matches that directory name is returned instead of the homedir. To cope with non standard homedirs (via GNUPGHOME or --homedir) the SHA-1 hash of the homedir is computed, left truncated to 120 bits, zBase-32 encoded, prefixed with "d.", and appended to "[/var]/run/user/$(id -u)/gnupg/". If that directory exists and has proper permissions it is returned as socket dir - if not the homedir is used. Due to cleanup issues, this directory will not be auto-created but needs to be created by the user in advance. The required permissions are: directory owned by the user, group and others bits not set. Signed-off-by: Werner Koch <[email protected]>
* gpgconf: Add option --homedirWerner Koch2016-06-081-0/+2
| | | | | | | * tools/gpgconf.c (opts): Add --homedir. (main): Set homedir. Signed-off-by: Werner Koch <[email protected]>
* Do not use no-libgcrypt dummy for toolsWerner Koch2016-06-082-13/+12
| | | | | | | | | | | | | | | * tools/Makefile.am (gpgconf_SOURCES): Remove no-libgcrypt.c. (gpgconf_LDADD): Add LIBGCRYPT_LIBS. (gpg_connect_agent_LDADD): Ditto. (gpgtar_LDADD): Ditto. * dirmngr/Makefile.am (dirmngr_client_LDADD): Ditto. (t_common_ldadd): Ditto. Remove no-libgcrypt.o. -- We need this change so that a future code in common/ can use Libgcrypt functions; in particular hashing. Signed-off-by: Werner Koch <[email protected]>
* Do not try to remove the enclosing directory of sockets.Werner Koch2016-06-082-15/+1
| | | | | | | | | | | | | | * agent/gpg-agent.c (remove_socket): Do not remove the enclosing directory. * scd/scdaemon.c (cleanup): Ditto. -- The socket directory is now below /run or at ~/.gnupg. Thus we should not try to remove the directory of the socket. The auto-removal was introduced at a time we used a temporary directory for the sockets. Signed-off-by: Werner Koch <[email protected]>
* common: New function gnupg_socketdir.Werner Koch2016-06-078-10/+47
| | | | | | | | | | | | | | | * common/homedir.c (gnupg_socketdir): New. * agent/gpg-agent.c (create_socket_name): Use new function instead of gnupg_homedir. (check_own_socket): Ditto. (check_for_running_agent): Ditto. * agent/preset-passphrase.c (main): Ditto. * common/asshelp.c (start_new_gpg_agent): Ditto. * scd/scdaemon.c (create_socket_name): Ditto. * tools/gpgconf.c (main): Ditto. * tools/symcryptrun.c (main): Ditto. Signed-off-by: Werner Koch <[email protected]>
* common: Remove homedir arg from start_new_{dirmngr,gpg_agent}.Werner Koch2016-06-0711-23/+6
| | | | | | | | | | * common/asshelp.c (start_new_gpg_agent): Remove arg 'homedir' in favor of gnupg_homedir (). Change all callers. (start_new_dirmngr): Ditto. * common/get-passphrase.c (gnupg_prepare_get_passphrase): Remove arg 'homedir'. Signed-off-by: Werner Koch <[email protected]>
* Replace use of opt.homedir by accessor functions.Werner Koch2016-06-0744-179/+188
| | | | | | | | | | | | | | | | | | | * common/homedir.c (the_gnupg_homedir): New var. (gnupg_set_homedir): New. (gnupg_homedir): New. * g10/options.h (struct opt): Remove 'homedir' and replace all users by the new accessor functions. * g13/g13-common.h (struct opt): Ditto. * scd/scdaemon.h (struct opt): Ditto. * sm/gpgsm.h (struct opt): Ditto. * dirmngr/dirmngr.h (struct opt): Ditto. * agent/preset-passphrase.c (opt_homedir): Ditto. * agent/protect-tool.c (opt_homedir): Ditto. -- This will make detection of a non-default homedir easier. Signed-off-by: Werner Koch <[email protected]>
* po: Update Japanese translation.NIIBE Yutaka2016-06-071-359/+333
| | | | Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Fix command line parsing of --quick-addkey and --quick-gen-key.NIIBE Yutaka2016-06-071-2/+6
| | | | | | * g10/gpg.c (main): Compose a block by curly braces. Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Use --keyid-format=none by default.Werner Koch2016-06-062-3/+3
| | | | | | | | | | * g10/gpg.c (main): Init keyid_format to KF_NONE. * g10/keyid.c (format_keyid): Ditto. (keystrlen): Ditto. -- GnuPG-bug-id: 2379 Signed-off-by: Werner Koch <[email protected]>
* gpg: Add option --with-subkey-fingerprint.Werner Koch2016-06-065-5/+37
| | | | | | | | | | | | * g10/gpg.c (oWithSubkeyFingerprint): New. (opts): Add --with-subkey-fingerprint[s]. (main): Set that option. * g10/options.h (struct opt): Add 'with_subkey_fingerprint'. * g10/keylist.c (list_keyblock_print): Print subkey fingerprint. (print_fingerprint): Tweak printing to use compact format if desirable. Signed-off-by: Werner Koch <[email protected]>
* gpg: Implement --keyid-format=none.Werner Koch2016-06-069-143/+153
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/gpg.c (main): Add option "none" to --keyid-format. * g10/options.h (KF_NONE): New. * g10/keyid.c (format_keyid): Implement that. (keystr): Use format "long" is KF_NONE is in use. (keystr_with_sub): Ditto. * g10/keylist.c (list_keyblock_print): Adjust indentaion for KF_NONE. Factor some code out to ... (print_key_line): new. (print_fingerprint): Add mode 20. * g10/mainproc.c (list_node): Use print_key_line. Replace MAINKEY by flags.primary in the PK. Fix putting a " revoked..." string into the colons format. * g10/pkclist.c (do_edit_ownertrust): Use print_key_line. This slightly changes the putput format. * g10/revoke.c (gen_standard_revoke): Use print_key_line. This may also put "expires: " into the output. -- Due to user experience problems with the keyid and we better allow to show the fingerprint instead. Note that we do not support v3 keys anymore and thus there is no technical need for a user to know the keyid. GnuPG-bug-id: 2379 Signed-off-by: Werner Koch <[email protected]>
* indent: Wrap strings in debug messages.Werner Koch2016-06-061-3/+5
| | | | --
* w32: Require --enable-build-timestamp for the BUILD_HOSTNAME.Werner Koch2016-06-042-4/+7
| | | | | | | | | | * configure.ac (BUILD_HOSTNAME): Set to "<anon>" bey default. * build-aux/speedo.mk (speedo_pkg_gnupg_configure): Add --enable-build-timestamp. -- Debian-bug-id: 826309 Signed-off-by: Werner Koch <[email protected]>
* gpg: Add the fingerprint to KEY_CREATED for subkeys.Werner Koch2016-06-021-9/+12
| | | | | | | | | * g10/keygen.c (print_status_key_created): Make more robust by allowing a NULL for PK. (generate_subkeypair): Use print_status_key_created. (generate_card_subkeypair): Ditto. Signed-off-by: Werner Koch <[email protected]>
* gpg: Try to use the passphrase from the primary for --quick-addkey.Werner Koch2016-06-025-52/+157
| | | | | | | | | | | | | | | * agent/command.c (cmd_genkey): Add option --passwd-nonce. (cmd_passwd): Return a PASSWD_NONCE in verify mode. * g10/call-agent.c (agent_genkey): Add arg 'passwd_nonce_addr' and do not send a RESET if given. (agent_passwd): Add arg 'verify'. * g10/keygen.c (common_gen): Add optional arg 'passwd_nonce_addr'. (gen_elg, gen_dsa, gen_ecc, gen_rsa, do_create): Ditto. (generate_subkeypair): Use sepeare hexgrip var for the to be created for hexgrip feature. Verify primary key first. Make use of the passwd nonce. Allow for a static passphrase. Signed-off-by: Werner Koch <[email protected]>
* gpg: Extend the --quick-gen-key command.Werner Koch2016-06-024-22/+92
| | | | | | | | | | * g10/keygen.c (quickgen_set_para): Add arg 'use'. (quick_generate_keypair): Add args 'algostr', 'usagestr', and 'expirestr'. Implement primary only key mode. (parse_algo_usage_expire): Set NBITS for the default algo. * g10/gpg.c (main): Extend --quick-gen-key command. Signed-off-by: Werner Koch <[email protected]>
* gpg: Improve the new parse_subkey_algostr_usagestr fucntion.Werner Koch2016-06-021-28/+34
| | | | | | | | | | * g10/keygen.c (parse_usagestr): Allow "cert". (generate_subkeypair): Factor expire parsing out to ... (parse_subkey_algostr_usagestr): here. Rename to ... (parse_algo_usage_expire): this. Add arg 'for_subkey'. Set CERT for primary key and check that it is not set for subkeys. Signed-off-by: Werner Koch <[email protected]>
* gpg: New command --quick-addkey.Werner Koch2016-06-025-155/+512
| | | | | | | | | | | | | | | | | | | * g10/keygen.c (DEFAULT_STD_SUBKEYUSE): New. (ask_keysize): Factor code out to ... (get_keysize_range, fixup_keysize): new. (parse_parameter_usage): Factor parsing out to ... (parse_usagestr): new. Allow use of "encr" as alias for "encrypt". (parse_subkey_algostr_usagestr): New. (generate_subkeypair): Add new args. Implement unattended mode. * g10/keyedit.c (keyedit_quick_sign): Factor some code out to ... (find_by_primary_fpr): new. (keyedit_quick_addkey): New. * g10/gpg.c (aQuickAddKey): New. (opts): Add --quick-addkey. (main): Implement. Signed-off-by: Werner Koch <[email protected]>
* gpg: Do not abort on certain invalid packets.Werner Koch2016-06-022-3/+8
| | | | | | | | | | | | | | | * g10/build-packet.c (write_fake_data): Check for non-opaque data. * g10/seskey.c (do_encode_md): Return NULL instead of abort. -- The first may happen if the usage flags of an algorithm do not match the allowed usage. When writing a backsig this would lead to a log_bug in libgcrypt due to the use of a regular MPI as opaque data. The second may happen with all kind of invalid data. It is easy to avoid an abort, though. Signed-off-by: Werner Koch <[email protected]>
* common: New function openpgp_is_curve_supported.Werner Koch2016-06-022-4/+31
| | | | | | | | | * common/openpgp-oid.c: Include openpgpdefs.h. (oidtable): Add field pubkey_algo. (openpgp_is_curve_supported): New. -- Signed-off-by: Werner Koch <[email protected]>
* common: Add comments on how to enable backtrace().Werner Koch2016-06-021-1/+14
| | | | --
* g10: Allow User ID length >= 256.NIIBE Yutaka2016-06-011-1/+1
| | | | | | | | | | * build-packet.c (do_user_id): Call write_header2 with HDRLEN not set. -- Reported-by: Daniel Kahn Gillmor <[email protected]> GnuPG-bug-id: 2374 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: New status code NOTATION_FLAGS.Werner Koch2016-05-315-8/+23
| | | | | | | | * common/status.h (STATUS_NOTATION_FLAGS: New. * g10/packet.h (struct notation): Add flags.human. (notation_t): New typedef. * g10/build-packet.c (sig_to_notation): Set flags.human. * g10/keylist.c (show_notation): Write STATUS_NOTATION_FLAGS.
* build: Fix URL.Justus Winter2016-05-311-1/+1
| | | | | -- Signed-off-by: Justus Winter <[email protected]>
* common: Add a status callback to gnupg_exec_tool_stream.Werner Koch2016-05-275-17/+97
| | | | | | | | | | | | * common/exectool.h (exec_tool_status_cb_t): New. * common/exectool.c: Include missing exectool.h. (read_and_log_buffer_t): Replace array by pointer. (gnupg_exec_tool_stream): Add args 'status_cb' and 'status_cb_value'. Change all callers to pass NULL for them. Malloc buffer for FDERRSTATE. (read_and_log_stderr): Implement status_fd feature. Signed-off-by: Werner Koch <[email protected]>
* common: Allow a second input stream for gnupg_exec_tool_stream.Werner Koch2016-05-2710-36/+124
| | | | | | | | | | | | | | | | | | * common/exechelp-posix.c (do_exec): Add arg 'except' and pass to close_all_fds. (gnupg_spawn_process): Add arg 'except'. Change callers to pass NULL for it. * common/exechelp-w32.c (gnupg_spawn_process): Add dummy arg 'except'. * common/exechelp-w32ce.c (gnupg_spawn_process): Ditto. * common/exectool.c (copy_buffer_do_copy): Allow NULL for SINK. (gnupg_exec_tool_stream): Add arg 'inextra'. Change callers to pass NULL for it. Allow NULL for OUTPUT. -- This hack is a first step to allow calling gpg for verification of signatures. Signed-off-by: Werner Koch <[email protected]>
* common: Simplify the fd closing patch 512c56a.Werner Koch2016-05-271-3/+1
| | | | | | * common/exechelp-posix.c (get_max_fds): Use /proc/self. Signed-off-by: Werner Koch <[email protected]>
* common: Speedup closing fds before an exec.Werner Koch2016-05-271-0/+44
| | | | | | | | * common/exechelp-posix.c [__linux__]: Include dirent.h. (get_max_fds) [__linux__]: Return the actual used highest fd. -- Signed-off-by: Werner Koch <[email protected]>
* tools: Improve debug output of rfc822parse.Werner Koch2016-05-271-1/+6
| | | | | | * tools/rfc822parse.c (show_event): Add missing events. Signed-off-by: Werner Koch <[email protected]>
* build: Remove obsolete tests for funopen and fopencookie.Werner Koch2016-05-272-29/+1
| | | | | | | | | * configure.ac (AC_CHECK_FUNCS): Remove tests for funopen. -- Meanwhile we are using the portable functions from libgpg-error. Signed-off-by: Werner Koch <[email protected]>
* common: Extend gnupg_create_inbound_pipe et al.Werner Koch2016-05-277-28/+54
| | | | | | | | | | | | | | * common/exechelp-posix.c (gnupg_create_inbound_pipe): Add args 'r_fp' and 'nonblock'. (gnupg_create_outbound_pipe): Ditto. * common/exechelp-w32.c (gnupg_create_inbound_pipe): Add non yet functional args 'r_fp' and 'nonblock'. (gnupg_create_outbound_pipe): Ditto. * common/exechelp-w32ce.c (gnupg_create_inbound_pipe): Ditto. (gnupg_create_outbound_pipe): Ditto. -- Signed-off-by: Werner Koch <[email protected]>
* common: Make use of default_errsource in exechelp.Werner Koch2016-05-276-49/+59
| | | | | | | | | | | | | | | | | * common/exechelp-posix.c (my_error_from_syserror, my_error): New. Use them instead of gpg_error and gpg_error_from_syserror. (create_pipe_and_estream): Remove arg ERRSOURCE and fix use of OUTBOUND which has a wrong name. Adjust callers. (gnupg_spawn_process): Remove arg ERRSOURCE and replace by use of DEFAULT_ERRSOURCE. * common/exechelp-w32.c (gnupg_spawn_process): Ditto. * common/exechelp-w32ce.c (gnupg_spawn_process): Ditto. * common/exectool.c (gnupg_exec_tool_stream): Do not pass GPG_ERROR_FROM_SYSERROR. * tools/gpgconf-comp.c (gc_component_check_options): Ditto. (retrieve_options_from_program): Ditto. Signed-off-by: Werner Koch <[email protected]>
* gpg: Keep current and total of PROGESS status lines small enough.Werner Koch2016-05-271-15/+45
| | | | | | | | | * g10/progress.c (progress_filter): Factor status wrote out to... (write_status_progress): New. Scale values down. -- GnuPG-bug-id: 2368 Signed-off-by: Werner Koch <[email protected]>
* configure: Detection of libusb on FreeBSD.NIIBE Yutaka2016-05-261-6/+10
| | | | | | | | | | | * configure.ac (LIBUSB_LIBS): Use LIBUSB_NAME for AC_CHECK_LIB. -- Thanks to Michael Sinatra. GnuPG-bug-id: 2367 Signed-off-by: NIIBE Yutaka <[email protected]>
* build: Switch to new URL for swdb.lstWerner Koch2016-05-251-3/+1
|
* gpgtar: Simplify code by using ccparray.Werner Koch2016-05-243-48/+44
| | | | | | | | * tools/gpgtar-create.c (gpgtar_create): Use ccparray functions. * tools/gpgtar-extract.c (gpgtar_extract): Ditto. * tools/gpgtar-list.c (gpgtar_list): Ditto. Signed-off-by: Werner Koch <[email protected]>
* common: Add simple dynamic array function.Werner Koch2016-05-244-1/+294
| | | | | | | | | | | * common/ccparray.c: New. * common/ccparray.h: New. * common/t-ccparray.c: New. * common/Makefile.am (common_sources): Add files. (module_tests): Add test file. (t_ccparray_LDADD): New. Signed-off-by: Werner Koch <[email protected]>
* common,w32: Silence an unused arg warning message.Werner Koch2016-05-241-0/+2
| | | | --
* gpg, w32: Fix build regression.Werner Koch2016-05-241-0/+2
| | | | | | -- Fixes-commit: 754b1c463034a634a678d8efc76c27fd46aad9b9
* tests: Test the pinentry interactions when exporting keys.Justus Winter2016-05-231-5/+67
| | | | | | * tests/openpgp/export.test: Test pinentry interactions. Signed-off-by: Justus Winter <[email protected]>
* tests: Add support for a passphrase queue to fake pinentry.Justus Winter2016-05-231-2/+94
| | | | | | | * tests/openpgp/fake-pinentry.c (get_passphrase): New function. (main): Add option --passphrasefile and read passphrases from it. Signed-off-by: Justus Winter <[email protected]>
* tests: Add logging to fake pinentry.Justus Winter2016-05-231-14/+108
| | | | | | | | | * tests/openpgp/fake-pinentry.c (log_stream): New variable. (reply): New function. (spacep,skip_options,option_value): Copy from common. (main): Parse arguments, add --logfile option, write logfile. Signed-off-by: Justus Winter <[email protected]>
* tests: Add export test.Justus Winter2016-05-232-0/+69
| | | | | | | * tests/openpgp/Makefile.am (TESTS): Add new file. * tests/openpgp/export.test: New file. Signed-off-by: Justus Winter <[email protected]>
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-14 19:14:08 +0000