| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* dirmngr/ks-engine-hkp.c (ks_hkp_search): Prefix fingerprint with 0x.
--
pre-2.1 made sure that the 0x prefix was put before the fingerprint so
that the search command works. Actually --recv-key should be used
with a fingerprint but some users are using --search-key, probably to
use the interactive mode.
GnuPG-bug-id: 2412
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
| |
* tests/gpgscm/ffi.c (ffi_schemify_name): Use xstrdup instead of
strdup for now.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* agent/protect.c (OCB_MODE_SUPPORTED): Remove macro.
(do_encryption): Always support OCB.
(do_decryption): Ditto.
(agent_unprotect): Ditto.
* dirmngr/server.c (is_tor_running): Unconditionally build this.
--
Although not technically required, it is easier to require them to
avoid bug reports due to too old library versions.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
| |
* build-aux/config.guess: Update.
* build-aux/config.sub: Update.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
| |
* g10/gpg.c (opts): Re-add oTextmodeShort.
--
Regression-due-to: e148c3caa90fbadba32bdbfea9513392e3aea598
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/getkey.c (enum_secret_keys): Really enumerate all secret
keys if --try-all-secrets is specified.
--
GnuPG-bug-id: 1985
Signed-off-by: Daiki Ueno <[email protected]>
- Add new arg CTRL to getkey_byname call.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
| |
* g10/keyid.c (format_keyid): Always returh long keyid ifor KF_LONG.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/gpg.c (oMimemode): New.
(opts): Add --mimemode.
(main): Use --mimemode only in rfc4880bis compliance mode.
* g10/options.h (struct opt): Add field "mimemode".
* g10/build-packet.c (do_plaintext): Allow for mode 'm'.
* g10/encrypt.c (encrypt_simple, encrypt_crypt): Use 'm' if requested.
* g10/plaintext.c (handle_plaintext): Handle 'm' mode.
* g10/sign.c (write_plaintext_packet): Handle 'm' mode.
(sign_file, sign_symencrypt_file): Use 'm' if requested.
--
Thsi patch prepares for a proposed change in RFC4880bis to support a
MIME flag. A literal data packet with the mime flag set is handled
like a 't' or 'u' but CR are not removed. The PLAINTEXT status line
will also indicate a MIME content.
If --mimemode is used without --rfc4880bis 't' will be used.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
| |
* tools/gpg-wks-client.c (send_confirmation_response): Actually
encrypt to the recipient.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tools/gpg-wks-server.c (aListDomains): New.
(opts): Add --list-domains.
(parse_arguments): Implement.
(main): Ditto. Use only one final diagnostic message.
(command_list_domains): New.
(check_and_publish): Remove directory creation.
(get_domain_list): New.
(expire_pending_confirmations): Rewrite using a list of directories.
(command_cron): Get domain list and pass to
expire_pending_confirmations.
--
gpg-wks-server --list-domains
is required once to create the sub directories
|
| |
|
|
|
|
|
|
|
|
| |
agent/command.c (cmd_updatestartuptty): Use session_env_list_stdenvnames
to get the list.
--
Debian-bug-id: 801247
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* g13/g13tuple.c (create_tupledesc): Init refcount to 1.
--
The old code somehow assumed that calloc was used.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* tools/gpg-wks-server.c (PENDING_TTL): New.
(expire_one_domain, expire_pending_confirmations): New.
(command_cron): New.
(main): Implement --cron.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* tools/gpg-wks-client.c (encrypt_response_status_cb): New.
(encrypt_response): New.
(send_confirmation_response): Encrypt the response.
* tools/gpg-wks-server.c (send_confirmation_request): Use freeing of
BODY and BODYENC.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
| |
* tools/gpg-wks-server.c (copy_key_as_dane): New.
(check_and_publish): Also publish as DANE record.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/export.c (do_export_stream): Move PKA and DANE printing helper
code to ...
(print_pka_or_dane_records): this fucntion.
(write_keyblock_to_output): Add arg OPTIOSN and call
print_pka_or_dane_records if requested.
--
It is now possible to print a DANE record given a a file with a key
without importing the key first:
gpg --export-options export-dane \
--import-options import-export \
--import-filter keep-uid='mbox =~ alpha' \
--import FILE_WITH_KEY
Using the filter we only print a user id with the substring "alpha" in
the addr-spec.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
| |
* g10/import.c (write_keyblock_to_output): Move to ...
* g10/export.c (write_keyblock_to_output): here. Add arg WITH_ARMOR.
Also make sure never to export ring trust packets.
|
| |
|
|
| |
--
|
| |
|
|
|
| |
--
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tools/gpgconf.c (main) <aListDir>: Factor code out to ...
(list_dirs): new. Rewrite to use a table. Allow selection of a
items. Add "agent-ssh-socket".
--
This change makes the use of gpgconf in scripts easier. For example,
to set the envvar with the name of the socket used by ssh, it is now
possible to do this:
SSH_AUTH_SOCK="$(gpgconf --list-dirs agent-ssh-socket)"
which guarantees that the right name is used.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/gpgv.c (main): Set opt.no_sig _cache, so that it doesn't depend on
cached status. Similarly, set opt.flags.require_cross_cert for backsig
validation for subkey signature.
--
It is common that an organization distributes binary keyrings with
signature cache (Tag 12, Trust Packet) and people use gpgv to validate
signature with such keyrings. In such a use case, it is possible that
the key validation itself is skipped.
For the purpose of gpgv validation of signatures, we should not depend
on signature cache in keyrings (if any), but we should validate the key
by its self signature for primary key, and back signature for subkey.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* g10/options.h (EXPORT_PKA_FORMAT): New.
* g10/keylist.c (list_keyblock_pka): Do not use DANE flag.
* g10/export.c: Include zb32.h.
(parse_export_options): Add options "export-pka" and "export-dane".
(do_export): Do not armor if either of these option is set.
(print_pka_or_dane_records): New.
(do_export_stream): Implement new options.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
| |
* g10/export.c (do_export_stream): Factor some code out to ...
(do_export_one_keyblock): new.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* tests/gpgscm/tests.scm (call-check): Capture stdout and stderr, and
return stdout if the child exited successfully, or include stderr in
the error.
* tests/openpgp/version.scm: Demonstrate this by checking the stdout.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* doc/mkdefsinc.c (print_filename): New.
(main): Use it here.
--
Our Jenkins uses an @ in directory names and thus our builds break.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* tools/gpg-wks-server.c (encrypt_stream): Change arg 'fingerprint' to
'keyfile'.
(store_key_as_pending): Add arg 'r_fname' to make of the keyfile.
(send_confirmation_request): Add arg 'keyfile'.
(process_new_key): Pass on the name of the keyfile.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/gpg.c (oRecipientFile, oHiddenRecipientFile): New.
(opts): Add options --recipient-file and --hidden-recipient-file.
(main): Implement them. Also remove duplicate code from similar
options.
* g10/keydb.h (PK_LIST_FROM_FILE): New.
(PK_LIST_SHIFT): Bump up.
* g10/pkclist.c (expand_group): Take care of PK_LIST_FROM_FILE.
(find_and_check_key): Add and implement arg FROM_FILE.
(build_pk_list): Pass new value for new arg.
* g10/getkey.c (get_pubkey_fromfile): New.
* g10/gpgv.c (read_key_from_file): New stub.
* g10/test-stubs.c (read_key_from_file): New stub.
* g10/server.c (cmd_recipient): Add flag --file.
* g10/import.c (read_key_from_file): New.
* tests/openpgp/defs.scm (key-file1): New.
(key-file2): New.
* tests/openpgp/setup.scm: Add their private keys and import the
key-file1.
* tests/openpgp/encrypt.scm: Add new test.
--
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
| |
* g10/gpg.c (oNoKeyring): New.
(opts): Add "--no-keyring".
(main): Do not register any keyring if the option is used.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/import.c (NODE_GOOD_SELFSIG): New. Use instead of 1.
(NODE_BAD_SELFSIG): New. Use instead of 2.
(NODE_DELETION_MARK): New. Use instead of 4.
(NODE_FLAG_A): New. Use to mark new nodes in merge_blocks.
(chk_self_sigs): Remove unused args FNAME and PK.
(import_one): Adjust call. Simplify error return because
chk_self_sigs does not return an error code.
(append_uid, append_key, merge_sigs, merge_keysigs): Remove unsued
args FNAME and KEYID.
(merge_blocks, import_one, import_secret_one)
(import_revoke_cert): Remove unused arg FNAME.
--
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
| |
* g10/getkey.c (pk_from_block): Remove unused arg CTX. Change all
callers.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* g10/getkey.c (merge_selfsigs): Remove arg CTX. Add args REQ_USAGE
and WANT_EXACT.
(finish_lookup): Adjust caller. Set LOOKUP_NOT_SELECTED here...
(lookup): and not here.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* g10/armor.c (check_input): Call is_armored only if LEN >= 2.
(unarmor_pump): Use a 2 byte buffer for is_armored.
--
Fixes-commit: 605276ef8cd449bfd574ae6c498fa5d7d265c5c7
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes problems with long socket names, e.g. when doing distcheck.
* tests/gpgscm/tests.scm (path-join): New function.
(with-temporary-working-directory): Honor 'TMP'.
(make-temporary-file): Likewise.
* tests/migrations/Makefile.am (TMP): Default to '/tmp'.
(TESTS_ENVIRONMENT): Set 'TMP'.
* tests/openpgp/Makefile.am (TMP): Default to '/tmp'.
(TESTS_ENVIRONMENT): Set 'TMP'.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
| |
* tests/gpgscm/ffi.c (do_getenv): Avoid gccism.
(do_mkdtemp): Handle errors.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tests/migrations/Makefile.am (TESTS): Rename test.
(TEST_FILES): Update list.
(EXTRA_DIST): Add common.scm.
* tests/migrations/common.scm (GPGTAR): New variable.
(dearmor): Rename and untar archive.
* tests/migrations/extended-private-key-format.scm: Rename.
(setup): Update.
* tests/migrations/extended-pkf.tar.asc: New file.
* tests/migrations/extended-private-key-format.gpghome: Delete.
* tests/migrations/from-classic.gpghome: Likewise.
* tests/migrations/from-classic.scm (setup): Update.
* tests/migrations/from-classic.tar.asc: New file.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* tools/gpgtar.c (cmd_and_opt_values): New values.
(opts): New actions.
(parse_arguments): Handle new actions.
* tests/openpgp/gpgtar.scm: Test new interface.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
| |
* g10/armor.c (use_armor_filter): We need two bytes for 'is_armored'.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tools/gpg-wks-client.c (aRead): New.
(opts): Add command "--read".
(main): Implement that.
--
This command allows to process alread decrypted Web Key Service
messages. It can for example be used in /etc/mailcap
--8<---------------cut here---------------start------------->8---
application/vnd.gnupg.wks; gpg-wks-client -v --read --send;\
needsterminal; description=Web Key Service message
--8<---------------cut here---------------end--------------->8---
to allow Mutt to process confirmation requests.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
| |
* common/t-gettime.c (test_isotime2epoch): Add 4 more tests.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
| |
* g10/import.c (write_keyblock_to_output): Clear ERR on success.
--
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
| |
* tools/gpg-wks-client.c (get_key): Export only the requested uid.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tools/send-mail.c, tools/send-mail.h: New.
* tools/wks-util.c: New.
* tools/Makefile.am (gpg_wks_server_SOURCES): Add them.
(gpg_wks_client_SOURCES): Ditto.
* tools/gpg-wks.h (opt): Add fields use_sendmail and output.
* tools/gpg-wks-client.c: Add options --send and --output. Rename
command --send to --create.
(command_send, send_confirmation_response): Output via wks_send_mime.
* tools/gpg-wks-server.c: Add options --send and --output.
(send_confirmation_request): Output via wks_send_mime.
(check_and_publish): Add hack for name-value bug.
--
With this code, a dedicated user on the server along with a procmail
script, it was possible to run a basic test.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* tools/gpg-wks.h (opt): Add 'default_from' and 'extra_headers'.
* tools/gpg-wks-server.c (oFrom, oHeader): New.
(parse_arguments): Set them and check args.
(get_submission_address): New.
(send_confirmation_request): Set correct From address. Add extra
headers.
(process_new_key): Return an error code.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
| |
* tools/mime-maker.c (add_header): Check header name and allow
name-value syntax.
(mime_maker_add_header): Add mode for a syntax check.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
| |
* doc/gpg.texi: Remove some superfluous .E.
(FILTER EXPRESSIONS): New.
Signed-off-by: Werner Koch <[email protected]>
|
