aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* g10: Make sure to emit NEED_PASSPHRASE on --export-secret-key.Marcus Brinkmann2017-07-243-3/+9
| | | | | | | | | * call-agent.h (agent_export_key): Add keyid parameters. * call-agent.c (agent_export_key): Set keyid parameters. * export.c (receive_seckey_from_agent): Pass keyid parameters. Signed-off-by: Marcus Brinkmann <[email protected]> GnuPG-bug-id: 2667
* doc: Revert the bug reporting address to bugs.gnupg.orgWerner Koch2017-07-246-6/+6
| | | | | | | | | | | | | | -- dev.gnupg org is the development platform but the canonical bug address is and has always been bugs.gnupg.org. We should keep on using this address for the case that we switch the tracker again or split it off the development system. That is also the reason why we should keep on communicating a plain bug number without the 'T' prefix. Signed-off-by: Werner Koch <[email protected]>
* scd: Use unsigned int for fields.NIIBE Yutaka2017-07-241-5/+5
| | | | | | * scd/app-openpgp.c (data_objects): Use unsigned ints. Signed-off-by: NIIBE Yutaka <[email protected]>
* dirmngr: More minor fix.NIIBE Yutaka2017-07-241-0/+4
| | | | | | * dirmngr/http.c (send_request): Care the case of !USE_TLS. Signed-off-by: NIIBE Yutaka <[email protected]>
* dirmngr: More minor fixes.NIIBE Yutaka2017-07-242-1/+2
| | | | | | | * dirmngr/http.c (http_verify_server_credentials): Duplicated const. * dirmngr/ldap.c (parse_one_pattern): Add comment. Signed-off-by: NIIBE Yutaka <[email protected]>
* dirmngr: Minor fix for Windows.NIIBE Yutaka2017-07-241-1/+1
| | | | | | * dirmngr/http.c (connect_with_timeout): Use FD2INT. Signed-off-by: NIIBE Yutaka <[email protected]>
* agent: Minor fix for Windows.NIIBE Yutaka2017-07-241-1/+1
| | | | | | | * agent/command-ssh.c (serve_mmapped_ssh_request): Add const qualifier. Signed-off-by: NIIBE Yutaka <[email protected]>
* g10: Avoid caching passphrase for failed symmetric encryption.Marcus Brinkmann2017-07-211-1/+2
| | | | | | | | * g10/mainproc.c (proc_encrypted): If error code is GPG_ERR_CIPHER_ALGO, assume the symmetric passphrase was wrong and invalidate the cache. Signed-off-by: Marcus Brinkmann <[email protected]> GnuPG-bug-id: 2270
* gpg: Extend --quick-set-expire to allow subkey expiration setting.Werner Koch2017-07-214-29/+117
| | | | | | | | | * g10/keyedit.c (keyedit_quick_set_expire): Add new arg subkeyfprs. (menu_expire): Rename arg force_mainkey to unattended and allow unattended changing of subkey expiration. * g10/gpg.c (main): Extend --quick-set-expire. Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix possible double free of the card serialno.Werner Koch2017-07-211-0/+6
| | | | | | | | | | | | | | | * g10/free-packet.c (copy_public_key): Copy fields serialno and updateurl. -- The PK->serialno is used to get the version of the card to decide whether it does support other algorithms than SHA-1. This value is cached but no deep copy was done when calling copy_public_key. Bug detected by importing some public keys and then importing a secret key which led to a double free. Signed-off-by: Werner Koch <[email protected]>
* gpg: Use macros to check the signature class.Werner Koch2017-07-211-24/+24
| | | | | | * g10/import.c: Use the extistin macros for better readability. Signed-off-by: Werner Koch <[email protected]>
* g10: Clean keyblock on initial commit.Marcus Brinkmann2017-07-211-0/+5
| | | | | | | | * g10/import.c (import_one): If option import-clean is set, also clean on initial import, not only for merge. Signed-off-by: Marcus Brinkmann <[email protected]> GnuPG-bug-id: 2401
* scd: Fix SEGV in CCID driver.NIIBE Yutaka2017-07-211-4/+7
| | | | | | | * scd/ccid-driver.c (intr_cb): Only kick the loop for removal. (bulk_in): Don't set POWERED_OFF when interrupt transfer is enabled. Signed-off-by: NIIBE Yutaka <[email protected]>
* g10: Don't limit at the frontend side for card capability.NIIBE Yutaka2017-07-211-37/+12
| | | | | | | | | | | | | * g10/card-util.c (MAX_GET_DATA_FROM_FILE): New. (get_data_from_file): Use MAX_GET_DATA_FROM_FILE. (change_url, change_login, change_private_do): Don't limit. -- V3.3 card support longer data for URL, Login and Private DOs. It's scdaemon which knows that. Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Add debug message for v3 card.NIIBE Yutaka2017-07-211-8/+17
| | | | | | * scd/app-openpgp.c (show_caps): Output more messages. Signed-off-by: NIIBE Yutaka <[email protected]>
* doc: Clarify wording of export-attributes.Marcus Brinkmann2017-07-201-3/+4
| | | | | | | * doc/gpg.texi: Clarify wording of export-attributes. Signed-off-by: Marcus Brinkmann <[email protected]> GnuPG-bug-id: 2228
* indent: Improve readability of some comments in getkey.cWerner Koch2017-07-201-165/+168
| | | | | | -- Signed-off-by: Werner Koch <[email protected]>
* gpg: New option --with-key-origin.Werner Koch2017-07-207-12/+90
| | | | | | | | | | | | * g10/getkey.c (parse_key_origin): Factor list out as ... (key_origin_list): new struct. (key_origin_string): New. * g10/gpg.c (oWithKeyOrigin): New const. (opts): New option --with-key-origin. (main): Implement option. * g10/options.h (struct opt): New flag with_key_origin. * g10/keylist.c (list_keyblock_print): Print key origin info. (list_keyblock_colon): Ditto.
* common: New function print_utf9_string.Werner Koch2017-07-202-0/+11
| | | | | | | | | * common/miscellaneous.c (print_utf8_string): New. -- This is a simple convenience function. Signed-off-by: Werner Koch <[email protected]>
* doc: Comment fixes and one trailing comma fix.Werner Koch2017-07-204-8/+8
| | | | --
* gpg: Make function mk_datestr public.Werner Koch2017-07-202-22/+25
| | | | | | | | | | | | | | | | | | | * g10/keydb.h (MK_DATESTR_SIZE): New. * g10/keyid.c (mk_datestr): Make public. Add arg bufsize and use snprintf. Change arg atime to u32. (datestr_from_pk): Simplify. (datestr_from_sig): Ditto. (expirestr_from_pk): Ditto. (expirestr_from_sig): Ditto. (revokestr_from_pk): Ditto. -- Note that this also reduces the size of the static buffers from 16 to 11 which is sufficient for the string. In the past we added the 5 extra bytes to cope for bugs in gmtime which is now handles by snprintf. Signed-off-by: Werner Koch <[email protected]>
* g10: Return proper error when gpg-agent fails to start during probe.Marcus Brinkmann2017-07-201-2/+8
| | | | | | | | * g10/getkey.c (lookup): Return immediately on any other error than GPG_ERR_NO_SECKEY from agent_probe_any_secret_key. Signed-off-by: Marcus Brinkmann <[email protected]> GnuPG-bug-id: 2204
* scd: Support longer data length for special DOs for v3 card.NIIBE Yutaka2017-07-201-16/+45
| | | | | | | | | | | | | * scd/app-openpgp.c (data_objects): Special DOs like "Login Data", "URL", "Private DO N" can be longer size >= 256. (struct app_local_s): Define bits for v3 card. (get_cached_data): Use extcap.max_special_do for special DOs. (app_select_openpgp): Detect if extcap_v3, kdf_do, and other bits. -- GnuPG-bug-id: 3262 Signed-off-by: NIIBE Yutaka <[email protected]>
* common: logstream fix.NIIBE Yutaka2017-07-201-1/+2
| | | | | | * common/logging.c (set_file_fd): Don't close es_stderr. Signed-off-by: NIIBE Yutaka <[email protected]>
* dnsmngr: Fix use of CPP.NIIBE Yutaka2017-07-201-5/+23
| | | | | | | | * dirmngr/dns.c (HAVE_STATIC_ASSERT, HAVE___ATOMIC_FETCH_ADD) (DNS_HAVE_SOCKADDR_UN, HAVE_SOCK_NONBLOCK): Don't use defined to be expanded for expression evaluation. Signed-off-by: NIIBE Yutaka <[email protected]>
* dirmngr: Forbid redirects from .onion to clearnet URIs.Justus Winter2017-07-192-0/+50
| | | | | | | | | | | * dirmngr/ks-engine-hkp.c (send_request): Forbid redirects from .onion to clearnet URIs. * dirmngr/ks-engine-http.c (ks_http_fetch): Likewise. -- This protects users from misconfigured .onion services. GnuPG-bug-id: 3087 Signed-off-by: Justus Winter <[email protected]>
* gpg: Avoid asking by fpr and then by keyid during auto-key-retrieve.Werner Koch2017-07-191-0/+4
| | | | | | | | | | | | | | * g10/mainproc.c (check_sig_and_print): Track key server request via fingerprint. -- New signatures carry the fingerprint and thus --auto-key-retrieve tries to lookup the key by fingerprint. If that failed it used to also ask the same thing by KEYID - but the keyid is part of the fingerprint and thus it will either get no response or the wrong key back. We can easily avoid this. Signed-off-by: Werner Koch <[email protected]>
* dirmngr: Implement TLS over http proxies.Justus Winter2017-07-191-1/+90
| | | | | | | | | * dirmngr/http.c (send_request): If a http proxy is to be used, and we want to use TLS, try to use the CONNECT method to get a connection to the target server. GnuPG-bug-id: 2940 Signed-off-by: Justus Winter <[email protected]>
* dirmngr: Log http response in debug mode.Justus Winter2017-07-191-2/+2
| | | | | | * dirmngr/http.c (parse_response): Log http response in debug mode. Signed-off-by: Justus Winter <[email protected]>
* dirmngr: Amend TLS handling.Justus Winter2017-07-191-1/+3
| | | | | | | * dirmngr/http.c (http_wait_response): Get the 'use_tls' flag from the write cookie, not from the URI. Signed-off-by: Justus Winter <[email protected]>
* dirmngr: Fix connecting to http proxies.Justus Winter2017-07-191-1/+1
| | | | | | | * dirmngr/http.c (send_request): Do not use the 'srvtag' intended for the target host to connect to the http proxy. Signed-off-by: Justus Winter <[email protected]>
* dirmngr: Fix handling of proxy URIs.Justus Winter2017-07-191-2/+3
| | | | | | * dirmngr/http.c (send_request): We do not support socks4. Signed-off-by: Justus Winter <[email protected]>
* gpgconf: Make vars read-only explicitly.NIIBE Yutaka2017-07-191-5/+5
| | | | | | | * tools/gpgconf-comp.c (gc_backend, gc_arg_type, gc_level, gc_flag) (gc_component): Add const qualifier. Signed-off-by: NIIBE Yutaka <[email protected]>
* Fix usage of ARGPARSE_OPTS.NIIBE Yutaka2017-07-199-9/+13
| | | | | | | | | * agent/gpg-agent.c, agent/preset-passphrase.c, dirmngr/dirmngr-client.c, dirmngr/dirmngr_ldap.c, kbx/kbxutil.c, tools/gpg-check-pattern.c, tools/gpgconf.c, tools/gpgsplit.c, tools/symcryptrun.c: Use ARGPARSE_end. Signed-off-by: NIIBE Yutaka <[email protected]>
* common: Allow abbreviations of standard options.Marcus Brinkmann2017-07-182-7/+52
| | | | | | | | | | | | | * argparse.h (ARGPARSE_SHORTOPT_HELP, ARGPARSE_SHORTOPT_VERSION, ARGPARSE_SHORTOPT_WARRANTY, ARGPARSE_SHORTOPT_DUMP_OPTIONS): New macros. (ARGPARSE_end): Add some placeholders for standard options. * argparse.c (arg_parse): Fill in missing standard options so default machinery works. Check for standard options in new way. Do not write out standard options for --dump-options. Signed-off-by: Marcus Brinkmann <[email protected]> GnuPG-bug-id: 1747
* gpgscm,w32: Fix testing for absolute paths.Justus Winter2017-07-181-2/+15
| | | | | | | * tests/gpgscm/main.c (path_absolute_p): New function. (load): Use new function. Signed-off-by: Justus Winter <[email protected]>
* dirmngr: Honor http keyserver URLs.Justus Winter2017-07-183-6/+15
| | | | | | | | | | | | | | | * dirmngr/http.c (parse_uri): Keep an unmodified copy of the URI. * dirmngr/http.h (struct parsed_uri_s): New field 'original'. * dirmngr/ks-action.c (ks_action_get): Properly handle http and https URLs. -- If a key has a http or https URL as preferred keyserver, fetch the key from there. Previously, dirmngr unconditionally interpreted these URLs as hkp servers. GnuPG-bug-id: 2924 Signed-off-by: Justus Winter <[email protected]>
* dirmngr: Fix memory leak.Justus Winter2017-07-181-1/+1
| | | | | | * dirmngr/http.c (parse_uri): Properly free partial results. Signed-off-by: Justus Winter <[email protected]>
* dirmngr: Fix memory leak.Justus Winter2017-07-181-0/+5
| | | | | | * dirmngr/http.c (http_release_parsed_uri): Free 'params'. Signed-off-by: Justus Winter <[email protected]>
* gpg,sm: Check compliance of the RNG.Werner Koch2017-07-178-0/+131
| | | | | | | | | | | | | | | | | | * common/compliance.c (gnupg_rng_is_compliant): New. * g10/call-agent.c (start_agent) [W32]: Check rng compliance. * sm/call-agent.c (start_agent) [W32]: Ditto. * g10/encrypt.c (encrypt_simple, encrypt_crypt): Check that the RNG is compliant. * sm/encrypt.c (gpgsm_encrypt): Ditto. * g10/sign.c (do_sign): Ditto. * sm/sign.c (gpgsm_sign): Ditto. -- Under Windows we need to check that the Jitter RNG is active in de-vs mode. Under Linux this is not necessary because /dev/random can be scrutinized and is believed to provide enough entropy. Signed-off-by: Werner Koch <[email protected]>
* agent: New GETINFO sub-command jent_active.Werner Koch2017-07-171-0/+19
| | | | | | | | | | | * agent/command.c (cmd_getinfo): Implement it for gcrypt >= 1.8. -- For the de-vs compliance of gpg we need to check whether the Jitter RNG is used on Windows. This change allows to test this for gpg-agent. Signed-off-by: Werner Koch <[email protected]>
* common: New function split_fields_colon.Werner Koch2017-07-173-0/+116
| | | | | | | | * common/stringhelp.c (split_fields_colon): New. * common/t-stringhelp.c (test_split_fields_colon): New test. (main): Call that test. Signed-off-by: Werner Koch <[email protected]>
* tests: Improve 'shell.scm' script.Justus Winter2017-07-142-4/+25
| | | | | | | | | * tests/openpgp/defs.scm (create-file): Unlink file first. * tests/openpgp/shell.scm: Ask whether to import legacy test keys or not, and whether to drop 'batch' from the configuration. Add paths to all the programs to 'PATH'. Signed-off-by: Justus Winter <[email protected]>
* gpgscm: Library improvements.Justus Winter2017-07-142-1/+23
| | | | | | | | | * tests/gpgscm/repl.scm (prompt-yes-no?): New function. * tests/gpgscm/tests.scm (pathsep-split): Likewise. (pathsep-join): Likewise. (with-path): Use the new function. Signed-off-by: Justus Winter <[email protected]>
* gpgscm: Fail early if the test setup fails.Justus Winter2017-07-141-0/+2
| | | | | | | * tests/gpgscm/tests.scm (make-environment-cache): Check status code of setup script. Signed-off-by: Justus Winter <[email protected]>
* gpg: Fix importing keys.Justus Winter2017-07-141-3/+6
| | | | | | | * g10/import.c (import_one): Fix error handling. Fixes-commit: 330212efb927c119bb5135856f8582c0e4e2e6b7 Signed-off-by: Justus Winter <[email protected]>
* gpg: Pass key origin values to import functions.Werner Koch2017-07-136-37/+55
| | | | | | | | | | | | | | | | | | | | | | | | | * g10/import.c (import_keys_stream): Remove this unused function. (import_keys_internal): Add arg origin. (import_keys): Ditto. (import_keys_es_stream): Ditto. (import): Ditto. (import_one): Ditto. (apply_meta_data): New stub. (import_secret_one): Pass 0 for ORIGIN. * g10/keyserver.c (keyserver_get_chunk): For now pass 0 for ORIGIN. (keyserver_fetch): Add arg origin. (keyserver_import_cert): Pass KEYORG_DANE for ORIGIN. (keyserver_import_wkd): Pass KEYORG_WKD for ORIGIN. * g10/gpg.c (main): Pass OPT.KEY_ORIGIN to import_keys and keyserver_fetch. * g10/card-util.c (fetch_url): Pass KEYORG_URL for ORIGIN. -- This is just the framework; applying the meta data will be done in another commit. GnuPG-bug-id: 3252 Signed-off-by: Werner Koch <[email protected]>
* gpg: New option --key-origin.Werner Koch2017-07-1310-26/+83
| | | | | | | | | | | | | | | * g10/keydb.h (KEYORG_): Rename to KEYORG_. * g10/packet.h (PKT_user_id): Rename field keysrc to keyorg. Adjust users. (PKT_public_key): Ditto. (PKT_ring_trust): Ditto. * g10/options.h (struct opt): Add field key_origin. * g10/getkey.c (parse_key_origin): New. * g10/gpg.c (oKeyOrigin): New. (opts): Add "keys-origin". (main): Set option. Signed-off-by: Werner Koch <[email protected]>
* doc: Document gnupg version requirement for gpg-preset-passphrase.Marcus Brinkmann2017-07-131-0/+2
| | | | | Signed-off-by: Marcus Brinkmann <[email protected]> GnuPG-bug-id: 2331
* gpgscm: Make loading of modules less verbose.Justus Winter2017-07-131-1/+1
| | | | | | * tests/gpgscm/main.c (load): Increase logging threshold. Signed-off-by: Justus Winter <[email protected]>
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-13 13:54:19 +0000