| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
* scd/apdu.c (pcsc_get_status): On removal, it may return
PCSC_E_INVALID_VALUE.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
| |
* scd/apdu.c (release_pcsc_context): Synchronize the exit.
(pcsc_init): Use joinable thread.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
| |
* scd/apdu.c (pcsc_thread): Check PCSC.CONTEXT.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
| |
* scd/apdu.c (apdu_dev_list_finish): Fix for calling
release_pcsc_context.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
| |
* scd/apdu.c (pcsc_thread): Release the CONTEXT.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* scd/apdu.c (pcsc_thread): Use an independent context.
Fix initialization of RDRSTATES. Call scd_kick_the_loop when
detecting any change.
(open_pcsc_reader): No requirement for periodical check.
--
GnuPG-bug-id: 5437
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
| |
* scd/apdu.c (pcsc_get_status): Use SCardStatus.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
| |
* scd/apdu.c (pcsc_error_to_sw): Add PCSC_E_READER_UNAVAILABLE.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* scd/apdu.c (pcsc_thread): New.
(pcsc_init): Invoke the thread.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* scd/apdu.c (apdu_dev_list_start): Make sure using valid
PCSC.CONTEXT.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* agent/gpg-agent.c (parse_rereadable_options): Change default ssh
fingerprint digest.
(main): Ditto.
--
Co-authored-by: Jakub Jelen <[email protected]>
GnuPG-bug-id: 5434
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* agent/command-ssh.c (ssh_handler_request_identities): Remove double
check of ERR.
* g10/getkey.c (get_pubkey_byname): Remove double use of break.
* g10/pkglue.c (pk_encrypt): Handle possible NULL-ptr access due to
failed malloc.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* g10/sign.c (clearsign_file): Fix the size to allocate.
--
GnuPG-bug-id: 5430
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* scd/apdu.c (apdu_dev_list_start): Remove locking READER_TABLE_LOCK.
Don't increment PCSC.COUNT here.
(apdu_dev_list_finish): Don't decrement PCSC.COUNT here.
(apdu_open_reader): Protect access with READER_TABLE_LOCK.
--
GnuPG-bug-id: 5416
Fixes-commit: 8d81fd7c01e8dfacc719ff190f8e364014e32fdf
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* scd/apdu.c (close_pcsc_reader): Don't touch .RDRNAME field.
(apdu_dev_list_finish): Clear .RDRNAME field and replace call of
close_pcsc_reader by release_pcsc_context. Add assertion.
--
GnuPG-bug-id: 5416
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* scd/apdu.c (release_pcsc_context): New.
(close_pcsc_reader): Use release_pcsc_context. Add assertion.
(apdu_dev_list_start): Replace call of close_pcsc_reader
into release_pcsc_context, add condition.
--
GnuPG-bug-id: 5416
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* scd/apdu.c (open_pcsc_reader): PCSC.COUNT should
be incremented before possible call of close_pcsc_reader.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* scd/apdu.c (close_pcsc_reader): Move locking to...
(apdu_close_reader): ... here, as it's also needed for CCID driver.
Free RDRNAME when closed.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
| |
* scd/apdu.c (pcsc_begin_transaction, pcsc_transmit): Use HANDLE.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* scd/apdu.c (apdu_open_reader): Allow partial match of
PORTSTR again just like 2.2 does.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* scd/apdu.c (apdu_open_reader): Make sure not to try multiple times,
when PORTSTR is specified.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* scd/apdu.c (pcsc_cancel): New.
(pcsc_init): Load new function.
(connect_pcsc_card): Use it after a removed card error.
--
Well, that was easier than I expected yesterday.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* scd/apdu.c (close_pcsc_reader): Do not decrement refcount if already
zero. Always release context if or becomes zero.
(apdu_dev_list_start): Unlock prior to close_pcsc_reader. For PC/SC
increment the count. Always release the lock.
(apdu_dev_list_finish): No more unlocking. Use close_pcsc_reader
instead of code duplication.
* scd/apdu.c (pcsc_error_string): Add an error code.
* scd/scdaemon.c (scd_kick_the_loop): Fix a diagnostic.
--
There was an obvious bug in that the pcsc.count could go below zero
and thus there was no chance to get the context release. Releasing
and recreating the context is at least under Windows important to get
rit of the PCSC_E_SERVICE_STOPPED.
Also removes a potential problem in holding the reader_table_lock
between calls to apdu_dev_list_start apdu_dev_list_finish. There is
no need for this. Instead we bump the pcsc.count.
The reader_table_lock strategy should be reviewed; we may be able to
remove it.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
| |
--
This is a kludge to avoid a new configure run only to then cd down do
dist. Just cd to dist and run make sign-release.
|
| |
|
|
|
|
|
|
|
|
| |
* scd/app-openpgp.c (do_change_pin): Use correct CHVNO=1 for
pin2hash_if_kdf, for user's PIN.
--
GnuPG-bug-id: 5413
Signed-off-by: Kirill Elagin <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/keyserver.c (keyserver_import_name): Rename to ...
(keyserver_import_mbox): this. And use mail search mode.
* g10/getkey.c (get_pubkey_byname): Change the two callers.
--
In contrast to a search via keyserver_import_ntds the older
keyserver_import_name used a full match of the provided name despite
that it is only called with an addr-spec (mbox). Due to the mode the
pattern send to dirmngr was prefixed with a '=' and thus dirmngr used
an exact search;. This did only work for provided user ids like
"[email protected]" but not for "<[email protected]>" or
"Foo <[email protected]>". The old code dates back to 2010.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/options.h (opts): New field expl_import_only.
* g10/import.c (parse_import_options): Set it.
* g10/keyserver.c (keyserver_get_chunk): Add special options for LDAP.
--
I can be assumed that configured LDAP servers are somehow curated and
not affected by rogue key signatures as the HKP servers are. Thus we
don't clean the key anymore so that key certifications are kept even
if the public key has not yet been imported.
See-commit: 6c26e593df51475921410ac97e9227df6b258618
GnuPG-bug-id: 5387
|
| |
|
|
|
| |
* g10/getkey.c (get_pubkey_with_ldap_fallback): New.
* g10/trustdb.c (verify_own_keys): Use it.
|
| |
|
|
|
|
|
|
| |
* scd/app-p15.c (read_p15_info): Improve D-TRUST card detection.
(do_getattr): Fix faulty code for the last commit. Append the product
name to MANUFACTURER.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* scd/app-p15.c (get_dispserialno): Add dedicated handling for RSCS.
--
In fact we fix the display of the s/n because the s/n was taken from a
certificate.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
| |
* g10/trustdb.c (tdb_register_trusted_keyid): Make static.
(tdb_register_trusted_key): Replace register_trusted_keyid by
tdb_register_trusted_key.
* g10/keygen.c (do_generate_keypair): Ditto.
* g10/trust.c (register_trusted_keyid): Remove.
|
| |
|
|
| |
--
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
|
| |
* agent/command.c (cmd_readkey): Add option --no-data and special
handling for $SIGNKEYID and $AUTHKEYID.
* g10/call-agent.c (agent_scd_getattr): Create shadow keys for KEY-FPR
output.
* g10/skclist.c (enum_secret_keys): Automagically get a missing public
key for the current card.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
| |
* agent/gpg-agent.c (do_start_connection_thread): Silence diags even
more.
|
| |
|
|
|
|
|
| |
--
Reviewed-by: NIIBE Yutaka <[email protected]>
Signed-off-by: bobwxc <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* tools/gpgconf-comp.c: Conditionalize with BUILD_WITH_TPM2D.
--
GnuPG-bug-id: 5408
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
--
This is required because GlobalSign re-issued the certificate (which
actually required to install InternetExploder in addition to Edge) and
now we have two certs to select from. The /a option seems to use the
latest generated certificate.
|
| |
|
|
|
|
| |
* scd/iso7816.c (iso7816_pso_csv): Use BER-TLV instead of SIMPLE-TLV
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
| |
* tests/openpgp/defs.scm (create-gpghome): Add keyboxd-program.
--
GnuPG-bug-id: 5406
|
| |
|
|
|
|
|
| |
* tools/card-call-scd.c (scd_readkey): Add arg create_shadow.
* tools/gpg-card.c (list_one_kinfo): Add arg create_shadow and pass it
down to scd-readkey. Change all callers to convey this arg.
(cmd_list): Add option --shadow.
|
| |
|
|
|
| |
* agent/command.c (cmd_readkey): Test for shadow key before creating
it.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/keyserver.c (keyserver_import_fprint_ntds): New.
* g10/getkey.c (get_pubkey_byname): Detect an attempt to search by
fingerprint in no_local mode.
--
See the man page. For testing use
gpg --auto-key-locate local,wkd,keyserver --locate-external-key \
FINGERPRINT
with at least one LDAP keyserver given in dirmngr.conf. On Windows
"ntds" may be used instead or in addtion to "keyserver".
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* kbx/kbxserver.c (cmd_search): Use the openpgp hack for calling
classify_user_id.
* kbx/backend-sqlite.c (run_select_statement): Remove angle brackets
in exact addrspec mode.
* g10/call-keyboxd.c (keydb_search): Do not duplicate the left angle
bracket.
* sm/keydb.c (keydb_search): Ditto.
--
Note that the openpgp hack flag of classify_user_id is actually a
misnomer because we actually hack a round a problem in gpgsm. And it
is only over there that we don't set it there. In keyboxd the flag
should be set. And we need to remove the angle brackets of course
because that is how we create the addrspec column values.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* g10/gpg.c (main): Don't use the default log file from common.conf.
* sm/gpgsm.c (main): Ditto.
--
That was acutally not intended and contradicts the description in
doc/example/common.conf.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
| |
--
|
| |
|
|
| |
--
|
| | |
|
| |
|
|
| |
--
|
