aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* scd: Format change to specify "rsa2048" for KEY-ATTR.NIIBE Yutaka2015-07-232-7/+11
| | | | | | | | | * g10/card-util.c (do_change_keysize): Put "rsa". * scd/app-openpgp.c (change_keyattr, change_keyattr_from_string): Change the command format. (rsa_writekey): Check key type. (do_writekey): Remove "ecdh" and "ecdsa" support which was available in experimental libgcrypt before 1.6.0.
* doc: Add a comment to --set-filename.Werner Koch2015-07-221-1/+2
| | | | --
* doc: Improve documentation about VALIDSIGDaniel Kahn Gillmor2015-07-221-7/+10
| | | | | | | | | | | -- The claim that VALIDSIG is the same as GOODSIG is simply wrong. Attempt to clarify it. Also, the paragraph about primary-key-fpr and sig-version was weirdly re-ordered during the org-mode conversion in 65eb98966a569a91c97d0c23ba5582a9a7558de0; repair it. Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* doc: Clarify constraints on who modifies files in ~/.gnupgDaniel Kahn Gillmor2015-07-221-1/+1
| | | | --
* Avoid a leading double slash in make_filename.Werner Koch2015-07-221-2/+14
| | | | * common/stringhelp.c (do_make_filename): Special case leading '/'.
* scd: change_keyattr_from_string for ECC.NIIBE Yutaka2015-07-211-55/+95
| | | | | | * scd/app-openpgp.c (change_keyattr, change_keyattr_from_string): Support ECC. (rsa_writekey): Don't change key attribute.
* scd: Use openpgpdefs.h for constants.NIIBE Yutaka2015-07-171-13/+17
| | | | * scd/app-openpgp.c: Include openpgpdefs.h.
* Don't segfault if the first 'auto-key-locate' option is 'clear'.Neal H. Walfield2015-07-161-0/+3
| | | | | | | | | * g10/getkey.c (free_akl): If AKL is NULL, just return. -- Signed-off-by: Neal H. Walfield <[email protected]>. Reported-by: Sami Farin. GnuPG-bug-id: 2045
* agent: Support non-NLS build.NIIBE Yutaka2015-07-101-0/+4
| | | | | | | | | | * agent/agent.h: Use ENABLE_NLS and define L_() macro. -- GnuPG-bug-id: 2032 This is a fix for e76d4c05b24211f3981ab69cddb3fccc17d21e0e.
* scd: Remove unused files.NIIBE Yutaka2015-07-097-3036/+0
| | | | | | | | | | | | | * scd/Makefile.am (sc_copykeys_*): Remove. * scd/sc-copykeys.c: Remove. * scd/pcsc-wrapper.c: Remove. * scd/{card-common.h,card-dinsig.c,card-p15.c,card.c}: Remove. -- sc-copykeys doesn't work any more because it's based on old API. pcsc-wrapper has gone because of nPth which is compatible to pthreads. The card* files are old files, now we have app*.
* g10: Use canonical name for curve.NIIBE Yutaka2015-07-085-10/+12
| | | | | | | | * g10/import.c (transfer_secret_keys): Use canonical name. * common/openpgp-oid.c (openpgp_curve_to_oid): Return NULL on error. * g10/keyid.c (pubkey_string): Follow change of openpgp_curve_to_oid. * g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto. * g10/parse-packet.c (parse_key): Ditto.
* drop long-deprecated gpgsm-gencert.shDaniel Kahn Gillmor2015-07-037-339/+85
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * tools/gpgsm-gencert.sh: remove deprecated script entirely. It is fully replaced by gpgsm --gen-key * doc/tools.texi: remove gpgsm-gencert.sh documentation * .gitignore: no longer ignore gpgsm-gencert.sh manpage * doc/Makefile.am: quit making the manpage * tools/Makefile.am: quit distributing the script * doc/howto-create-a-server-cert.texi: overhaul documentation to use gpgsm --gen-key and tweak explanations -- The commit deprecating gpgsm-gencert.sh (81972ca7d53ff1996e0086702a09d4405bdc2a7e) dates back exactly 6 years. https://codesearch.debian.net/results/gpgsm-gencert.sh suggests that in all of debian it is only referenced in documentation (for poldi and scute) and example files (libept), and isn't actually used directly anywhere. Furthermore, trying to use gpgsm-gencert.sh to make a simple webserver certificate-signing request failed for me, following the examples in doc/howto-create-a-server-cert.texi exactly. It's time we ripped off this band-aid :) Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* po: Update Japanese translation.NIIBE Yutaka2015-07-021-15/+12
|
* scd: Support AES decryption for OpenPGPcard v3.0.NIIBE Yutaka2015-07-021-1/+4
| | | | * scd/app-openpgp.c (do_decipher): Support AES decryption.
* Post release updatesWerner Koch2015-07-012-1/+5
| | | | --
* Release 2.1.6gnupg-2.1.6Werner Koch2015-07-011-1/+27
|
* agent: Unset INSIDE_EMACS on gpg-agent startupDaiki Ueno2015-07-011-0/+5
| | | | | | | | | | | * agent/gpg-agent.c (main): Unset INSIDE_EMACS envvar. -- The variable is set only temporarily when gpg is called from Emacs, keeping it during the session makes no sense. Signed-off-by: Daiki Ueno <[email protected]>
* po: Auto-updateWerner Koch2015-07-0125-433/+1048
| | | | --
* po: Update Russian translationIneiev2015-07-011-4/+8
| | | | --
* po: Update German translationWerner Koch2015-07-011-16/+39
| | | | --
* common: Implement i18n_localegettext.Werner Koch2015-07-011-4/+104
| | | | | | | | | | | | | | | | * common/i18n.c (msg_cache_s, msg_cache_head_s): New. (msgcache): New. (i18n_localegettext): Implement locale dependent lookup. -- This is the second and final part of the change to use the gpg provided locale for Pinentry strings. It does not yet work on Windows, though. This commit should resolve Debian-bug-id: 788983 Signed-off-by: Werner Koch <[email protected]>
* Pass DBUS_SESSION_BUS_ADDRESS for gnome3Daniel Kahn Gillmor2015-06-301-0/+2
| | | | | | | | * common/session-env.c (stdenvnames): Add DBUS_SESSION_BUS_ADDRESS. -- pinentry-gnome3 talks to the gcr prompter via dbus. Without this environment variable, it can't find the correct session to talk to.
* Flag the L_() function with attribute format_arg.Werner Koch2015-06-304-3/+26
| | | | | | | | | | | | * agent/agent.h (LunderscorePROTO): New. * common/util.h (GNUPG_GCC_ATTR_FORMAT_ARG): New. * common/i18n.h (GNUPG_GCC_ATTR_FORMAT_ARG): New. Use for i18n_localegettext. Expand LunderscorePROTO. * agent/genkey.c (check_passphrase_constraints): Use xtryasprintf again to keep the old translations. -- Signed-off-by: Werner Koch <[email protected]>
* agent: Use different translation func for Pinentry strings.Werner Koch2015-06-3010-105/+135
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | * po/Makevars (XGETTEXT_OPTIONS): Add keyword "L_". * common/i18n.c (i18n_localegettext): New stub. * common/i18n.h: Expand the LunderscoreIMPL macro. * agent/agent.h (L_): New. (LunderscoreIMPL): New. * agent/call-pinentry.c (setup_qualitybar): Add arg ctrl anc change caller. * agent/findkey.c (try_unprotect_cb): Add local var ctrl. * agent/genkey.c (check_passphrase_constraints): Replace xtryasprintf by xtrystrdup to avoid gcc warning. Unfortinately this changes the string. (agent_ask_new_passphrase): Cleanup the use of initial_errtext. -- Static strings in gpg-agent need to be translated according to the locale set by the caller. This is required so that a gpg-agent can be started in one locale and a gpg can be run in another. If we don't do this the static strings (prompt, buttons) are not or in the wrong locale translated while dynamic strings (e.g. key description) uses the locale of gpg. This is only the first part of the change the actual local switching still needs to be implemented. Debian-bug-id: 788983 Signed-off-by: Werner Koch <[email protected]>
* Remove obsolete file g10/comment.c.Werner Koch2015-06-301-108/+0
| | | | --
* doc: Updated HACKING.Werner Koch2015-06-303-41/+50
| | | | | | | -- Added used commit keywords. Add some comments to the list of files.
* gpg: Make show-sig-subpackets work again.Werner Koch2015-06-301-1/+1
| | | | | | | | | * g10/gpg.c (parse_list_options): Fix offset for subpackets. -- Regression-due-to: 7d0492075ea638607309b3ea6a792b0e95ea7d98 GnuPG-bug-id: 2008 Signed-off-by: Werner Koch <[email protected]>
* agent: Improve a comment.Werner Koch2015-06-301-1/+2
| | | | --
* agent: Prepare for Libassuan with Cygwin support.Werner Koch2015-06-292-8/+15
| | | | | | | | * agent/gpg-agent.c (create_server_socket): Add arg "cygwin". Call assuan_sock_set_flag if Assuan version is recent enough. (main): Create ssh server socket with Cygwin flag set. Signed-off-by: Werner Koch <[email protected]>
* Show passphrase constraints errors as password prompt errorsNeal H. Walfield2015-06-294-25/+49
| | | | | | | | | | | | | | | | | | | | * agent/agent.h (check_passphrase_constraints): Add parameter failed_constraint and remove parameter silent. Update callers. * agent/genkey.c (check_passphrase_constraints): Add parameter failed_constraint and remove parameter silent. If FAILED_CONSTRAINT is not NULL and OPT.ENFORCE_PASSPHRASE_CONSTRAINTS is FALSE, save the error text in *FAILED_CONSTRAINT and don't call take_this_one_anyway or take_this_one_anyway2. If FAILED_CONSTRAINT is NULL, act as if SILENT was set. (agent_ask_new_passphrase): Change initial_errtext's type from a const char * to a char *. Pass it to check_passphrase_constraints. If it contains malloc's memory, free it. -- Signed-off-by: Neal H. Walfield <[email protected]> Based on a patch provided by Watson Yuuma Sato <[email protected]> in issue 2018.
* Improve documentation for default-cache-ttl and default-cache-ttl-ssh.Neal H. Walfield2015-06-291-3/+7
| | | | | | | * doc/gpg-agent.texi (Agent Options): Improve documentation for default-cache-ttl and default-cache-ttl-ssh. -- Signed-off-by: Neal H. Walfield <[email protected]>
* Don't raise max-cache-ttl to default-cache-ttl.Neal H. Walfield2015-06-291-6/+0
| | | | | | | | | | | * agent/gpg-agent.c (finalize_rereadable_options): Don't raise max-cache-ttl to default-cache-ttl. Likewise for max-cache-ttl-ssh and default-cache-ttl-ssh. -- Signed-off-by: Neal H. Walfield <[email protected]> This closes issue #2009.
* Improve the description of old packets with an indeterminate length.Neal H. Walfield2015-06-291-1/+1
| | | | | | | | | * g10/parse-packet.c (parse): Make the description more accurate when listing packets: old format packets don't support partial lengths, only indeterminate lengths (RFC 4880, Section 4.2). -- Signed-off-by: Neal H. Walfield <[email protected]>
* agent: Add --verify to the PASSWD command.Werner Koch2015-06-291-5/+15
| | | | | | | | * agent/command.c (cmd_passwd): Add option --verify. -- GnuPG-bug-id: 1951 Signed-off-by: Werner Koch <[email protected]>
* agent,w32: Do not create a useless socket with --enable-putty-support.Werner Koch2015-06-293-15/+23
| | | | | | | | | * agent/agent.h (opt): Remove field ssh_support. * agent/gpg-agent.c (ssh_support): New. Replace all opt.ssh_support by this. (main): Do not set ssh_support along with setting putty_support. Signed-off-by: Werner Koch <[email protected]>
* gpgsm: Add command option "offline".Werner Koch2015-06-296-8/+151
| | | | | | | | | | | | | | | | | * sm/server.c (option_handler): Add "offline". (cmd_getinfo): Ditto. * sm/certchain.c (is_cert_still_valid): (do_validate_chain): * sm/gpgsm.c (gpgsm_init_default_ctrl): Default "offline" to the value of --disable-dirmngr. * sm/call-dirmngr.c (start_dirmngr_ext): Better also check for ctrl->offline. -- Adding this option makes it easier to implement the corresponding feature in gpgme. Signed-off-by: Werner Koch <[email protected]>
* scd: Support button flag and AES key data for OpenPGPcard v3.0.NIIBE Yutaka2015-06-261-8/+28
| | | | | | * scd/app-openpgp.c (do_getattr, show_caps, app_select_openpgp): Support button and symmetric decryption. (do_setattr): Support setting AESKEY.
* sm: Fix cert storage for ephemeral certsAndre Heinecke2015-06-251-2/+20
| | | | | | | | | | | | | | | * sm/keydb.c (keydb_store_cert): Clear ephemeral flag for existing certs if store should not be ephemeral. -- Previously keydb_store_cert would ignore ephemeral certificates when asked to store a non ephemeral certificate and insert it again without the flags. This resulted in duplicated certificates in the keybox. GnuPG-bug-id: 1921 Signed-off-by: Andre Heinecke <[email protected]>
* Allow use of debug flag names for all tools.Werner Koch2015-06-235-48/+111
| | | | | | | | | | * g13/g13.c: Make use of debug_parse_flag. * scd/scdaemon.c: Ditto. * sm/gpgsm.c: Ditto * agent/gpg-agent.c: Ditto. But do not terminate on "help" * dirmngr/dirmngr.c: Ditto. Signed-off-by: Werner Koch <[email protected]>
* common: Improve fucntion parse_debug_flag.Werner Koch2015-06-231-2/+13
| | | | | | | * common/miscellaneous.c (parse_debug_flag): Add hack not to call exit. Add "none" and "all" flags. Signed-off-by: Werner Koch <[email protected]>
* scd: pinpad workaround for PC/SC implementations.NIIBE Yutaka2015-06-231-4/+12
| | | | | | | | | | | | * scd/adpu.c (pcsc_pinpad_verify, pcsc_pinpad_modify): Bigger buffer for TPDU card reader. -- GnuPG-bug-id: 2003, 2004 This is needed for PC/SC on Debian Jessie. Note that it's not only for Cherry ST-2000, but also, for any TPDU card readers.
* gpg: Allow debug flag names for --debug.Werner Koch2015-06-222-49/+39
| | | | | | | | | | * g10/gpg.c (opts): Change arg for oDebug to a string. (debug_flags): New; factored out from set_debug. (set_debug): Remove "--debug-level help". Use parse_debug_flag to print the used flags. (main): Use parse_debug_flag for oDebug. Signed-off-by: Werner Koch <[email protected]>
* common: Add function parse_debug_flagWerner Koch2015-06-222-0/+89
| | | | | | | * common/miscellaneous.c (parse_debug_flag): New. * common/util.h (struct debug_flags_s): New. Signed-off-by: Werner Koch <[email protected]>
* common: Add function strtokenize.Werner Koch2015-06-223-0/+212
| | | | | | | | * common/stringhelp.c: Include assert.h. (strtokenize): New. * common/t-stringhelp.c (test_strtokenize): New. Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix regression due to recent commit 6500f33Werner Koch2015-06-221-28/+59
| | | | | | | | | | | * g10/keydb.c (kid_list_s): Keep a state in the table. (kid_not_found_table): Rename to kid_found_table. (n_kid_not_found_table): Rename to kid_found_table_count. (kid_not_found_p): Return found state. (kid_not_found_insert): Add arg found. (keydb_search): Store found state in the table. Signed-off-by: Werner Koch <[email protected]>
* scd: Fix Cherry ST-2000 support for pinpad input.NIIBE Yutaka2015-06-222-6/+16
| | | | | | | | | | * scd/apdu.c (pcsc_vendor_specific_init): Set pinmax to 15. * scd/ccid-driver.c (ccid_transceive_secure): Add zero for the template of APDU. -- GnuPG-bug-id: 2003, 2004
* gpg: Print number of good signatures with --check-sigs.Werner Koch2015-06-201-7/+15
| | | | | | | | | * g10/keylist.c (keylist_context): Add field good_sigs. (list_keyblock_print): Updated good_sigs. (print_signature_stats): Print number of good signatures and use log_info instead of tty_printf. Signed-off-by: Werner Koch <[email protected]>
* gpg: Improve speed of --check-sigs and --lish-sigs.Werner Koch2015-06-203-0/+101
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/keydb.c (kid_list_t): New. (kid_not_found_table, n_kid_not_found_table): New. (kid_not_found_p, kid_not_found_insert, kid_not_found_flush): New. (keydb_insert_keyblock): Flush the new cache. (keydb_delete_keyblock): Ditto. (keydb_update_keyblock): Ditto. (keydb_search): Use the new cache. (keydb_dump_stats): New. * g10/gpg.c (g10_exit): Dump keydb stats. -- What we do here is to keep track of key searches by long keyids (as stored in all signatures) so that we do not need to scan the keybox again after we already found that this keyid will result in not-found. As soon as we change gpg to run as a co-process we should store this table per session because other instances of gpg may have updated the keybox without us knowing. On a test ring with gpg: 94721 good signatures gpg: 6831 bad signatures gpg: 150703 signatures not checked due to missing keys gpg: 5 signatures not checked due to errors gpg: keydb: kid_not_found_table: total: 14132 this new cache speeds a --check-sigs listing up from 28 minutes to less than 3 minutes. Signed-off-by: Werner Koch <[email protected]>
* gpg: Add more log_clock calls to keydb.cWerner Koch2015-06-191-0/+9
| | | | * g10/keydb.c (keydb_get_keyblock): Add log_clock calls.
* gpg: Print available debug flags using "--debug-level help".Werner Koch2015-06-192-18/+46
| | | | | | | * g10/gpg.c (set_debug): Add "help" option and use a table for the flags. Signed-off-by: Werner Koch <[email protected]>
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-14 09:51:24 +0000